This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/00dcdf-ec9d-4446-905e-556347a5f056/1/Xf4ZTszORkzpOtgjWs0sQXLkCfM.roa File: Xf4ZTszORkzpOtgjWs0sQXLkCfM.roa (raw, json) Hash identifier: f/UijPcLGJI8l2y80NoFTGhFWkou3AIufub5lbOoRas= Subject key identifier: 5D:FE:19:4E:CC:CE:46:4C:E9:3A:D8:23:5A:CD:2C:41:72:E4:09:F3 Certificate issuer: /CN=b1c3ec539f23ee031aa396ac5ced42563884b7b3 Certificate serial: 019B7834C58275D4464A73029A2D22201854 Authority key identifier: B1:C3:EC:53:9F:23:EE:03:1A:A3:96:AC:5C:ED:42:56:38:84:B7:B3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/scPsU58j7gMao5asXO1CVjiEt7M.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/00dcdf-ec9d-4446-905e-556347a5f056/1/Xf4ZTszORkzpOtgjWs0sQXLkCfM.roa Signing time: Thu 01 Jan 2026 06:18:02 +0000 ROA not before: Thu 01 Jan 2026 06:18:02 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 207366 IP address blocks: 91.220.231.0/24 maxlen: 24 2a0a:ed80::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a6/00dcdf-ec9d-4446-905e-556347a5f056/1/scPsU58j7gMao5asXO1CVjiEt7M.crl rsync://rpki.ripe.net/repository/DEFAULT/a6/00dcdf-ec9d-4446-905e-556347a5f056/1/scPsU58j7gMao5asXO1CVjiEt7M.mft rsync://rpki.ripe.net/repository/DEFAULT/scPsU58j7gMao5asXO1CVjiEt7M.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:34:c5:82:75:d4:46:4a:73:02:9a:2d:22:20:18:54 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b1c3ec539f23ee031aa396ac5ced42563884b7b3 Validity Not Before: Jan 1 06:18:02 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5dfe194eccce464ce93ad8235acd2c4172e409f3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:1f:f3:66:f5:c2:f9:b0:de:2f:3c:ed:28:41: d6:e2:51:85:79:b2:49:b6:0d:f2:6c:0c:19:91:b0: 32:a1:fd:2a:e0:0b:d9:08:7d:7d:a2:3c:1f:b7:c2: db:8f:b9:c9:2e:17:73:71:46:b7:62:37:64:db:88: cf:46:a7:f6:c4:a1:15:2a:4d:b6:a5:96:19:c4:98: 87:89:46:1a:d1:b9:c2:0f:1d:13:8f:ed:58:a8:59: b7:b3:38:3f:21:e1:7f:16:57:f8:16:0d:cc:9e:b8: d5:9b:10:a4:39:ab:e4:fb:fd:73:7f:e2:94:59:ca: 0b:e4:66:73:14:85:2b:6c:f1:8d:d2:26:8a:23:55: fc:b9:cd:20:4c:a6:dc:df:94:b1:9e:aa:d9:8c:02: de:5f:9c:12:3b:f2:dd:99:ac:d1:3e:f2:29:5a:f1: 5e:45:a6:48:69:b8:93:71:34:cf:2a:51:ab:04:43: 50:99:51:b4:97:44:13:a0:f6:e1:77:06:31:0a:f4: c7:b3:2e:86:aa:b8:f3:f5:6b:c1:83:0d:38:50:92: 03:82:4b:8e:21:a5:6e:a9:70:5e:46:79:1a:a6:c9: 60:86:48:07:90:b9:50:ea:48:42:46:26:dc:42:d9: 1f:19:dd:cf:d8:d9:3a:16:be:d3:71:b9:57:e6:b6: f1:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:FE:19:4E:CC:CE:46:4C:E9:3A:D8:23:5A:CD:2C:41:72:E4:09:F3 X509v3 Authority Key Identifier: keyid:B1:C3:EC:53:9F:23:EE:03:1A:A3:96:AC:5C:ED:42:56:38:84:B7:B3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/scPsU58j7gMao5asXO1CVjiEt7M.