This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/044402-c4d4-4259-93e2-7fbf5ee290ac/1/X7XF_Z41s1mEiSn68hr2N23_Z_M.roa File: X7XF_Z41s1mEiSn68hr2N23_Z_M.roa (raw, json) Hash identifier: zX/8WHiyiWYZSBhoo5FKkI77/U7PstQ4cdjNJSn1jls= Subject key identifier: 5F:B5:C5:FD:9E:35:B3:59:84:89:29:FA:F2:1A:F6:37:6D:FF:67:F3 Certificate issuer: /CN=b5b0a86659ec314f13a04e3a03dbdb1244a0e0a9 Certificate serial: 019B7DCACC355CEE84ED0F696E77EBB35F8A Authority key identifier: B5:B0:A8:66:59:EC:31:4F:13:A0:4E:3A:03:DB:DB:12:44:A0:E0:A9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tbCoZlnsMU8ToE46A9vbEkSg4Kk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/044402-c4d4-4259-93e2-7fbf5ee290ac/1/X7XF_Z41s1mEiSn68hr2N23_Z_M.roa Signing time: Fri 02 Jan 2026 08:20:01 +0000 ROA not before: Fri 02 Jan 2026 08:20:01 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 59268 IP address blocks: 91.206.144.0/24 maxlen: 24 91.223.161.0/24 maxlen: 24 193.28.159.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/044402-c4d4-4259-93e2-7fbf5ee290ac/1/tbCoZlnsMU8ToE46A9vbEkSg4Kk.crl rsync://rpki.ripe.net/repository/DEFAULT/4e/044402-c4d4-4259-93e2-7fbf5ee290ac/1/tbCoZlnsMU8ToE46A9vbEkSg4Kk.mft rsync://rpki.ripe.net/repository/DEFAULT/tbCoZlnsMU8ToE46A9vbEkSg4Kk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 05:00:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:ca:cc:35:5c:ee:84:ed:0f:69:6e:77:eb:b3:5f:8a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b5b0a86659ec314f13a04e3a03dbdb1244a0e0a9 Validity Not Before: Jan 2 08:20:01 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5fb5c5fd9e35b359848929faf21af6376dff67f3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:18:59:8b:36:e6:92:73:32:f3:37:d8:8d:3d: 3a:13:ff:8b:f4:6d:fa:6e:5d:7c:b8:81:25:49:d4: 55:52:52:bd:37:c0:a5:bf:f5:fe:24:9b:9c:2b:6d: 6b:f2:df:ba:d0:a9:0e:45:08:1b:d5:93:bd:c3:3b: f0:e4:54:bc:64:4f:4c:3e:cf:60:97:7e:e5:e6:82: 3f:65:19:f3:3a:b1:e4:5d:ad:80:fd:cb:6b:cc:68: 06:3d:c5:6d:e4:7d:6d:cf:04:b5:35:1a:b2:b7:fd: 04:6c:66:0c:4f:b5:9a:46:3a:fd:72:d9:9b:e9:81: 00:72:31:19:76:36:b3:71:2d:82:94:8e:4e:67:7f: 47:05:a7:dc:f3:99:7d:9f:55:c0:b0:df:22:13:cd: 40:d7:75:ab:33:af:ea:31:f0:1c:40:62:87:c3:e8: cb:ff:95:c4:6a:b4:eb:a4:17:14:9c:1d:75:23:00: 00:84:03:3f:25:c4:af:fb:31:75:db:1c:5c:06:40: 2e:de:c0:ee:8e:1b:42:35:cb:4b:f1:a7:f2:35:35: 66:43:66:6a:49:f5:e2:4f:09:12:0a:0e:e4:94:83: 68:1a:47:f3:79:cc:80:1b:cd:6b:db:79:ff:cb:cc: ff:a6:ee:f3:bc:73:13:19:f8:f0:91:3f:e7:be:20: f3:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5F:B5:C5:FD:9E:35:B3:59:84:89:29:FA:F2:1A:F6:37:6D:FF:67:F3 X509v3 Authority Key Identifier: keyid:B5:B0:A8:66:59:EC:31:4F:13:A0:4E:3A:03:DB:DB:12:44:A0:E0:A9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tbCoZlnsMU8ToE46A9vbEkSg4Kk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/044402-c4d4-4259-93e2-7fbf5ee290ac/1/X7XF_Z41s1mEiSn68hr2N23_Z_M.