This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/XAZ6WKQwSbWuMdg-slN8CRUbp5I.roa File: XAZ6WKQwSbWuMdg-slN8CRUbp5I.roa (raw, json) Hash identifier: B/BbMvrnmz3NQFSpm/6UYMAwSqXPT+vl+n1zXtv+BHo= Subject key identifier: 5C:06:7A:58:A4:30:49:B5:AE:31:D8:3E:B2:53:7C:09:15:1B:A7:92 Certificate issuer: /CN=a7fd3f89335dcf828666b28fad8ae993bd448878 Certificate serial: 019B7F153B1E4C3BA6EB5E696829BA0447D4 Authority key identifier: A7:FD:3F:89:33:5D:CF:82:86:66:B2:8F:AD:8A:E9:93:BD:44:88:78 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p_0_iTNdz4KGZrKPrYrpk71EiHg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/XAZ6WKQwSbWuMdg-slN8CRUbp5I.roa Signing time: Fri 02 Jan 2026 14:20:56 +0000 ROA not before: Fri 02 Jan 2026 14:20:56 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 57967 IP address blocks: 91.237.90.0/24 maxlen: 24 2001:67c:2794::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/p_0_iTNdz4KGZrKPrYrpk71EiHg.crl rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/p_0_iTNdz4KGZrKPrYrpk71EiHg.mft rsync://rpki.ripe.net/repository/DEFAULT/p_0_iTNdz4KGZrKPrYrpk71EiHg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 11:01:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:15:3b:1e:4c:3b:a6:eb:5e:69:68:29:ba:04:47:d4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a7fd3f89335dcf828666b28fad8ae993bd448878 Validity Not Before: Jan 2 14:20:56 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5c067a58a43049b5ae31d83eb2537c09151ba792 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:94:9d:9b:70:7f:ff:af:1f:66:7b:b1:f9:28:96: 02:4c:50:83:fa:af:e4:d2:13:68:00:05:ef:09:db: 12:d2:e2:6d:f4:b5:b2:69:26:25:a3:ff:d0:8d:3f: 44:34:56:87:d8:97:27:01:63:8e:dc:2a:70:d1:6a: 9d:77:3e:73:c1:56:70:b5:70:42:57:04:68:f3:c5: aa:a8:e4:1d:f7:b8:48:c1:b1:6d:e4:54:7e:6d:9d: 83:c7:4e:82:54:54:a9:ec:fe:0c:9d:bc:bb:26:36: 52:f3:a3:4f:72:84:fd:f0:d7:db:c7:c7:f1:ef:50: 4a:c5:b0:b9:62:67:ac:3c:57:96:b7:9f:41:da:b0: 7b:8b:c1:70:01:fe:e1:cf:a7:99:45:14:07:02:c3: 36:d4:e1:16:b2:7c:f3:5f:59:12:c9:ae:9a:ff:7e: 37:7b:ef:79:7e:07:f5:f3:ab:5d:54:a2:49:6a:a4: 2e:21:a3:94:97:d1:95:ce:57:5a:18:3c:2d:54:01: 25:79:18:ad:95:75:08:2b:f9:d1:f1:42:e7:98:f8: cb:51:b0:b0:45:96:c7:24:a7:e1:66:6d:6f:1c:19: ff:72:98:3b:80:ed:9c:b8:6f:b1:9e:e9:18:a2:f4: 9c:a8:b6:74:c5:30:94:00:79:16:96:01:5e:c4:e8: c3:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5C:06:7A:58:A4:30:49:B5:AE:31:D8:3E:B2:53:7C:09:15:1B:A7:92 X509v3 Authority Key Identifier: keyid:A7:FD:3F:89:33:5D:CF:82:86:66:B2:8F:AD:8A:E9:93:BD:44:88:78 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p_0_iTNdz4KGZrKPrYrpk71EiHg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/XAZ6WKQwSbWuMdg-slN8CRUbp5I.