This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/c1ca07-9658-4446-8cb5-60cf9ab1b13e/1/kSIrlNkYtxjevrUOWqXwGaCeFxQ.roa File: kSIrlNkYtxjevrUOWqXwGaCeFxQ.roa (raw, json) Hash identifier: P1EFKe/doBtEMdSkydhZWieCIypvlDRY3TVJIkRt4p8= Subject key identifier: 91:22:2B:94:D9:18:B7:18:DE:BE:B5:0E:5A:A5:F0:19:A0:9E:17:14 Certificate issuer: /CN=5cf4501b755002d9143e8fa6736815e9f0f93695 Certificate serial: 019B7C11AC863C013F87DCC707C363740B77 Authority key identifier: 5C:F4:50:1B:75:50:02:D9:14:3E:8F:A6:73:68:15:E9:F0:F9:36:95 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XPRQG3VQAtkUPo-mc2gV6fD5NpU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/c1ca07-9658-4446-8cb5-60cf9ab1b13e/1/kSIrlNkYtxjevrUOWqXwGaCeFxQ.roa Signing time: Fri 02 Jan 2026 00:18:11 +0000 ROA not before: Fri 02 Jan 2026 00:18:11 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 215000 IP address blocks: 88.97.172.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/c1ca07-9658-4446-8cb5-60cf9ab1b13e/1/XPRQG3VQAtkUPo-mc2gV6fD5NpU.crl rsync://rpki.ripe.net/repository/DEFAULT/bf/c1ca07-9658-4446-8cb5-60cf9ab1b13e/1/XPRQG3VQAtkUPo-mc2gV6fD5NpU.mft rsync://rpki.ripe.net/repository/DEFAULT/XPRQG3VQAtkUPo-mc2gV6fD5NpU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 25 Jan 2026 14:14:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:11:ac:86:3c:01:3f:87:dc:c7:07:c3:63:74:0b:77 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5cf4501b755002d9143e8fa6736815e9f0f93695 Validity Not Before: Jan 2 00:18:11 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=91222b94d918b718debeb50e5aa5f019a09e1714 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:ff:cf:46:53:aa:2f:26:d8:22:76:fc:9b:8d: e7:d3:96:1e:0a:8f:99:ca:d8:8b:04:ba:cf:75:ad: bb:04:c4:92:d9:3d:94:86:fb:55:47:f6:c5:b4:b4: 0c:41:93:58:85:4d:53:9b:29:38:c9:f1:62:d2:c2: 9c:0e:f1:4b:2c:34:0d:e4:3c:45:8b:1c:8b:50:1d: d2:36:00:71:40:44:b0:11:7b:36:92:7d:96:b0:cc: 4e:6a:5e:da:f6:02:02:cd:4a:5d:0c:6f:2b:0b:4d: 37:11:8c:cf:ce:f3:41:03:26:04:d3:f2:f3:07:11: aa:85:75:49:52:95:c8:44:5b:ea:1e:a5:9d:62:5a: a6:07:5b:4c:9b:89:de:d6:c6:ba:0a:c3:c8:f9:ad: 22:d9:97:52:36:3e:e1:1b:aa:54:b5:35:50:eb:7f: 26:25:fe:d0:80:ce:db:80:bf:13:73:54:1e:29:04: 69:25:df:46:4e:6b:ca:6c:6c:da:39:18:ad:b1:1d: c1:ea:1e:aa:42:87:ff:0c:5a:dd:2f:59:ab:a6:8f: 66:6b:0b:25:25:df:ab:fb:64:29:14:c7:d3:16:f6: 7c:12:2e:18:e6:a7:73:ff:b7:83:46:df:6c:29:4d: 1d:c3:3b:df:51:46:62:ef:e3:05:4f:f6:0f:44:a8: 98:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 91:22:2B:94:D9:18:B7:18:DE:BE:B5:0E:5A:A5:F0:19:A0:9E:17:14 X509v3 Authority Key Identifier: keyid:5C:F4:50:1B:75:50:02:D9:14:3E:8F:A6:73:68:15:E9:F0:F9:36:95 