This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/XSRfDKJB1vWxhWr5_nnhi8kY_Ro.roa File: XSRfDKJB1vWxhWr5_nnhi8kY_Ro.roa (raw, json) Hash identifier: vbcx865viaCEEplLJzs5WTHypNQpAu7A3ivTLIG9UFw= Subject key identifier: 5D:24:5F:0C:A2:41:D6:F5:B1:85:6A:F9:FE:79:E1:8B:C9:18:FD:1A Certificate issuer: /CN=c66d9d50b3b89d51c8aa2493e7ef4701d6251dad Certificate serial: 019B7910EE8B2CF6ADD344D9D6A7C2B55A87 Authority key identifier: C6:6D:9D:50:B3:B8:9D:51:C8:AA:24:93:E7:EF:47:01:D6:25:1D:AD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xm2dULO4nVHIqiST5-9HAdYlHa0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/XSRfDKJB1vWxhWr5_nnhi8kY_Ro.roa Signing time: Thu 01 Jan 2026 10:18:31 +0000 ROA not before: Thu 01 Jan 2026 10:18:31 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 211030 IP address blocks: 195.5.115.0/24 maxlen: 24 2a0d:f407:1030::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/xm2dULO4nVHIqiST5-9HAdYlHa0.crl rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/xm2dULO4nVHIqiST5-9HAdYlHa0.mft rsync://rpki.ripe.net/repository/DEFAULT/xm2dULO4nVHIqiST5-9HAdYlHa0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 01:01:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:10:ee:8b:2c:f6:ad:d3:44:d9:d6:a7:c2:b5:5a:87 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c66d9d50b3b89d51c8aa2493e7ef4701d6251dad Validity Not Before: Jan 1 10:18:31 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5d245f0ca241d6f5b1856af9fe79e18bc918fd1a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:a5:89:0c:a4:e8:0d:f5:7a:df:e7:4e:82:27: cc:ed:1a:a6:5e:ba:28:d5:63:31:bf:de:1a:59:bf: 9d:cd:20:97:45:8c:f3:bc:11:99:5b:00:fa:51:5e: cb:69:e9:34:03:41:b3:09:fc:46:d1:11:c0:60:45: 6c:11:4e:84:3e:d2:9a:96:9f:c9:3d:87:8e:90:a2: c3:81:7b:91:c9:5e:34:4a:6a:66:35:f9:ea:68:c9: 60:99:71:56:47:d0:ec:fc:4a:84:07:49:3c:7a:6b: b0:77:92:61:97:40:e3:2e:60:43:1e:63:8f:ac:f8: fe:01:30:79:11:b8:bb:15:7d:e9:4e:ea:75:0d:0a: d8:a9:a6:2e:64:c7:9b:ca:64:31:ac:b5:56:76:9b: 40:2f:0b:19:a2:a0:66:bb:d1:9e:48:b2:8f:09:84: 29:ee:fa:85:fc:a8:fd:0e:70:9f:33:fa:82:ae:15: 04:7d:7b:c1:2e:bf:e0:ee:15:1c:27:ad:b2:ef:76: 68:2a:a0:00:9d:1b:d0:a5:9c:d9:69:8a:fc:5a:11: 0e:dd:fd:e2:cf:31:ae:65:c3:61:76:c6:95:a8:2d: 28:12:65:57:bf:b3:ea:0e:d4:09:d9:25:4f:66:e1: 79:19:26:7d:4f:5f:f4:f0:bf:3b:57:ff:2f:c1:e2: f0:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:24:5F:0C:A2:41:D6:F5:B1:85:6A:F9:FE:79:E1:8B:C9:18:FD:1A X509v3 Authority Key Identifier: keyid:C6:6D:9D:50:B3:B8:9D:51:C8:AA:24:93:E7:EF:47:01:D6:25:1D:AD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xm2dULO4nVHIqiST5-9HAdYlHa0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/XSRfDKJB1vWxhWr5_nnhi8kY_Ro.