This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/4fd931-9f22-49f3-be57-e9daf79eb75e/1/XTmvlmaqkM6whHSwQf7BQPGiplA.roa File: XTmvlmaqkM6whHSwQf7BQPGiplA.roa (raw, json) Hash identifier: Nf/8r39zOVnhoPLQElZaNoaDoUFyf9MQSIS344w93fg= Subject key identifier: 5D:39:AF:96:66:AA:90:CE:B0:84:74:B0:41:FE:C1:40:F1:A2:A6:50 Certificate issuer: /CN=6431e960cd061039b3b27fd25d4160771c498bab Certificate serial: 019B7F15AD97E570143239090A14996B8B4F Authority key identifier: 64:31:E9:60:CD:06:10:39:B3:B2:7F:D2:5D:41:60:77:1C:49:8B:AB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZDHpYM0GEDmzsn_SXUFgdxxJi6s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/4fd931-9f22-49f3-be57-e9daf79eb75e/1/XTmvlmaqkM6whHSwQf7BQPGiplA.roa Signing time: Fri 02 Jan 2026 14:21:25 +0000 ROA not before: Fri 02 Jan 2026 14:21:25 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 205229 IP address blocks: 185.224.176.0/22 maxlen: 24 185.224.179.128/26 maxlen: 26 2a14:3900::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/4fd931-9f22-49f3-be57-e9daf79eb75e/1/ZDHpYM0GEDmzsn_SXUFgdxxJi6s.crl rsync://rpki.ripe.net/repository/DEFAULT/72/4fd931-9f22-49f3-be57-e9daf79eb75e/1/ZDHpYM0GEDmzsn_SXUFgdxxJi6s.mft rsync://rpki.ripe.net/repository/DEFAULT/ZDHpYM0GEDmzsn_SXUFgdxxJi6s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 14:00:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:15:ad:97:e5:70:14:32:39:09:0a:14:99:6b:8b:4f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6431e960cd061039b3b27fd25d4160771c498bab Validity Not Before: Jan 2 14:21:25 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5d39af9666aa90ceb08474b041fec140f1a2a650 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:e9:5d:82:6d:df:b2:69:fc:51:51:b5:79:65: 81:19:11:85:f0:47:1d:1b:81:a7:b6:01:09:3e:21: 28:41:f4:6e:15:72:7a:c0:df:5a:e7:07:f9:97:49: 77:e3:66:76:94:35:32:f0:f1:56:2e:cd:b1:75:7f: 57:fb:41:f4:e5:9b:d7:33:3d:6b:55:df:fb:4b:f5: 98:ea:a4:9a:e7:96:51:5e:90:aa:49:be:3e:47:eb: be:0b:da:fb:1c:da:64:31:c0:02:5f:6c:be:3d:f2: 83:76:b1:59:16:44:a8:61:0a:78:a5:98:96:f4:37: 21:16:5a:3a:f2:5c:84:84:38:96:5c:2c:a0:e7:c2: d1:57:ab:10:5a:47:f7:d2:25:33:bb:f0:24:db:d1: 6a:5c:77:be:b0:4e:9e:a7:23:b2:b6:f4:d0:b4:6d: 31:63:93:f5:e6:68:5b:e7:21:e7:48:ea:b6:c6:48: 79:cd:c6:51:d3:c6:1f:3b:d7:43:43:27:7c:e4:8d: 93:3b:31:2a:00:c3:7f:4a:57:75:af:8b:a5:b7:63: 60:8a:5e:12:8f:3f:fe:89:22:ff:36:d7:64:9d:7f: 08:fa:99:0d:ab:d7:43:d3:06:52:6c:19:97:ab:2f: 76:71:26:ed:7d:63:57:4b:ee:b5:19:cd:84:9f:2d: ec:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:39:AF:96:66:AA:90:CE:B0:84:74:B0:41:FE:C1:40:F1:A2:A6:50 X509v3 Authority Key Identifier: