This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/3630cb-ebec-4d86-b12b-bffb757c3134/1/xY0yzyzGKETMGEPdBnrDX84itWs.roa File: xY0yzyzGKETMGEPdBnrDX84itWs.roa (raw, json) Hash identifier: avsQpG9VhWpkE114IUXSkSxZIAsU+MHzryCiy/ZPdtw= Subject key identifier: C5:8D:32:CF:2C:C6:28:44:CC:18:43:DD:06:7A:C3:5F:CE:22:B5:6B Certificate issuer: /CN=96bfc5a172654dd6009db1d82d92ffaf71234120 Certificate serial: 019B7DCAD0A7CBFBC6FB0646EF75C07D7967 Authority key identifier: 96:BF:C5:A1:72:65:4D:D6:00:9D:B1:D8:2D:92:FF:AF:71:23:41:20 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lr_FoXJlTdYAnbHYLZL_r3EjQSA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/3630cb-ebec-4d86-b12b-bffb757c3134/1/xY0yzyzGKETMGEPdBnrDX84itWs.roa Signing time: Fri 02 Jan 2026 08:20:02 +0000 ROA not before: Fri 02 Jan 2026 08:20:02 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 213081 IP address blocks: 91.194.139.0/24 maxlen: 24 147.78.194.0/23 maxlen: 24 185.203.114.0/23 maxlen: 23 2a09:2940::/29 maxlen: 48 2a0a:e5c0::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cc/3630cb-ebec-4d86-b12b-bffb757c3134/1/lr_FoXJlTdYAnbHYLZL_r3EjQSA.crl rsync://rpki.ripe.net/repository/DEFAULT/cc/3630cb-ebec-4d86-b12b-bffb757c3134/1/lr_FoXJlTdYAnbHYLZL_r3EjQSA.mft rsync://rpki.ripe.net/repository/DEFAULT/lr_FoXJlTdYAnbHYLZL_r3EjQSA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 21:05:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:ca:d0:a7:cb:fb:c6:fb:06:46:ef:75:c0:7d:79:67 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=96bfc5a172654dd6009db1d82d92ffaf71234120 Validity Not Before: Jan 2 08:20:02 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=c58d32cf2cc62844cc1843dd067ac35fce22b56b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:95:20:ae:00:83:63:e9:c8:9b:b5:ec:e7:b9: 38:ff:f1:e4:f6:7d:94:55:bc:0a:c1:ea:54:18:1b: 45:12:6d:c6:1c:46:6c:d9:8d:a8:60:0f:89:c5:f7: ec:ce:eb:de:75:83:a8:45:9f:d9:4d:7b:38:95:be: 73:a9:29:6d:49:f2:af:ca:c1:69:f1:4d:c4:17:99: 6c:e0:be:3e:86:70:07:f1:f8:2a:eb:87:ff:2b:0d: f9:46:6e:73:f6:61:52:91:e2:03:dd:01:8c:83:b6: 2c:51:2d:5a:e7:ac:e7:8e:cf:60:0c:6a:91:76:83: 50:22:16:a8:84:f0:84:3f:c4:ed:9d:9b:06:99:6e: 51:79:77:83:96:a3:b8:8c:2b:07:f5:e7:e1:e3:67: 0c:c5:48:f4:b6:f1:84:86:3b:90:d3:e5:57:cc:71: 06:e1:80:93:4d:e6:0f:72:bc:e1:33:55:8e:fa:12: 55:1c:5c:d8:ff:e6:d2:c5:11:68:64:20:dd:9a:dd: f5:f1:03:3a:f8:e1:e9:ad:8f:b3:6e:81:e5:da:ec: f4:8a:17:2d:2f:90:bd:5c:c4:ed:ed:78:82:38:d1: 00:60:cf:2e:98:ed:35:65:2a:22:0a:a3:cf:29:b7: 28:f6:73:36:73:35:ff:42:7a:71:36:2d:6d:35:f8: 14:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C5:8D:32:CF:2C:C6:28:44:CC:18:43:DD:06:7A:C3:5F:CE:22:B5:6B X509v3 Authority Key Identifier: keyid:96:BF:C5:A1:72:65:4D:D6:00:9D:B1:D8:2D:92:FF:AF:71:23:41:20 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lr_FoXJlTdYAnbHYLZL_r3EjQSA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/3630cb-ebec-4d86-b12b-bffb757c3134/1/xY0yzyzGKETMGEPdBnrDX84itWs.