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/xm2dULO4nVHIqiST5-9HAdYlHa0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 195.5.115.0/24 IPv6: 2a0d:f407:1030::/48 Signature Algorithm: sha256WithRSAEncryption 6e:69:23:86:63:ed:c2:20:e8:19:71:89:9f:5d:a4:2b:0c:b9: d8:2f:be:4d:78:9f:d4:31:13:79:6a:43:61:02:59:d5:70:a5: e6:50:fc:bf:68:7c:13:c7:35:93:9d:7a:ac:1b:11:f8:a3:38: 36:fb:16:f5:47:12:30:1e:00:82:ae:c9:cf:be:66:56:a5:d0: ae:80:71:a5:f5:5b:55:58:b5:a3:3d:44:64:a4:36:98:d3:b0: e0:06:17:55:59:0d:71:bd:84:e7:3e:0f:aa:5f:e2:eb:ec:e6: f0:33:1f:6a:57:9e:e3:3c:fd:65:a1:43:60:b9:4a:98:5f:f8: 67:17:60:15:94:1c:49:0c:d8:30:11:3a:01:ca:fd:10:bf:86: 2e:20:a4:bd:6c:9c:50:2f:4c:38:71:9f:bc:65:71:12:d3:8b: 99:24:19:45:60:5a:74:ce:a6:1f:f4:0b:0f:0b:8c:0f:d5:30: f2:44:3d:b5:36:d6:42:c0:fe:21:4c:4c:df:bb:7a:cd:15:60: a2:0e:c3:50:87:88:3f:88:a3:31:a7:59:f0:99:2a:74:89:24: af:7f:28:e2:1f:f1:af:d0:52:45:b1:19:05:2d:b1:e5:cc:09: fe:3b:30:12:45:ca:97:18:c2:b9:df:37:cd:d9:c4:7c:89:c4: f3:1f:35:62 -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgISAZt5EO6LLPat00TZ1qfCtVqHMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM2NmQ5ZDUwYjNiODlkNTFjOGFhMjQ5M2U3ZWY0NzAxZDYy NTFkYWQwHhcNMjYwMTAxMTAxODMxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1ZDI0NWYwY2EyNDFkNmY1YjE4NTZhZjlmZTc5ZTE4YmM5MThmZDFhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqKWJDKToDfV63+dOgifM7RqmXroo 1WMxv94aWb+dzSCXRYzzvBGZWwD6UV7Laek0A0GzCfxG0RHAYEVsEU6EPtKalp/J PYeOkKLDgXuRyV40SmpmNfnqaMlgmXFWR9Ds/EqEB0k8emuwd5Jhl0DjLmBDHmOP rPj+ATB5Ebi7FX3pTup1DQrYqaYuZMebymQxrLVWdptALwsZoqBmu9GeSLKPCYQp 7vqF/Kj9DnCfM/qCrhUEfXvBLr/g7hUcJ62y73ZoKqAAnRvQpZzZaYr8WhEO3f3i zzGuZcNhdsaVqC0oEmVXv7PqDtQJ2SVPZuF5GSZ9T1/08L87V/8vweLwNQIDAQAB o4ICGjCCAhYwHQYDVR0OBBYEFF0kXwyiQdb1sYVq+f554YvJGP0aMB8GA1UdIwQY MBaAFMZtnVCzuJ1RyKokk+fvRwHWJR2tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveG0yZFVMTzRuVkhJcWlTVDUtOUhBZFlsSGEwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS80YmI3NGItOGQ2ZC00NTE0LWEzOWMt YjdjNTc4Yjc0ZTM1LzEvWFNSZkRLSkIxdld4aFdyNV9ubmhpOGtZX1JvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hNS80YmI3NGItOGQ2ZC00NTE0LWEzOWMtYjdjNTc4Yjc0ZTM1 LzEveG0yZFVMTzRuVkhJcWlTVDUtOUhBZFlsSGEwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwwVzMA8E AgACMAkDBwAqDfQHEDAwDQYJKoZIhvcNAQELBQADggEBAG5pI4Zj7cIg6BlxiZ9d pCsMudgvvk14n9QxE3lqQ2ECWdVwpeZQ/L9ofBPHNZOdeqwbEfijODb7FvVHEjAe AIKuyc++Zlal0K6AcaX1W1VYtaM9RGSkNpjTsOAGF1VZDXG9hOc+D6pf4uvs5vAz H2pXnuM8/WWhQ2C5Sphf+GcXYBWUHEkM2DAROgHK/RC/hi4gpL1snFAvTDhxn7xl cRLTi5kkGUVgWnTOph/0Cw8LjA/VMPJEPbU21kLA/iFMTN+7es0VYKIOw1CHiD+I ozGnWfCZKnSJJK9/KOIf8a/QUkWxGQUtseXMCf47MBJFypcYwrnfN83ZxHyJxPMf NWI= -----END CERTIFICATE-----Generated at Sun Jan 25 12:01:08 2026 by rpki-client