This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/xxkIol01F9RQKRGMmjfF5bhRpBU.roa File: xxkIol01F9RQKRGMmjfF5bhRpBU.roa (raw, json) Hash identifier: lV6MqyF+qawBaZ72nFD2Lt1EhgoF4kvB3o+ERWrxOlo= Subject key identifier: C7:19:08:A2:5D:35:17:D4:50:29:11:8C:9A:37:C5:E5:B8:51:A4:15 Certificate issuer: /CN=c8acf59abd4abbfbf830a060225a96a2179a2694 Certificate serial: 019B7FF14C8A59DCEE9D10AE816224C5617B Authority key identifier: C8:AC:F5:9A:BD:4A:BB:FB:F8:30:A0:60:22:5A:96:A2:17:9A:26:94 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yKz1mr1Ku_v4MKBgIlqWoheaJpQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/xxkIol01F9RQKRGMmjfF5bhRpBU.roa Signing time: Fri 02 Jan 2026 18:21:18 +0000 ROA not before: Fri 02 Jan 2026 18:21:18 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 35625 IP address blocks: 37.16.78.0/24 maxlen: 24 37.235.88.0/21 maxlen: 24 45.15.204.0/22 maxlen: 24 45.85.132.0/24 maxlen: 24 45.88.140.0/22 maxlen: 24 45.138.192.0/22 maxlen: 24 46.29.120.0/21 maxlen: 24 85.208.216.0/22 maxlen: 24 91.212.236.0/24 maxlen: 24 91.229.136.0/24 maxlen: 24 94.158.180.0/22 maxlen: 24 109.71.136.0/21 maxlen: 24 109.197.240.0/21 maxlen: 24 109.205.0.0/21 maxlen: 24 185.31.148.0/22 maxlen: 24 185.39.168.0/22 maxlen: 24 185.71.148.0/22 maxlen: 24 185.75.140.0/22 maxlen: 24 185.117.18.0/23 maxlen: 24 185.161.44.0/22 maxlen: 24 185.167.76.0/24 maxlen: 24 185.181.4.0/22 maxlen: 24 185.218.212.0/22 maxlen: 24 185.220.72.0/22 maxlen: 24 185.227.0.0/22 maxlen: 24 185.230.96.0/22 maxlen: 24 185.246.26.0/24 maxlen: 24 185.246.96.0/22 maxlen: 24 185.252.156.0/22 maxlen: 24 193.176.64.0/22 maxlen: 24 194.88.112.0/21 maxlen: 24 194.126.178.0/24 maxlen: 24 195.90.116.0/22 maxlen: 24 195.190.27.0/24 maxlen: 24 2a00:ba60::/32 maxlen: 32 2a00:ba61::/32 maxlen: 32 2a00:ba62::/32 maxlen: 32 2a00:ba67::/32 maxlen: 32 2a01:6600:2e00::/40 maxlen: 40 2a01:6603::/32 maxlen: 32 2a01:6604::/32 maxlen: 32 2a01:6605::/32 maxlen: 32 2a02:21c8::/32 maxlen: 32 2a09:8c40::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/yKz1mr1Ku_v4MKBgIlqWoheaJpQ.crl rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/yKz1mr1Ku_v4MKBgIlqWoheaJpQ.mft rsync://rpki.ripe.net/repository/DEFAULT/yKz1mr1Ku_v4MKBgIlqWoheaJpQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 06:00:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:f1:4c:8a:59:dc:ee:9d:10:ae:81:62:24:c5:61:7b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c8acf59abd4abbfbf830a060225a96a2179a2694 Validity Not Before: Jan 2 18:21:18 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=c71908a25d3517d45029118c9a37c5e5b851a415 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f3:0c:4b:b3:24:d5:5c:eb:16:e4:29:3a:29:dd: dd:ae:80:f9:f6:20:38:3c:d6:ab:3d:5d:a0:f9:56: 6a:99:f6:b1:c1:dc:0e:b4:bb:27:52:d5:66:5d:12: 21:b3:81:7a:2d:1d:18:63:08:22:f6:dc:00:81:c8: 67:2e:3d:c0:d7:08:57:2d:06:4f:54:63:e0:91:fb: af:ef:96:a3:59:cd:58:c0:89:ac:3e:ba:36:2a:71: 12:d2:1a:c2:7a:a3:c5:f7:79:07:4e:6b:f2:30:4d: 9e:eb:18:cb:fc:71:34:77:f3:dd:ce:13:1d:5a:23: 71:dd:d8:fd:a3:29:32:1d:2e:ff:98:76:58:64:0a: b4:30:2b:67:a2:87:20:6d:41:39:5a:08:36:17:66: 28:73:9e:de:a7:9c:d1:34:08:b9:f7:ad:c8:27:6b: 87:97:a7:c2:b3:20:bd:7b:39:1c:30:19:fe:d2:8a: 1e:c9:ac:4f:da:e1:76:9f:c9:90:dd:9d:e9:3e:ff: 