This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/ad3586-a028-4746-b3da-814856e1b1f4/1/xLze-dzWhrWc4ZIDUWJZ_BOy1KI.roa File: xLze-dzWhrWc4ZIDUWJZ_BOy1KI.roa (raw, json) Hash identifier: 0OM80oLlh3CK0UhiDUq1hTXKbXwk81sJbwvoCae7MFY= Subject key identifier: C4:BC:DE:F9:DC:D6:86:B5:9C:E1:92:03:51:62:59:FC:13:B2:D4:A2 Certificate issuer: /CN=924a97d912d71f80fd36b73efc0fc7969762f337 Certificate serial: 019B7BA515E10F77C51B100B81F761A52A6A Authority key identifier: 92:4A:97:D9:12:D7:1F:80:FD:36:B7:3E:FC:0F:C7:96:97:62:F3:37 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kkqX2RLXH4D9Nrc-_A_Hlpdi8zc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/ad3586-a028-4746-b3da-814856e1b1f4/1/xLze-dzWhrWc4ZIDUWJZ_BOy1KI.roa Signing time: Thu 01 Jan 2026 22:19:35 +0000 ROA not before: Thu 01 Jan 2026 22:19:35 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 8455 IP address blocks: 217.194.18.0/24 maxlen: 24 217.194.21.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/ad3586-a028-4746-b3da-814856e1b1f4/1/kkqX2RLXH4D9Nrc-_A_Hlpdi8zc.crl rsync://rpki.ripe.net/repository/DEFAULT/90/ad3586-a028-4746-b3da-814856e1b1f4/1/kkqX2RLXH4D9Nrc-_A_Hlpdi8zc.mft rsync://rpki.ripe.net/repository/DEFAULT/kkqX2RLXH4D9Nrc-_A_Hlpdi8zc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 01:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a5:15:e1:0f:77:c5:1b:10:0b:81:f7:61:a5:2a:6a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=924a97d912d71f80fd36b73efc0fc7969762f337 Validity Not Before: Jan 1 22:19:35 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=c4bcdef9dcd686b59ce19203516259fc13b2d4a2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:74:a0:c9:55:c5:4e:53:16:75:52:4f:75:f3: f3:25:cf:8f:24:82:17:2b:31:43:b3:70:a1:c1:63: 69:63:72:0e:80:27:d5:f3:b8:fb:64:45:8e:99:a8: 2b:0e:1f:72:7c:0b:07:8c:f7:2a:e4:07:67:ed:95: f3:7e:b4:75:a4:2a:89:38:59:6a:a0:96:c9:a1:7e: 49:c5:a7:4d:49:20:ee:a1:e6:e1:ae:bd:bc:3b:32: 01:a1:3e:be:57:27:44:c4:1e:10:f3:f4:f6:b5:3e: 82:d7:bb:46:fa:87:d4:e7:7d:e9:f7:1c:5c:96:7e: 4d:e9:00:f8:03:eb:19:8a:fd:17:53:79:62:51:b6: 4b:e7:71:e6:cc:b2:a6:39:1d:5c:45:2f:30:41:e7: da:71:e8:f8:43:9e:66:17:31:3f:b5:39:25:29:6e: 53:eb:60:5e:fc:e1:9c:61:4c:3d:31:67:84:c0:cb: 22:8d:23:8a:d6:e9:71:94:91:40:03:04:b3:6c:61: 79:1a:4e:61:70:b7:bb:f0:e3:6a:1f:ba:5b:f0:1d: d3:5d:40:f9:e0:59:22:39:23:e6:76:7f:ee:d8:ba: 50:ae:46:24:37:5e:33:18:67:85:9d:a8:e3:8e:50: 82:bc:77:fa:3c:35:f9:20:55:c2:c4:4b:56:c0:f6: f8:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C4:BC:DE:F9:DC:D6:86:B5:9C:E1:92:03:51:62:59:FC:13:B2:D4:A2 X509v3 Authority Key Identifier: keyid:92:4A:97:D9:12:D7:1F:80:FD:36:B7:3E:FC:0F:C7:96:97:62:F3:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kkqX2RLXH4D9Nrc-_A_Hlpdi8zc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/ad3586-a028-4746-b3da-814856e1b1f4/1/xLze-dzWhrWc4ZIDUWJZ_BOy1KI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/90/ad3586-a028-4746-b3da-814856e1b1f4/1/kkqX2RLXH4D9Nrc-_A_Hlpdi8zc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 217.194.18.0/24 217.194.21.0/24 Signature Algorithm: sha256WithRSAEncryption 07:fa:ef:8d:c9:f8:45:45:0b:ee:eb:40:dd:11:08:b7:10:24: cb:ef:44:d0:37:d4:10:64:af:da:38:b6:e0:d4:1a:06:74:0f: a7:5f:14:15:4d:df:cd:6c:dc:bf:a9:a7:4e:9c:fe:35:bc:b8: cb:1c:f9:b1:a8:f7:bb:25:be:1e:70:88:30:ab:e1:b7:d2:b9: f3:7d:cc:96:1d:1b:96:2a:71:08:3e:c8:0b:7b:b6:9d:b1:49: 0e:ec:f5:0e:1e:e8:b1:85:7c:73:3e:fb:69:a0:f0:9b:5d:55: 3f:e6:10:bf:1f:8b:40:53:53:eb:a2:7a:e2:c6:eb:61:31:60: a9:74:fc:11:40:be:d3:8a:ae:fb:ea:7c:9d:60:54:a3:9d:3e: 8c:e1:3a:8e:e6:c4:0c:9c:0e:24:b8:ef:37:85:76:dc:28:6a: 30:51:6a:e4:5c:20:e7:0f:b5:eb:73:4f:ab:b9:5a:c4:73:29: b0:80:c8:65:8c:d0:7b:cd:6f:b0:c8:fc:cd:99:46:a6:a8:fd: e0:3c:35:72:73:7b:bc:9d:89:6f:aa:00:c8:4a:29:08:58:20: 88:58:8c:4e:ea:ed:42:08:fd:a4:6a:8c:49:2b:f0:ec:e7:e1: 48:21:2f:65:3b:d3:34:b7:1b:d8:a7:be:f5:bc:9d:49:cf:20: 9c:10:29:58 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt7pRXhD3fFGxALgfdhpSpqMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkyNGE5N2Q5MTJkNzFmODBmZDM2YjczZWZjMGZjNzk2OTc2 MmYzMzcwHhcNMjYwMTAxMjIxOTM1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjNGJjZGVmOWRjZDY4NmI1OWNlMTkyMDM1MTYyNTlmYzEzYjJkNGEyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoXSgyVXFTlMWdVJPdfPzJc+PJIIX KzFDs3ChwWNpY3IOgCfV87j7ZEWOmagrDh9yfAsHjPcq5Adn7ZXzfrR1pCqJOFlq oJbJoX5JxadNSSDuoebhrr28OzIBoT6+VydExB4Q8/T2tT6C17tG+ofU533p9xxc ln5N6QD4A+sZiv0XU3liUbZL53HmzLKmOR1cRS8wQefacej4Q55mFzE/tTklKW5T 62Be/OGcYUw9MWeEwMsijSOK1ulxlJFAAwSzbGF5Gk5hcLe78ONqH7pb8B3TXUD5 4FkiOSPmdn/u2LpQrkYkN14zGGeFnajjjlCCvHf6PDX5IFXCxEtWwPb4ewIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFMS83vnc1oa1nOGSA1FiWfwTstSiMB8GA1UdIwQY MBaAFJJKl9kS1x+A/Ta3PvwPx5aXYvM3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva2txWDJSTFhINEQ5TnJjLV9BX0hscGRpOHpjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC9hZDM1ODYtYTAyOC00NzQ2LWIzZGEt ODE0ODU2ZTFiMWY0LzEveEx6ZS1keldocldjNFpJRFVXSlpfQk95MUtJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85MC9hZDM1ODYtYTAyOC00NzQ2LWIzZGEtODE0ODU2ZTFiMWY0 LzEva2txWDJSTFhINEQ5TnJjLV9BX0hscGRpOHpjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQA2cISAwQA 2cIVMA0GCSqGSIb3DQEBCwUAA4IBAQAH+u+NyfhFRQvu60DdEQi3ECTL70TQN9QQ ZK/aOLbg1BoGdA+nXxQVTd/NbNy/qadOnP41vLjLHPmxqPe7Jb4ecIgwq+G30rnz fcyWHRuWKnEIPsgLe7adsUkO7PUOHuixhXxzPvtpoPCbXVU/5hC/H4tAU1Pronri xuthMWCpdPwRQL7Tiq776nydYFSjnT6M4TqO5sQMnA4kuO83hXbcKGowUWrkXCDn D7Xrc0+ruVrEcymwgMhljNB7zW+wyPzNmUamqP3gPDVyc3u8nYlvqgDISikIWCCI WIxO6u1CCP2kaoxJK/Ds5+FIIS9lO9M0txvYp771vJ1JzyCcEClY -----END CERTIFICATE-----Generated at Mon Jan 26 10:53:28 2026 by rpki-client