This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/83f977-82b8-4695-9c08-1896555a2f0e/1/xI4zLwDKizX545WG4Oav_2VtWQw.roa File: xI4zLwDKizX545WG4Oav_2VtWQw.roa (raw, json) Hash identifier: 5JHL2Y3aZMduCucZ9kzokWSjycW6uUdaSgFU+lbWZ58= Subject key identifier: C4:8E:33:2F:00:CA:8B:35:F9:E3:95:86:E0:E6:AF:FF:65:6D:59:0C Certificate issuer: /CN=828bbad6f4916842bbe320284fafe10caf59edf0 Certificate serial: 019B7B3546F5F1C5B2AD4DD0B39B50453C2C Authority key identifier: 82:8B:BA:D6:F4:91:68:42:BB:E3:20:28:4F:AF:E1:0C:AF:59:ED:F0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gou61vSRaEK74yAoT6_hDK9Z7fA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/83f977-82b8-4695-9c08-1896555a2f0e/1/xI4zLwDKizX545WG4Oav_2VtWQw.roa Signing time: Thu 01 Jan 2026 20:17:27 +0000 ROA not before: Thu 01 Jan 2026 20:17:27 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 49097 IP address blocks: 31.3.150.0/24 maxlen: 24 31.3.151.0/24 maxlen: 24 80.70.171.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/83f977-82b8-4695-9c08-1896555a2f0e/1/gou61vSRaEK74yAoT6_hDK9Z7fA.crl rsync://rpki.ripe.net/repository/DEFAULT/b0/83f977-82b8-4695-9c08-1896555a2f0e/1/gou61vSRaEK74yAoT6_hDK9Z7fA.mft rsync://rpki.ripe.net/repository/DEFAULT/gou61vSRaEK74yAoT6_hDK9Z7fA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:35:46:f5:f1:c5:b2:ad:4d:d0:b3:9b:50:45:3c:2c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=828bbad6f4916842bbe320284fafe10caf59edf0 Validity Not Before: Jan 1 20:17:27 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=c48e332f00ca8b35f9e39586e0e6afff656d590c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:89:f2:09:62:69:63:6b:aa:f3:d2:46:45:30: db:44:89:57:e4:14:ec:33:50:09:f4:b5:4f:05:ee: 74:ad:dc:3e:23:79:6e:90:96:42:29:f7:6c:2f:b7: 5e:5e:0a:a7:f6:6c:9c:f8:f3:c4:ee:da:a6:66:d1: 45:b0:2c:fd:c3:b7:80:57:2a:1e:61:63:1e:bf:5a: 8f:ea:4e:6c:da:60:b4:ab:6b:56:6b:e2:87:39:c0: d0:d1:1c:bd:29:91:da:ca:b0:5d:37:41:d7:d4:a7: 40:a6:6d:38:78:6b:dc:ea:a3:d4:9e:f7:78:ad:06: 66:fe:33:39:cf:92:04:79:75:ec:91:51:b1:b5:32: aa:7f:f3:ad:37:c5:85:45:13:b6:ae:37:e3:e8:f4: 5f:73:61:90:4c:1f:03:dd:8a:f2:2e:01:ae:4f:3b: 13:df:b0:62:d3:e5:fc:9b:ed:6a:c8:1d:54:8f:19: 80:d1:8b:5e:95:6c:c2:b3:fa:2d:73:55:87:f7:2a: ef:68:a7:a2:72:2b:46:65:3b:a7:cf:87:ba:36:03: 31:f9:98:72:a0:8b:1b:c2:6b:ab:ea:2c:a2:7a:1e: 8e:29:3a:f5:6a:8c:23:0b:32:87:f7:30:49:6c:d0: 9e:61:de:4b:2e:c7:99:4e:98:b5:34:21:41:87:75: ab:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C4:8E:33:2F:00:CA:8B:35:F9:E3:95:86:E0:E6:AF:FF:65:6D:59:0C X509v3 Authority Key Identifier: keyid:82:8B:BA:D6:F4:91:68:42:BB:E3:20:28:4F:AF:E1:0C:AF:59:ED:F0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gou61vSRaEK74yAoT6_hDK9Z7fA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/83f977-82b8-4695-9c08-1896555a2f0e/1/xI4zLwDKizX545WG4Oav_2VtWQw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/83f977-82b8-4695-9c08-1896555a2f0e/1/gou61vSRaEK74yAoT6_hDK9Z7fA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.3.150.0/23 