This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/1Xksz4pAytZHMrrT7gOuFdy8S2Y.roa File: 1Xksz4pAytZHMrrT7gOuFdy8S2Y.roa (raw, json) Hash identifier: HuNf5dwLg/DJcTEcYtbO8BEopfRLLX+209pk2+0+87w= Subject key identifier: D5:79:2C:CF:8A:40:CA:D6:47:32:BA:D3:EE:03:AE:15:DC:BC:4B:66 Certificate issuer: /CN=43d5ba0815c9f5193f80989ee893acacc4ba8849 Certificate serial: 019B7BA3CB5CF0C98A9F0A4648F313CD9F57 Authority key identifier: 43:D5:BA:08:15:C9:F5:19:3F:80:98:9E:E8:93:AC:AC:C4:BA:88:49 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/1Xksz4pAytZHMrrT7gOuFdy8S2Y.roa Signing time: Thu 01 Jan 2026 22:18:10 +0000 ROA not before: Thu 01 Jan 2026 22:18:10 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 19545 IP address blocks: 57.250.192.0/19 maxlen: 24 57.250.224.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.crl rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.mft rsync://rpki.ripe.net/repository/DEFAULT/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:00:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a3:cb:5c:f0:c9:8a:9f:0a:46:48:f3:13:cd:9f:57 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=43d5ba0815c9f5193f80989ee893acacc4ba8849 Validity Not Before: Jan 1 22:18:10 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d5792ccf8a40cad64732bad3ee03ae15dcbc4b66 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:39:69:7f:75:66:0e:17:e0:2e:33:00:16:59: 14:be:a4:0f:51:e7:8d:a0:bc:92:c6:1c:5e:14:f4: 72:e8:2e:f2:de:e5:21:1b:d1:56:02:e9:f7:21:39: a1:fd:b9:cd:12:ba:c4:2c:6d:d1:5e:00:e9:73:f8: a4:eb:88:6a:46:17:72:c1:3e:4c:1b:ef:5c:14:48: e7:a1:b5:8e:51:df:88:1f:1d:4a:e2:b9:88:16:29: 13:a5:e3:1a:bc:af:79:64:5a:f7:cc:ad:b3:b5:a6: 32:51:b4:91:dd:5e:40:ba:23:1f:e1:19:f5:f5:c4: 0b:4a:7e:22:4e:17:91:c8:b2:6a:27:d4:4c:54:93: ea:72:12:cc:cc:a1:ba:75:41:6d:2b:27:3f:4f:30: 46:42:fc:ae:e7:3e:f6:89:90:fb:62:c2:07:88:d3: 5c:e3:ec:10:9e:00:ce:c2:e4:d9:5d:52:39:d7:d3: 08:7b:de:a9:00:b1:b0:63:e9:f3:ae:c8:31:9d:a1: 4c:3f:66:39:28:9e:bd:e1:cc:f8:7e:f7:f5:51:62: e9:2f:79:3f:1a:35:a7:cc:9a:f7:fd:6c:26:62:92: cd:27:d4:e7:87:2b:17:97:9e:5d:5a:dc:7e:fb:62: 32:96:0e:32:2a:c2:56:31:97:d7:d4:f5:40:95:6d: d2:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D5:79:2C:CF:8A:40:CA:D6:47:32:BA:D3:EE:03:AE:15:DC:BC:4B:66 X509v3 Authority Key Identifier: keyid:43:D5:BA:08:15:C9:F5:19:3F:80:98:9E:E8:93:AC:AC:C4:BA:88:49 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/1Xksz4pAytZHMrrT7gOuFdy8S2Y.