This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/ba8790-ef43-40ea-becf-bb0e0cc26c49/1/CXkKc_BGGlQDVJndPZpJEIKApLM.roa File: CXkKc_BGGlQDVJndPZpJEIKApLM.roa (raw, json) Hash identifier: lB6WL5NHR05zZ3JJcK7U/WiKpx7SIVQpEQDB/XRsPv0= Subject key identifier: 09:79:0A:73:F0:46:1A:54:03:54:99:DD:3D:9A:49:10:82:80:A4:B3 Certificate issuer: /CN=ce65471b94a3260c2d9f658dced2f87f40b5424b Certificate serial: 019B7BA4EA437C88BABA7EFAD8F99135B0DB Authority key identifier: CE:65:47:1B:94:A3:26:0C:2D:9F:65:8D:CE:D2:F8:7F:40:B5:42:4B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zmVHG5SjJgwtn2WNztL4f0C1Qks.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/ba8790-ef43-40ea-becf-bb0e0cc26c49/1/CXkKc_BGGlQDVJndPZpJEIKApLM.roa Signing time: Thu 01 Jan 2026 22:19:24 +0000 ROA not before: Thu 01 Jan 2026 22:19:24 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 680 IP address blocks: 192.124.254.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/81/ba8790-ef43-40ea-becf-bb0e0cc26c49/1/zmVHG5SjJgwtn2WNztL4f0C1Qks.crl rsync://rpki.ripe.net/repository/DEFAULT/81/ba8790-ef43-40ea-becf-bb0e0cc26c49/1/zmVHG5SjJgwtn2WNztL4f0C1Qks.mft rsync://rpki.ripe.net/repository/DEFAULT/zmVHG5SjJgwtn2WNztL4f0C1Qks.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 28 Jan 2026 01:00:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a4:ea:43:7c:88:ba:ba:7e:fa:d8:f9:91:35:b0:db Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ce65471b94a3260c2d9f658dced2f87f40b5424b Validity Not Before: Jan 1 22:19:24 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=09790a73f0461a54035499dd3d9a49108280a4b3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:87:93:57:76:cd:d3:65:9c:dd:2a:e7:4b:55:18: 2a:b0:62:ad:bd:3d:4f:1f:52:05:ca:44:ed:e4:a1: 46:d3:96:8d:f7:14:16:6f:66:4c:a1:79:c2:9a:b8: 62:c6:9e:17:b0:fe:f2:12:f7:d5:b7:64:72:be:2b: 05:f2:20:3a:35:32:43:b7:59:58:52:04:de:fc:bc: a1:56:de:6e:c1:b4:82:8a:27:bb:21:6e:cd:41:61: 1f:6f:57:00:a9:e0:b8:c9:38:f5:61:ab:fd:52:04: 56:23:fd:b2:f5:3d:d9:3d:f0:3c:39:71:89:21:d0: 91:27:6b:aa:49:18:c1:1b:4e:5e:5e:8c:2a:f4:59: d4:9b:84:78:50:78:61:6f:de:30:23:a2:a4:19:cd: 90:1f:ea:9e:3b:dc:3d:d6:20:73:81:38:fa:c6:98: 3d:e6:08:23:43:8e:ab:ae:99:c7:3a:87:86:84:7b: f7:b0:0e:9a:8e:81:6e:70:d6:3f:c9:b3:0c:53:33: b7:98:e4:d3:1b:72:28:d9:fa:84:9e:c6:8d:3d:0d: 44:47:ee:76:2a:f1:af:6c:54:b4:c7:d3:ae:2d:2f: 3d:5f:1f:38:24:68:72:cd:fe:c9:9d:45:25:9e:b1: ad:d4:cd:b1:a9:d8:82:be:9b:1a:9c:1d:f9:60:6e: 90:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 09:79:0A:73:F0:46:1A:54:03:54:99:DD:3D:9A:49:10:82:80:A4:B3 X509v3 Authority Key Identifier: keyid:CE:65:47:1B:94:A3:26:0C:2D:9F:65:8D:CE:D2:F8:7F:40:B5:42:4B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zmVHG5SjJgwtn2WNztL4f0C1Qks.