This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/f444aa-ae8c-4d14-a3a3-49f65c6a48bf/1/XzLWho6Bn6t9kvjEGcwhbWxmWB4.roa File: XzLWho6Bn6t9kvjEGcwhbWxmWB4.roa (raw, json) Hash identifier: KEbZBRD5g586B5bAw6CmuP81thvalITJThplBsaxWto= Subject key identifier: 5F:32:D6:86:8E:81:9F:AB:7D:92:F8:C4:19:CC:21:6D:6C:66:58:1E Certificate issuer: /CN=a8010ceb20f2e076a3f000271a5c375761bec2f5 Certificate serial: 019B7BA38FC51751322F263AE658B91B612D Authority key identifier: A8:01:0C:EB:20:F2:E0:76:A3:F0:00:27:1A:5C:37:57:61:BE:C2:F5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qAEM6yDy4Haj8AAnGlw3V2G-wvU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/f444aa-ae8c-4d14-a3a3-49f65c6a48bf/1/XzLWho6Bn6t9kvjEGcwhbWxmWB4.roa Signing time: Thu 01 Jan 2026 22:17:55 +0000 ROA not before: Thu 01 Jan 2026 22:17:55 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 39151 IP address blocks: 87.238.112.0/21 maxlen: 21 91.151.144.0/20 maxlen: 20 95.128.16.0/21 maxlen: 21 185.70.252.0/23 maxlen: 23 185.70.252.0/24 maxlen: 24 213.175.128.0/24 maxlen: 24 213.175.132.0/24 maxlen: 24 213.175.134.0/24 maxlen: 24 213.175.136.0/21 maxlen: 21 213.175.152.0/24 maxlen: 24 213.175.156.0/24 maxlen: 24 213.175.158.0/24 maxlen: 24 213.208.32.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/f444aa-ae8c-4d14-a3a3-49f65c6a48bf/1/qAEM6yDy4Haj8AAnGlw3V2G-wvU.crl rsync://rpki.ripe.net/repository/DEFAULT/55/f444aa-ae8c-4d14-a3a3-49f65c6a48bf/1/qAEM6yDy4Haj8AAnGlw3V2G-wvU.mft rsync://rpki.ripe.net/repository/DEFAULT/qAEM6yDy4Haj8AAnGlw3V2G-wvU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a3:8f:c5:17:51:32:2f:26:3a:e6:58:b9:1b:61:2d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a8010ceb20f2e076a3f000271a5c375761bec2f5 Validity Not Before: Jan 1 22:17:55 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5f32d6868e819fab7d92f8c419cc216d6c66581e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:9c:8a:47:30:61:da:6e:a4:aa:f5:ed:74:02: cd:09:76:99:08:da:13:88:b3:d8:70:72:39:73:7d: 78:9e:10:a6:67:a3:e6:82:eb:c2:da:2c:6a:1d:54: 46:2f:b7:a7:e3:6b:02:15:fd:58:dd:43:b2:72:96: be:de:0f:ae:f0:9e:16:66:38:1a:9a:c7:61:9f:05: b5:b1:9c:5a:3c:cb:d9:d4:5f:f7:f5:7b:f7:a1:c6: 54:bc:2a:90:4e:e0:ca:5a:fa:52:f1:89:e7:36:ee: 4b:50:2b:5e:b3:7f:4d:4e:61:82:b8:b2:80:6a:02: fa:8f:6b:f2:09:dd:5d:e1:4e:72:4f:2d:20:a5:3a: 3f:03:a0:09:9c:d3:25:4c:70:28:a2:d7:dd:d8:bd: 2b:6b:6c:d6:97:b8:9f:89:de:56:32:fa:d0:4d:7b: d8:8d:2d:b5:88:04:7f:a4:4f:e0:52:30:68:d4:2b: 8c:bb:d3:12:bd:ff:1c:5f:2b:1a:a6:2a:ef:b4:4f: a6:d1:d6:85:94:c9:f5:35:15:35:dd:8b:48:a9:7d: df:f9:0c:13:cd:96:5c:e5:3e:3b:44:74:4e:ef:19: c7:3f:48:78:1e:02:b7:fe:e9:8f:d0:94:2f:4b:d9: 62:49:fd:52:1a:d3:e5:0f:e4:72:64:e8:36:a2:b1: 07:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5F:32:D6:86:8E:81:9F:AB:7D:92:F8:C4:19:CC:21:6D:6C:66:58:1E X509v3 Authority Key Identifier: keyid:A8:01:0C:EB:20:F2:E0:76:A3:F0:00:27:1A:5C:37:57:61:BE:C2:F5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qAEM6yDy4Haj8AAnGlw3V2G-wvU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/f444aa-ae8c-4d14-a3a3-49f65c6a48bf/1/XzLWho6Bn6t9kvjEGcwhbWxmWB4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/55/f444aa-ae8c-4d14-a3a3-49f65c6a48bf/1/qAEM6yDy4Haj8AAnGlw3V2G-wvU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 87.238.112.0/21 91.151.144.0/20 95.128.16.0/21 185.70.252.0/23 213.175.128.0/24 213.175.132.0/24 213.175.134.0/24 213.175.136.0/21 213.175.152.0/24 213.175.156.0/24 213.175.158.0/24 213.208.32.0/21 Signature Algorithm: sha256WithRSAEncryption 92:43:0c:38:f0:82:d2:f6:97:b7:36:90:2f:3e:40:df:c1:45: e0:6d:60:64:93:b4:6c:5a:2b:31:90:06:86:65:e8:8a:c7:44: 35:32:dd:fe:bd:b0:d2:56:1d:03:a9:f6:74:1c:8f:5d:c9:83: ff:66:d0:3f:6e:e8:0f:f0:d9:69:5a:bf:f2:44:66:1a:a1:d8: 4e:9c:9b:c8:57:21:94:3f:43:67:b6:c9:0c:db:05:a5:a5:07: 0c:c2:56:e4:88:48:1c:91:f0:ba:c4:30:33:f0:ce:1f:a0:74: 1e:97:19:77:4e:aa:cb:75:2f:c5:8f:de:84:92:a2:2b:6e:93: 7d:9a:da:37:d7:82:d0:bc:d1:8a:c1:ea:27:d4:5f:8b:da:ea: 7f:96:4d:95:c1:78:68:1c:0b:4c:80:ba:9e:60:06:d1:59:15: bb:0f:1c:a0:cb:38:6a:36:a4:96:45:14:4a:ef:0f:31:17:bb: 6f:9f:b6:3f:c5:d0:69:25:24:ec:94:0d:0d:b3:f7:97:34:51: 86:f0:df:b8:62:4c:78:90:13:75:4e:ab:dd:59:50:ea:ff:ef: ef:d8:b7:fb:2a:34:0a:17:f1:90:5a:23:52:bd:15:8c:aa:5b: 9a:20:94:e9:b8:73:1d:48:29:50:8f:32:52:09:bd:c5:37:1d: fe:2e:6e:92 -----BEGIN CERTIFICATE----- MIIFPzCCBCegAwIBAgISAZt7o4/FF1EyLyY65li5G2EtMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE4MDEwY2ViMjBmMmUwNzZhM2YwMDAyNzFhNWMzNzU3NjFi ZWMyZjUwHhcNMjYwMTAxMjIxNzU1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1ZjMyZDY4NjhlODE5ZmFiN2Q5MmY4YzQxOWNjMjE2ZDZjNjY1ODFlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxZyKRzBh2m6kqvXtdALNCXaZCNoT iLPYcHI5c314nhCmZ6PmguvC2ixqHVRGL7en42sCFf1Y3UOycpa+3g+u8J4WZjga msdhnwW1sZxaPMvZ1F/39Xv3ocZUvCqQTuDKWvpS8YnnNu5LUCtes39NTmGCuLKA agL6j2vyCd1d4U5yTy0gpTo/A6AJnNMlTHAootfd2L0ra2zWl7ifid5WMvrQTXvY jS21iAR/pE/gUjBo1CuMu9MSvf8cXysapirvtE+m0daFlMn1NRU13YtIqX3f+QwT zZZc5T47RHRO7xnHP0h4HgK3/umP0JQvS9liSf1SGtPlD+RyZOg2orEHiQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFF8y1oaOgZ+rfZL4xBnMIW1sZlgeMB8GA1UdIwQY MBaAFKgBDOsg8uB2o/AAJxpcN1dhvsL1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcUFFTTZ5RHk0SGFqOEFBbkdsdzNWMkctd3ZVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9mNDQ0YWEtYWU4Yy00ZDE0LWEzYTMt NDlmNjVjNmE0OGJmLzEvWHpMV2hvNkJuNnQ5a3ZqRUdjd2hiV3htV0I0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81NS9mNDQ0YWEtYWU4Yy00ZDE0LWEzYTMtNDlmNjVjNmE0OGJm LzEvcUFFTTZ5RHk0SGFqOEFBbkdsdzNWMkctd3ZVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQDV+5wAwQE W5eQAwQDX4AQAwQBuUb8AwQA1a+AAwQA1a+EAwQA1a+GAwQD1a+IAwQA1a+YAwQA 1a+cAwQA1a+eAwQD1dAgMA0GCSqGSIb3DQEBCwUAA4IBAQCSQww48ILS9pe3NpAv PkDfwUXgbWBkk7RsWisxkAaGZeiKx0Q1Mt3+vbDSVh0DqfZ0HI9dyYP/ZtA/bugP 8NlpWr/yRGYaodhOnJvIVyGUP0NntskM2wWlpQcMwlbkiEgckfC6xDAz8M4foHQe lxl3TqrLdS/Fj96EkqIrbpN9mto314LQvNGKweon1F+L2up/lk2VwXhoHAtMgLqe YAbRWRW7DxygyzhqNqSWRRRK7w8xF7tvn7Y/xdBpJSTslA0Ns/eXNFGG8N+4Ykx4 kBN1TqvdWVDq/+/v2Lf7KjQKF/GQWiNSvRWMqluaIJTpuHMdSClQjzJSCb3FNx3+ Lm6S -----END CERTIFICATE-----Generated at Tue Feb 10 00:13:30 2026 by rpki-client