80.70.171.0/24 Signature Algorithm: sha256WithRSAEncryption 92:2e:b4:e6:b5:3a:a1:9e:66:2d:df:ac:26:47:ba:27:60:cc: c0:8f:c3:19:45:2d:61:4e:55:3c:22:b1:2e:2d:28:4e:37:46: 95:29:42:30:38:64:e5:43:68:63:5c:06:f6:51:31:88:02:98: fc:41:aa:7e:da:7c:cb:9b:13:92:d8:89:e3:eb:7e:8a:6a:b6: 50:9c:7e:18:ea:2b:79:4c:ee:3f:51:84:d4:4e:be:9e:de:0a: 62:c5:ff:1e:08:7b:8f:39:ee:6d:e6:09:b9:bc:33:eb:2d:62: 2c:1e:e2:7c:98:24:0b:94:38:48:46:ab:98:de:59:92:71:b9: 7a:88:d9:77:2e:c0:af:70:87:53:2b:15:8e:83:7c:63:e6:cd: 8e:62:4f:c2:17:f9:b2:10:6b:8f:2d:66:4b:52:00:72:22:d2: 3e:3d:53:9f:94:df:2b:42:81:93:c8:09:5c:b8:4f:ea:bb:d1: 7a:bd:20:e5:c8:be:6a:b5:ce:e6:4f:e5:a4:bc:44:6d:48:62: ad:4f:34:f0:28:29:b1:58:78:94:1b:9d:e2:fa:b6:89:48:40: 08:34:de:65:e6:55:6f:b1:c3:55:f5:28:86:38:ea:a2:fb:f8: f2:a8:87:bb:d0:6f:16:74:8a:62:d5:25:6a:03:44:f0:64:40: f2:2b:de:0c -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt7NUb18cWyrU3Qs5tQRTwsMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDgyOGJiYWQ2ZjQ5MTY4NDJiYmUzMjAyODRmYWZlMTBjYWY1 OWVkZjAwHhcNMjYwMTAxMjAxNzI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjNDhlMzMyZjAwY2E4YjM1ZjllMzk1ODZlMGU2YWZmZjY1NmQ1OTBjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArInyCWJpY2uq89JGRTDbRIlX5BTs M1AJ9LVPBe50rdw+I3lukJZCKfdsL7deXgqn9myc+PPE7tqmZtFFsCz9w7eAVyoe YWMev1qP6k5s2mC0q2tWa+KHOcDQ0Ry9KZHayrBdN0HX1KdApm04eGvc6qPUnvd4 rQZm/jM5z5IEeXXskVGxtTKqf/OtN8WFRRO2rjfj6PRfc2GQTB8D3YryLgGuTzsT 37Bi0+X8m+1qyB1UjxmA0YtelWzCs/otc1WH9yrvaKeicitGZTunz4e6NgMx+Zhy oIsbwmur6iyieh6OKTr1aowjCzKH9zBJbNCeYd5LLseZTpi1NCFBh3WrawIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFMSOMy8Ayos1+eOVhuDmr/9lbVkMMB8GA1UdIwQY MBaAFIKLutb0kWhCu+MgKE+v4QyvWe3wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZ291NjF2U1JhRUs3NHlBb1Q2X2hESzlaN2ZBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC84M2Y5NzctODJiOC00Njk1LTljMDgt MTg5NjU1NWEyZjBlLzEveEk0ekx3REtpelg1NDVXRzRPYXZfMlZ0V1F3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMC84M2Y5NzctODJiOC00Njk1LTljMDgtMTg5NjU1NWEyZjBl LzEvZ291NjF2U1JhRUs3NHlBb1Q2X2hESzlaN2ZBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBHwOWAwQA UEarMA0GCSqGSIb3DQEBCwUAA4IBAQCSLrTmtTqhnmYt36wmR7onYMzAj8MZRS1h TlU8IrEuLShON0aVKUIwOGTlQ2hjXAb2UTGIApj8Qap+2nzLmxOS2Inj636KarZQ nH4Y6it5TO4/UYTUTr6e3gpixf8eCHuPOe5t5gm5vDPrLWIsHuJ8mCQLlDhIRquY 3lmScbl6iNl3LsCvcIdTKxWOg3xj5s2OYk/CF/myEGuPLWZLUgByItI+PVOflN8r QoGTyAlcuE/qu9F6vSDlyL5qtc7mT+WkvERtSGKtTzTwKCmxWHiUG53i+raJSEAI NN5l5lVvscNV9SiGOOqi+/jyqIe70G8WdIpi1SVqA0TwZEDyK94M -----END CERTIFICATE-----Generated at Mon Jan 26 06:33:14 2026 by rpki-client