This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/ff6f4a-8d5f-45b2-875c-a5683844e792/1/XpUefWEiJeIsRivUE_i8Xfs2GR8.roa File: XpUefWEiJeIsRivUE_i8Xfs2GR8.roa (raw, json) Hash identifier: PBHeI5NfF0k/v47sxglrYiZdodvTKkFHSpMBQlDcdXc= Subject key identifier: 5E:95:1E:7D:61:22:25:E2:2C:46:2B:D4:13:F8:BC:5D:FB:36:19:1F Certificate issuer: /CN=3d8ba0a52c42129af1d4f743feb33bb144d4bb5c Certificate serial: 019B797F0A1C2450F670D921D41F25A02F29 Authority key identifier: 3D:8B:A0:A5:2C:42:12:9A:F1:D4:F7:43:FE:B3:3B:B1:44:D4:BB:5C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PYugpSxCEprx1PdD_rM7sUTUu1w.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/ff6f4a-8d5f-45b2-875c-a5683844e792/1/XpUefWEiJeIsRivUE_i8Xfs2GR8.roa Signing time: Thu 01 Jan 2026 12:18:47 +0000 ROA not before: Thu 01 Jan 2026 12:18:47 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 206564 IP address blocks: 82.98.67.0/24 maxlen: 32 82.98.74.0/24 maxlen: 32 82.98.78.0/24 maxlen: 32 82.98.80.0/24 maxlen: 32 82.98.90.0/24 maxlen: 24 82.98.91.0/24 maxlen: 32 82.98.93.0/24 maxlen: 24 82.98.105.0/24 maxlen: 32 82.98.126.0/24 maxlen: 24 82.98.127.0/24 maxlen: 24 212.19.40.0/24 maxlen: 32 212.19.47.0/24 maxlen: 32 212.19.48.0/24 maxlen: 32 212.19.61.0/24 maxlen: 24 213.83.1.0/24 maxlen: 32 213.83.5.0/24 maxlen: 32 213.83.17.0/24 maxlen: 32 213.83.48.0/24 maxlen: 32 213.83.52.0/24 maxlen: 24 2a02:2e0:1::/48 maxlen: 48 2a02:2e0:a::/48 maxlen: 48 2a02:2e0:3e5::/48 maxlen: 128 2a02:2e0:3e8::/48 maxlen: 128 2a02:2e0:3ee::/48 maxlen: 128 2a02:2e0:3f5::/48 maxlen: 128 2a02:2e0:417::/48 maxlen: 48 2a02:2e0:41b::/48 maxlen: 128 2a02:2e0:41c::/48 maxlen: 128 2a02:2e0:431::/48 maxlen: 48 2a02:2e0:cd4d::/48 maxlen: 48 2a02:2e0:cd4e::/48 maxlen: 48 2a02:2e0:fffe::/48 maxlen: 128 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b3/ff6f4a-8d5f-45b2-875c-a5683844e792/1/PYugpSxCEprx1PdD_rM7sUTUu1w.crl rsync://rpki.ripe.net/repository/DEFAULT/b3/ff6f4a-8d5f-45b2-875c-a5683844e792/1/PYugpSxCEprx1PdD_rM7sUTUu1w.mft rsync://rpki.ripe.net/repository/DEFAULT/PYugpSxCEprx1PdD_rM7sUTUu1w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7f:0a:1c:24:50:f6:70:d9:21:d4:1f:25:a0:2f:29 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3d8ba0a52c42129af1d4f743feb33bb144d4bb5c Validity Not Before: Jan 1 12:18:47 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5e951e7d612225e22c462bd413f8bc5dfb36191f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:34:db:cd:ad:4d:9a:3c:11:59:90:2a:2b:b0: 