This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/a5fcf5-7863-43c1-a1c1-194cc9902abf/1/rZYX5fKPq_iTsTklZo3tUzGErD8.roa File: rZYX5fKPq_iTsTklZo3tUzGErD8.roa (raw, json) Hash identifier: Bkadagr0tzraTAYCN3j7TcAW/fLW29DF6wAopom2qpE= Subject key identifier: AD:96:17:E5:F2:8F:AB:F8:93:B1:39:25:66:8D:ED:53:31:84:AC:3F Certificate issuer: /CN=5c3a1d973f9b3391e8adacaa664d1b23d778f008 Certificate serial: 019B7C7FC08A30E520C8DAD3724720657A72 Authority key identifier: 5C:3A:1D:97:3F:9B:33:91:E8:AD:AC:AA:66:4D:1B:23:D7:78:F0:08 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XDodlz-bM5HorayqZk0bI9d48Ag.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/a5fcf5-7863-43c1-a1c1-194cc9902abf/1/rZYX5fKPq_iTsTklZo3tUzGErD8.roa Signing time: Fri 02 Jan 2026 02:18:25 +0000 ROA not before: Fri 02 Jan 2026 02:18:25 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 13004 IP address blocks: 91.245.214.0/24 maxlen: 24 193.105.163.0/24 maxlen: 24 2001:7f8:1e::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8f/a5fcf5-7863-43c1-a1c1-194cc9902abf/1/XDodlz-bM5HorayqZk0bI9d48Ag.crl rsync://rpki.ripe.net/repository/DEFAULT/8f/a5fcf5-7863-43c1-a1c1-194cc9902abf/1/XDodlz-bM5HorayqZk0bI9d48Ag.mft rsync://rpki.ripe.net/repository/DEFAULT/XDodlz-bM5HorayqZk0bI9d48Ag.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 21:05:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:7f:c0:8a:30:e5:20:c8:da:d3:72:47:20:65:7a:72 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5c3a1d973f9b3391e8adacaa664d1b23d778f008 Validity Not Before: Jan 2 02:18:25 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=ad9617e5f28fabf893b13925668ded533184ac3f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:58:5a:02:87:ba:d6:41:33:b6:1a:f2:7a:fa: f2:83:f6:23:23:a2:fd:50:ec:95:94:2c:81:7d:61: 16:a8:3e:4a:37:81:37:e2:39:d0:46:9e:49:0e:18: 3a:c7:f2:e7:e2:1e:77:e4:8a:18:0c:7b:d1:d8:db: 47:ac:db:9e:24:6d:3c:a6:02:4d:fb:dc:85:03:ad: 92:01:9b:11:d7:63:89:58:58:31:76:cc:d0:a9:6e: 90:c1:ac:da:f1:3c:7b:8a:64:88:e6:67:b8:83:d6: 63:29:a9:54:53:2d:23:fc:99:dc:34:96:af:e3:19: e8:fc:f8:34:6c:8f:97:e2:fc:25:f1:36:71:83:15: 25:fb:47:8c:c4:e6:f8:93:ed:6f:fc:c3:9c:91:3d: 9a:df:d5:a4:93:09:0a:bb:84:b7:e8:00:f0:5d:a9: f6:f4:96:bc:2f:61:db:d1:ae:b9:b4:40:ad:34:25: 3e:ce:ea:82:6b:fb:b5:57:a1:ae:88:d4:c7:e4:67: b1:f3:e9:e1:4a:54:b6:de:09:73:19:ec:64:53:ed: eb:72:2d:6f:4b:a0:95:c6:a4:2c:83:30:ff:72:e7: 3d:dd:ea:15:84:f7:6c:35:1e:8f:f3:13:43:d5:86: 44:23:3f:38:40:ad:aa:27:2e:08:04:0c:8f:5e:64: c5:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AD:96:17:E5:F2:8F:AB:F8:93:B1:39:25:66:8D:ED:53:31:84:AC:3F X509v3 Authority Key Identifier: keyid:5C:3A:1D:97:3F:9B:33:91:E8:AD:AC:AA:66:4D:1B:23:D7:78:F0:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XDodlz-bM5HorayqZk0bI9d48Ag.