This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/c3a85d-9d0b-4562-9238-46ee0cd7fcba/1/XhbfkmgppgGaa0jwxEEK1QpmG_o.roa File: XhbfkmgppgGaa0jwxEEK1QpmG_o.roa (raw, json) Hash identifier: RblW9p63Q8/3oZMyKn6Kq61NaEzW9XB/T1oxdZPwAPk= Subject key identifier: 5E:16:DF:92:68:29:A6:01:9A:6B:48:F0:C4:41:0A:D5:0A:66:1B:FA Certificate issuer: /CN=4eca105ce4af6c21cd429e992d06ea7d06d8a56d Certificate serial: 019B7B365B3EE1B298985AE97466E4CBD3DB Authority key identifier: 4E:CA:10:5C:E4:AF:6C:21:CD:42:9E:99:2D:06:EA:7D:06:D8:A5:6D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TsoQXOSvbCHNQp6ZLQbqfQbYpW0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/c3a85d-9d0b-4562-9238-46ee0cd7fcba/1/XhbfkmgppgGaa0jwxEEK1QpmG_o.roa Signing time: Thu 01 Jan 2026 20:18:38 +0000 ROA not before: Thu 01 Jan 2026 20:18:38 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 50181 IP address blocks: 77.74.204.0/22 maxlen: 22 81.94.240.0/20 maxlen: 20 88.132.224.0/20 maxlen: 20 88.132.240.0/22 maxlen: 22 109.110.128.0/19 maxlen: 19 185.45.196.0/22 maxlen: 22 185.119.180.0/22 maxlen: 22 2a01:7d60::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/c3a85d-9d0b-4562-9238-46ee0cd7fcba/1/TsoQXOSvbCHNQp6ZLQbqfQbYpW0.crl rsync://rpki.ripe.net/repository/DEFAULT/2c/c3a85d-9d0b-4562-9238-46ee0cd7fcba/1/TsoQXOSvbCHNQp6ZLQbqfQbYpW0.mft rsync://rpki.ripe.net/repository/DEFAULT/TsoQXOSvbCHNQp6ZLQbqfQbYpW0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:36:5b:3e:e1:b2:98:98:5a:e9:74:66:e4:cb:d3:db Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4eca105ce4af6c21cd429e992d06ea7d06d8a56d Validity Not Before: Jan 1 20:18:38 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5e16df926829a6019a6b48f0c4410ad50a661bfa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:34:01:4a:14:89:39:82:c6:b0:d0:f2:10:ec: 7e:4a:1b:6e:19:e4:b5:53:df:58:dc:ad:3a:6d:b8: 88:5d:92:7f:48:46:77:f3:91:72:b5:11:f3:2d:07: 10:64:cf:40:94:96:9b:ac:a4:a8:13:d7:ae:74:dc: 25:d8:cd:44:2f:ab:39:24:28:aa:7b:0e:cb:04:eb: 2f:12:53:d4:dc:8f:50:9b:83:3a:c6:af:b2:43:21: 50:dc:f4:b5:97:a5:a6:a1:ed:79:7c:d7:69:2c:37: 69:57:61:e5:3f:a4:2e:a9:cf:c1:17:76:c2:bb:b3: 53:2b:9a:81:4e:eb:3a:26:0e:b7:59:9c:17:e4:63: cc:c4:12:75:d3:6a:c4:dd:5c:d0:63:fb:32:b3:b1: 70:d9:ea:99:f0:24:cb:f4:c7:12:87:93:1c:08:16: 69:b1:36:1b:36:00:18:f6:db:de:1e:c4:c3:49:5e: ef:a6:0d:29:2a:cc:00:50:b1:40:33:ab:99:03:25: 06:c0:c2:5a:2c:14:e0:a5:42:b9:80:5f:1a:05:75: 55:49:46:56:c0:b4:f8:b0:7c:27:6a:3b:d3:b3:e2: d5:8c:5c:c1:ce:47:37:29:5f:5c:74:18:a6:f5:7a: cb:3f:be:6c:2b:6a:86:2a:bd:29:bc:76:c8:64:3d: 48:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5E:16:DF:92:68:29:A6:01:9A:6B:48:F0:C4:41:0A:D5:0A:66:1B:FA X509v3 Authority Key Identifier: keyid:4E:CA:10:5C:E4:AF:6C:21:CD:42:9E:99:2D:06:EA:7D:06:D8:A5:6D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TsoQXOSvbCHNQp6ZLQbqfQbYpW0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/c3a85d-9d0b-4562-9238-46ee0cd7fcba/1/XhbfkmgppgGaa0jwxEEK1QpmG_o.