77:0a:ca:00:9a:51:12:fd:5c:aa:94:be:9d:1e:fb: 86:1c:6a:93:09:56:84:c7:40:26:e4:e2:02:5e:81: f8:67:be:1f:32:17:34:8a:cc:cd:05:20:e2:c3:c2: 8e:a4:f7:21:2f:59:7b:83:68:e6:3d:b5:b5:cf:b0: 46:16:4c:90:41:05:57:09:8b:30:b8:ca:2e:41:25: b5:42:d1:58:3a:58:c0:09:de:d6:5c:02:77:ba:35: cd:25:98:1c:1e:a1:3c:f7:c4:0a:2d:e3:52:c0:93: 26:10:4a:cd:95:df:99:b8:0e:48:f1:96:5a:e8:b9: 7b:af:a8:b4:de:a1:e8:1f:da:86:3d:ab:0c:76:a6: bb:68:ee:be:67:c3:1d:90:3e:8c:6d:7f:97:80:3a: 99:fc:49:94:b2:15:ad:9b:2b:0e:d4:8b:c6:b5:7c: 59:d1:e0:cc:03:c5:bb:fd:b6:53:e1:f5:e8:2c:eb: c3:97:9a:ec:30:37:ac:43:52:f0:79:e7:8b:c9:88: 9e:02:eb:b3:b3:a5:41:52:79:f9:99:ef:2b:8f:7f: 8b:3c:ff:1f:84:98:81:8e:3a:0e:f5:43:5f:d0:50: e9:37:50:18:0a:d7:e5:69:5a:59:a4:77:58:ea:84: e9:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5E:95:1E:7D:61:22:25:E2:2C:46:2B:D4:13:F8:BC:5D:FB:36:19:1F X509v3 Authority Key Identifier: keyid:3D:8B:A0:A5:2C:42:12:9A:F1:D4:F7:43:FE:B3:3B:B1:44:D4:BB:5C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PYugpSxCEprx1PdD_rM7sUTUu1w.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/ff6f4a-8d5f-45b2-875c-a5683844e792/1/XpUefWEiJeIsRivUE_i8Xfs2GR8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/ff6f4a-8d5f-45b2-875c-a5683844e792/1/PYugpSxCEprx1PdD_rM7sUTUu1w.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 82.98.67.0/24 82.98.74.0/24 82.98.78.0/24 82.98.80.0/24 82.98.90.0/23 82.98.93.0/24 82.98.105.0/24 82.98.126.0/23 212.19.40.0/24 212.19.47.0-212.19.48.255 212.19.61.0/24 213.83.1.0/24 213.83.5.0/24 213.83.17.0/24 213.83.48.0/24 213.83.52.0/24 IPv6: 2a02:2e0:1::/48 2a02:2e0:a::/48 2a02:2e0:3e5::/48 2a02:2e0:3e8::/48 2a02:2e0:3ee::/48 2a02:2e0:3f5::/48 2a02:2e0:417::/48 2a02:2e0:41b::-2a02:2e0:41c:ffff:ffff:ffff:ffff:ffff 2a02:2e0:431::/48 2a02:2e0:cd4d::-2a02:2e0:cd4e:ffff:ffff:ffff:ffff:ffff 2a02:2e0:fffe::/48 Signature Algorithm: sha256WithRSAEncryption 85:ac:02:fc:14:3a:80:c9:35:b8:43:e6:4d:3e:5d:3f:91:83: 0b:1e:5c:85:ef:a0:2f:62:5b:44:34:60:43:65:d0:0a:1f:9c: 80:fc:8f:9a:f4:05:2b:49:4f:a1:57:ee:9a:1b:d4:de:52:93: 10:f7:23:7c:0c:64:eb:ba:49:5a:d8:38:59:98:17:25:09:88: f0:84:82:1d:28:68:2a:de:12:66:5c:9f:36:5d:de:14:65:94: 6b:08:56:dd:fa:2b:c6:a3:95:07:1e:dc:3e:77:80:8b:ff:61: e3:62:86:a4:29:8b:e3:d0:c2:9c:2a:d0:b6:51:1d:c3:8f:ee: d3:ba:17:82:12:42:eb:25:ef:4d:45:50:8d:0a:a7:54:c8:63: 