This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/f4b733-29ad-4d56-b9d2-5d48bcd7c1dc/1/XAIFfl9QWcdhRZ9cTQDo6K9EBW0.roa File: XAIFfl9QWcdhRZ9cTQDo6K9EBW0.roa (raw, json) Hash identifier: HAz06rT649O471c8KJFWUb5f8BMSqQwCR6TQ0OuLeP0= Subject key identifier: 5C:02:05:7E:5F:50:59:C7:61:45:9F:5C:4D:00:E8:E8:AF:44:05:6D Certificate issuer: /CN=666034ca6a16bbd0144abdf5cf2458f968b1589c Certificate serial: 019C4229ABBF7F9674B6C97D73FE753A6747 Authority key identifier: 66:60:34:CA:6A:16:BB:D0:14:4A:BD:F5:CF:24:58:F9:68:B1:58:9C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZmA0ymoWu9AUSr31zyRY-WixWJw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/f4b733-29ad-4d56-b9d2-5d48bcd7c1dc/1/XAIFfl9QWcdhRZ9cTQDo6K9EBW0.roa Signing time: Mon 09 Feb 2026 11:29:13 +0000 ROA not before: Mon 09 Feb 2026 11:29:13 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 206977 IP address blocks: 37.61.64.0/24 maxlen: 24 37.61.65.0/24 maxlen: 24 37.61.66.0/24 maxlen: 24 37.61.67.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/f4b733-29ad-4d56-b9d2-5d48bcd7c1dc/1/ZmA0ymoWu9AUSr31zyRY-WixWJw.crl rsync://rpki.ripe.net/repository/DEFAULT/52/f4b733-29ad-4d56-b9d2-5d48bcd7c1dc/1/ZmA0ymoWu9AUSr31zyRY-WixWJw.mft rsync://rpki.ripe.net/repository/DEFAULT/ZmA0ymoWu9AUSr31zyRY-WixWJw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 20:00:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:42:29:ab:bf:7f:96:74:b6:c9:7d:73:fe:75:3a:67:47 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=666034ca6a16bbd0144abdf5cf2458f968b1589c Validity Not Before: Feb 9 11:29:13 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5c02057e5f5059c761459f5c4d00e8e8af44056d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:af:7b:71:e5:68:8f:4d:a1:de:1e:14:d2:af: 14:d8:2c:e8:cd:10:c2:fc:df:08:60:b6:43:67:4f: c7:a5:74:ae:0b:30:b3:07:26:ed:d1:4b:84:c4:7c: c9:60:b0:0a:c6:57:27:7d:84:1d:1a:76:92:41:da: 19:43:11:0b:07:38:67:c6:05:e3:62:eb:32:77:6b: 01:b6:78:68:f2:d1:e6:c8:66:7f:73:f5:a5:0d:6a: 5e:69:b3:45:70:5d:5f:92:c0:31:59:2a:00:64:84: 1e:51:0a:14:07:d6:99:ee:18:1e:1e:0f:f1:1f:35: 16:13:db:74:29:ae:f3:ca:61:c6:b4:07:b1:80:e8: 07:5f:56:70:74:dc:86:67:d0:f5:a6:43:cd:9a:01: 62:9f:cd:b6:46:0d:60:4e:f7:30:99:9c:29:99:3a: 73:a2:44:aa:68:4a:82:83:2b:ba:08:cb:f5:45:1b: 7a:00:b3:8a:a3:c4:d9:8d:8f:19:82:ef:a1:85:01: 78:31:95:ee:64:e3:fc:81:30:96:1e:6a:aa:fb:a1: dc:57:21:1d:89:f2:34:36:99:93:88:2b:b4:3b:c7: 2f:fb:d7:31:05:29:9f:ec:cd:18:0d:dc:92:e8:7d: f9:4c:3b:54:89:cf:2b:da:a7:cc:12:39:43:c2:0c: 38:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5C:02:05:7E:5F:50:59:C7:61:45:9F:5C:4D:00:E8:E8:AF:44:05:6D X509v3 Authority Key Identifier: keyid:66:60:34:CA:6A:16:BB:D0:14:4A:BD:F5:CF:24:58:F9:68:B1:58:9C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZmA0ymoWu9AUSr31zyRY-WixWJw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/f4b733-29ad-4d56-b9d2-5d48bcd7c1dc/1/XAIFfl9QWcdhRZ9cTQDo6K9EBW0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/52/f4b733-29ad-4d56-b9d2-5d48bcd7c1dc/1/ZmA0ymoWu9AUSr31zyRY-WixWJw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 37.61.64.0/22 Signature Algorithm: sha256WithRSAEncryption 19:ac:3d:53:d6:b5:21:20:2c:89:53:51:ae:3b:e3:bf:43:f4: c4:95:a8:c2:c9:9b:9f:01:7b:5d:aa:77:9c:2b:cf:42:41:f4: a9:68:31:28:99:03:bb:9f:1c:73:62:55:06:53:2b:ba:6e:6e: eb:a3:6b:af:97:1f:8a:99:4b:36:64:f8:d4:7a:37:6c:b0:42: e8:80:0d:6a:37:83:ff:00:bd:52:6f:bd:bb:39:cd:e4:63:1f: 84:ab:ff:0e:c6:d5:67:ce:4c:b3:ef:69:5c:d4:95:78:4f:5b: a7:02:55:34:c4:26:77:58:b6:cb:f4:f1:65:fd:9c:bb:d6:ec: a9:5c:38:ce:b9:09:8b:fe:af:6d:24:9f:3b:0b:bc:13:7b:17: 29:08:ef:b2:cc:a0:fe:fb:f5:ad:09:f9:b1:b1:26:d6:ca:08: c8:04:fc:e6:3d:6b:4d:4b:93:ac:2d:ca:90:df:5d:a3:9d:97: 6b:17:04:9a:0e:57:d7:ed:3c:29:1f:42:08:42:e1:ec:43:6c: 0a:cc:f8:ff:d0:94:c5:c0:35:bd:e4:c5:24:c8:d1:62:13:e2: 53:f9:11:89:85:7d:8a:ca:6e:50:40:94:e8:9e:f8:74:f2:db: 02:3f:55:16:07:b6:54:ad:88:16:89:68:f9:67:37:f6:76:57: 89:3f:1d:c4 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZxCKau/f5Z0tsl9c/51OmdHMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY2NjAzNGNhNmExNmJiZDAxNDRhYmRmNWNmMjQ1OGY5Njhi MTU4OWMwHhcNMjYwMjA5MTEyOTEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1YzAyMDU3ZTVmNTA1OWM3NjE0NTlmNWM0ZDAwZThlOGFmNDQwNTZkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5K97ceVoj02h3h4U0q8U2CzozRDC /N8IYLZDZ0/HpXSuCzCzBybt0UuExHzJYLAKxlcnfYQdGnaSQdoZQxELBzhnxgXj Yusyd2sBtnho8tHmyGZ/c/WlDWpeabNFcF1fksAxWSoAZIQeUQoUB9aZ7hgeHg/x HzUWE9t0Ka7zymHGtAexgOgHX1ZwdNyGZ9D1pkPNmgFin822Rg1gTvcwmZwpmTpz okSqaEqCgyu6CMv1RRt6ALOKo8TZjY8Zgu+hhQF4MZXuZOP8gTCWHmqq+6HcVyEd ifI0NpmTiCu0O8cv+9cxBSmf7M0YDdyS6H35TDtUic8r2qfMEjlDwgw4CQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFFwCBX5fUFnHYUWfXE0A6OivRAVtMB8GA1UdIwQY MBaAFGZgNMpqFrvQFEq99c8kWPlosVicMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWm1BMHltb1d1OUFVU3IzMXp5UlktV2l4V0p3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9mNGI3MzMtMjlhZC00ZDU2LWI5ZDIt NWQ0OGJjZDdjMWRjLzEvWEFJRmZsOVFXY2RoUlo5Y1RRRG82SzlFQlcwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Mi9mNGI3MzMtMjlhZC00ZDU2LWI5ZDItNWQ0OGJjZDdjMWRj LzEvWm1BMHltb1d1OUFVU3IzMXp5UlktV2l4V0p3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCJT1AMA0G CSqGSIb3DQEBCwUAA4IBAQAZrD1T1rUhICyJU1GuO+O/Q/TElajCyZufAXtdqnec K89CQfSpaDEomQO7nxxzYlUGUyu6bm7ro2uvlx+KmUs2ZPjUejdssELogA1qN4P/ AL1Sb727Oc3kYx+Eq/8OxtVnzkyz72lc1JV4T1unAlU0xCZ3WLbL9PFl/Zy71uyp XDjOuQmL/q9tJJ87C7wTexcpCO+yzKD++/WtCfmxsSbWygjIBPzmPWtNS5OsLcqQ 312jnZdrFwSaDlfX7TwpH0IIQuHsQ2wKzPj/0JTFwDW95MUkyNFiE+JT+RGJhX2K ym5QQJTonvh08tsCP1UWB7ZUrYgWiWj5Zzf2dleJPx3E -----END CERTIFICATE-----Generated at Tue Feb 10 02:58:27 2026 by rpki-client