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/c3a85d-9d0b-4562-9238-46ee0cd7fcba/1/TsoQXOSvbCHNQp6ZLQbqfQbYpW0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 77.74.204.0/22 81.94.240.0/20 88.132.224.0-88.132.243.255 109.110.128.0/19 185.45.196.0/22 185.119.180.0/22 IPv6: 2a01:7d60::/32 Signature Algorithm: sha256WithRSAEncryption be:44:9c:c3:30:f8:e8:aa:50:3b:06:41:a9:b5:97:47:58:84: f9:75:7f:50:66:f4:dc:48:34:e0:30:b8:32:5e:cb:6e:cd:e8: f1:ec:a5:97:30:fc:99:ef:f0:92:ab:79:a9:b3:9c:4c:79:a4: f9:cd:68:46:84:67:b5:7a:fa:a6:29:83:79:2f:d8:1f:d3:cf: c0:b4:3b:f3:ba:29:78:55:8f:e2:7f:0a:11:c5:1a:a1:85:fa: de:92:1b:99:3a:78:c0:5a:2f:27:e3:29:23:9e:29:5e:4d:79: 5e:1f:3a:d8:9d:b1:52:80:52:1f:6e:a9:0c:22:39:bd:f4:17: aa:5f:ec:db:62:3f:54:77:63:c9:b0:43:1b:d5:66:3c:19:95: 87:a5:fd:6a:00:7e:92:b4:f2:7f:7d:6f:84:22:5e:db:0b:59: c5:74:ba:7f:4c:50:d9:f4:d8:4b:13:70:60:cf:13:f9:4b:f8: 29:93:35:93:45:7f:b2:7a:00:e5:f1:79:9f:c8:e1:88:53:0b: 7f:53:09:10:35:02:65:73:25:7c:2d:73:06:c3:be:2a:f8:37: 71:f4:25:90:da:d9:c3:9c:b7:7d:7c:f4:b3:ca:2c:03:72:5c: f9:51:6c:fc:80:41:8d:33:08:52:29:55:ee:08:c3:22:6e:40: ad:66:21:4b -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgISAZt7Nls+4bKYmFrpdGbky9PbMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRlY2ExMDVjZTRhZjZjMjFjZDQyOWU5OTJkMDZlYTdkMDZk OGE1NmQwHhcNMjYwMTAxMjAxODM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1ZTE2ZGY5MjY4MjlhNjAxOWE2YjQ4ZjBjNDQxMGFkNTBhNjYxYmZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuDQBShSJOYLGsNDyEOx+ShtuGeS1 U99Y3K06bbiIXZJ/SEZ385FytRHzLQcQZM9AlJabrKSoE9eudNwl2M1EL6s5JCiq ew7LBOsvElPU3I9Qm4M6xq+yQyFQ3PS1l6Wmoe15fNdpLDdpV2HlP6Quqc/BF3bC u7NTK5qBTus6Jg63WZwX5GPMxBJ102rE3VzQY/sys7Fw2eqZ8CTL9McSh5McCBZp sTYbNgAY9tveHsTDSV7vpg0pKswAULFAM6uZAyUGwMJaLBTgpUK5gF8aBXVVSUZW wLT4sHwnajvTs+LVjFzBzkc3KV9cdBim9XrLP75sK2qGKr0pvHbIZD1IHQIDAQAB o4ICPjCCAjowHQYDVR0OBBYEFF4W35JoKaYBmmtI8MRBCtUKZhv6MB8GA1UdIwQY MBaAFE7KEFzkr2whzUKemS0G6n0G2KVtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVHNvUVhPU3ZiQ0hOUXA2WkxRYnFmUWJZcFcwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy9jM2E4NWQtOWQwYi00NTYyLTkyMzgt NDZlZTBjZDdmY2JhLzEvWGhiZmttZ3BwZ0dhYTBqd3hFRUsxUXBtR19vLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yYy9jM2E4NWQtOWQwYi00NTYyLTkyMzgtNDZlZTBjZDdmY2Jh LzEvVHNvUVhPU3ZiQ0hOUXA2WkxRYnFmUWJZcFcwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAyBAIAATAsAwQCTUrMAwQE UV7wMAwDBAVYhOADBAJYhPADBAVtboADBAK5LcQDBAK5d7QwDQQCAAIwBwMFACoB fWAwDQYJKoZIhvcNAQELBQADggEBAL5EnMMw+OiqUDsGQam1l0dYhPl1f1Bm9NxI NOAwuDJey27N6PHspZcw/Jnv8JKreamznEx5pPnNaEaEZ7V6+qYpg3kv2B/Tz8C0 O/O6KXhVj+J/ChHFGqGF+t6SG5k6eMBaLyfjKSOeKV5NeV4fOtidsVKAUh9uqQwi Ob30F6pf7NtiP1R3Y8mwQxvVZjwZlYel/WoAfpK08n99b4QiXtsLWcV0un9MUNn0 2EsTcGDPE/lL+CmTNZNFf7J6AOXxeZ/I4YhTC39TCRA1AmVzJXwtcwbDvir4N3H0 JZDa2cOct3189LPKLANyXPlRbPyAQY0zCFIpVe4IwyJuQK1mIUs= -----END CERTIFICATE-----Generated at Sun Jan 25 16:17:42 2026 by rpki-client