This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/d3c1d5-e923-4831-804c-c7586282fe13/1/xqMEiaPGgAlIQo3TzS_5VB2M2OQ.roa File: xqMEiaPGgAlIQo3TzS_5VB2M2OQ.roa (raw, json) Hash identifier: Y2eUYtTDjf9bWENJZhOD8HXOBzywjtXZMecCETD0P0M= Subject key identifier: C6:A3:04:89:A3:C6:80:09:48:42:8D:D3:CD:2F:F9:54:1D:8C:D8:E4 Certificate issuer: /CN=b4d8b27aaa55e51a345f6a4519e367955046c30a Certificate serial: 019B7A5AD22DF08393980F03297055B226BD Authority key identifier: B4:D8:B2:7A:AA:55:E5:1A:34:5F:6A:45:19:E3:67:95:50:46:C3:0A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tNiyeqpV5Ro0X2pFGeNnlVBGwwo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/d3c1d5-e923-4831-804c-c7586282fe13/1/xqMEiaPGgAlIQo3TzS_5VB2M2OQ.roa Signing time: Thu 01 Jan 2026 16:18:50 +0000 ROA not before: Thu 01 Jan 2026 16:18:50 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 200729 IP address blocks: 5.191.240.0/20 maxlen: 24 185.96.124.0/24 maxlen: 24 185.96.125.0/24 maxlen: 24 185.96.126.0/24 maxlen: 24 185.96.127.0/24 maxlen: 24 185.143.196.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ff/d3c1d5-e923-4831-804c-c7586282fe13/1/tNiyeqpV5Ro0X2pFGeNnlVBGwwo.crl rsync://rpki.ripe.net/repository/DEFAULT/ff/d3c1d5-e923-4831-804c-c7586282fe13/1/tNiyeqpV5Ro0X2pFGeNnlVBGwwo.mft rsync://rpki.ripe.net/repository/DEFAULT/tNiyeqpV5Ro0X2pFGeNnlVBGwwo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5a:d2:2d:f0:83:93:98:0f:03:29:70:55:b2:26:bd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b4d8b27aaa55e51a345f6a4519e367955046c30a Validity Not Before: Jan 1 16:18:50 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=c6a30489a3c6800948428dd3cd2ff9541d8cd8e4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:93:d0:c8:53:9a:dd:6a:f1:9f:0f:44:aa:22:e5: 5c:3e:c1:0e:6e:dc:6f:6f:a8:f8:69:9c:37:33:ea: ad:27:8c:db:d5:7b:dd:a3:94:fc:7b:b7:b9:e9:18: d2:6d:a2:12:61:44:eb:5c:10:67:eb:54:f9:e9:e9: ed:8f:33:6f:a2:80:b8:37:ec:06:34:f1:51:9d:fd: 9d:54:ba:8b:86:51:ee:52:3e:e2:37:f9:43:68:15: f7:07:56:15:20:80:f2:de:ec:47:bc:50:0a:f2:2f: 59:d3:f5:3b:ae:d9:98:09:75:47:46:c2:6a:33:e0: fd:51:99:7b:1c:86:65:32:90:36:d1:e7:65:d2:93: 05:7c:53:fa:7a:c6:c5:ee:c9:f6:f1:f3:49:4b:ad: 99:31:b0:d5:79:b5:7c:80:70:57:3b:36:b1:d4:d8: 19:59:c4:1f:2e:c9:07:c1:8d:c2:a8:72:e0:80:27: 2c:32:32:fb:b9:d6:04:d9:0e:c4:f8:dc:97:32:78: 2c:e6:e8:f3:63:88:54:6a:a0:6a:3f:e3:00:f0:e8: 68:d1:57:bb:a2:6e:55:ec:14:4f:75:47:4c:81:ef: 40:b0:c4:93:5d:70:5a:93:af:6e:c7:85:6e:19:ed: 33:43:87:0d:1b:ae:32:e0:89:b8:ed:9a:9d:a7:4d: 0d:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C6:A3:04:89:A3:C6:80:09:48:42:8D:D3:CD:2F:F9:54:1D:8C:D8:E4 X509v3 Authority Key Identifier: keyid:B4:D8:B2:7A:AA:55:E5:1A:34:5F:6A:45:19:E3:67:95:50:46:C3:0A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tNiyeqpV5Ro0X2pFGeNnlVBGwwo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/d3c1d5-e923-4831-804c-c7586282fe13/1/xqMEiaPGgAlIQo3TzS_5VB2M2OQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/d3c1d5-e923-4831-804c-c7586282fe13/1/tNiyeqpV5Ro0X2pFGeNnlVBGwwo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.191.240.0/20 185.96.124.0/22 185.143.196.0/22 Signature Algorithm: sha256WithRSAEncryption 62:bb:d4:45:e5:91:e7:f6:41:b3:b9:5f:d0:c1:e2:e0:14:03: d3:97:d0:26:80:d7:aa:f2:ca:d9:c6:80:a0:a2:d2:c7:d7:07: a3:cf:fe:f3:49:c8:1d:2c:04:9b:8e:c7:48:bb:81:06:c8:1f: 10:da:f9:f8:c0:58:b2:a2:bd:20:c9:81:27:73:7c:0e:3e:54: 5a:79:69:82:5b:d3:d8:fb:2d:7c:bf:85:31:11:51:63:b2:45: f4:b6:77:ff:ba:aa:f5:ae:a4:86:f9:b6:47:23:62:cd:05:4a: 47:3e:89:71:43:09:5a:95:21:06:1f:ad:45:68:6e:58:ab:eb: 64:2c:dc:ef:1e:b8:cd:8d:a9:45:d1:7f:1c:c6:b1:0b:b4:b6: 41:c9:0e:a0:7a:73:e4:ba:be:e8:28:f9:5c:97:1c:bf:ca:bb: 71:d4:70:76:9d:79:67:ce:61:c0:6a:ab:81:f7:af:06:12:7c: 43:51:6c:20:30:86:7d:7c:ae:bc:db:59:16:f8:9f:7b:bf:cc: 41:dd:4c:ce:e9:d3:e9:92:19:0c:44:0a:4b:94:0a:a2:83:ca: d7:e9:ba:f6:aa:d4:e8:fd:b0:37:4c:0a:a2:c1:05:b2:60:5b: 19:d4:98:a1:db:7f:8f:16:28:82:f4:97:28:29:48:13:ae:a0: 41:d1:82:d2 -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt6WtIt8IOTmA8DKXBVsia9MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI0ZDhiMjdhYWE1NWU1MWEzNDVmNmE0NTE5ZTM2Nzk1NTA0 NmMzMGEwHhcNMjYwMTAxMTYxODUwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjNmEzMDQ4OWEzYzY4MDA5NDg0MjhkZDNjZDJmZjk1NDFkOGNkOGU0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk9DIU5rdavGfD0SqIuVcPsEObtxv b6j4aZw3M+qtJ4zb1Xvdo5T8e7e56RjSbaISYUTrXBBn61T56entjzNvooC4N+wG NPFRnf2dVLqLhlHuUj7iN/lDaBX3B1YVIIDy3uxHvFAK8i9Z0/U7rtmYCXVHRsJq M+D9UZl7HIZlMpA20edl0pMFfFP6esbF7sn28fNJS62ZMbDVebV8gHBXOzax1NgZ WcQfLskHwY3CqHLggCcsMjL7udYE2Q7E+NyXMngs5ujzY4hUaqBqP+MA8Oho0Ve7 om5V7BRPdUdMge9AsMSTXXBak69ux4VuGe0zQ4cNG64y4Im47Zqdp00NfwIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFMajBImjxoAJSEKN080v+VQdjNjkMB8GA1UdIwQY MBaAFLTYsnqqVeUaNF9qRRnjZ5VQRsMKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdE5peWVxcFY1Um8wWDJwRkdlTm5sVkJHd3dvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9kM2MxZDUtZTkyMy00ODMxLTgwNGMt Yzc1ODYyODJmZTEzLzEveHFNRWlhUEdnQWxJUW8zVHpTXzVWQjJNMk9RLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mZi9kM2MxZDUtZTkyMy00ODMxLTgwNGMtYzc1ODYyODJmZTEz LzEvdE5peWVxcFY1Um8wWDJwRkdlTm5sVkJHd3dvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQEBb/wAwQC uWB8AwQCuY/EMA0GCSqGSIb3DQEBCwUAA4IBAQBiu9RF5ZHn9kGzuV/QweLgFAPT l9AmgNeq8srZxoCgotLH1wejz/7zScgdLASbjsdIu4EGyB8Q2vn4wFiyor0gyYEn c3wOPlRaeWmCW9PY+y18v4UxEVFjskX0tnf/uqr1rqSG+bZHI2LNBUpHPolxQwla lSEGH61FaG5Yq+tkLNzvHrjNjalF0X8cxrELtLZByQ6genPkur7oKPlclxy/yrtx 1HB2nXlnzmHAaquB968GEnxDUWwgMIZ9fK6821kW+J97v8xB3UzO6dPpkhkMRApL lAqig8rX6br2qtTo/bA3TAqiwQWyYFsZ1Jih23+PFiiC9JcoKUgTrqBB0YLS -----END CERTIFICATE-----Generated at Mon Feb 9 23:41:33 2026 by rpki-client