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/ba8790-ef43-40ea-becf-bb0e0cc26c49/1/CXkKc_BGGlQDVJndPZpJEIKApLM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/81/ba8790-ef43-40ea-becf-bb0e0cc26c49/1/zmVHG5SjJgwtn2WNztL4f0C1Qks.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 192.124.254.0/24 Signature Algorithm: sha256WithRSAEncryption 60:27:56:d6:e1:cb:1a:4a:bf:76:83:15:18:93:42:e4:c6:2a: 74:bf:28:af:80:bc:e9:75:76:ed:af:a3:3c:98:a1:8a:73:9c: 71:66:7c:a7:eb:ab:8c:12:a5:9d:c0:07:32:c9:6e:39:e9:dc: 0a:1b:a8:cc:a2:85:3a:c6:8d:da:c0:f6:00:30:97:49:5a:42: 62:51:d4:97:33:a3:08:8e:bc:d8:63:b4:cd:f5:27:d2:e3:13: fd:39:a4:3f:cf:98:58:7a:3b:af:db:c3:f6:aa:56:5b:2d:f0: af:8d:fa:f0:67:1a:27:e5:9b:ca:1a:18:3c:a3:79:f4:b6:a4: 32:e1:13:87:a9:45:f9:fd:b0:d5:3b:df:53:94:13:37:e4:7a: 55:fc:f8:3c:f8:17:d6:4f:00:27:71:b8:b3:80:2c:03:22:7c: e3:f9:8a:83:f6:2e:bc:34:b4:11:2b:2d:f4:31:69:e8:db:45: fb:b3:99:e7:b8:a4:3b:55:b0:75:4d:99:bb:00:f6:2d:a6:35: 1c:4d:e8:69:73:a0:c3:a2:db:d0:b3:3e:07:31:02:94:13:f5: 12:a6:7c:53:db:62:77:69:c0:06:e8:83:53:6a:91:b0:fc:ad: 3e:bc:b5:48:75:bd:63:79:05:0a:a2:22:ba:02:b7:e9:fc:3d: 24:b4:04:5a -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt7pOpDfIi6un762PmRNbDbMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNlNjU0NzFiOTRhMzI2MGMyZDlmNjU4ZGNlZDJmODdmNDBi NTQyNGIwHhcNMjYwMTAxMjIxOTI0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwOTc5MGE3M2YwNDYxYTU0MDM1NDk5ZGQzZDlhNDkxMDgyODBhNGIzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh5NXds3TZZzdKudLVRgqsGKtvT1P H1IFykTt5KFG05aN9xQWb2ZMoXnCmrhixp4XsP7yEvfVt2RyvisF8iA6NTJDt1lY UgTe/LyhVt5uwbSCiie7IW7NQWEfb1cAqeC4yTj1Yav9UgRWI/2y9T3ZPfA8OXGJ IdCRJ2uqSRjBG05eXowq9FnUm4R4UHhhb94wI6KkGc2QH+qeO9w91iBzgTj6xpg9 5ggjQ46rrpnHOoeGhHv3sA6ajoFucNY/ybMMUzO3mOTTG3Io2fqEnsaNPQ1ER+52 KvGvbFS0x9OuLS89Xx84JGhyzf7JnUUlnrGt1M2xqdiCvpsanB35YG6QaQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFAl5CnPwRhpUA1SZ3T2aSRCCgKSzMB8GA1UdIwQY MBaAFM5lRxuUoyYMLZ9ljc7S+H9AtUJLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvem1WSEc1U2pKZ3d0bjJXTnp0TDRmMEMxUWtzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS9iYTg3OTAtZWY0My00MGVhLWJlY2Yt YmIwZTBjYzI2YzQ5LzEvQ1hrS2NfQkdHbFFEVkpuZFBacEpFSUtBcExNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84MS9iYTg3OTAtZWY0My00MGVhLWJlY2YtYmIwZTBjYzI2YzQ5 LzEvem1WSEc1U2pKZ3d0bjJXTnp0TDRmMEMxUWtzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwHz+MA0G CSqGSIb3DQEBCwUAA4IBAQBgJ1bW4csaSr92gxUYk0Lkxip0vyivgLzpdXbtr6M8 mKGKc5xxZnyn66uMEqWdwAcyyW456dwKG6jMooU6xo3awPYAMJdJWkJiUdSXM6MI jrzYY7TN9SfS4xP9OaQ/z5hYejuv28P2qlZbLfCvjfrwZxon5ZvKGhg8o3n0tqQy 4ROHqUX5/bDVO99TlBM35HpV/Pg8+BfWTwAncbizgCwDInzj+YqD9i68NLQRKy30 MWno20X7s5nnuKQ7VbB1TZm7APYtpjUcTehpc6DDotvQsz4HMQKUE/USpnxT22J3 acAG6INTapGw/K0+vLVIdb1jeQUKoiK6Arfp/D0ktARa -----END CERTIFICATE-----Generated at Tue Jan 27 11:25:56 2026 by rpki-client