This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/87ca91-6fb8-4038-890c-4915fe7f92ce/1/XfoYwouinwxpmsIiaKSE5Ihe3J8.roa File: XfoYwouinwxpmsIiaKSE5Ihe3J8.roa (raw, json) Hash identifier: qt4foYpy013TlPUVpgU1Ocj8R+P8zvuJGdKNUnqndOk= Subject key identifier: 5D:FA:18:C2:8B:A2:9F:0C:69:9A:C2:22:68:A4:84:E4:88:5E:DC:9F Certificate issuer: /CN=644f033f782eaf32ab09088775d64ac4b94b5b11 Certificate serial: 019B7B36C20E6069AF6E67846223E38B9EAF Authority key identifier: 64:4F:03:3F:78:2E:AF:32:AB:09:08:87:75:D6:4A:C4:B9:4B:5B:11 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZE8DP3gurzKrCQiHddZKxLlLWxE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/87ca91-6fb8-4038-890c-4915fe7f92ce/1/XfoYwouinwxpmsIiaKSE5Ihe3J8.roa Signing time: Thu 01 Jan 2026 20:19:04 +0000 ROA not before: Thu 01 Jan 2026 20:19:04 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 58192 IP address blocks: 213.134.17.0/24 maxlen: 24 2a05:2580::/30 maxlen: 30 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a1/87ca91-6fb8-4038-890c-4915fe7f92ce/1/ZE8DP3gurzKrCQiHddZKxLlLWxE.crl rsync://rpki.ripe.net/repository/DEFAULT/a1/87ca91-6fb8-4038-890c-4915fe7f92ce/1/ZE8DP3gurzKrCQiHddZKxLlLWxE.mft rsync://rpki.ripe.net/repository/DEFAULT/ZE8DP3gurzKrCQiHddZKxLlLWxE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 16:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:36:c2:0e:60:69:af:6e:67:84:62:23:e3:8b:9e:af Signature Algorithm: sha256WithRSAEncryption Issuer: CN=644f033f782eaf32ab09088775d64ac4b94b5b11 Validity Not Before: Jan 1 20:19:04 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5dfa18c28ba29f0c699ac22268a484e4885edc9f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ee:ec:3a:e2:84:a0:bf:74:61:85:c8:e7:e9:20: 03:61:41:ca:a5:ee:d8:5e:4d:b7:e5:c7:28:29:40: eb:9d:49:a8:75:6d:d5:ca:e9:0c:e1:4d:33:08:b2: a2:d8:c5:b0:9b:ca:6e:84:30:a0:65:e0:3b:73:75: 63:ca:30:0e:f4:44:75:81:5e:39:82:9a:42:01:34: ed:69:47:ab:a1:46:c0:ed:d8:65:5b:11:22:a4:a2: ad:dd:a4:dd:e0:4a:7e:c7:a8:8c:c2:2d:58:11:49: 24:ae:5f:f6:0b:75:af:94:cb:23:76:b4:2e:fb:b0: d6:af:3c:7f:ae:67:29:2b:10:4e:e8:c2:92:9e:93: e3:ab:31:5a:18:dd:c9:f9:3d:1a:84:dc:f4:f3:bc: 8c:82:4b:8a:70:8b:1f:70:e1:7f:9b:bb:f8:f8:8b: 5e:cc:30:b5:57:38:0f:d2:75:6e:44:38:a5:9b:1f: b6:97:40:f5:b5:79:0e:51:2e:89:31:c1:3d:12:9d: 19:d9:e3:9d:97:67:f6:35:c9:2b:2b:9c:ff:6b:4e: e1:a0:7e:19:f6:78:8b:cf:9e:97:f5:3d:27:a6:db: a3:7c:05:0e:0a:f9:e2:37:44:cc:03:cc:b9:b7:05: 57:44:c0:2d:0f:11:32:60:70:70:9b:a9:eb:83:17: d1:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:FA:18:C2:8B:A2:9F:0C:69:9A:C2:22:68:A4:84:E4:88:5E:DC:9F X509v3 Authority Key Identifier: keyid:64:4F:03:3F:78:2E:AF:32:AB:09:08:87:75:D6:4A:C4:B9:4B:5B:11 