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/044402-c4d4-4259-93e2-7fbf5ee290ac/1/tbCoZlnsMU8ToE46A9vbEkSg4Kk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.206.144.0/24 91.223.161.0/24 193.28.159.0/24 Signature Algorithm: sha256WithRSAEncryption 1b:ba:9c:9f:f2:bc:a3:ac:d2:56:bb:a6:8d:85:8f:31:42:1b: 6c:7a:d1:dd:07:00:aa:5d:72:63:3a:56:e5:46:c7:61:ed:57: 93:dd:04:f2:33:b2:81:5a:2a:7c:80:98:b4:8b:39:a1:15:47: 89:4c:64:f1:72:4f:ef:ce:19:1b:f6:80:b3:a5:ed:d6:5f:c5: 8a:ae:ea:c8:3f:40:00:3c:0c:88:1c:97:3d:8d:cc:7b:ff:5d: ae:1f:f7:aa:bf:8b:e8:a8:33:9f:01:1c:1b:1e:49:07:48:ba: 74:33:97:9f:c0:5c:00:8e:bf:f1:d4:ba:4b:39:2c:9a:cb:63: de:f6:c9:bd:85:be:fe:75:dd:6c:bf:93:cc:19:0c:15:72:bc: 1d:0a:d2:e8:b8:38:ea:b4:2c:a3:d9:15:d4:73:1f:22:c5:24: 6a:15:e8:81:f3:3b:19:e6:72:6c:36:f3:b6:24:3e:e5:f1:c2: 32:46:67:8a:5f:c4:e6:d1:e9:64:1b:4b:ce:bc:70:66:a8:52: 8a:38:bf:70:6a:0e:29:81:c3:ad:2f:53:44:b2:06:fd:46:a2: d7:0b:ac:ec:0d:89:0d:b7:6e:cd:fe:e3:5b:55:08:f6:9d:a5: cd:97:0d:3a:53:dd:2b:e3:b9:d7:68:28:b4:d0:f8:17:43:47: d9:e6:11:50 -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt9ysw1XO6E7Q9pbnfrs1+KMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI1YjBhODY2NTllYzMxNGYxM2EwNGUzYTAzZGJkYjEyNDRh MGUwYTkwHhcNMjYwMTAyMDgyMDAxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1ZmI1YzVmZDllMzViMzU5ODQ4OTI5ZmFmMjFhZjYzNzZkZmY2N2YzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApBhZizbmknMy8zfYjT06E/+L9G36 bl18uIElSdRVUlK9N8Clv/X+JJucK21r8t+60KkORQgb1ZO9wzvw5FS8ZE9MPs9g l37l5oI/ZRnzOrHkXa2A/ctrzGgGPcVt5H1tzwS1NRqyt/0EbGYMT7WaRjr9ctmb 6YEAcjEZdjazcS2ClI5OZ39HBafc85l9n1XAsN8iE81A13WrM6/qMfAcQGKHw+jL /5XEarTrpBcUnB11IwAAhAM/JcSv+zF12xxcBkAu3sDujhtCNctL8afyNTVmQ2Zq SfXiTwkSCg7klINoGkfzecyAG81r23n/y8z/pu7zvHMTGfjwkT/nviDzswIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFF+1xf2eNbNZhIkp+vIa9jdt/2fzMB8GA1UdIwQY MBaAFLWwqGZZ7DFPE6BOOgPb2xJEoOCpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdGJDb1psbnNNVThUb0U0NkE5dmJFa1NnNEtrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS8wNDQ0MDItYzRkNC00MjU5LTkzZTIt N2ZiZjVlZTI5MGFjLzEvWDdYRl9aNDFzMW1FaVNuNjhocjJOMjNfWl9NLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80ZS8wNDQ0MDItYzRkNC00MjU5LTkzZTItN2ZiZjVlZTI5MGFj LzEvdGJDb1psbnNNVThUb0U0NkE5dmJFa1NnNEtrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW86QAwQA W9+hAwQAwRyfMA0GCSqGSIb3DQEBCwUAA4IBAQAbupyf8ryjrNJWu6aNhY8xQhts etHdBwCqXXJjOlblRsdh7VeT3QTyM7KBWip8gJi0izmhFUeJTGTxck/vzhkb9oCz pe3WX8WKrurIP0AAPAyIHJc9jcx7/12uH/eqv4voqDOfARwbHkkHSLp0M5efwFwA jr/x1LpLOSyay2Pe9sm9hb7+dd1sv5PMGQwVcrwdCtLouDjqtCyj2RXUcx8ixSRq FeiB8zsZ5nJsNvO2JD7l8cIyRmeKX8Tm0elkG0vOvHBmqFKKOL9wag4pgcOtL1NE sgb9RqLXC6zsDYkNt27N/uNbVQj2naXNlw06U90r47nXaCi00PgXQ0fZ5hFQ -----END CERTIFICATE-----Generated at Sun Jan 25 13:31:57 2026 by rpki-client