This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/b2dbe0-04c5-41ba-ac62-3a53d0ef8b5a/1/xpX8qu7gtSlTMLKM8RNsSENreoM.roa File: xpX8qu7gtSlTMLKM8RNsSENreoM.roa (raw, json) Hash identifier: 6bwqH3IsERgfQGTI2ktBpw6N1RbIGeWD0+vqqsDzaLM= Subject key identifier: C6:95:FC:AA:EE:E0:B5:29:53:30:B2:8C:F1:13:6C:48:43:6B:7A:83 Certificate issuer: /CN=c8c2c7314593042cf74210f7f03be7106c224f89 Certificate serial: 019B7AC9570E91D2C2EF3A4BBEABEB4F2DC7 Authority key identifier: C8:C2:C7:31:45:93:04:2C:F7:42:10:F7:F0:3B:E7:10:6C:22:4F:89 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yMLHMUWTBCz3QhD38DvnEGwiT4k.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/b2dbe0-04c5-41ba-ac62-3a53d0ef8b5a/1/xpX8qu7gtSlTMLKM8RNsSENreoM.roa Signing time: Thu 01 Jan 2026 18:19:33 +0000 ROA not before: Thu 01 Jan 2026 18:19:33 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 209286 IP address blocks: 185.233.219.0/24 maxlen: 25 2a10:4e40::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/b2dbe0-04c5-41ba-ac62-3a53d0ef8b5a/1/yMLHMUWTBCz3QhD38DvnEGwiT4k.crl rsync://rpki.ripe.net/repository/DEFAULT/bf/b2dbe0-04c5-41ba-ac62-3a53d0ef8b5a/1/yMLHMUWTBCz3QhD38DvnEGwiT4k.mft rsync://rpki.ripe.net/repository/DEFAULT/yMLHMUWTBCz3QhD38DvnEGwiT4k.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 12:01:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:c9:57:0e:91:d2:c2:ef:3a:4b:be:ab:eb:4f:2d:c7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c8c2c7314593042cf74210f7f03be7106c224f89 Validity Not Before: Jan 1 18:19:33 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=c695fcaaeee0b5295330b28cf1136c48436b7a83 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:6c:a3:4d:f4:6e:c7:47:51:c6:80:62:19:3f: 56:22:08:d0:62:c2:40:9c:6a:de:ec:b9:f3:1a:fe: 39:b8:85:d8:da:ba:c5:c8:7d:2a:cf:4d:ff:ba:15: 58:bf:f2:57:0e:2c:c7:10:35:6b:41:c5:f1:ff:9e: de:be:16:ef:49:b8:2a:eb:10:03:9d:63:af:26:1a: 57:c7:73:b3:e1:97:76:44:95:b4:91:47:e5:02:ab: 72:d9:be:07:23:73:13:c4:ca:c6:73:90:4e:99:27: dd:bc:d5:97:23:69:86:4c:8b:6f:5b:f7:ab:94:71: 0a:f7:9d:84:40:de:08:09:a1:60:5f:dc:ca:d9:20: dc:6c:86:2f:e8:d1:d7:95:82:23:6a:5d:f4:0f:c5: 5e:2c:42:14:38:00:ab:48:bc:d7:58:56:85:fb:bf: e1:10:df:f0:a9:02:2f:b4:07:3b:42:9f:4f:50:97: 77:34:ef:83:f7:96:d7:c3:92:9c:54:7f:fb:0e:99: fb:b1:d4:34:87:46:85:62:a6:89:f7:cf:50:c7:21: 25:3b:12:90:99:a0:23:ad:ca:73:46:55:d0:0e:8e: 8c:24:15:60:b1:4b:34:6d:de:5f:0c:93:04:28:5a: a8:6d:48:e4:4f:3e:c8:c0:e5:6a:ed:f4:a2:3e:b4: 8f:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C6:95:FC:AA:EE:E0:B5:29:53:30:B2:8C:F1:13:6C:48:43:6B:7A:83 X509v3 Authority Key Identifier: keyid:C8:C2:C7:31:45:93:04:2C:F7:42:10:F7:F0:3B:E7:10:6C:22:4F:89 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yMLHMUWTBCz3QhD38DvnEGwiT4k.