This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/2c53bd-4a19-4428-b550-1ea2a8ea1543/1/xBcE8nAEMqTD2iGlQACamVGhmNg.roa File: xBcE8nAEMqTD2iGlQACamVGhmNg.roa (raw, json) Hash identifier: KhKp1WrOTdmHGTe+0SDFi9bJLf7uCYAcXngMYMhtk8Y= Subject key identifier: C4:17:04:F2:70:04:32:A4:C3:DA:21:A5:40:00:9A:99:51:A1:98:D8 Certificate issuer: /CN=ae37cf4b1fd4ce56788ed80b7a2e11c61b456ab4 Certificate serial: 019BC72F86F30E13C82007FE6B16FE050680 Authority key identifier: AE:37:CF:4B:1F:D4:CE:56:78:8E:D8:0B:7A:2E:11:C6:1B:45:6A:B4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rjfPSx_UzlZ4jtgLei4RxhtFarQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/2c53bd-4a19-4428-b550-1ea2a8ea1543/1/xBcE8nAEMqTD2iGlQACamVGhmNg.roa Signing time: Fri 16 Jan 2026 14:22:19 +0000 ROA not before: Fri 16 Jan 2026 14:22:19 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 5483 IP address blocks: 91.147.232.0/22 maxlen: 22 194.5.126.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/62/2c53bd-4a19-4428-b550-1ea2a8ea1543/1/rjfPSx_UzlZ4jtgLei4RxhtFarQ.crl rsync://rpki.ripe.net/repository/DEFAULT/62/2c53bd-4a19-4428-b550-1ea2a8ea1543/1/rjfPSx_UzlZ4jtgLei4RxhtFarQ.mft rsync://rpki.ripe.net/repository/DEFAULT/rjfPSx_UzlZ4jtgLei4RxhtFarQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 08:01:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:c7:2f:86:f3:0e:13:c8:20:07:fe:6b:16:fe:05:06:80 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ae37cf4b1fd4ce56788ed80b7a2e11c61b456ab4 Validity Not Before: Jan 16 14:22:19 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=c41704f2700432a4c3da21a540009a9951a198d8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:bb:bd:56:6e:a8:5c:31:5a:93:3c:b1:60:7d: e2:bf:fc:51:bc:f8:86:71:71:9e:81:51:3f:c1:10: a9:3e:8c:be:09:2a:ee:a3:77:c9:4f:3e:e0:1a:e8: 90:f0:73:39:74:3b:35:b3:75:fc:97:36:85:c5:ba: e0:b7:f9:3c:c8:55:d1:12:46:6f:74:ed:f8:f2:8d: e6:cd:0c:24:ef:c3:6d:cf:44:93:81:57:d5:b5:49: 71:7c:5c:05:1a:11:da:fa:e3:b5:c0:59:d7:4b:eb: 05:8a:6c:74:54:e9:04:1c:38:b7:68:4b:1b:82:2d: f3:b7:fc:df:71:70:0f:18:42:ea:90:ed:92:11:fb: 17:d1:25:e8:ec:c8:90:27:57:8c:6a:d6:d2:c2:8e: 41:2a:a7:5f:3a:ed:a6:08:cd:ed:d3:6d:f6:9e:ae: 82:7f:38:31:76:8e:95:03:4c:b3:c6:ab:de:ef:cb: 74:d5:06:e0:35:fd:52:cc:64:a0:ab:e4:6c:ac:39: 9d:e4:12:52:e5:21:9e:70:23:bb:39:80:34:cb:03: 4f:48:01:e6:2c:42:06:8e:c6:96:91:fc:8f:c3:e5: 75:8d:cc:cf:89:4d:aa:88:0f:2d:0d:55:d0:d6:9a: d6:a1:ea:c8:fd:1c:f5:c2:94:01:36:8a:76:96:d6: c2:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C4:17:04:F2:70:04:32:A4:C3:DA:21:A5:40:00:9A:99:51:A1:98:D8 X509v3 Authority Key Identifier: keyid:AE:37:CF:4B:1F:D4:CE:56:78:8E:D8:0B:7A:2E:11:C6:1B:45:6A:B4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rjfPSx_UzlZ4jtgLei4RxhtFarQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/2c53bd-4a19-4428-b550-1ea2a8ea1543/1/xBcE8nAEMqTD2iGlQACamVGhmNg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/62/2c53bd-4a19-4428-b550-1ea2a8ea1543/1/rjfPSx_UzlZ4jtgLei4RxhtFarQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.147.232.0/22 194.5.126.0/23 Signature Algorithm: sha256WithRSAEncryption db:20:74:18:92:57:f6:ef:28:b7:4d:07:d2:8a:de:66:c8:fc: 52:7f:a2:bd:f7:c0:fc:ca:0b:b5:7b:11:7f:59:36:05:41:bb: 58:57:9d:f7:d7:11:8f:c4:53:94:8c:a5:3d:96:91:c8:71:13: ba:4c:70:3b:ae:65:50:54:c1:f7:b1:b3:6f:0f:17:7f:9c:b7: 2a:4f:b3:a6:bf:49:74:2c:12:12:4a:93:56:21:e1:07:eb:af: 54:f6:d1:1c:ff:6c:9e:df:b7:07:48:c6:d4:4b:53:2f:8e:eb: 28:6b:49:52:5a:81:c7:a9:5b:6d:e4:48:24:e9:d6:b5:c4:a0: 43:0a:1c:16:0e:38:a3:88:51:90:51:61:88:9d:b1:c3:96:f2: cc:e8:9a:6c:df:6b:ca:c9:7a:3a:2b:18:f6:f2:83:ed:9b:15: 52:18:fb:61:91:86:ac:22:42:94:c9:91:5d:16:95:c6:7f:f6: cd:60:15:ae:5b:56:6a:75:6b:04:b2:37:df:03:0e:f6:68:1c: ec:21:ae:36:83:e4:85:b5:2e:02:46:a1:94:21:3c:da:7d:7f: 63:2a:c6:dc:25:0d:07:93:f7:be:57:68:95:73:c1:4c:2f:7b: 50:25:10:c5:c9:df:54:62:fb:55:4c:20:13:b5:5d:09:30:82: a4:3b:31:31 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZvHL4bzDhPIIAf+axb+BQaAMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFlMzdjZjRiMWZkNGNlNTY3ODhlZDgwYjdhMmUxMWM2MWI0 NTZhYjQwHhcNMjYwMTE2MTQyMjE5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjNDE3MDRmMjcwMDQzMmE0YzNkYTIxYTU0MDAwOWE5OTUxYTE5OGQ4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy7u9Vm6oXDFakzyxYH3iv/xRvPiG cXGegVE/wRCpPoy+CSruo3fJTz7gGuiQ8HM5dDs1s3X8lzaFxbrgt/k8yFXREkZv dO348o3mzQwk78Ntz0STgVfVtUlxfFwFGhHa+uO1wFnXS+sFimx0VOkEHDi3aEsb gi3zt/zfcXAPGELqkO2SEfsX0SXo7MiQJ1eMatbSwo5BKqdfOu2mCM3t0232nq6C fzgxdo6VA0yzxqve78t01QbgNf1SzGSgq+RsrDmd5BJS5SGecCO7OYA0ywNPSAHm LEIGjsaWkfyPw+V1jczPiU2qiA8tDVXQ1prWoerI/Rz1wpQBNop2ltbCXwIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFMQXBPJwBDKkw9ohpUAAmplRoZjYMB8GA1UdIwQY MBaAFK43z0sf1M5WeI7YC3ouEcYbRWq0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcmpmUFN4X1V6bFo0anRnTGVpNFJ4aHRGYXJRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi8yYzUzYmQtNGExOS00NDI4LWI1NTAt MWVhMmE4ZWExNTQzLzEveEJjRThuQUVNcVREMmlHbFFBQ2FtVkdobU5nLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Mi8yYzUzYmQtNGExOS00NDI4LWI1NTAtMWVhMmE4ZWExNTQz LzEvcmpmUFN4X1V6bFo0anRnTGVpNFJ4aHRGYXJRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW5PoAwQB wgV+MA0GCSqGSIb3DQEBCwUAA4IBAQDbIHQYklf27yi3TQfSit5myPxSf6K998D8 ygu1exF/WTYFQbtYV5331xGPxFOUjKU9lpHIcRO6THA7rmVQVMH3sbNvDxd/nLcq T7Omv0l0LBISSpNWIeEH669U9tEc/2ye37cHSMbUS1Mvjusoa0lSWoHHqVtt5Egk 6da1xKBDChwWDjijiFGQUWGInbHDlvLM6Jps32vKyXo6Kxj28oPtmxVSGPthkYas IkKUyZFdFpXGf/bNYBWuW1ZqdWsEsjffAw72aBzsIa42g+SFtS4CRqGUITzafX9j KsbcJQ0Hk/e+V2iVc8FML3tQJRDFyd9UYvtVTCATtV0JMIKkOzEx -----END CERTIFICATE-----Generated at Mon Jan 26 16:23:09 2026 by rpki-client