2a:c7:df:d7:c1:11:44:de:69:fd:11:33:a8:5f:b4:9c:9b:ea: 67:df:3c:df:d7:ef:a1:11:da:f3:d6:11:d3:82:e4:a4:9f:72: 4b:7f:46:83:d8:4b:39:72:2f:64:fb:1f:dc:c8:aa:af:31:52: 2d:52:fb:e6:2f:54:70:92:1c:d9:60:7f:f9:4f:1b:64:95:2b: 70:bd:9e:e0:54:70:1b:ee:dd:c4:ef:03:ca:e0:6e:a0:e5:eb: d5:ac:59:f1:7b:a1:fc:7f:22:6b:d8:47:4e:33:8c:0b:8f:db: 9e:68:21:e6 -----BEGIN CERTIFICATE----- MIIF5DCCBMygAwIBAgISAZt5fwocJFD2cNkh1B8loC8pMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNkOGJhMGE1MmM0MjEyOWFmMWQ0Zjc0M2ZlYjMzYmIxNDRk NGJiNWMwHhcNMjYwMTAxMTIxODQ3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1ZTk1MWU3ZDYxMjIyNWUyMmM0NjJiZDQxM2Y4YmM1ZGZiMzYxOTFmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArDTbza1NmjwRWZAqK7B3CsoAmlES /VyqlL6dHvuGHGqTCVaEx0Am5OICXoH4Z74fMhc0iszNBSDiw8KOpPchL1l7g2jm PbW1z7BGFkyQQQVXCYswuMouQSW1QtFYOljACd7WXAJ3ujXNJZgcHqE898QKLeNS wJMmEErNld+ZuA5I8ZZa6Ll7r6i03qHoH9qGPasMdqa7aO6+Z8MdkD6MbX+XgDqZ /EmUshWtmysO1IvGtXxZ0eDMA8W7/bZT4fXoLOvDl5rsMDesQ1LweeeLyYieAuuz s6VBUnn5me8rj3+LPP8fhJiBjjoO9UNf0FDpN1AYCtflaVpZpHdY6oTp/QIDAQAB o4IC8DCCAuwwHQYDVR0OBBYEFF6VHn1hIiXiLEYr1BP4vF37NhkfMB8GA1UdIwQY MBaAFD2LoKUsQhKa8dT3Q/6zO7FE1LtcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUFl1Z3BTeENFcHJ4MVBkRF9yTTdzVVRVdTF3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9mZjZmNGEtOGQ1Zi00NWIyLTg3NWMt YTU2ODM4NDRlNzkyLzEvWHBVZWZXRWlKZUlzUml2VUVfaThYZnMyR1I4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMy9mZjZmNGEtOGQ1Zi00NWIyLTg3NWMtYTU2ODM4NDRlNzky LzEvUFl1Z3BTeENFcHJ4MVBkRF9yTTdzVVRVdTF3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIIBBAYIKwYBBQUHAQcBAf8EgfQwgfEwbgQCAAEwaAMEAFJi QwMEAFJiSgMEAFJiTgMEAFJiUAMEAVJiWgMEAFJiXQMEAFJiaQMEAVJifgMEANQT KDAMAwQA1BMvAwQA1BMwAwQA1BM9AwQA1VMBAwQA1VMFAwQA1VMRAwQA1VMwAwQA 1VM0MH8EAgACMHkDBwAqAgLgAAEDBwAqAgLgAAoDBwAqAgLgA+UDBwAqAgLgA+gD BwAqAgLgA+4DBwAqAgLgA/UDBwAqAgLgBBcwEgMHACoCAuAEGwMHACoCAuAEHAMH ACoCAuAEMTASAwcAKgIC4M1NAwcAKgIC4M1OAwcAKgIC4P/+MA0GCSqGSIb3DQEB CwUAA4IBAQCFrAL8FDqAyTW4Q+ZNPl0/kYMLHlyF76AvYltENGBDZdAKH5yA/I+a 9AUrSU+hV+6aG9TeUpMQ9yN8DGTrukla2DhZmBclCYjwhIIdKGgq3hJmXJ82Xd4U ZZRrCFbd+ivGo5UHHtw+d4CL/2HjYoakKYvj0MKcKtC2UR3Dj+7TuheCEkLrJe9N RVCNCqdUyGMqx9/XwRFE3mn9ETOoX7Scm+pn3zzf1++hEdrz1hHTguSkn3JLf0aD 2Es5ci9k+x/cyKqvMVItUvvmL1RwkhzZYH/5TxtklStwvZ7gVHAb7t3E7wPK4G6g 5evVrFnxe6H8fyJr2EdOM4wLj9ueaCHm -----END CERTIFICATE-----Generated at Mon Jan 26 08:37:36 2026 by rpki-client