This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/XXhi20isibdvNhb-5HSj-57DsAA.roa File: XXhi20isibdvNhb-5HSj-57DsAA.roa (raw, json) Hash identifier: cA6dxz8x4mmPbQlfX41ha8opko53by73PfeDx73DKc4= Subject key identifier: 5D:78:62:DB:48:AC:89:B7:6F:36:16:FE:E4:74:A3:FB:9E:C3:B0:00 Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59 Certificate serial: 019B77594D70DC8F6F4A2C2F382BA83E39CA Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/XXhi20isibdvNhb-5HSj-57DsAA.roa Signing time: Thu 01 Jan 2026 02:18:19 +0000 ROA not before: Thu 01 Jan 2026 02:18:19 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 42123 IP address blocks: 89.41.136.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.mft rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:59:4d:70:dc:8f:6f:4a:2c:2f:38:2b:a8:3e:39:ca Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59 Validity Not Before: Jan 1 02:18:19 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5d7862db48ac89b76f3616fee474a3fb9ec3b000 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:45:2f:29:71:b7:ac:39:87:f2:07:63:9c:8f: 8f:6c:8d:b8:43:cc:22:f5:8a:36:98:fb:84:ac:b0: 72:73:66:2e:43:79:93:42:3e:7a:c7:cb:8e:6d:dc: bb:66:5d:c7:ec:2e:cc:40:5c:e1:1f:f2:bb:59:e1: 5b:67:29:22:a5:31:fe:1c:47:c4:8b:04:03:05:1e: 41:07:1a:16:75:5b:5c:b7:4b:29:eb:0e:65:55:8e: 80:ce:ec:d2:24:ff:92:ca:13:ed:06:b0:b8:72:0e: 16:a5:d6:45:a1:e1:2c:85:89:d1:ee:6c:4b:52:98: e5:69:53:b2:99:d1:14:5c:40:53:24:a4:5a:5d:a9: d5:84:a8:17:fc:44:b9:82:0b:fd:82:ae:68:8c:20: 71:b3:0d:0a:aa:a2:88:6f:75:51:f8:56:ff:0e:9e: 0f:d5:e9:54:87:84:74:82:72:fb:96:27:25:aa:79: fb:f4:a2:81:90:8b:46:d1:35:fe:65:9b:d4:f2:0a: 8f:fb:b9:9a:f9:e3:1f:2c:0c:fd:04:38:ee:4c:6f: 8c:7a:5b:12:32:df:27:b3:9a:53:16:86:1b:e3:a0: bf:b6:31:59:34:1a:b7:1d:1f:d1:56:ed:d8:ce:18: 37:0b:aa:ab:20:6b:ef:92:9d:1c:1f:6a:45:3a:40: ba:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:78:62:DB:48:AC:89:B7:6F:36:16:FE:E4:74:A3:FB:9E:C3:B0:00 X509v3 Authority Key Identifier: keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/XXhi20isibdvNhb-5HSj-57DsAA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 89.41.136.0/23 Signature Algorithm: sha256WithRSAEncryption 8f:a3:5c:8b:88:82:34:51:b9:ae:d8:36:b6:c4:b4:af:0a:46: 83:ae:ce:fe:a6:67:25:8c:b8:73:3d:c1:81:5e:f6:bd:27:ed: b8:07:83:a2:cc:17:a8:09:07:93:e8:93:83:17:81:9a:41:e9: b0:f0:9c:61:82:13:58:d2:6b:60:8b:73:95:5a:65:a2:db:5f: 66:26:dc:10:21:b8:75:56:2f:7e:c5:e0:ff:0f:0f:b6:4b:b2: 4c:42:6f:ba:31:06:31:64:ba:63:dc:c7:38:d5:ed:b3:6d:56: 12:cb:34:94:0f:65:a3:77:65:90:8d:44:44:2a:d1:67:6e:15: 91:52:f0:48:47:43:57:29:7a:13:ee:41:57:50:d4:c0:72:d1: f9:64:8d:02:aa:f1:9e:b8:df:fd:92:af:54:83:29:f0:c0:0a: 41:15:e0:ac:97:90:a3:cc:59:23:1c:4c:cd:6f:6b:70:1b:7a: 75:1d:fd:74:ae:9b:a7:a9:dd:4a:6b:91:4d:a4:bd:9d:df:8a: b1:b2:40:55:d5:29:d6:f4:97:2f:d8:8f:24:2b:c1:bc:fa:67: 6c:06:2b:ac:37:1e:88:5c:d5:0b:cf:51:e0:56:81:78:fc:54: 35:1f:96:ad:b7:9c:3a:a9:bd:39:b7:73:98:a8:03:87:4e:41: 66:7d:76:69 -----BEGIN CERTIFICATE----- MIIE/zCCA+egAwIBAgISAZt3WU1w3I9vSiwvOCuoPjnKMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGY4ZTYyNjM0ZTFiZDUxMzNhOWRlNDUxMmFlOThjYWQxYjIy MTliNTkwHhcNMjYwMTAxMDIxODE5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1ZDc4NjJkYjQ4YWM4OWI3NmYzNjE2ZmVlNDc0YTNmYjllYzNiMDAwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlkUvKXG3rDmH8gdjnI+PbI24Q8wi 9Yo2mPuErLByc2YuQ3mTQj56x8uObdy7Zl3H7C7MQFzhH/K7WeFbZykipTH+HEfE iwQDBR5BBxoWdVtct0sp6w5lVY6AzuzSJP+SyhPtBrC4cg4WpdZFoeEshYnR7mxL UpjlaVOymdEUXEBTJKRaXanVhKgX/ES5ggv9gq5ojCBxsw0KqqKIb3VR+Fb/Dp4P 1elUh4R0gnL7liclqnn79KKBkItG0TX+ZZvU8gqP+7ma+eMfLAz9BDjuTG+MelsS Mt8ns5pTFoYb46C/tjFZNBq3HR/RVu3Yzhg3C6qrIGvvkp0cH2pFOkC6pQIDAQAB o4ICCzCCAgcwHQYDVR0OBBYEFF14YttIrIm3bzYW/uR0o/uew7AAMB8GA1UdIwQY MBaAFPjmJjThvVEzqd5FEq6YytGyIZtZMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMS1PWW1OT0c5VVRPcDNrVVNycGpLMGJJaG0xay5jZXIw gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFl LTkyZTI1ZmUxNjMzMS8xL1hYaGkyMGlzaWJkdk5oYi01SFNqLTU3RHNBQS5yb2Ew gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0 b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFlLTkyZTI1ZmUxNjMz MS8xLzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY3JsMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFZKYgw DQYJKoZIhvcNAQELBQADggEBAI+jXIuIgjRRua7YNrbEtK8KRoOuzv6mZyWMuHM9 wYFe9r0n7bgHg6LMF6gJB5Pok4MXgZpB6bDwnGGCE1jSa2CLc5VaZaLbX2Ym3BAh uHVWL37F4P8PD7ZLskxCb7oxBjFkumPcxzjV7bNtVhLLNJQPZaN3ZZCNREQq0Wdu FZFS8EhHQ1cpehPuQVdQ1MBy0flkjQKq8Z643/2Sr1SDKfDACkEV4KyXkKPMWSMc TM1va3AbenUd/XSum6ep3UprkU2kvZ3firGyQFXVKdb0ly/YjyQrwbz6Z2wGK6w3 Hohc1QvPUeBWgXj8VDUflq23nDqpvTm3c5ioA4dOQWZ9dmk= -----END CERTIFICATE-----Generated at Sun Jan 25 17:35:57 2026 by rpki-client