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/a5fcf5-7863-43c1-a1c1-194cc9902abf/1/rZYX5fKPq_iTsTklZo3tUzGErD8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/a5fcf5-7863-43c1-a1c1-194cc9902abf/1/XDodlz-bM5HorayqZk0bI9d48Ag.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.245.214.0/24 193.105.163.0/24 IPv6: 2001:7f8:1e::/48 Signature Algorithm: sha256WithRSAEncryption 1b:47:44:59:8b:24:b4:6d:f7:43:f6:ba:51:10:ec:f8:8b:c2: ce:fe:07:13:57:73:a5:b4:fc:3a:61:7d:2e:64:5c:ff:a4:ea: c0:94:68:9c:c3:a3:56:d5:4c:75:b0:59:fc:6d:e3:ad:9b:a9: 1c:16:40:b5:46:d4:00:79:6f:45:07:eb:8e:4f:67:87:d3:c2: 31:c2:21:a0:da:0a:b2:2e:4c:cd:31:69:72:0e:81:11:ea:57: f6:bd:7b:70:67:27:ac:ae:94:06:11:c1:c1:e2:63:69:55:fe: bd:f0:53:46:00:e0:69:ed:63:f8:63:71:33:e6:1a:01:57:04: 32:09:53:74:7b:2c:d5:e4:46:92:96:18:22:53:ad:fc:e8:fd: 47:05:74:48:37:00:ff:09:a1:68:8b:da:07:b3:66:03:02:51: 05:90:8a:e3:66:a6:a6:bd:8f:1f:ad:ff:32:ac:13:35:41:2d: b8:2e:51:3e:51:6b:cf:e8:e6:7b:84:b6:0d:0e:05:00:86:95: 7d:d1:95:77:03:e3:ca:ae:06:57:38:b7:f1:5e:03:84:1d:0b: 48:60:69:81:e0:ce:ce:0e:a8:3a:dd:9d:e7:71:43:35:63:80: 86:ce:ea:83:12:07:a2:4f:c9:4d:62:e2:9b:ec:4f:53:cf:d4: 9d:dc:ad:95 -----BEGIN CERTIFICATE----- MIIFFDCCA/ygAwIBAgISAZt8f8CKMOUgyNrTckcgZXpyMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVjM2ExZDk3M2Y5YjMzOTFlOGFkYWNhYTY2NGQxYjIzZDc3 OGYwMDgwHhcNMjYwMTAyMDIxODI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhZDk2MTdlNWYyOGZhYmY4OTNiMTM5MjU2NjhkZWQ1MzMxODRhYzNmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsVhaAoe61kEzthryevryg/YjI6L9 UOyVlCyBfWEWqD5KN4E34jnQRp5JDhg6x/Ln4h535IoYDHvR2NtHrNueJG08pgJN +9yFA62SAZsR12OJWFgxdszQqW6Qwaza8Tx7imSI5me4g9ZjKalUUy0j/JncNJav 4xno/Pg0bI+X4vwl8TZxgxUl+0eMxOb4k+1v/MOckT2a39WkkwkKu4S36ADwXan2 9Ja8L2Hb0a65tECtNCU+zuqCa/u1V6GuiNTH5Gex8+nhSlS23glzGexkU+3rci1v S6CVxqQsgzD/cuc93eoVhPdsNR6P8xND1YZEIz84QK2qJy4IBAyPXmTFtwIDAQAB o4ICIDCCAhwwHQYDVR0OBBYEFK2WF+Xyj6v4k7E5JWaN7VMxhKw/MB8GA1UdIwQY MBaAFFw6HZc/mzOR6K2sqmZNGyPXePAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWERvZGx6LWJNNUhvcmF5cVprMGJJOWQ0OEFnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi9hNWZjZjUtNzg2My00M2MxLWExYzEt MTk0Y2M5OTAyYWJmLzEvclpZWDVmS1BxX2lUc1RrbFpvM3RVekdFckQ4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Zi9hNWZjZjUtNzg2My00M2MxLWExYzEtMTk0Y2M5OTAyYWJm LzEvWERvZGx6LWJNNUhvcmF5cVprMGJJOWQ0OEFnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAW/XWAwQA wWmjMA8EAgACMAkDBwAgAQf4AB4wDQYJKoZIhvcNAQELBQADggEBABtHRFmLJLRt 90P2ulEQ7PiLws7+BxNXc6W0/DphfS5kXP+k6sCUaJzDo1bVTHWwWfxt462bqRwW QLVG1AB5b0UH645PZ4fTwjHCIaDaCrIuTM0xaXIOgRHqV/a9e3BnJ6yulAYRwcHi Y2lV/r3wU0YA4GntY/hjcTPmGgFXBDIJU3R7LNXkRpKWGCJTrfzo/UcFdEg3AP8J oWiL2gezZgMCUQWQiuNmpqa9jx+t/zKsEzVBLbguUT5Ra8/o5nuEtg0OBQCGlX3R lXcD48quBlc4t/FeA4QdC0hgaYHgzs4OqDrdnedxQzVjgIbO6oMSB6JPyU1i4pvs T1PP1J3crZU= -----END CERTIFICATE-----Generated at Tue Feb 10 04:26:30 2026 by rpki-client