This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/c65587-f3ec-43ce-ab76-f1d349823504/1/Xs9gaqFFXZ7GrvsrGgY-yuwbYTE.roa File: Xs9gaqFFXZ7GrvsrGgY-yuwbYTE.roa (raw, json) Hash identifier: DTk6BwHVpjtDOIubeFVH1qzIK/Hrx5OrTlZrFAVfucM= Subject key identifier: 5E:CF:60:6A:A1:45:5D:9E:C6:AE:FB:2B:1A:06:3E:CA:EC:1B:61:31 Certificate issuer: /CN=7934f7ee5d04a026223c3aa31912bf610d00db7b Certificate serial: 019B7DCB530D6BE9242533EF782ECA65E43B Authority key identifier: 79:34:F7:EE:5D:04:A0:26:22:3C:3A:A3:19:12:BF:61:0D:00:DB:7B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eTT37l0EoCYiPDqjGRK_YQ0A23s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/c65587-f3ec-43ce-ab76-f1d349823504/1/Xs9gaqFFXZ7GrvsrGgY-yuwbYTE.roa Signing time: Fri 02 Jan 2026 08:20:35 +0000 ROA not before: Fri 02 Jan 2026 08:20:35 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 48152 IP address blocks: 194.88.0.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/32/c65587-f3ec-43ce-ab76-f1d349823504/1/eTT37l0EoCYiPDqjGRK_YQ0A23s.crl rsync://rpki.ripe.net/repository/DEFAULT/32/c65587-f3ec-43ce-ab76-f1d349823504/1/eTT37l0EoCYiPDqjGRK_YQ0A23s.mft rsync://rpki.ripe.net/repository/DEFAULT/eTT37l0EoCYiPDqjGRK_YQ0A23s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 08:00:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:cb:53:0d:6b:e9:24:25:33:ef:78:2e:ca:65:e4:3b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7934f7ee5d04a026223c3aa31912bf610d00db7b Validity Not Before: Jan 2 08:20:35 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5ecf606aa1455d9ec6aefb2b1a063ecaec1b6131 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:6b:ee:e6:0a:06:0d:c6:cf:e5:e8:43:3d:88: e0:90:37:0f:39:92:ed:24:d8:5b:d8:10:e2:a3:de: 7d:2b:18:20:9b:d5:65:c0:a3:23:d7:b8:b9:9c:f2: 51:b4:91:ef:69:e9:b9:fd:d5:08:eb:c0:01:69:1e: 59:e0:51:e3:0e:90:c8:5d:50:8f:0e:e9:3a:cb:b5: 46:cc:bb:82:d4:9c:04:72:c1:b7:1d:8d:2a:19:57: 80:ce:70:ac:4d:35:b1:33:9a:4a:33:ee:29:d0:4d: 43:08:4d:a1:f1:80:b2:81:7f:53:d3:1e:c4:ac:4c: b7:8d:a5:61:19:4a:79:71:b5:7c:5c:35:2b:fc:1c: 43:f9:6b:31:ec:4c:9a:9d:a8:d6:a8:75:4d:a3:d6: 60:1d:e6:2a:0e:3b:38:62:3e:d6:2d:b1:6c:4a:70: 60:00:49:f4:a8:c5:81:4c:08:33:fb:0d:7f:43:05: 9c:6f:c3:b1:a9:00:a4:89:e2:70:9b:42:37:20:e5: 8f:5a:59:22:d3:7e:31:62:0f:ab:4b:a8:37:58:b6: 04:41:a6:3f:d4:0d:b3:b2:aa:17:b7:68:b6:ef:49: 97:83:f6:d8:fb:6b:b6:19:f3:83:b6:51:14:2a:c4: 26:6b:97:21:a6:88:94:26:d0:dc:dd:5a:7f:59:de: cc:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5E:CF:60:6A:A1:45:5D:9E:C6:AE:FB:2B:1A:06:3E:CA:EC:1B:61:31 X509v3 Authority Key Identifier: keyid:79:34:F7:EE:5D:04:A0:26:22:3C:3A:A3:19:12:BF:61:0D:00:DB:7B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eTT37l0EoCYiPDqjGRK_YQ0A23s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/c65587-f3ec-43ce-ab76-f1d349823504/1/Xs9gaqFFXZ7GrvsrGgY-yuwbYTE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/32/c65587-f3ec-43ce-ab76-f1d349823504/1/eTT37l0EoCYiPDqjGRK_YQ0A23s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 194.88.0.0/24 Signature Algorithm: sha256WithRSAEncryption 0a:5b:c9:0a:2b:b4:e8:28:12:b3:90:1a:f1:76:bf:5e:0a:e5: 40:2a:31:2d:b4:38:a7:a0:40:2b:21:9b:af:1f:78:83:c0:ca: 45:d8:37:ac:88:a7:f8:f9:f3:07:88:8e:75:da:03:3f:27:5f: bb:e1:d4:a2:cc:a2:f9:8d:4c:d5:4a:2b:b1:6c:83:dd:b2:ae: 31:d4:31:40:9c:cc:7f:4f:5d:e2:ba:8e:39:4c:97:b7:e0:64: a7:e5:8e:6e:43:6e:a3:82:c8:8f:c8:3d:97:23:12:27:d4:9f: 50:1b:6e:b9:48:93:e5:de:f3:a6:6b:e0:b4:2f:49:61:f0:62: 99:ef:51:65:b2:04:5a:99:28:da:fd:77:42:01:02:ce:29:f6: 03:50:0a:26:84:88:1e:0a:86:a6:b6:ba:cf:c8:4f:97:50:b2: d5:d2:a0:bc:45:8f:81:ee:cf:26:62:e8:2d:0a:80:be:52:7a: 14:ae:a7:b4:81:91:53:8b:ed:8d:bf:26:67:14:0f:b2:df:5f: e2:1d:9d:29:93:6c:4e:2e:0b:a5:29:61:4c:d1:09:84:7f:73: 72:8e:d6:fe:3a:9f:7b:ff:7b:06:fd:aa:00:1c:27:5b:73:80: 38:fb:3d:fe:2d:4e:72:ba:c7:ed:96:ed:20:18:15:74:4a:5d: 7a:9c:8a:fc -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt9y1MNa+kkJTPveC7KZeQ7MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc5MzRmN2VlNWQwNGEwMjYyMjNjM2FhMzE5MTJiZjYxMGQw MGRiN2IwHhcNMjYwMTAyMDgyMDM1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1ZWNmNjA2YWExNDU1ZDllYzZhZWZiMmIxYTA2M2VjYWVjMWI2MTMxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlmvu5goGDcbP5ehDPYjgkDcPOZLt JNhb2BDio959Kxggm9VlwKMj17i5nPJRtJHvaem5/dUI68ABaR5Z4FHjDpDIXVCP Duk6y7VGzLuC1JwEcsG3HY0qGVeAznCsTTWxM5pKM+4p0E1DCE2h8YCygX9T0x7E rEy3jaVhGUp5cbV8XDUr/BxD+Wsx7EyanajWqHVNo9ZgHeYqDjs4Yj7WLbFsSnBg AEn0qMWBTAgz+w1/QwWcb8OxqQCkieJwm0I3IOWPWlki034xYg+rS6g3WLYEQaY/ 1A2zsqoXt2i270mXg/bY+2u2GfODtlEUKsQma5chpoiUJtDc3Vp/Wd7M5wIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFF7PYGqhRV2exq77KxoGPsrsG2ExMB8GA1UdIwQY MBaAFHk09+5dBKAmIjw6oxkSv2ENANt7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZVRUMzdsMEVvQ1lpUERxakdSS19ZUTBBMjNzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi9jNjU1ODctZjNlYy00M2NlLWFiNzYt ZjFkMzQ5ODIzNTA0LzEvWHM5Z2FxRkZYWjdHcnZzckdnWS15dXdiWVRFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zMi9jNjU1ODctZjNlYy00M2NlLWFiNzYtZjFkMzQ5ODIzNTA0 LzEvZVRUMzdsMEVvQ1lpUERxakdSS19ZUTBBMjNzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwlgAMA0G CSqGSIb3DQEBCwUAA4IBAQAKW8kKK7ToKBKzkBrxdr9eCuVAKjEttDinoEArIZuv H3iDwMpF2DesiKf4+fMHiI512gM/J1+74dSizKL5jUzVSiuxbIPdsq4x1DFAnMx/ T13iuo45TJe34GSn5Y5uQ26jgsiPyD2XIxIn1J9QG265SJPl3vOma+C0L0lh8GKZ 71FlsgRamSja/XdCAQLOKfYDUAomhIgeCoamtrrPyE+XULLV0qC8RY+B7s8mYugt CoC+UnoUrqe0gZFTi+2NvyZnFA+y31/iHZ0pk2xOLgulKWFM0QmEf3Nyjtb+Op97 /3sG/aoAHCdbc4A4+z3+LU5yusftlu0gGBV0Sl16nIr8 -----END CERTIFICATE-----Generated at Mon Jan 26 15:02:36 2026 by rpki-client