This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/XkVovJbqjqBUkdPyt7lk9NDQo7c.roa File: XkVovJbqjqBUkdPyt7lk9NDQo7c.roa (raw, json) Hash identifier: erdFysENgpLaNHKuJStQ84F4YaLDOQjfyJA3EQ2rtWI= Subject key identifier: 5E:45:68:BC:96:EA:8E:A0:54:91:D3:F2:B7:B9:64:F4:D0:D0:A3:B7 Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da Certificate serial: 019B7E37B2E6F9AE900A820CF2A9BDB5D92B Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/XkVovJbqjqBUkdPyt7lk9NDQo7c.roa Signing time: Fri 02 Jan 2026 10:18:58 +0000 ROA not before: Fri 02 Jan 2026 10:18:58 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 21859 IP address blocks: 155.2.218.0/24 maxlen: 24 155.2.219.0/24 maxlen: 24 158.173.202.0/24 maxlen: 24 192.253.210.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.mft rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 09 Jan 2026 09:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:37:b2:e6:f9:ae:90:0a:82:0c:f2:a9:bd:b5:d9:2b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da Validity Not Before: Jan 2 10:18:58 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5e4568bc96ea8ea05491d3f2b7b964f4d0d0a3b7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:0b:a0:2b:ff:db:6f:24:91:2b:49:7b:89:1d: 26:8d:80:73:99:15:ea:a4:d1:eb:fe:2d:b0:d3:bd: 5d:35:27:3e:7a:d8:30:bd:5b:f4:3a:dd:0d:c5:2a: f9:d6:3c:fb:0d:f1:16:49:75:e8:b7:11:c2:7f:a1: ba:3f:6d:a6:35:8c:0d:2b:e6:e3:ac:56:ca:c1:66: 55:9f:5b:6f:f1:a6:b9:5d:f9:cc:ef:66:9c:0b:d3: 17:4c:d5:90:95:05:8f:2b:8f:ec:d7:21:02:41:b6: d8:be:b8:6b:8a:ba:48:c9:99:73:d9:86:e7:e7:8a: 0e:0d:3b:9b:93:56:e4:10:56:21:38:41:d1:66:d3: 0a:50:b3:f6:75:9f:b7:4c:94:ce:6c:03:3e:4a:2a: 69:0a:fa:a2:40:bb:be:44:a1:48:6c:ce:13:d4:73: 3f:74:03:ff:aa:ae:fa:08:a4:5b:c6:73:fe:6c:9f: 41:22:d4:99:b7:30:5b:3f:8d:c2:5e:80:83:71:4f: e3:d9:77:3e:da:b0:bd:f8:ea:57:6b:05:31:69:95: c8:1c:14:f9:70:0f:f0:28:12:2b:db:68:12:eb:46: d5:38:71:32:bd:3f:b1:2a:f2:f5:a4:19:dc:73:a6: f1:e6:bb:ec:b6:e1:9c:36:34:36:e7:e8:ec:c9:ef: 11:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5E:45:68:BC:96:EA:8E:A0:54:91:D3:F2:B7:B9:64:F4:D0:D0:A3:B7 X509v3 Authority Key Identifier: keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/XkVovJbqjqBUkdPyt7lk9NDQo7c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 155.2.218.0/23 158.173.202.0/24 192.253.210.0/24 Signature Algorithm: sha256WithRSAEncryption 5f:1e:5f:ff:cc:7b:b0:15:b1:82:72:23:ca:e1:91:6d:f2:d4: 26:8c:a7:b4:ba:1f:46:af:8b:60:6c:47:4b:99:bf:41:ef:22: 14:41:ca:22:42:09:48:49:6a:03:29:b3:13:cb:00:b3:3f:94: 8f:5f:ec:07:c6:9d:2e:b8:0e:70:7d:c5:43:2e:a6:18:d6:5d: a5:9b:65:79:dc:87:0b:94:e2:8a:91:5f:93:96:48:e5:90:5b: fd:f1:a0:3f:eb:19:5d:d5:0e:1c:10:8c:8f:44:95:6d:e0:b8: fd:d7:b4:d6:12:0f:2a:61:7e:a9:89:3e:c0:3f:57:c9:c0:e0: ad:72:fa:0c:d4:0e:47:63:5a:76:6f:de:c3:6b:50:31:84:1e: 6b:2b:0a:ae:43:0f:91:c1:b3:00:17:d7:a7:68:d8:3c:00:b2: 20:1c:53:b3:b4:d0:91:1d:18:f2:5f:8f:fc:05:61:2c:ac:2f: 3c:89:df:29:21:f7:a1:8b:8b:b2:8a:47:fd:ba:75:20:1c:30: 3d:3d:9e:6a:b0:fd:ec:b8:71:c3:09:bd:e9:7a:e4:7f:7f:c9: 46:a1:64:ef:08:28:5c:4a:6b:18:96:9f:11:77:cc:2a:09:94: 60:cc:a4:44:0f:48:3a:31:9b:49:54:f0:25:33:a7:42:60:85: 57:21:ff:74 -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt+N7Lm+a6QCoIM8qm9tdkrMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5 NTkyZGEwHhcNMjYwMTAyMTAxODU4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1ZTQ1NjhiYzk2ZWE4ZWEwNTQ5MWQzZjJiN2I5NjRmNGQwZDBhM2I3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwAugK//bbySRK0l7iR0mjYBzmRXq pNHr/i2w071dNSc+etgwvVv0Ot0NxSr51jz7DfEWSXXotxHCf6G6P22mNYwNK+bj rFbKwWZVn1tv8aa5XfnM72acC9MXTNWQlQWPK4/s1yECQbbYvrhrirpIyZlz2Ybn 54oODTubk1bkEFYhOEHRZtMKULP2dZ+3TJTObAM+SippCvqiQLu+RKFIbM4T1HM/ dAP/qq76CKRbxnP+bJ9BItSZtzBbP43CXoCDcU/j2Xc+2rC9+OpXawUxaZXIHBT5 cA/wKBIr22gS60bVOHEyvT+xKvL1pBncc6bx5rvstuGcNjQ25+jsye8RSQIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFF5FaLyW6o6gVJHT8re5ZPTQ0KO3MB8GA1UdIwQY MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt ZjVmYjcxYjlhNTFmLzEvWGtWb3ZKYnFqcUJVa2RQeXQ3bGs5TkRRbzdjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBmwLaAwQA nq3KAwQAwP3SMA0GCSqGSIb3DQEBCwUAA4IBAQBfHl//zHuwFbGCciPK4ZFt8tQm jKe0uh9Gr4tgbEdLmb9B7yIUQcoiQglISWoDKbMTywCzP5SPX+wHxp0uuA5wfcVD LqYY1l2lm2V53IcLlOKKkV+TlkjlkFv98aA/6xld1Q4cEIyPRJVt4Lj917TWEg8q YX6piT7AP1fJwOCtcvoM1A5HY1p2b97Da1AxhB5rKwquQw+RwbMAF9enaNg8ALIg HFOztNCRHRjyX4/8BWEsrC88id8pIfehi4uyikf9unUgHDA9PZ5qsP3suHHDCb3p euR/f8lGoWTvCChcSmsYlp8Rd8wqCZRgzKRED0g6MZtJVPAlM6dCYIVXIf90 -----END CERTIFICATE-----Generated at Thu Jan 8 17:25:08 2026 by rpki-client