This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/d6c257-f501-4796-aa61-c31bde510085/1/XCgpufe1xQMcfai8PS3VJBq4C3c.roa File: XCgpufe1xQMcfai8PS3VJBq4C3c.roa (raw, json) Hash identifier: kttwBlaj0Ntk2aoWWCqg8inxVXoqEqZR4Bgjb7w8oCw= Subject key identifier: 5C:28:29:B9:F7:B5:C5:03:1C:7D:A8:BC:3D:2D:D5:24:1A:B8:0B:77 Certificate issuer: /CN=98c1d03b49504d34465dc40a3d0f9086cacfdb8e Certificate serial: 019BDD8382AD5B1EDF38744D5828886B5F16 Authority key identifier: 98:C1:D0:3B:49:50:4D:34:46:5D:C4:0A:3D:0F:90:86:CA:CF:DB:8E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mMHQO0lQTTRGXcQKPQ-QhsrP244.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/d6c257-f501-4796-aa61-c31bde510085/1/XCgpufe1xQMcfai8PS3VJBq4C3c.roa Signing time: Tue 20 Jan 2026 22:25:41 +0000 ROA not before: Tue 20 Jan 2026 22:25:41 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 56655 IP address blocks: 45.88.200.0/24 maxlen: 24 45.88.201.0/24 maxlen: 24 45.88.202.0/24 maxlen: 24 91.217.206.0/24 maxlen: 24 185.14.97.0/24 maxlen: 24 185.125.168.0/22 maxlen: 22 185.181.60.0/22 maxlen: 22 185.243.216.0/24 maxlen: 24 185.243.217.0/24 maxlen: 24 185.243.218.0/24 maxlen: 24 193.200.221.0/24 maxlen: 24 193.200.229.0/24 maxlen: 24 193.200.238.0/24 maxlen: 24 193.243.189.0/24 maxlen: 24 194.32.107.0/24 maxlen: 24 194.110.207.0/24 maxlen: 24 195.16.73.0/24 maxlen: 24 198.140.141.0/24 maxlen: 24 2a03:94e0::/32 maxlen: 32 2a03:94e1::/32 maxlen: 32 2a03:94e2::/32 maxlen: 32 2a03:94e3::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/d6c257-f501-4796-aa61-c31bde510085/1/mMHQO0lQTTRGXcQKPQ-QhsrP244.crl rsync://rpki.ripe.net/repository/DEFAULT/42/d6c257-f501-4796-aa61-c31bde510085/1/mMHQO0lQTTRGXcQKPQ-QhsrP244.mft rsync://rpki.ripe.net/repository/DEFAULT/mMHQO0lQTTRGXcQKPQ-QhsrP244.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:dd:83:82:ad:5b:1e:df:38:74:4d:58:28:88:6b:5f:16 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=98c1d03b49504d34465dc40a3d0f9086cacfdb8e Validity Not Before: Jan 20 22:25:41 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5c2829b9f7b5c5031c7da8bc3d2dd5241ab80b77 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:72:fa:a4:dd:a9:b5:17:5a:a8:78:72:b0:7c: f2:6f:f3:48:4c:42:9b:5d:4e:31:a4:47:1b:0f:fd: 35:0d:af:9a:6f:93:9c:43:cf:5d:37:75:d8:b7:21: a8:0b:96:5a:b9:c1:52:5f:ce:98:43:de:84:2b:03: 40:84:80:9c:bb:86:b6:e1:06:2d:61:d5:d7:10:90: a3:7b:29:0e:1e:0c:19:36:1e:a8:be:aa:7f:04:c5: c3:96:fe:74:d3:d3:b4:69:b9:25:a3:33:62:ba:5e: 52:83:24:88:08:60:46:ac:50:40:40:cd:2f:e6:07: 8e:ed:ea:09:cf:d3:fd:67:38:06:3d:99:77:66:d5: 7f:8a:fb:bd:e4:02:c3:81:f2:10:35:e3:cf:4f:3c: 6d:1f:e7:86:13:44:95:e4:56:d9:0b:2b:e4:53:a0: 53:5f:92:0b:fe:83:50:43:75:1a:4d:99:e8:e8:1c: fd:f9:d0:19:b5:dc:f5:d0:e3:4f:f1:ec:c9:a3:15: 03:60:0d:26:b8:df:d5:13:da:e4:f8:71:e6:f9:e2: 58:22:60:cb:27:4e:38:af:c5:8b:76:79:d0:17:5c: 5f:e7:cd:77:a0:d2:d8:05:cd:e9:7c:70:23:ec:fd: b7:e9:01:b4:b5:3e:58:a1:7d:c3:68:b7:20:ba:6e: e4:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5C:28:29:B9:F7:B5:C5:03:1C:7D:A8:BC:3D:2D:D5:24:1A:B8:0B:77 X509v3 Authority Key Identifier: keyid:98:C1:D0:3B:49:50:4D:34:46:5D:C4:0A:3D:0F:90:86:CA:CF:DB:8E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mMHQO0lQTTRGXcQKPQ-QhsrP244.