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/00dcdf-ec9d-4446-905e-556347a5f056/1/Xf4ZTszORkzpOtgjWs0sQXLkCfM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/00dcdf-ec9d-4446-905e-556347a5f056/1/scPsU58j7gMao5asXO1CVjiEt7M.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.220.231.0/24 IPv6: 2a0a:ed80::/29 Signature Algorithm: sha256WithRSAEncryption 75:ca:d7:d6:f0:00:8e:81:a3:7b:dd:ad:a0:f0:a5:08:95:cb: 0f:b4:48:96:e4:24:70:fc:d4:ac:20:2d:60:04:98:2c:f9:3c: 50:c2:2b:d7:7e:c7:6e:63:20:e9:b7:35:75:b5:57:04:a1:c5: 4a:76:45:ef:75:d7:94:1a:35:3a:b5:21:db:c9:73:c5:19:27: 75:46:db:4e:5c:95:9a:2b:20:50:90:a1:03:a9:ac:2e:2c:a2: ff:d1:e1:e2:9d:47:a6:a1:d5:54:c4:fe:b3:52:31:23:8a:69: 4f:3f:4e:70:cc:40:7a:98:3a:cc:7f:38:92:91:1c:7a:29:14: c3:a0:31:54:d3:9a:b9:bd:31:99:97:26:82:d3:92:c2:15:56: 7a:6a:07:1c:ac:1f:06:f4:f1:5b:16:8d:69:f4:be:ae:9f:31: c2:bf:0a:e6:01:a4:e1:34:72:7d:cc:6a:c6:8b:bf:a8:80:d6: 3d:ea:e5:4a:22:e4:ea:c3:69:2a:48:06:39:1f:1a:99:9f:40: c4:5a:a2:37:bb:33:ce:14:bb:8f:f3:e3:22:6c:5b:bc:04:ce: e7:76:3d:ed:97:95:0b:d6:03:21:8e:95:f8:d1:7f:1f:d1:7d: c6:f3:ab:5a:04:23:52:28:d1:a8:b0:66:ab:b6:70:b3:a3:dd: 4d:3f:fa:b3 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt4NMWCddRGSnMCmi0iIBhUMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIxYzNlYzUzOWYyM2VlMDMxYWEzOTZhYzVjZWQ0MjU2Mzg4 NGI3YjMwHhcNMjYwMTAxMDYxODAyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1ZGZlMTk0ZWNjY2U0NjRjZTkzYWQ4MjM1YWNkMmM0MTcyZTQwOWYzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0x/zZvXC+bDeLzztKEHW4lGFebJJ tg3ybAwZkbAyof0q4AvZCH19ojwft8Lbj7nJLhdzcUa3Yjdk24jPRqf2xKEVKk22 pZYZxJiHiUYa0bnCDx0Tj+1YqFm3szg/IeF/Flf4Fg3MnrjVmxCkOavk+/1zf+KU WcoL5GZzFIUrbPGN0iaKI1X8uc0gTKbc35SxnqrZjALeX5wSO/LdmazRPvIpWvFe RaZIabiTcTTPKlGrBENQmVG0l0QToPbhdwYxCvTHsy6Gqrjz9WvBgw04UJIDgkuO IaVuqXBeRnkapslghkgHkLlQ6khCRibcQtkfGd3P2Nk6Fr7TcblX5rbxWwIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFF3+GU7MzkZM6TrYI1rNLEFy5AnzMB8GA1UdIwQY MBaAFLHD7FOfI+4DGqOWrFztQlY4hLezMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvc2NQc1U1OGo3Z01hbzVhc1hPMUNWamlFdDdNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi8wMGRjZGYtZWM5ZC00NDQ2LTkwNWUt NTU2MzQ3YTVmMDU2LzEvWGY0WlRzek9Sa3pwT3RnaldzMHNRWExrQ2ZNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hNi8wMGRjZGYtZWM5ZC00NDQ2LTkwNWUtNTU2MzQ3YTVmMDU2 LzEvc2NQc1U1OGo3Z01hbzVhc1hPMUNWamlFdDdNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAW9znMA0E AgACMAcDBQMqCu2AMA0GCSqGSIb3DQEBCwUAA4IBAQB1ytfW8ACOgaN73a2g8KUI lcsPtEiW5CRw/NSsIC1gBJgs+TxQwivXfsduYyDptzV1tVcEocVKdkXvddeUGjU6 tSHbyXPFGSd1RttOXJWaKyBQkKEDqawuLKL/0eHinUemodVUxP6zUjEjimlPP05w zEB6mDrMfziSkRx6KRTDoDFU05q5vTGZlyaC05LCFVZ6agccrB8G9PFbFo1p9L6u nzHCvwrmAaThNHJ9zGrGi7+ogNY96uVKIuTqw2kqSAY5HxqZn0DEWqI3uzPOFLuP 8+MibFu8BM7ndj3tl5UL1gMhjpX40X8f0X3G86taBCNSKNGosGartnCzo91NP/qz -----END CERTIFICATE-----Generated at Mon Jan 26 03:07:08 2026 by rpki-client