This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/bcea5d-514e-4f52-b49a-90fb57d40ca7/1/XO1viMFitX_oQoNKUBYNw7H6D54.roa File: XO1viMFitX_oQoNKUBYNw7H6D54.roa (raw, json) Hash identifier: jVh+iUQm/gwRWI08v+pcXmrPul1qy5rkSN9bPBWuSAg= Subject key identifier: 5C:ED:6F:88:C1:62:B5:7F:E8:42:83:4A:50:16:0D:C3:B1:FA:0F:9E Certificate issuer: /CN=cac9804e227eaac9ac09b0821fc07ee2817777b5 Certificate serial: 019B7A5B8CD865D16AA6D5A495381CEDC3BF Authority key identifier: CA:C9:80:4E:22:7E:AA:C9:AC:09:B0:82:1F:C0:7E:E2:81:77:77:B5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ysmATiJ-qsmsCbCCH8B-4oF3d7U.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/bcea5d-514e-4f52-b49a-90fb57d40ca7/1/XO1viMFitX_oQoNKUBYNw7H6D54.roa Signing time: Thu 01 Jan 2026 16:19:38 +0000 ROA not before: Thu 01 Jan 2026 16:19:38 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 16509 IP address blocks: 45.91.255.0/24 maxlen: 24 193.57.172.0/24 maxlen: 24 2a11:5ec0::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/bcea5d-514e-4f52-b49a-90fb57d40ca7/1/ysmATiJ-qsmsCbCCH8B-4oF3d7U.crl rsync://rpki.ripe.net/repository/DEFAULT/b1/bcea5d-514e-4f52-b49a-90fb57d40ca7/1/ysmATiJ-qsmsCbCCH8B-4oF3d7U.mft rsync://rpki.ripe.net/repository/DEFAULT/ysmATiJ-qsmsCbCCH8B-4oF3d7U.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 01:01:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5b:8c:d8:65:d1:6a:a6:d5:a4:95:38:1c:ed:c3:bf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cac9804e227eaac9ac09b0821fc07ee2817777b5 Validity Not Before: Jan 1 16:19:38 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5ced6f88c162b57fe842834a50160dc3b1fa0f9e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:92:6a:1e:a5:2c:15:f1:39:66:2b:6d:ea:d3:b5: 00:f2:95:31:f0:a3:41:de:19:10:e3:f9:73:9a:94: 7c:d2:65:1c:ae:a8:39:13:c0:90:e9:81:56:fb:4d: 6b:1b:12:a7:af:b6:db:bf:0f:92:de:20:8f:f5:e8: 5b:16:ab:d3:94:b2:f5:ff:6c:10:cf:d9:f9:6a:5e: c8:a8:a4:f2:af:5c:de:f2:00:60:f7:5a:76:18:18: 94:b5:15:c4:3c:ca:42:93:d8:9a:38:2d:be:9c:97: 32:5b:ac:11:14:77:26:28:67:3d:5c:4e:ec:20:48: b8:ce:f3:43:11:96:70:60:9d:44:78:27:7d:c4:d3: 8b:68:1e:cb:ce:2a:81:87:12:2e:2b:2f:22:c1:46: fb:f0:9a:bc:44:36:7d:8f:1b:a5:06:9b:68:07:29: ef:8d:ae:8a:1c:d9:3f:11:97:82:33:aa:2d:3a:63: 6c:d7:57:5f:f7:38:95:72:83:82:cf:3f:f9:2b:34: a8:3b:db:30:6f:bb:2b:7a:d4:8b:f9:83:a2:28:81: a3:39:b2:93:17:84:be:1e:3d:df:17:69:a5:57:51: fe:76:61:a4:6a:22:f7:93:3b:50:ea:d0:60:a7:20: 85:e5:96:56:a6:33:1d:08:c9:39:77:b7:09:8c:b7: f3:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5C:ED:6F:88:C1:62:B5:7F:E8:42:83:4A:50:16:0D:C3:B1:FA:0F:9E X509v3 Authority Key Identifier: keyid:CA:C9:80:4E:22:7E:AA:C9:AC:09:B0:82:1F:C0:7E:E2:81:77:77:B5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ysmATiJ-qsmsCbCCH8B-4oF3d7U.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/bcea5d-514e-4f52-b49a-90fb57d40ca7/1/XO1viMFitX_oQoNKUBYNw7H6D54.