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/d6c257-f501-4796-aa61-c31bde510085/1/XCgpufe1xQMcfai8PS3VJBq4C3c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/42/d6c257-f501-4796-aa61-c31bde510085/1/mMHQO0lQTTRGXcQKPQ-QhsrP244.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.88.200.0-45.88.202.255 91.217.206.0/24 185.14.97.0/24 185.125.168.0/22 185.181.60.0/22 185.243.216.0-185.243.218.255 193.200.221.0/24 193.200.229.0/24 193.200.238.0/24 193.243.189.0/24 194.32.107.0/24 194.110.207.0/24 195.16.73.0/24 198.140.141.0/24 IPv6: 2a03:94e0::/30 Signature Algorithm: sha256WithRSAEncryption 9e:3c:74:a5:85:17:de:e4:d8:cc:f6:f9:5f:4d:3a:48:5d:f0: 98:09:ee:51:70:33:2a:d6:e9:23:e7:d5:15:10:b5:c8:eb:b5: 43:59:de:20:0e:d2:fa:5d:51:69:57:9b:2e:a3:4c:81:3a:08: 9b:62:8a:8b:6e:44:f4:85:d7:e4:21:3e:c4:aa:18:15:65:bf: a4:ab:c1:91:96:53:dc:f9:8c:7a:7c:56:e9:ca:51:bc:e4:28: fe:6a:b4:18:e2:25:6d:31:4e:2f:0e:82:36:43:ee:ad:63:29: ad:8f:2d:0d:9e:14:45:35:fa:97:ff:a5:80:90:7c:de:48:e0: ed:f8:df:0f:d2:8d:ed:83:4c:09:0f:f5:c9:37:de:18:9a:92: ca:eb:f9:1a:ea:dc:01:91:f2:1d:ae:93:82:38:87:97:6d:dd: 69:f8:a5:d2:b7:b4:eb:b9:3f:ce:ee:85:89:28:61:b9:17:4a: 9d:ea:fc:ae:73:41:1d:14:d3:b4:e0:31:59:24:61:b9:b5:8d: a0:83:77:cb:53:01:ee:bb:a8:e2:91:34:cf:0d:c6:e5:31:2e: 53:6f:4c:59:d1:39:2a:22:f3:f0:21:1a:1f:e3:ed:83:09:09: 7b:cb:83:56:19:c5:56:50:6d:81:c7:61:4c:02:32:88:b6:54: fe:19:77:21 -----BEGIN CERTIFICATE----- MIIFazCCBFOgAwIBAgISAZvdg4KtWx7fOHRNWCiIa18WMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk4YzFkMDNiNDk1MDRkMzQ0NjVkYzQwYTNkMGY5MDg2Y2Fj ZmRiOGUwHhcNMjYwMTIwMjIyNTQxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1YzI4MjliOWY3YjVjNTAzMWM3ZGE4YmMzZDJkZDUyNDFhYjgwYjc3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq3L6pN2ptRdaqHhysHzyb/NITEKb XU4xpEcbD/01Da+ab5OcQ89dN3XYtyGoC5ZaucFSX86YQ96EKwNAhICcu4a24QYt YdXXEJCjeykOHgwZNh6ovqp/BMXDlv5009O0abklozNiul5SgySICGBGrFBAQM0v 5geO7eoJz9P9ZzgGPZl3ZtV/ivu95ALDgfIQNePPTzxtH+eGE0SV5FbZCyvkU6BT X5IL/oNQQ3UaTZno6Bz9+dAZtdz10ONP8ezJoxUDYA0muN/VE9rk+HHm+eJYImDL J044r8WLdnnQF1xf5813oNLYBc3pfHAj7P236QG0tT5YoX3DaLcgum7kYwIDAQAB o4ICdzCCAnMwHQYDVR0OBBYEFFwoKbn3tcUDHH2ovD0t1SQauAt3MB8GA1UdIwQY MBaAFJjB0DtJUE00Rl3ECj0PkIbKz9uOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbU1IUU8wbFFUVFJHWGNRS1BRLVFoc3JQMjQ0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9kNmMyNTctZjUwMS00Nzk2LWFhNjEt YzMxYmRlNTEwMDg1LzEvWENncHVmZTF4UU1jZmFpOFBTM1ZKQnE0QzNjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Mi9kNmMyNTctZjUwMS00Nzk2LWFhNjEtYzMxYmRlNTEwMDg1 LzEvbU1IUU8wbFFUVFJHWGNRS1BRLVFoc3JQMjQ0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIGMBggrBgEFBQcBBwEB/wR9MHswagQCAAEwZDAMAwQDLVjI AwQALVjKAwQAW9nOAwQAuQ5hAwQCuX2oAwQCubU8MAwDBAO589gDBAC589oDBADB yN0DBADByOUDBADByO4DBADB870DBADCIGsDBADCbs8DBADDEEkDBADGjI0wDQQC AAIwBwMFAioDlOAwDQYJKoZIhvcNAQELBQADggEBAJ48dKWFF97k2Mz2+V9NOkhd 8JgJ7lFwMyrW6SPn1RUQtcjrtUNZ3iAO0vpdUWlXmy6jTIE6CJtiiotuRPSF1+Qh PsSqGBVlv6SrwZGWU9z5jHp8VunKUbzkKP5qtBjiJW0xTi8OgjZD7q1jKa2PLQ2e FEU1+pf/pYCQfN5I4O343w/Sje2DTAkP9ck33hiaksrr+Rrq3AGR8h2uk4I4h5dt 3Wn4pdK3tOu5P87uhYkoYbkXSp3q/K5zQR0U07TgMVkkYbm1jaCDd8tTAe67qOKR NM8NxuUxLlNvTFnROSoi8/AhGh/j7YMJCXvLg1YZxVZQbYHHYUwCMoi2VP4ZdyE= -----END CERTIFICATE-----Generated at Sun Jan 25 14:40:01 2026 by rpki-client