This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/91cdfd-2c72-4236-a4c2-2b8f7346f350/1/xfyMUvyO8DDhcxSBKaxnnxjvYhc.roa File: xfyMUvyO8DDhcxSBKaxnnxjvYhc.roa (raw, json) Hash identifier: W6rHIx7iAQO/hl2oAqLrj2UwizqFE2L+eavtuywb88I= Subject key identifier: C5:FC:8C:52:FC:8E:F0:30:E1:73:14:81:29:AC:67:9F:18:EF:62:17 Certificate issuer: /CN=2fe5b7ccb403d30a44857d47c58cf1346546d283 Certificate serial: 019B7AC8240533C8408B610C1F04937E28E1 Authority key identifier: 2F:E5:B7:CC:B4:03:D3:0A:44:85:7D:47:C5:8C:F1:34:65:46:D2:83 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L-W3zLQD0wpEhX1HxYzxNGVG0oM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/91cdfd-2c72-4236-a4c2-2b8f7346f350/1/xfyMUvyO8DDhcxSBKaxnnxjvYhc.roa Signing time: Thu 01 Jan 2026 18:18:15 +0000 ROA not before: Thu 01 Jan 2026 18:18:15 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 29399 IP address blocks: 159.253.86.0/24 maxlen: 24 159.253.87.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f2/91cdfd-2c72-4236-a4c2-2b8f7346f350/1/L-W3zLQD0wpEhX1HxYzxNGVG0oM.crl rsync://rpki.ripe.net/repository/DEFAULT/f2/91cdfd-2c72-4236-a4c2-2b8f7346f350/1/L-W3zLQD0wpEhX1HxYzxNGVG0oM.mft rsync://rpki.ripe.net/repository/DEFAULT/L-W3zLQD0wpEhX1HxYzxNGVG0oM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 01:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:c8:24:05:33:c8:40:8b:61:0c:1f:04:93:7e:28:e1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2fe5b7ccb403d30a44857d47c58cf1346546d283 Validity Not Before: Jan 1 18:18:15 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=c5fc8c52fc8ef030e173148129ac679f18ef6217 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:32:86:6d:13:e1:c3:a3:e5:38:b2:44:33:a7: 84:fa:85:d7:48:c6:5f:98:ec:62:28:3e:1c:cc:19: c8:6d:6a:1b:ab:1c:27:9f:b4:73:19:a4:76:e6:4f: ae:df:70:b2:f6:c8:28:54:21:bf:87:11:f4:67:d1: 85:b4:d7:77:2e:1e:89:b2:f3:e5:8f:8d:f3:1e:70: 6c:5e:ac:d8:00:25:0e:41:cf:91:ce:6e:02:12:02: 5f:30:8d:73:52:bd:c8:8a:7f:1c:96:5a:79:d0:74: a6:57:67:33:8d:25:49:a1:73:a8:b8:23:48:2f:97: df:3a:35:be:85:c4:f6:62:ad:ea:32:ce:7b:05:32: 00:df:3f:c8:b4:f7:b4:51:fd:c6:af:78:e9:d1:6c: 74:a8:94:84:da:93:5c:b6:1e:cd:a5:50:ad:67:0b: f7:47:e1:55:8d:88:73:ed:73:f5:53:22:86:ed:79: 17:b6:15:73:c5:de:49:4b:8b:6b:e5:e6:41:ea:b4: f5:30:0c:70:38:00:23:2e:1f:b6:f9:dc:5d:f3:25: 83:de:26:b6:e2:63:e6:ec:80:3e:e8:61:95:f8:ba: d4:40:ad:54:35:4e:99:6f:b8:d9:aa:90:72:07:1b: 93:2e:9a:95:8b:22:85:1d:a6:99:1d:9a:6c:ec:0a: 75:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C5:FC:8C:52:FC:8E:F0:30:E1:73:14:81:29:AC:67:9F:18:EF:62:17 X509v3 Authority Key Identifier: keyid:2F:E5:B7:CC:B4:03:D3:0A:44:85:7D:47:C5:8C:F1:34:65:46:D2:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L-W3zLQD0wpEhX1HxYzxNGVG0oM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/91cdfd-2c72-4236-a4c2-2b8f7346f350/1/xfyMUvyO8DDhcxSBKaxnnxjvYhc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/91cdfd-2c72-4236-a4c2-2b8f7346f350/1/L-W3zLQD0wpEhX1HxYzxNGVG0oM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 159.253.86.0/23 Signature Algorithm: sha256WithRSAEncryption 83:52:c7:5f:62:ab:72:f4:e1:19:96:4c:09:04:bd:d1:7a:18: fa:c9:4e:c0:38:0e:7f:b2:82:57:a4:bd:ab:ae:6c:47:f1:38: 6d:a1:2c:89:36:2a:bd:cb:72:d4:cc:be:0a:d4:93:08:8f:fa: 31:da:2c:19:65:77:4e:4e:69:ec:3d:3b:f1:90:ec:97:01:3a: ae:94:48:40:7e:dc:c7:c3:2f:67:e9:1f:b2:ab:9c:a0:fb:3d: 65:c3:9a:33:80:b1:0b:b8:30:35:ed:44:3f:77:2b:ff:8b:a8: 1b:5d:98:00:f1:6f:d2:9c:1b:b9:7b:0d:dc:d8:3a:87:85:c6: 2e:d2:ad:12:2b:eb:4d:c2:99:1f:62:82:c7:ad:e3:75:c4:ae: f1:c7:18:5b:e6:ec:33:84:a9:d9:7f:33:87:2f:c7:a5:d7:f0: 85:07:1e:a2:45:40:c3:20:28:3b:0b:2a:39:00:92:3e:6a:be: 36:34:11:51:20:87:db:d4:15:69:aa:27:9d:bc:8e:d1:c3:df: 48:60:39:ce:8c:0f:a9:26:bd:39:8a:6a:4a:1a:8c:86:92:e8: 33:e1:eb:57:4a:09:57:5b:b5:e1:56:9b:fa:5c:f5:10:69:d1: b1:d8:2f:a2:0a:1d:1d:a7:5d:38:45:39:b0:72:0b:a2:ee:ad: 49:a6:04:20 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt6yCQFM8hAi2EMHwSTfijhMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJmZTViN2NjYjQwM2QzMGE0NDg1N2Q0N2M1OGNmMTM0NjU0 NmQyODMwHhcNMjYwMTAxMTgxODE1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjNWZjOGM1MmZjOGVmMDMwZTE3MzE0ODEyOWFjNjc5ZjE4ZWY2MjE3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqzKGbRPhw6PlOLJEM6eE+oXXSMZf mOxiKD4czBnIbWobqxwnn7RzGaR25k+u33Cy9sgoVCG/hxH0Z9GFtNd3Lh6JsvPl j43zHnBsXqzYACUOQc+Rzm4CEgJfMI1zUr3Iin8cllp50HSmV2czjSVJoXOouCNI L5ffOjW+hcT2Yq3qMs57BTIA3z/ItPe0Uf3Gr3jp0Wx0qJSE2pNcth7NpVCtZwv3 R+FVjYhz7XP1UyKG7XkXthVzxd5JS4tr5eZB6rT1MAxwOAAjLh+2+dxd8yWD3ia2 4mPm7IA+6GGV+LrUQK1UNU6Zb7jZqpByBxuTLpqViyKFHaaZHZps7Ap1nQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFMX8jFL8jvAw4XMUgSmsZ58Y72IXMB8GA1UdIwQY MBaAFC/lt8y0A9MKRIV9R8WM8TRlRtKDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTC1XM3pMUUQwd3BFaFgxSHhZenhOR1ZHMG9NLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi85MWNkZmQtMmM3Mi00MjM2LWE0YzIt MmI4ZjczNDZmMzUwLzEveGZ5TVV2eU84RERoY3hTQktheG5ueGp2WWhjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mMi85MWNkZmQtMmM3Mi00MjM2LWE0YzItMmI4ZjczNDZmMzUw LzEvTC1XM3pMUUQwd3BFaFgxSHhZenhOR1ZHMG9NLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBn/1WMA0G CSqGSIb3DQEBCwUAA4IBAQCDUsdfYqty9OEZlkwJBL3Rehj6yU7AOA5/soJXpL2r rmxH8ThtoSyJNiq9y3LUzL4K1JMIj/ox2iwZZXdOTmnsPTvxkOyXATqulEhAftzH wy9n6R+yq5yg+z1lw5ozgLELuDA17UQ/dyv/i6gbXZgA8W/SnBu5ew3c2DqHhcYu 0q0SK+tNwpkfYoLHreN1xK7xxxhb5uwzhKnZfzOHL8el1/CFBx6iRUDDICg7Cyo5 AJI+ar42NBFRIIfb1BVpqiedvI7Rw99IYDnOjA+pJr05impKGoyGkugz4etXSglX W7XhVpv6XPUQadGx2C+iCh0dp104RTmwcgui7q1JpgQg -----END CERTIFICATE-----Generated at Mon Jan 26 11:39:47 2026 by rpki-client