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/p_0_iTNdz4KGZrKPrYrpk71EiHg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.237.90.0/24 IPv6: 2001:67c:2794::/48 Signature Algorithm: sha256WithRSAEncryption 78:31:9b:7f:52:5f:42:19:04:cf:e8:09:bc:e7:a7:65:ad:f3: 09:57:bb:6b:77:e9:0f:e7:68:1a:f7:ce:0a:2b:09:c7:b4:d7: a3:fc:f2:60:b0:10:c5:11:7f:fb:75:8f:9b:8b:b3:b8:48:d0: c4:63:5d:d0:02:aa:bd:99:ee:22:1f:55:dc:1a:dd:46:77:8e: 8b:83:cd:af:66:0e:4d:ff:6d:b2:0d:30:6e:c4:65:f2:59:ca: 36:bf:59:d0:71:42:91:96:69:c8:a3:5d:3a:5f:48:a5:aa:aa: 66:0d:f5:79:73:91:94:30:4f:fb:db:8c:9b:6a:a9:3b:3b:26: a1:29:50:3c:ba:51:fa:cb:71:81:ca:8c:d6:88:9d:f8:e9:e1: 55:c3:1c:9f:6f:56:e0:28:8e:e3:30:5e:33:aa:bd:19:16:f8: bf:de:60:ea:87:04:8d:2e:43:91:52:3c:6d:97:3b:b2:70:83: b2:41:cc:af:8c:fa:d6:60:d5:e1:0c:5a:0c:04:f2:c6:5f:9d: 4a:44:4e:81:62:e8:4d:e4:5a:cb:36:9e:71:14:32:5f:2b:fe: 15:ca:4e:12:97:89:ef:dc:8c:17:d0:40:26:f8:8b:db:ee:1a: e9:8d:27:8c:0a:ec:b3:d6:04:cf:e5:f2:14:91:86:ed:2a:5d: 10:9f:92:76 -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgISAZt/FTseTDum615paCm6BEfUMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE3ZmQzZjg5MzM1ZGNmODI4NjY2YjI4ZmFkOGFlOTkzYmQ0 NDg4NzgwHhcNMjYwMTAyMTQyMDU2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1YzA2N2E1OGE0MzA0OWI1YWUzMWQ4M2ViMjUzN2MwOTE1MWJhNzkyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlJ2bcH//rx9me7H5KJYCTFCD+q/k 0hNoAAXvCdsS0uJt9LWyaSYlo//QjT9ENFaH2JcnAWOO3Cpw0Wqddz5zwVZwtXBC VwRo88WqqOQd97hIwbFt5FR+bZ2Dx06CVFSp7P4Mnby7JjZS86NPcoT98Nfbx8fx 71BKxbC5YmesPFeWt59B2rB7i8FwAf7hz6eZRRQHAsM21OEWsnzzX1kSya6a/343 e+95fgf186tdVKJJaqQuIaOUl9GVzldaGDwtVAEleRitlXUIK/nR8ULnmPjLUbCw RZbHJKfhZm1vHBn/cpg7gO2cuG+xnukYovScqLZ0xTCUAHkWlgFexOjD9QIDAQAB o4ICGjCCAhYwHQYDVR0OBBYEFFwGelikMEm1rjHYPrJTfAkVG6eSMB8GA1UdIwQY MBaAFKf9P4kzXc+Chmayj62K6ZO9RIh4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcF8wX2lUTmR6NEtHWnJLUHJZcnBrNzFFaUhnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC8zODhmZDgtYzgxZi00ZTcxLWFmNTIt YzBiMWFkNDM1Yjk1LzEvWEFaNldLUXdTYld1TWRnLXNsTjhDUlVicDVJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83ZC8zODhmZDgtYzgxZi00ZTcxLWFmNTItYzBiMWFkNDM1Yjk1 LzEvcF8wX2lUTmR6NEtHWnJLUHJZcnBrNzFFaUhnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW+1aMA8E AgACMAkDBwAgAQZ8J5QwDQYJKoZIhvcNAQELBQADggEBAHgxm39SX0IZBM/oCbzn p2Wt8wlXu2t36Q/naBr3zgorCce016P88mCwEMURf/t1j5uLs7hI0MRjXdACqr2Z 7iIfVdwa3UZ3jouDza9mDk3/bbINMG7EZfJZyja/WdBxQpGWacijXTpfSKWqqmYN 9XlzkZQwT/vbjJtqqTs7JqEpUDy6UfrLcYHKjNaInfjp4VXDHJ9vVuAojuMwXjOq vRkW+L/eYOqHBI0uQ5FSPG2XO7Jwg7JBzK+M+tZg1eEMWgwE8sZfnUpEToFi6E3k Wss2nnEUMl8r/hXKThKXie/cjBfQQCb4i9vuGumNJ4wK7LPWBM/l8hSRhu0qXRCf knY= -----END CERTIFICATE-----Generated at Sun Jan 25 20:01:25 2026 by rpki-client