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/3630cb-ebec-4d86-b12b-bffb757c3134/1/lr_FoXJlTdYAnbHYLZL_r3EjQSA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.194.139.0/24 147.78.194.0/23 185.203.114.0/23 IPv6: 2a09:2940::/29 2a0a:e5c0::/29 Signature Algorithm: sha256WithRSAEncryption 42:d0:24:ae:31:10:42:01:e6:f8:bd:ba:af:d1:dd:9a:54:9a: ed:bb:2d:e6:15:6c:8e:32:c4:22:9e:1b:68:bb:68:08:7d:b3: b0:31:c2:83:ad:df:5a:e7:d7:da:e0:10:74:ab:a7:c3:1b:5c: e2:e1:9b:dc:fe:7d:5a:85:9e:f4:e6:ed:bc:be:89:f5:d2:32: 8d:e2:05:45:82:c9:c6:a6:96:82:39:5d:01:dc:70:12:77:55: 35:ca:d6:18:db:b1:9c:4c:f9:f9:35:7b:a2:e8:29:e1:da:a6: 9a:55:74:26:99:ef:99:a2:69:d9:ae:18:e4:a9:91:eb:6e:0c: 94:df:98:f1:2d:13:ae:0a:bf:c3:53:33:2b:db:cc:55:3c:42: c2:a8:89:75:d4:80:c4:5e:ea:c9:77:be:3c:00:4d:ad:54:02: d5:f2:df:a4:17:c1:12:21:6c:0f:15:15:5f:d5:bf:aa:18:a6: 68:df:46:3f:3c:0b:41:da:32:87:ab:e6:1f:fd:ef:f1:e4:4b: 86:a4:a6:2d:4a:63:a3:e9:c6:94:e8:94:81:3f:5b:86:88:98: 95:f6:aa:f4:e7:65:fa:75:03:2c:e6:b9:41:46:54:8d:d0:b5: 0a:8a:05:83:28:37:d9:72:58:67:b8:2b:11:e4:46:24:6b:b4: a3:71:2d:1e -----BEGIN CERTIFICATE----- MIIFHzCCBAegAwIBAgISAZt9ytCny/vG+wZG73XAfXlnMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk2YmZjNWExNzI2NTRkZDYwMDlkYjFkODJkOTJmZmFmNzEy MzQxMjAwHhcNMjYwMTAyMDgyMDAyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjNThkMzJjZjJjYzYyODQ0Y2MxODQzZGQwNjdhYzM1ZmNlMjJiNTZiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArZUgrgCDY+nIm7Xs57k4//Hk9n2U VbwKwepUGBtFEm3GHEZs2Y2oYA+JxffszuvedYOoRZ/ZTXs4lb5zqSltSfKvysFp 8U3EF5ls4L4+hnAH8fgq64f/Kw35Rm5z9mFSkeID3QGMg7YsUS1a56znjs9gDGqR doNQIhaohPCEP8TtnZsGmW5ReXeDlqO4jCsH9efh42cMxUj0tvGEhjuQ0+VXzHEG 4YCTTeYPcrzhM1WO+hJVHFzY/+bSxRFoZCDdmt318QM6+OHprY+zboHl2uz0ihct L5C9XMTt7XiCONEAYM8umO01ZSoiCqPPKbco9nM2czX/QnpxNi1tNfgUOwIDAQAB o4ICKzCCAicwHQYDVR0OBBYEFMWNMs8sxihEzBhD3QZ6w1/OIrVrMB8GA1UdIwQY MBaAFJa/xaFyZU3WAJ2x2C2S/69xI0EgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbHJfRm9YSmxUZFlBbmJIWUxaTF9yM0VqUVNBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy8zNjMwY2ItZWJlYy00ZDg2LWIxMmIt YmZmYjc1N2MzMTM0LzEveFkweXp5ekdLRVRNR0VQZEJuckRYODRpdFdzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jYy8zNjMwY2ItZWJlYy00ZDg2LWIxMmItYmZmYjc1N2MzMTM0 LzEvbHJfRm9YSmxUZFlBbmJIWUxaTF9yM0VqUVNBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQAW8KLAwQB k07CAwQBuctyMBQEAgACMA4DBQMqCSlAAwUDKgrlwDANBgkqhkiG9w0BAQsFAAOC AQEAQtAkrjEQQgHm+L26r9HdmlSa7bst5hVsjjLEIp4baLtoCH2zsDHCg63fWufX 2uAQdKunwxtc4uGb3P59WoWe9ObtvL6J9dIyjeIFRYLJxqaWgjldAdxwEndVNcrW GNuxnEz5+TV7ougp4dqmmlV0JpnvmaJp2a4Y5KmR624MlN+Y8S0Trgq/w1MzK9vM VTxCwqiJddSAxF7qyXe+PABNrVQC1fLfpBfBEiFsDxUVX9W/qhimaN9GPzwLQdoy h6vmH/3v8eRLhqSmLUpjo+nGlOiUgT9bhoiYlfaq9Odl+nUDLOa5QUZUjdC1CooF gyg32XJYZ7grEeRGJGu0o3EtHg== -----END CERTIFICATE-----Generated at Tue Feb 10 02:46:46 2026 by rpki-client