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/bcea5d-514e-4f52-b49a-90fb57d40ca7/1/ysmATiJ-qsmsCbCCH8B-4oF3d7U.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.91.255.0/24 193.57.172.0/24 IPv6: 2a11:5ec0::/40 Signature Algorithm: sha256WithRSAEncryption f7:88:0f:cd:cb:95:2d:07:e6:43:90:9b:c3:63:a2:b2:ab:9f: ad:30:c5:e1:56:f2:a2:cf:e2:3d:46:4c:e7:f6:1a:5a:72:d7: b0:cd:37:43:fa:5f:1c:2f:30:ce:35:7c:2d:96:d9:fe:e7:24: 79:47:eb:26:b3:ef:6a:ce:ae:3c:12:dd:8c:50:46:74:0b:2b: 04:4d:ac:9e:08:72:a2:7a:31:2a:c9:de:59:0f:6d:17:51:66: b3:cb:13:4b:7b:8a:64:f5:f0:b6:0a:4b:a9:d9:b9:b9:42:ec: 44:1e:27:4c:f6:c8:7c:9f:6b:4a:06:6d:67:84:fb:c2:c4:76: 02:0b:76:00:68:4c:9d:2c:e6:41:13:4b:45:df:43:0a:08:61: d6:54:31:d5:13:70:98:d8:24:54:95:a3:b2:88:72:eb:c6:b6: d3:31:7e:13:0a:94:13:06:25:8c:29:4e:73:68:b9:2c:2b:8c: eb:2e:4d:03:7d:90:a4:31:15:75:09:a6:ba:51:20:e5:62:c6: e9:32:73:20:25:e0:1c:ec:a2:a9:53:8d:f0:3c:6e:55:e3:e6: 1d:0f:45:f7:79:14:18:1f:4c:7c:96:79:97:ad:38:ea:7d:f4: eb:16:b2:96:91:78:fd:fe:09:e7:84:3e:5b:09:90:95:99:c2: 84:56:2c:e9 -----BEGIN CERTIFICATE----- MIIFEzCCA/ugAwIBAgISAZt6W4zYZdFqptWklTgc7cO/MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNhYzk4MDRlMjI3ZWFhYzlhYzA5YjA4MjFmYzA3ZWUyODE3 Nzc3YjUwHhcNMjYwMTAxMTYxOTM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1Y2VkNmY4OGMxNjJiNTdmZTg0MjgzNGE1MDE2MGRjM2IxZmEwZjllMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkmoepSwV8TlmK23q07UA8pUx8KNB 3hkQ4/lzmpR80mUcrqg5E8CQ6YFW+01rGxKnr7bbvw+S3iCP9ehbFqvTlLL1/2wQ z9n5al7IqKTyr1ze8gBg91p2GBiUtRXEPMpCk9iaOC2+nJcyW6wRFHcmKGc9XE7s IEi4zvNDEZZwYJ1EeCd9xNOLaB7LziqBhxIuKy8iwUb78Jq8RDZ9jxulBptoBynv ja6KHNk/EZeCM6otOmNs11df9ziVcoOCzz/5KzSoO9swb7sretSL+YOiKIGjObKT F4S+Hj3fF2mlV1H+dmGkaiL3kztQ6tBgpyCF5ZZWpjMdCMk5d7cJjLfzTQIDAQAB o4ICHzCCAhswHQYDVR0OBBYEFFztb4jBYrV/6EKDSlAWDcOx+g+eMB8GA1UdIwQY MBaAFMrJgE4ifqrJrAmwgh/AfuKBd3e1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveXNtQVRpSi1xc21zQ2JDQ0g4Qi00b0YzZDdVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9iY2VhNWQtNTE0ZS00ZjUyLWI0OWEt OTBmYjU3ZDQwY2E3LzEvWE8xdmlNRml0WF9vUW9OS1VCWU53N0g2RDU0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMS9iY2VhNWQtNTE0ZS00ZjUyLWI0OWEtOTBmYjU3ZDQwY2E3 LzEveXNtQVRpSi1xc21zQ2JDQ0g4Qi00b0YzZDdVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDASBAIAATAMAwQALVv/AwQA wTmsMA4EAgACMAgDBgAqEV7AADANBgkqhkiG9w0BAQsFAAOCAQEA94gPzcuVLQfm Q5Cbw2OisqufrTDF4Vbyos/iPUZM5/YaWnLXsM03Q/pfHC8wzjV8LZbZ/uckeUfr JrPvas6uPBLdjFBGdAsrBE2snghyonoxKsneWQ9tF1Fms8sTS3uKZPXwtgpLqdm5 uULsRB4nTPbIfJ9rSgZtZ4T7wsR2Agt2AGhMnSzmQRNLRd9DCghh1lQx1RNwmNgk VJWjsohy68a20zF+EwqUEwYljClOc2i5LCuM6y5NA32QpDEVdQmmulEg5WLG6TJz ICXgHOyiqVON8DxuVePmHQ9F93kUGB9MfJZ5l6046n306xaylpF4/f4J54Q+WwmQ lZnChFYs6Q== -----END CERTIFICATE-----Generated at Fri Jan 2 11:03:59 2026 by rpki-client