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZE8DP3gurzKrCQiHddZKxLlLWxE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/87ca91-6fb8-4038-890c-4915fe7f92ce/1/XfoYwouinwxpmsIiaKSE5Ihe3J8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/87ca91-6fb8-4038-890c-4915fe7f92ce/1/ZE8DP3gurzKrCQiHddZKxLlLWxE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 213.134.17.0/24 IPv6: 2a05:2580::/30 Signature Algorithm: sha256WithRSAEncryption 7e:6f:3f:9d:21:3a:6e:9d:f1:1d:dd:14:39:c9:83:ca:36:b2: 5d:67:cc:8c:e0:04:52:ea:49:ee:d0:c2:ca:cb:ee:4c:91:51: 09:b9:76:ad:9b:bf:64:7a:01:94:90:4e:db:a5:09:5b:7e:f0: 68:62:01:02:a5:9e:50:f8:1b:0e:8b:6e:73:10:25:88:cb:31: f5:fe:6c:30:29:8a:86:7a:89:72:a1:81:08:eb:9e:80:0f:a1: 7c:50:46:45:ce:77:08:23:a6:28:1c:5c:6d:62:6c:9b:84:3e: b6:d8:b3:aa:2e:3a:05:fd:8c:d1:e6:b1:d3:df:6f:8c:fb:a8: 9c:ec:2a:cb:1c:32:fb:84:e8:c5:c2:22:9f:e8:ee:18:36:29: 3c:d3:c7:ef:9d:02:20:19:57:60:19:d2:38:cc:55:0c:52:34: 96:fb:67:9a:bb:12:35:79:61:59:9f:4e:ba:11:45:a3:6a:06: a3:4c:54:a2:43:34:7d:61:65:41:6c:98:31:2a:91:2e:f1:8a: 0a:20:ad:c8:02:7a:23:9c:3f:92:17:1c:51:99:bb:b5:65:c8: 49:eb:54:38:f0:0c:85:3c:e1:7c:c2:87:b1:1c:8b:75:bb:ae: 66:f1:8c:22:a7:11:fc:ec:b7:cf:b3:f3:14:d2:26:fb:bd:0e: 06:ed:a2:7e -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt7NsIOYGmvbmeEYiPji56vMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY0NGYwMzNmNzgyZWFmMzJhYjA5MDg4Nzc1ZDY0YWM0Yjk0 YjViMTEwHhcNMjYwMTAxMjAxOTA0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1ZGZhMThjMjhiYTI5ZjBjNjk5YWMyMjI2OGE0ODRlNDg4NWVkYzlmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7uw64oSgv3Rhhcjn6SADYUHKpe7Y Xk235ccoKUDrnUmodW3VyukM4U0zCLKi2MWwm8puhDCgZeA7c3VjyjAO9ER1gV45 gppCATTtaUeroUbA7dhlWxEipKKt3aTd4Ep+x6iMwi1YEUkkrl/2C3WvlMsjdrQu +7DWrzx/rmcpKxBO6MKSnpPjqzFaGN3J+T0ahNz087yMgkuKcIsfcOF/m7v4+Ite zDC1VzgP0nVuRDilmx+2l0D1tXkOUS6JMcE9Ep0Z2eOdl2f2NckrK5z/a07hoH4Z 9niLz56X9T0nptujfAUOCvniN0TMA8y5twVXRMAtDxEyYHBwm6nrgxfRdwIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFF36GMKLop8MaZrCImikhOSIXtyfMB8GA1UdIwQY MBaAFGRPAz94Lq8yqwkIh3XWSsS5S1sRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWkU4RFAzZ3VyektyQ1FpSGRkWkt4TGxMV3hFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS84N2NhOTEtNmZiOC00MDM4LTg5MGMt NDkxNWZlN2Y5MmNlLzEvWGZvWXdvdWlud3hwbXNJaWFLU0U1SWhlM0o4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hMS84N2NhOTEtNmZiOC00MDM4LTg5MGMtNDkxNWZlN2Y5MmNl LzEvWkU4RFAzZ3VyektyQ1FpSGRkWkt4TGxMV3hFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQA1YYRMA0E AgACMAcDBQIqBSWAMA0GCSqGSIb3DQEBCwUAA4IBAQB+bz+dITpunfEd3RQ5yYPK NrJdZ8yM4ARS6knu0MLKy+5MkVEJuXatm79kegGUkE7bpQlbfvBoYgECpZ5Q+BsO i25zECWIyzH1/mwwKYqGeolyoYEI656AD6F8UEZFzncII6YoHFxtYmybhD622LOq LjoF/YzR5rHT32+M+6ic7CrLHDL7hOjFwiKf6O4YNik808fvnQIgGVdgGdI4zFUM UjSW+2eauxI1eWFZn066EUWjagajTFSiQzR9YWVBbJgxKpEu8YoKIK3IAnojnD+S FxxRmbu1ZchJ61Q48AyFPOF8woexHIt1u65m8YwipxH87LfPs/MU0ib7vQ4G7aJ+ -----END CERTIFICATE-----Generated at Mon Jan 26 00:39:20 2026 by rpki-client