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XPRQG3VQAtkUPo-mc2gV6fD5NpU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/c1ca07-9658-4446-8cb5-60cf9ab1b13e/1/kSIrlNkYtxjevrUOWqXwGaCeFxQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/c1ca07-9658-4446-8cb5-60cf9ab1b13e/1/XPRQG3VQAtkUPo-mc2gV6fD5NpU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 88.97.172.0/22 Signature Algorithm: sha256WithRSAEncryption 07:8f:21:a3:69:ae:01:bc:53:0e:b1:dc:a8:bc:19:a7:ba:80: a5:2e:d5:3a:8b:d9:87:49:ab:11:95:b7:e3:75:07:91:42:d4: f6:4a:7a:7f:42:50:e1:f5:8a:42:b7:2a:d9:fe:f2:05:00:7e: 98:0c:aa:c1:47:d2:6b:c8:08:fc:a4:2b:91:d0:22:87:21:55: 3f:0d:b3:30:66:27:27:56:a5:51:22:e1:75:56:83:d6:3a:e7: 9c:ce:42:7a:1b:62:d1:c7:ab:6f:91:79:bc:0c:18:e3:c2:6a: 48:99:a6:26:77:fc:88:66:38:ad:b4:06:e1:25:f4:21:d7:9f: c3:1a:a6:4c:90:e6:56:33:fd:08:80:7c:06:0e:0d:ff:94:a8: b6:3c:31:63:dc:19:16:df:59:40:bb:4f:23:81:64:f8:df:3c: d4:c7:9f:ce:69:a2:dc:e2:62:0b:2f:93:bf:f1:c5:05:ce:4c: dc:5c:52:e1:a2:4e:ff:41:57:ba:fb:82:cc:9b:e8:83:f2:11: 66:c9:5e:37:4e:4a:82:26:ac:21:65:6e:1e:a5:23:38:8b:06: c1:74:d4:f7:ff:0c:ea:33:27:a1:c1:60:9a:16:f2:71:79:50: c8:f3:0f:ef:1d:fe:84:e4:44:22:5e:82:73:12:42:33:3c:49: 2c:60:9b:d5 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt8EayGPAE/h9zHB8NjdAt3MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVjZjQ1MDFiNzU1MDAyZDkxNDNlOGZhNjczNjgxNWU5ZjBm OTM2OTUwHhcNMjYwMTAyMDAxODExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5MTIyMmI5NGQ5MThiNzE4ZGViZWI1MGU1YWE1ZjAxOWEwOWUxNzE0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvP/PRlOqLybYInb8m43n05YeCo+Z ytiLBLrPda27BMSS2T2UhvtVR/bFtLQMQZNYhU1Tmyk4yfFi0sKcDvFLLDQN5DxF ixyLUB3SNgBxQESwEXs2kn2WsMxOal7a9gICzUpdDG8rC003EYzPzvNBAyYE0/Lz BxGqhXVJUpXIRFvqHqWdYlqmB1tMm4ne1sa6CsPI+a0i2ZdSNj7hG6pUtTVQ638m Jf7QgM7bgL8Tc1QeKQRpJd9GTmvKbGzaORitsR3B6h6qQof/DFrdL1mrpo9mawsl Jd+r+2QpFMfTFvZ8Ei4Y5qdz/7eDRt9sKU0dwzvfUUZi7+MFT/YPRKiYxQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFJEiK5TZGLcY3r61Dlql8BmgnhcUMB8GA1UdIwQY MBaAFFz0UBt1UALZFD6PpnNoFenw+TaVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWFBSUUczVlFBdGtVUG8tbWMyZ1Y2ZkQ1TnBVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9jMWNhMDctOTY1OC00NDQ2LThjYjUt NjBjZjlhYjFiMTNlLzEva1NJcmxOa1l0eGpldnJVT1dxWHdHYUNlRnhRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iZi9jMWNhMDctOTY1OC00NDQ2LThjYjUtNjBjZjlhYjFiMTNl LzEvWFBSUUczVlFBdGtVUG8tbWMyZ1Y2ZkQ1TnBVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCWGGsMA0G CSqGSIb3DQEBCwUAA4IBAQAHjyGjaa4BvFMOsdyovBmnuoClLtU6i9mHSasRlbfj dQeRQtT2Snp/QlDh9YpCtyrZ/vIFAH6YDKrBR9JryAj8pCuR0CKHIVU/DbMwZicn VqVRIuF1VoPWOueczkJ6G2LRx6tvkXm8DBjjwmpImaYmd/yIZjittAbhJfQh15/D GqZMkOZWM/0IgHwGDg3/lKi2PDFj3BkW31lAu08jgWT43zzUx5/OaaLc4mILL5O/ 8cUFzkzcXFLhok7/QVe6+4LMm+iD8hFmyV43TkqCJqwhZW4epSM4iwbBdNT3/wzq MyehwWCaFvJxeVDI8w/vHf6E5EQiXoJzEkIzPEksYJvV -----END CERTIFICATE-----Generated at Sat Jan 24 23:59:12 2026 by rpki-client