keyid:64:31:E9:60:CD:06:10:39:B3:B2:7F:D2:5D:41:60:77:1C:49:8B:AB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZDHpYM0GEDmzsn_SXUFgdxxJi6s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/4fd931-9f22-49f3-be57-e9daf79eb75e/1/XTmvlmaqkM6whHSwQf7BQPGiplA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/72/4fd931-9f22-49f3-be57-e9daf79eb75e/1/ZDHpYM0GEDmzsn_SXUFgdxxJi6s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.224.176.0/22 IPv6: 2a14:3900::/29 Signature Algorithm: sha256WithRSAEncryption 6f:3d:ad:d9:cf:d2:b5:94:52:5f:d9:42:da:d3:7b:9e:e0:60: df:3c:14:53:51:41:6f:57:e6:bb:04:cb:c1:c5:3e:12:60:25: 88:03:e8:3e:ee:66:5d:20:f0:dd:5d:71:75:95:bd:3b:b8:cb: a0:9d:f7:98:99:ff:08:95:82:31:b5:5a:ca:73:f9:2e:f6:3b: 1f:b1:a6:2c:b8:e0:9b:76:fc:aa:33:40:2b:35:ca:1a:aa:bd: a1:e8:fc:9b:14:e2:9c:5b:ba:44:8c:13:05:57:c1:1e:c4:29: 17:12:14:b1:a2:a9:94:f7:ad:bb:90:8c:bf:f5:0f:c8:92:3c: d1:97:db:b3:0c:4c:ab:d3:c1:f5:67:a9:68:91:32:e0:3f:a4: a8:1c:3c:f0:0b:e3:8a:79:71:b1:a4:90:88:84:7d:ac:72:bb: c8:f9:a4:d9:7f:0c:5d:e7:ae:3e:c8:26:57:ad:a5:5e:fd:9e: 81:26:0c:e8:3b:a0:9d:f7:0d:fc:c2:30:99:64:c4:1a:5e:e1: f1:c6:5f:c3:24:22:d9:8a:c7:e0:6a:c8:b9:9b:19:ee:6f:33: a5:64:b7:74:ce:ea:18:7a:12:e7:4a:03:ff:4b:1a:57:0e:44: f7:4e:65:2c:1e:fb:9c:f1:22:b0:da:a2:b2:2f:4d:8d:10:a6: 6a:45:53:34 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt/Fa2X5XAUMjkJChSZa4tPMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY0MzFlOTYwY2QwNjEwMzliM2IyN2ZkMjVkNDE2MDc3MWM0 OThiYWIwHhcNMjYwMTAyMTQyMTI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1ZDM5YWY5NjY2YWE5MGNlYjA4NDc0YjA0MWZlYzE0MGYxYTJhNjUwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsuldgm3fsmn8UVG1eWWBGRGF8Ecd G4GntgEJPiEoQfRuFXJ6wN9a5wf5l0l342Z2lDUy8PFWLs2xdX9X+0H05ZvXMz1r Vd/7S/WY6qSa55ZRXpCqSb4+R+u+C9r7HNpkMcACX2y+PfKDdrFZFkSoYQp4pZiW 9DchFlo68lyEhDiWXCyg58LRV6sQWkf30iUzu/Ak29FqXHe+sE6epyOytvTQtG0x Y5P15mhb5yHnSOq2xkh5zcZR08YfO9dDQyd85I2TOzEqAMN/Sld1r4ult2Ngil4S jz/+iSL/NtdknX8I+pkNq9dD0wZSbBmXqy92cSbtfWNXS+61Gc2Eny3sPQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFF05r5ZmqpDOsIR0sEH+wUDxoqZQMB8GA1UdIwQY MBaAFGQx6WDNBhA5s7J/0l1BYHccSYurMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWkRIcFlNMEdFRG16c25fU1hVRmdkeHhKaTZzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi80ZmQ5MzEtOWYyMi00OWYzLWJlNTct ZTlkYWY3OWViNzVlLzEvWFRtdmxtYXFrTTZ3aEhTd1FmN0JRUEdpcGxBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83Mi80ZmQ5MzEtOWYyMi00OWYzLWJlNTctZTlkYWY3OWViNzVl LzEvWkRIcFlNMEdFRG16c25fU1hVRmdkeHhKaTZzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCueCwMA0E AgACMAcDBQMqFDkAMA0GCSqGSIb3DQEBCwUAA4IBAQBvPa3Zz9K1lFJf2ULa03ue 4GDfPBRTUUFvV+a7BMvBxT4SYCWIA+g+7mZdIPDdXXF1lb07uMugnfeYmf8IlYIx tVrKc/ku9jsfsaYsuOCbdvyqM0ArNcoaqr2h6PybFOKcW7pEjBMFV8EexCkXEhSx oqmU9627kIy/9Q/IkjzRl9uzDEyr08H1Z6lokTLgP6SoHDzwC+OKeXGxpJCIhH2s crvI+aTZfwxd564+yCZXraVe/Z6BJgzoO6Cd9w38wjCZZMQaXuHxxl/DJCLZisfg asi5mxnubzOlZLd0zuoYehLnSgP/SxpXDkT3TmUsHvuc8SKw2qKyL02NEKZqRVM0 -----END CERTIFICATE-----Generated at Mon Jan 26 21:48:36 2026 by rpki-client