This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/xfA0_z8nF9jogJTt8JvDJWiwKd0.roa File: xfA0_z8nF9jogJTt8JvDJWiwKd0.roa (raw, json) Hash identifier: 4UoytCa8mc6+13s7j6+TJjXwUJP2qWBxDCO/3czDtbE= Subject key identifier: C5:F0:34:FF:3F:27:17:D8:E8:80:94:ED:F0:9B:C3:25:68:B0:29:DD Certificate issuer: /CN=641975583b250362c8150f63adb30a0f6a0c6fc3 Certificate serial: 019B7C80581BC96D06D64B6820BE411CD98D Authority key identifier: 64:19:75:58:3B:25:03:62:C8:15:0F:63:AD:B3:0A:0F:6A:0C:6F:C3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/xfA0_z8nF9jogJTt8JvDJWiwKd0.roa Signing time: Fri 02 Jan 2026 02:19:04 +0000 ROA not before: Fri 02 Jan 2026 02:19:04 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 401937 IP address blocks: 91.190.187.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.crl rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.mft rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 00:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:80:58:1b:c9:6d:06:d6:4b:68:20:be:41:1c:d9:8d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=641975583b250362c8150f63adb30a0f6a0c6fc3 Validity Not Before: Jan 2 02:19:04 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=c5f034ff3f2717d8e88094edf09bc32568b029dd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:25:5d:49:31:d6:f1:4b:00:83:55:bf:62:f7: a9:42:22:ad:6a:43:ba:9e:e6:3d:dc:ec:56:9b:44: 29:6f:d6:28:c0:bb:90:a2:80:71:48:69:91:05:14: bf:ce:b5:77:34:b3:63:9e:36:f1:75:ca:91:f0:fc: df:57:fe:e6:4c:25:97:d0:4c:6a:ae:3a:3b:d7:7d: 6a:ea:a3:a0:a4:63:f8:7d:1a:32:09:f6:de:34:9f: c0:77:71:4c:df:bc:f2:bb:13:dc:f5:f5:4b:5d:0a: c0:fe:2e:98:e4:0f:cb:68:5b:95:5c:e3:68:d1:9d: 9c:57:38:db:29:20:c3:73:25:dc:e2:a9:b1:56:88: 93:0a:aa:df:b4:85:e5:f4:65:b3:fe:97:95:d7:0f: 4b:30:e5:27:6d:87:1f:25:c3:df:4f:20:23:54:2c: f6:62:4c:d2:35:aa:63:69:ae:1e:29:b1:cd:6c:1f: 6a:25:ba:bf:74:43:80:0c:e6:c2:58:d4:7c:43:58: a0:20:c9:a2:2f:ec:5d:de:4f:fc:47:45:e6:bb:5d: d9:32:38:86:7b:c7:b6:78:8a:f9:d3:46:89:f9:25: 33:45:86:c2:b8:74:3d:42:d6:e0:e6:80:55:1b:63: 40:e6:0a:e9:bd:a1:ab:4a:b6:6a:cc:f6:d7:32:0b: 7d:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C5:F0:34:FF:3F:27:17:D8:E8:80:94:ED:F0:9B:C3:25:68:B0:29:DD X509v3 Authority Key Identifier: keyid:64:19:75:58:3B:25:03:62:C8:15:0F:63:AD:B3:0A:0F:6A:0C:6F:C3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/xfA0_z8nF9jogJTt8JvDJWiwKd0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.190.187.0/24 Signature Algorithm: sha256WithRSAEncryption 