This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/0f3d8a-a430-4b27-8f95-ee178578dcb5/1/XYUJ8YEpWRVKnEs1lud3ZGRwErY.roa File: XYUJ8YEpWRVKnEs1lud3ZGRwErY.roa (raw, json) Hash identifier: ODygtNmaduKQgGbNRUfrQ+Q4mGtK3q6vsVkBCLpr8rg= Subject key identifier: 5D:85:09:F1:81:29:59:15:4A:9C:4B:35:96:E7:77:64:64:70:12:B6 Certificate issuer: /CN=a329d4d27572ef5a6a6dbecd792eef98ce90716d Certificate serial: 019B7AC8D83294106C254B4F4E91F156E13C Authority key identifier: A3:29:D4:D2:75:72:EF:5A:6A:6D:BE:CD:79:2E:EF:98:CE:90:71:6D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oynU0nVy71pqbb7NeS7vmM6QcW0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/0f3d8a-a430-4b27-8f95-ee178578dcb5/1/XYUJ8YEpWRVKnEs1lud3ZGRwErY.roa Signing time: Thu 01 Jan 2026 18:19:01 +0000 ROA not before: Thu 01 Jan 2026 18:19:01 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 52030 IP address blocks: 46.16.88.0/22 maxlen: 24 46.16.92.0/22 maxlen: 24 46.28.0.0/22 maxlen: 24 46.28.4.0/22 maxlen: 24 46.30.240.0/22 maxlen: 24 46.30.244.0/22 maxlen: 24 46.254.32.0/22 maxlen: 24 46.254.36.0/22 maxlen: 24 67.231.176.0/20 maxlen: 24 77.39.208.0/21 maxlen: 24 86.107.32.0/21 maxlen: 24 89.46.224.0/21 maxlen: 24 93.95.216.0/21 maxlen: 24 185.13.252.0/22 maxlen: 24 185.81.0.0/21 maxlen: 24 2a02:24b8::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b3/0f3d8a-a430-4b27-8f95-ee178578dcb5/1/oynU0nVy71pqbb7NeS7vmM6QcW0.crl rsync://rpki.ripe.net/repository/DEFAULT/b3/0f3d8a-a430-4b27-8f95-ee178578dcb5/1/oynU0nVy71pqbb7NeS7vmM6QcW0.mft rsync://rpki.ripe.net/repository/DEFAULT/oynU0nVy71pqbb7NeS7vmM6QcW0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 18:00:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:c8:d8:32:94:10:6c:25:4b:4f:4e:91:f1:56:e1:3c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a329d4d27572ef5a6a6dbecd792eef98ce90716d Validity Not Before: Jan 1 18:19:01 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5d8509f1812959154a9c4b3596e77764647012b6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:23:c0:c1:50:a0:6a:01:d9:a1:93:76:d5:26: 88:3c:ff:c6:12:4b:57:b3:24:c5:4b:9a:48:77:f2: 71:38:3a:78:21:cb:31:2b:eb:6a:52:c0:90:51:0a: 37:32:c9:b6:56:63:ae:0e:2c:64:9e:16:4d:f6:62: 75:9b:ed:2d:47:a1:30:3d:70:2d:0f:56:11:97:cf: ad:0e:82:f8:3d:48:bb:cf:a2:1a:15:2c:21:e3:0f: 69:90:3c:4f:41:a9:54:8c:87:c4:98:9a:23:83:0e: d8:52:bf:b7:68:11:df:4d:f3:8a:60:7c:a0:6e:db: fb:60:3f:2f:2e:36:19:c0:cc:b1:df:99:a5:44:1d: 5e:ec:05:23:76:70:f9:34:11:1d:34:0d:32:6d:d3: 29:38:00:ad:50:d6:3b:a7:d2:36:e2:bb:ab:7d:d1: 1e:98:56:eb:9f:f6:57:b2:8b:c9:6f:79:d2:ff:10: 28:de:6f:95:7c:b6:69:20:a0:d9:36:8f:7d:3a:e1: 16:23:39:ef:d9:63:ef:3f:cc:e6:7c:ba:e4:77:90: 1c:dd:31:0c:f6:b7:fa:6a:3d:7f:fe:51:a0:50:e9: 4e:84:0e:91:b7:45:5b:eb:7b:d6:f8:89:cb:ff:cb: 33:73:d8:0c:b9:56:9b:e4:ba:5e:f4:13:af:60:86: c5:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:85:09:F1:81:29:59:15:4A:9C:4B:35:96:E7:77:64:64:70:12:B6 X509v3 Authority Key Identifier: keyid:A3:29:D4:D2:75:72:EF:5A:6A:6D:BE:CD:79:2E:EF:98:CE:90:71:6D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oynU0nVy71pqbb7NeS7vmM6QcW0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/0f3d8a-a430-4b27-8f95-ee178578dcb5/1/XYUJ8YEpWRVKnEs1lud3ZGRwErY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/0f3d8a-a430-4b27-8f95-ee178578dcb5/1/oynU0nVy71pqbb7NeS7vmM6QcW0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 46.16.88.0/21 46.28.0.0/21 46.30.240.0/21 46.254.32.0/21 67.231.176.0/20 77.39.208.0/21 86.107.32.0/21 89.46.224.0/21 93.95.216.0/21 185.13.252.0/22 185.81.0.0/21 IPv6: 2a02:24b8::/40 Signature Algorithm: sha256WithRSAEncryption 55:f0:d3:5b:3b:64:cc:b1:39:03:9a:5f:f0:57:07:66:39:ed: 60:2a:be:65:3d:11:01:61:e7:2a:95:09:15:59:66:09:7d:b8: fb:b1:20:1a:df:c4:e8:18:f2:cf:23:14:cf:06:8d:98:c3:16: fa:3a:56:86:b6:cf:a6:a3:58:51:3a:3d:37:f2:55:41:0b:76: 0d:9f:b2:a6:36:62:b3:09:da:0d:52:26:99:51:6c:6f:db:01: 24:1b:f3:4e:13:1a:7e:13:7c:62:7c:25:0f:5f:3a:83:b2:d5: e5:51:98:f5:7b:df:80:72:13:f5:bb:4b:6f:b8:de:fe:60:37: b2:be:e7:f4:37:28:06:0b:78:7a:ce:cc:58:dd:6f:5e:ad:e9: 5d:d3:3b:be:a4:5a:ae:b0:74:8b:59:7f:e9:f9:83:ac:89:7d: cd:97:a8:74:f9:1d:f4:2a:e6:2e:59:e5:dd:c9:4d:3b:f6:d0: 09:86:87:af:cd:dc:5c:f8:b3:c5:c6:c8:64:2e:81:fd:ef:a8: 86:bc:91:b9:3e:b0:26:b2:a5:f7:65:5e:9b:ea:45:94:d3:67: 80:5e:fd:ce:58:fa:71:23:b8:75:27:72:f7:e2:73:ff:8c:6d: 1e:3f:38:40:d8:ad:b9:ae:79:35:27:e6:1c:23:b7:26:0b:7e: d0:cb:f0:92 -----BEGIN CERTIFICATE----- MIIFSTCCBDGgAwIBAgISAZt6yNgylBBsJUtPTpHxVuE8MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEzMjlkNGQyNzU3MmVmNWE2YTZkYmVjZDc5MmVlZjk4Y2U5 MDcxNmQwHhcNMjYwMTAxMTgxOTAxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1ZDg1MDlmMTgxMjk1OTE1NGE5YzRiMzU5NmU3Nzc2NDY0NzAxMmI2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAniPAwVCgagHZoZN21SaIPP/GEktX syTFS5pId/JxODp4IcsxK+tqUsCQUQo3Msm2VmOuDixknhZN9mJ1m+0tR6EwPXAt D1YRl8+tDoL4PUi7z6IaFSwh4w9pkDxPQalUjIfEmJojgw7YUr+3aBHfTfOKYHyg btv7YD8vLjYZwMyx35mlRB1e7AUjdnD5NBEdNA0ybdMpOACtUNY7p9I24rurfdEe mFbrn/ZXsovJb3nS/xAo3m+VfLZpIKDZNo99OuEWIznv2WPvP8zmfLrkd5Ac3TEM 9rf6aj1//lGgUOlOhA6Rt0Vb63vW+InL/8szc9gMuVab5Lpe9BOvYIbFYwIDAQAB o4ICVTCCAlEwHQYDVR0OBBYEFF2FCfGBKVkVSpxLNZbnd2RkcBK2MB8GA1UdIwQY MBaAFKMp1NJ1cu9aam2+zXku75jOkHFtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb3luVTBuVnk3MXBxYmI3TmVTN3ZtTTZRY1cwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy8wZjNkOGEtYTQzMC00YjI3LThmOTUt ZWUxNzg1NzhkY2I1LzEvWFlVSjhZRXBXUlZLbkVzMWx1ZDNaR1J3RXJZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMy8wZjNkOGEtYTQzMC00YjI3LThmOTUtZWUxNzg1NzhkY2I1 LzEvb3luVTBuVnk3MXBxYmI3TmVTN3ZtTTZRY1cwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjBIBAIAATBCAwQDLhBYAwQD LhwAAwQDLh7wAwQDLv4gAwQEQ+ewAwQDTSfQAwQDVmsgAwQDWS7gAwQDXV/YAwQC uQ38AwQDuVEAMA4EAgACMAgDBgAqAiS4ADANBgkqhkiG9w0BAQsFAAOCAQEAVfDT WztkzLE5A5pf8FcHZjntYCq+ZT0RAWHnKpUJFVlmCX24+7EgGt/E6BjyzyMUzwaN mMMW+jpWhrbPpqNYUTo9N/JVQQt2DZ+ypjZiswnaDVImmVFsb9sBJBvzThMafhN8 YnwlD186g7LV5VGY9XvfgHIT9btLb7je/mA3sr7n9DcoBgt4es7MWN1vXq3pXdM7 vqRarrB0i1l/6fmDrIl9zZeodPkd9CrmLlnl3clNO/bQCYaHr83cXPizxcbIZC6B /e+ohryRuT6wJrKl92Vem+pFlNNngF79zlj6cSO4dSdy9+Jz/4xtHj84QNitua55 NSfmHCO3Jgt+0Mvwkg== -----END CERTIFICATE-----Generated at Tue Feb 10 01:44:16 2026 by rpki-client