This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/8a3bb5-9d95-4953-9388-031f407b3263/1/xd89191APrZOUVHG3uZycN3SZ0g.roa File: xd89191APrZOUVHG3uZycN3SZ0g.roa (raw, json) Hash identifier: IG6q5I2/G1oD/WZjTUVQ36euEC71avJGwrJIV9eTw8Y= Subject key identifier: C5:DF:3D:D7:DD:40:3E:B6:4E:51:51:C6:DE:E6:72:70:DD:D2:67:48 Certificate issuer: /CN=bc127864cd43048550ed1699c584b5c14d80e098 Certificate serial: 019B7C80D70CC93C726CBECA2F4784D8511F Authority key identifier: BC:12:78:64:CD:43:04:85:50:ED:16:99:C5:84:B5:C1:4D:80:E0:98 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vBJ4ZM1DBIVQ7RaZxYS1wU2A4Jg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/8a3bb5-9d95-4953-9388-031f407b3263/1/xd89191APrZOUVHG3uZycN3SZ0g.roa Signing time: Fri 02 Jan 2026 02:19:36 +0000 ROA not before: Fri 02 Jan 2026 02:19:36 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 15743 IP address blocks: 37.131.240.0/21 maxlen: 21 62.48.64.0/19 maxlen: 19 193.35.198.0/23 maxlen: 23 193.35.218.0/23 maxlen: 23 193.35.218.0/24 maxlen: 24 193.35.219.0/24 maxlen: 24 193.98.1.0/24 maxlen: 24 217.26.224.0/21 maxlen: 21 2a00:e68::/29 maxlen: 29 2a0b:2c0::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/8a3bb5-9d95-4953-9388-031f407b3263/1/vBJ4ZM1DBIVQ7RaZxYS1wU2A4Jg.crl rsync://rpki.ripe.net/repository/DEFAULT/f8/8a3bb5-9d95-4953-9388-031f407b3263/1/vBJ4ZM1DBIVQ7RaZxYS1wU2A4Jg.mft rsync://rpki.ripe.net/repository/DEFAULT/vBJ4ZM1DBIVQ7RaZxYS1wU2A4Jg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 28 Jan 2026 00:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:80:d7:0c:c9:3c:72:6c:be:ca:2f:47:84:d8:51:1f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=bc127864cd43048550ed1699c584b5c14d80e098 Validity Not Before: Jan 2 02:19:36 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=c5df3dd7dd403eb64e5151c6dee67270ddd26748 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e9:3a:a5:5c:8d:20:2f:47:ef:ec:eb:03:34:75: b6:1b:0f:37:ab:7b:19:2e:05:0a:b0:c4:23:3e:51: d6:a2:f9:fa:b3:16:b3:6b:b3:e9:26:18:63:55:dc: aa:0e:2f:d7:e2:ab:63:66:43:46:e6:f9:22:ed:bb: 80:58:63:25:e2:12:6e:94:2e:89:ff:05:4f:9a:9b: 0a:90:b2:19:b5:a1:90:1a:6b:22:0c:0a:69:1d:eb: 4b:6c:c5:c2:2a:3f:30:79:50:b9:80:07:37:91:67: 59:b7:fe:8a:7a:13:d6:12:88:3d:e9:14:99:a0:3f: 73:fd:5d:64:a3:fd:fb:a9:a2:f9:5e:14:e8:cf:26: 6b:82:08:94:90:4f:30:0c:9e:7e:00:15:07:6b:24: 50:eb:16:75:0c:00:79:03:2d:59:ea:f5:f2:e2:a6: 8d:4a:30:9c:07:8c:6a:14:b8:2a:01:ab:4f:86:02: 4a:7f:7f:ea:da:d7:7b:d3:48:95:69:2f:86:4c:14: 8b:10:88:19:60:88:92:dc:db:dc:9b:24:6f:65:5c: e9:df:a2:b6:db:37:dc:7a:15:9f:5e:20:f1:32:a1: ff:f9:c6:81:3a:f9:af:3b:47:d9:67:6b:6a:a6:21: 9e:b4:05:13:f6:2a:36:75:e5:73:01:75:b5:14:d1: b7:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C5:DF:3D:D7:DD:40:3E:B6:4E:51:51:C6:DE:E6:72:70:DD:D2:67:48 X509v3 Authority Key Identifier: keyid:BC:12:78:64:CD:43:04:85:50:ED:16:99:C5:84:B5:C1:4D:80:E0:98 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vBJ4ZM1DBIVQ7RaZxYS1wU2A4Jg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/8a3bb5-9d95-4953-9388-031f407b3263/1/xd89191APrZOUVHG3uZycN3SZ0g.