00:19:ee:01:d4:01:74:28:9c:02:46:42:25:6e:24:50:20:1c: 3b:24:af:26:95:54:35:59:b7:7b:0a:e9:74:24:ea:2d:bb:47: 7e:40:01:c0:1a:0b:e9:7d:a7:ab:5b:7a:d5:da:3e:0d:c0:2b: cc:a7:00:2f:91:8b:22:0f:21:0e:d1:01:cd:8b:79:d7:f5:54: f2:cf:7e:2d:50:47:14:92:55:6f:cc:69:95:5a:82:ad:80:35: 00:8f:bc:e2:a5:e0:e4:0e:6b:8b:c8:b0:ff:95:d9:51:de:a7: 0c:a8:3d:3d:e6:d8:08:aa:d2:99:3e:76:19:c2:96:e9:c8:87: 93:29:20:59:40:d0:c9:2a:df:12:2c:36:81:06:d9:ef:1c:1d: 8a:1d:44:04:18:e6:08:e0:c4:0b:ee:59:52:04:16:b6:b8:cb: c7:e2:b7:cb:24:42:33:95:bb:34:4f:56:5f:ab:e2:60:92:ac: 32:ff:d8:32:b9:45:da:5d:86:37:c9:18:9f:ee:70:7d:b2:9b: 72:a7:18:98:8c:4d:21:ab:df:b1:a7:f8:23:c8:e7:c6:e4:8b: 54:d8:b9:7d:60:88:53:db:dc:cd:e7:10:32:47:75:e4:4c:48: fd:3c:a5:24:11:19:d5:45:aa:94:04:8a:0a:e5:4c:a9:86:ea: ea:17:5c:e4 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt8gFgbyW0G1ktoIL5BHNmNMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY0MTk3NTU4M2IyNTAzNjJjODE1MGY2M2FkYjMwYTBmNmEw YzZmYzMwHhcNMjYwMTAyMDIxOTA0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjNWYwMzRmZjNmMjcxN2Q4ZTg4MDk0ZWRmMDliYzMyNTY4YjAyOWRkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0SVdSTHW8UsAg1W/YvepQiKtakO6 nuY93OxWm0Qpb9YowLuQooBxSGmRBRS/zrV3NLNjnjbxdcqR8PzfV/7mTCWX0Exq rjo7131q6qOgpGP4fRoyCfbeNJ/Ad3FM37zyuxPc9fVLXQrA/i6Y5A/LaFuVXONo 0Z2cVzjbKSDDcyXc4qmxVoiTCqrftIXl9GWz/peV1w9LMOUnbYcfJcPfTyAjVCz2 YkzSNapjaa4eKbHNbB9qJbq/dEOADObCWNR8Q1igIMmiL+xd3k/8R0Xmu13ZMjiG e8e2eIr500aJ+SUzRYbCuHQ9Qtbg5oBVG2NA5grpvaGrSrZqzPbXMgt99wIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFMXwNP8/JxfY6ICU7fCbwyVosCndMB8GA1UdIwQY MBaAFGQZdVg7JQNiyBUPY62zCg9qDG/DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWkJsMVdEc2xBMkxJRlE5anJiTUtEMm9NYjhNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC85OGE1ZWQtOTA1ZS00YmZhLTkxNTQt ZjFjMzNhYTJmZDUwLzEveGZBMF96OG5GOWpvZ0pUdDhKdkRKV2l3S2QwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kNC85OGE1ZWQtOTA1ZS00YmZhLTkxNTQtZjFjMzNhYTJmZDUw LzEvWkJsMVdEc2xBMkxJRlE5anJiTUtEMm9NYjhNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW767MA0G CSqGSIb3DQEBCwUAA4IBAQAAGe4B1AF0KJwCRkIlbiRQIBw7JK8mlVQ1Wbd7Cul0 JOotu0d+QAHAGgvpfaerW3rV2j4NwCvMpwAvkYsiDyEO0QHNi3nX9VTyz34tUEcU klVvzGmVWoKtgDUAj7zipeDkDmuLyLD/ldlR3qcMqD095tgIqtKZPnYZwpbpyIeT KSBZQNDJKt8SLDaBBtnvHB2KHUQEGOYI4MQL7llSBBa2uMvH4rfLJEIzlbs0T1Zf q+Jgkqwy/9gyuUXaXYY3yRif7nB9sptypxiYjE0hq9+xp/gjyOfG5ItU2Ll9YIhT 29zN5xAyR3XkTEj9PKUkERnVRaqUBIoK5UyphurqF1zk -----END CERTIFICATE-----Generated at Wed Jan 21 08:21:47 2026 by rpki-client