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 57.250.192.0-57.250.224.255 Signature Algorithm: sha256WithRSAEncryption 91:74:90:95:cb:73:f9:32:d4:79:16:a0:ad:fc:40:04:bb:19: fc:b5:e0:05:c9:2d:cc:03:8e:ca:05:7a:0f:ed:6f:a5:b4:b8: 01:0b:89:f4:60:58:c6:e4:2e:98:9e:3e:9b:c8:dd:1b:20:53: 5a:d8:1f:84:c9:00:21:fc:fa:e3:44:83:06:24:c7:e4:d9:6b: 97:fd:e1:01:4a:df:53:2c:74:12:e5:dc:f1:63:56:5e:fb:33: 37:e1:00:71:45:17:0b:2f:33:90:ee:54:89:b4:bb:33:90:9d: 8c:cd:2e:44:25:3f:54:3b:63:a1:80:15:58:29:ae:7e:1f:22: df:34:76:61:6c:f9:3e:78:a7:b8:7c:57:43:2c:b4:25:80:3e: 01:c6:38:07:6b:95:6a:8e:31:58:34:88:a6:19:61:3f:c9:d5: fb:3e:6b:bb:9f:a2:34:b3:8b:f8:3e:18:f1:45:8d:d1:fb:05: 5a:02:59:cc:86:d1:1e:7f:85:9a:69:62:c4:54:48:d4:25:16: e6:58:77:5f:46:9f:31:97:b4:c9:24:4e:32:a6:fb:0f:6d:6a: 65:af:c1:b8:42:54:52:af:e7:fa:f6:31:b7:48:62:0f:0c:0e: 56:db:a9:46:d6:35:ce:4e:32:40:68:a1:ab:27:ed:b7:05:4d: 1f:08:d7:7d -----BEGIN CERTIFICATE----- MIIFBTCCA+2gAwIBAgISAZt7o8tc8MmKnwpGSPMTzZ9XMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQzZDViYTA4MTVjOWY1MTkzZjgwOTg5ZWU4OTNhY2FjYzRi YTg4NDkwHhcNMjYwMTAxMjIxODEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkNTc5MmNjZjhhNDBjYWQ2NDczMmJhZDNlZTAzYWUxNWRjYmM0YjY2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqzlpf3VmDhfgLjMAFlkUvqQPUeeN oLySxhxeFPRy6C7y3uUhG9FWAun3ITmh/bnNErrELG3RXgDpc/ik64hqRhdywT5M G+9cFEjnobWOUd+IHx1K4rmIFikTpeMavK95ZFr3zK2ztaYyUbSR3V5AuiMf4Rn1 9cQLSn4iTheRyLJqJ9RMVJPqchLMzKG6dUFtKyc/TzBGQvyu5z72iZD7YsIHiNNc 4+wQngDOwuTZXVI519MIe96pALGwY+nzrsgxnaFMP2Y5KJ694cz4fvf1UWLpL3k/ GjWnzJr3/WwmYpLNJ9TnhysXl55dWtx++2Iylg4yKsJWMZfX1PVAlW3SLwIDAQAB o4ICETCCAg0wHQYDVR0OBBYEFNV5LM+KQMrWRzK60+4DrhXcvEtmMB8GA1UdIwQY MBaAFEPVuggVyfUZP4CYnuiTrKzEuohJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUTlXNkNCWEo5UmtfZ0ppZTZKT3NyTVM2aUVrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi83MjgyYjQtN2YxMS00ZWUwLWFiZWEt ZTEzZTU1NzljNWRjLzEvMVhrc3o0cEF5dFpITXJyVDdnT3VGZHk4UzJZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hYi83MjgyYjQtN2YxMS00ZWUwLWFiZWEtZTEzZTU1NzljNWRj LzEvUTlXNkNCWEo5UmtfZ0ppZTZKT3NyTVM2aUVrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAY5+sAD BAA5+uAwDQYJKoZIhvcNAQELBQADggEBAJF0kJXLc/ky1HkWoK38QAS7Gfy14AXJ LcwDjsoFeg/tb6W0uAELifRgWMbkLpiePpvI3RsgU1rYH4TJACH8+uNEgwYkx+TZ a5f94QFK31MsdBLl3PFjVl77MzfhAHFFFwsvM5DuVIm0uzOQnYzNLkQlP1Q7Y6GA FVgprn4fIt80dmFs+T54p7h8V0MstCWAPgHGOAdrlWqOMVg0iKYZYT/J1fs+a7uf ojSzi/g+GPFFjdH7BVoCWcyG0R5/hZppYsRUSNQlFuZYd19GnzGXtMkkTjKm+w9t amWvwbhCVFKv5/r2MbdIYg8MDlbbqUbWNc5OMkBooasn7bcFTR8I130= -----END CERTIFICATE-----Generated at Sun Jan 25 19:37:01 2026 by rpki-client