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/8a3bb5-9d95-4953-9388-031f407b3263/1/vBJ4ZM1DBIVQ7RaZxYS1wU2A4Jg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 37.131.240.0/21 62.48.64.0/19 193.35.198.0/23 193.35.218.0/23 193.98.1.0/24 217.26.224.0/21 IPv6: 2a00:e68::/29 2a0b:2c0::/29 Signature Algorithm: sha256WithRSAEncryption 60:ea:1f:01:3c:e6:d2:0e:0e:e6:04:18:e2:a6:0e:1b:a7:cf: 05:4b:01:a1:86:69:35:42:67:8c:b4:3f:fb:94:b4:25:c3:f3: 47:ce:c0:98:82:6d:32:27:ef:69:52:c4:51:0a:5b:bc:67:1b: 13:bb:58:bb:63:3f:e0:6e:54:08:cf:ec:16:91:40:74:e3:6c: 04:18:6e:00:4d:8e:de:68:8d:e8:0c:d8:78:83:58:f4:6b:fe: 06:fe:66:f8:8d:f7:d6:c6:f7:48:72:af:41:95:3a:cf:6c:21: 28:2a:90:e9:f3:9f:81:9e:a4:53:2e:51:dc:31:44:41:63:a3: 99:03:34:5e:21:a7:3a:cb:1b:d3:c0:8a:9c:d8:30:fa:33:34: 4b:4e:9c:a3:3a:4b:ff:43:b7:10:33:3c:0f:b2:70:cc:84:0d: b1:03:07:ac:4e:60:34:0e:c5:d1:9b:55:33:fc:6a:3d:37:f9: 43:8d:df:2c:76:e5:ab:e4:35:fd:1a:48:10:d5:9d:83:97:88: 39:fa:9c:a5:7c:79:a8:de:39:a4:ca:cd:a4:e4:85:0d:21:0c: 9a:7c:fd:d9:3f:8a:59:60:4f:49:29:00:99:0e:86:09:7c:2a: 16:7c:a3:a2:58:d5:0b:19:75:d7:6a:42:ec:6f:d6:d7:85:64: b4:2c:e6:cc -----BEGIN CERTIFICATE----- MIIFMTCCBBmgAwIBAgISAZt8gNcMyTxybL7KL0eE2FEfMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGJjMTI3ODY0Y2Q0MzA0ODU1MGVkMTY5OWM1ODRiNWMxNGQ4 MGUwOTgwHhcNMjYwMTAyMDIxOTM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjNWRmM2RkN2RkNDAzZWI2NGU1MTUxYzZkZWU2NzI3MGRkZDI2NzQ4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6TqlXI0gL0fv7OsDNHW2Gw83q3sZ LgUKsMQjPlHWovn6sxaza7PpJhhjVdyqDi/X4qtjZkNG5vki7buAWGMl4hJulC6J /wVPmpsKkLIZtaGQGmsiDAppHetLbMXCKj8weVC5gAc3kWdZt/6KehPWEog96RSZ oD9z/V1ko/37qaL5XhTozyZrggiUkE8wDJ5+ABUHayRQ6xZ1DAB5Ay1Z6vXy4qaN SjCcB4xqFLgqAatPhgJKf3/q2td700iVaS+GTBSLEIgZYIiS3NvcmyRvZVzp36K2 2zfcehWfXiDxMqH/+caBOvmvO0fZZ2tqpiGetAUT9io2deVzAXW1FNG3WQIDAQAB o4ICPTCCAjkwHQYDVR0OBBYEFMXfPdfdQD62TlFRxt7mcnDd0mdIMB8GA1UdIwQY MBaAFLwSeGTNQwSFUO0WmcWEtcFNgOCYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdkJKNFpNMURCSVZRN1JhWnhZUzF3VTJBNEpnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC84YTNiYjUtOWQ5NS00OTUzLTkzODgt MDMxZjQwN2IzMjYzLzEveGQ4OTE5MUFQclpPVVZIRzN1WnljTjNTWjBnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mOC84YTNiYjUtOWQ5NS00OTUzLTkzODgtMDMxZjQwN2IzMjYz LzEvdkJKNFpNMURCSVZRN1JhWnhZUzF3VTJBNEpnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAqBAIAATAkAwQDJYPwAwQF PjBAAwQBwSPGAwQBwSPaAwQAwWIBAwQD2RrgMBQEAgACMA4DBQMqAA5oAwUDKgsC wDANBgkqhkiG9w0BAQsFAAOCAQEAYOofATzm0g4O5gQY4qYOG6fPBUsBoYZpNUJn jLQ/+5S0JcPzR87AmIJtMifvaVLEUQpbvGcbE7tYu2M/4G5UCM/sFpFAdONsBBhu AE2O3miN6AzYeINY9Gv+Bv5m+I331sb3SHKvQZU6z2whKCqQ6fOfgZ6kUy5R3DFE QWOjmQM0XiGnOssb08CKnNgw+jM0S06cozpL/0O3EDM8D7JwzIQNsQMHrE5gNA7F 0ZtVM/xqPTf5Q43fLHblq+Q1/RpIENWdg5eIOfqcpXx5qN45pMrNpOSFDSEMmnz9 2T+KWWBPSSkAmQ6GCXwqFnyjoljVCxl112pC7G/W14VktCzmzA== -----END CERTIFICATE-----Generated at Tue Jan 27 09:56:27 2026 by rpki-client