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/b2dbe0-04c5-41ba-ac62-3a53d0ef8b5a/1/xpX8qu7gtSlTMLKM8RNsSENreoM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/b2dbe0-04c5-41ba-ac62-3a53d0ef8b5a/1/yMLHMUWTBCz3QhD38DvnEGwiT4k.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.233.219.0/24 IPv6: 2a10:4e40::/48 Signature Algorithm: sha256WithRSAEncryption 89:e5:b7:2c:f0:90:16:f3:1c:2b:8f:ea:70:4a:b0:41:e0:1f: 8c:df:4c:69:06:67:36:8c:56:0f:20:58:60:8e:ed:f8:98:5e: b2:4f:32:70:8d:a1:b6:08:e2:0a:d9:14:80:23:f9:36:1c:85: cc:aa:9e:d8:ed:a7:90:29:6c:18:aa:c3:bb:8a:cd:a7:87:c9: 02:1c:45:3b:df:dd:42:b2:2f:47:c6:bc:92:5a:4c:d2:68:f2: f1:c0:17:30:30:d4:e7:29:29:9a:3e:91:52:09:6b:62:5e:ab: 38:a3:d9:9e:72:30:a9:28:5a:17:84:ae:4f:65:91:9d:f5:eb: 21:66:37:db:89:2e:17:76:cb:4b:6e:47:d2:22:bc:ce:74:d2: 0a:75:55:40:10:53:46:f9:c8:62:59:14:64:8e:59:41:99:99: 05:d2:47:7c:51:6e:57:26:13:a7:6f:b6:2b:e8:e2:8a:75:0d: fd:14:2e:8f:54:27:74:bd:4b:fb:e3:91:77:d2:bc:43:bf:b9: ba:39:0e:b7:e7:2b:82:f7:33:58:cc:96:b9:06:98:45:ec:08: 8f:26:5d:0a:fd:81:2c:80:b5:fd:43:39:3d:20:bc:08:76:86: 2b:5d:5e:0f:dc:67:36:25:ad:b8:2e:f8:92:3c:b9:67:f2:47: 4c:9e:a5:6b -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgISAZt6yVcOkdLC7zpLvqvrTy3HMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM4YzJjNzMxNDU5MzA0MmNmNzQyMTBmN2YwM2JlNzEwNmMy MjRmODkwHhcNMjYwMTAxMTgxOTMzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjNjk1ZmNhYWVlZTBiNTI5NTMzMGIyOGNmMTEzNmM0ODQzNmI3YTgzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqGyjTfRux0dRxoBiGT9WIgjQYsJA nGre7LnzGv45uIXY2rrFyH0qz03/uhVYv/JXDizHEDVrQcXx/57evhbvSbgq6xAD nWOvJhpXx3Oz4Zd2RJW0kUflAqty2b4HI3MTxMrGc5BOmSfdvNWXI2mGTItvW/er lHEK952EQN4ICaFgX9zK2SDcbIYv6NHXlYIjal30D8VeLEIUOACrSLzXWFaF+7/h EN/wqQIvtAc7Qp9PUJd3NO+D95bXw5KcVH/7Dpn7sdQ0h0aFYqaJ989QxyElOxKQ maAjrcpzRlXQDo6MJBVgsUs0bd5fDJMEKFqobUjkTz7IwOVq7fSiPrSPUwIDAQAB o4ICGjCCAhYwHQYDVR0OBBYEFMaV/Kru4LUpUzCyjPETbEhDa3qDMB8GA1UdIwQY MBaAFMjCxzFFkwQs90IQ9/A75xBsIk+JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveU1MSE1VV1RCQ3ozUWhEMzhEdm5FR3dpVDRrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9iMmRiZTAtMDRjNS00MWJhLWFjNjIt M2E1M2QwZWY4YjVhLzEveHBYOHF1N2d0U2xUTUxLTThSTnNTRU5yZW9NLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iZi9iMmRiZTAtMDRjNS00MWJhLWFjNjItM2E1M2QwZWY4YjVh LzEveU1MSE1VV1RCQ3ozUWhEMzhEdm5FR3dpVDRrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuenbMA8E AgACMAkDBwAqEE5AAAAwDQYJKoZIhvcNAQELBQADggEBAInltyzwkBbzHCuP6nBK sEHgH4zfTGkGZzaMVg8gWGCO7fiYXrJPMnCNobYI4grZFIAj+TYchcyqntjtp5Ap bBiqw7uKzaeHyQIcRTvf3UKyL0fGvJJaTNJo8vHAFzAw1OcpKZo+kVIJa2Jeqzij 2Z5yMKkoWheErk9lkZ316yFmN9uJLhd2y0tuR9IivM500gp1VUAQU0b5yGJZFGSO WUGZmQXSR3xRblcmE6dvtivo4op1Df0ULo9UJ3S9S/vjkXfSvEO/ubo5DrfnK4L3 M1jMlrkGmEXsCI8mXQr9gSyAtf1DOT0gvAh2hitdXg/cZzYlrbgu+JI8uWfyR0ye pWs= -----END CERTIFICATE-----Generated at Mon Jan 26 18:19:30 2026 by rpki-client