81:17:32:a8:f9:ee:77:aa:dd:c3:6a:ba:3c:08:ce: 9a:32:3b:d4:af:7b:dd:89:81:1b:44:8b:b4:45:95: 10:82:73:c8:8e:9a:15:70:d9:da:a2:11:f1:d5:44: ae:29:b0:6d:1e:7a:3d:a0:7e:88:57:0a:47:40:78: 40:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C7:19:08:A2:5D:35:17:D4:50:29:11:8C:9A:37:C5:E5:B8:51:A4:15 X509v3 Authority Key Identifier: keyid:C8:AC:F5:9A:BD:4A:BB:FB:F8:30:A0:60:22:5A:96:A2:17:9A:26:94 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yKz1mr1Ku_v4MKBgIlqWoheaJpQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/xxkIol01F9RQKRGMmjfF5bhRpBU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/yKz1mr1Ku_v4MKBgIlqWoheaJpQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 37.16.78.0/24 37.235.88.0/21 45.15.204.0/22 45.85.132.0/24 45.88.140.0/22 45.138.192.0/22 46.29.120.0/21 85.208.216.0/22 91.212.236.0/24 91.229.136.0/24 94.158.180.0/22 109.71.136.0/21 109.197.240.0/21 109.205.0.0/21 185.31.148.0/22 185.39.168.0/22 185.71.148.0/22 185.75.140.0/22 185.117.18.0/23 185.161.44.0/22 185.167.76.0/24 185.181.4.0/22 185.218.212.0/22 185.220.72.0/22 185.227.0.0/22 185.230.96.0/22 185.246.26.0/24 185.246.96.0/22 185.252.156.0/22 193.176.64.0/22 194.88.112.0/21 194.126.178.0/24 195.90.116.0/22 195.190.27.0/24 IPv6: 2a00:ba60::-2a00:ba62:ffff:ffff:ffff:ffff:ffff:ffff 2a00:ba67::/32 2a01:6600:2e00::/40 2a01:6603::-2a01:6605:ffff:ffff:ffff:ffff:ffff:ffff 2a02:21c8::/32 2a09:8c40::/29 Signature Algorithm: sha256WithRSAEncryption 61:f9:a5:4b:0e:f9:5a:3d:f9:e6:20:13:d0:0c:17:ac:89:e0: 6e:ce:c0:5b:a1:c4:ad:7f:5f:a1:dd:b7:dc:e7:ee:aa:15:9a: 7e:08:17:6a:04:2f:07:39:cc:b4:53:26:d4:42:8c:a9:f3:57: 29:c5:b2:d8:e3:86:fa:84:1b:75:1b:02:ae:b5:74:c9:94:59: ee:ba:0f:f4:12:80:5f:3b:15:81:b5:8a:48:a5:60:1f:f3:f8: 67:7d:de:0c:5a:68:fc:2a:ac:35:d4:4a:89:a2:38:fe:9a:9f: 67:e7:bb:e4:5d:4d:38:ae:52:0b:94:b0:14:5c:b6:09:ea:b5: c0:39:a7:ff:9b:13:46:7c:ad:d1:07:d3:aa:e1:15:55:a6:59: 7b:20:22:c0:3d:b1:ad:e8:c4:5a:63:21:55:14:b2:db:43:ba: 42:d2:38:d0:6a:85:76:bb:84:0e:21:55:6e:fd:32:7c:f1:29: 07:3d:65:83:6e:a7:c9:49:62:65:18:4f:53:da:de:30:9e:09: 17:52:cf:1f:92:2e:bc:a1:dc:2d:7d:bf:69:74:8b:2e:18:03: 6c:6e:7e:5e:06:67:4c:0e:8e:0b:16:e1:59:46:06:2f:e3:ba: 65:7e:83:59:6c:fa:58:53:0b:2d:a8:19:53:59:5d:53:85:0f: 81:6c:fc:39 -----BEGIN CERTIFICATE----- MIIGEDCCBPigAwIBAgISAZt/8UyKWdzunRCugWIkxWF7MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM4YWNmNTlhYmQ0YWJiZmJmODMwYTA2MDIyNWE5NmEyMTc5 YTI2OTQwHhcNMjYwMTAyMTgyMTE4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjNzE5MDhhMjVkMzUxN2Q0NTAyOTExOGM5YTM3YzVlNWI4NTFhNDE1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8wxLsyTVXOsW5Ck6Kd3droD59iA4 PNarPV2g+VZqmfaxwdwOtLsnUtVmXRIhs4F6LR0YYwgi9twAgchnLj3A1whXLQZP VGPgkfuv75ajWc1YwImsPro2KnES0hrCeqPF93kHTmvyME2e6xjL/HE0d/PdzhMd WiNx3dj9oykyHS7/mHZYZAq0MCtnoocgbUE5Wgg2F2Yoc57ep5zRNAi5963IJ2uH l6fCsyC9ezkcMBn+0ooeyaxP2uF2n8mQ3Z3pPv+BFzKo+e53qt3Daro8CM6aMjvU r3vdiYEbRIu0RZUQgnPIjpoVcNnaohHx1USuKbBtHno9oH6IVwpHQHhATwIDAQAB o4IDHDCCAxgwHQYDVR0OBBYEFMcZCKJdNRfUUCkRjJo3xeW4UaQVMB8GA1UdIwQY MBaAFMis9Zq9Srv7+DCgYCJalqIXmiaUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveUt6MW1yMUt1X3Y0TUtCZ0lscVdvaGVhSnBRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9jZjdmNmQtYjIyNS00YmRmLTk1MDQt ODM4ZWJmNDEyYTYxLzEveHhrSW9sMDFGOVJRS1JHTW1qZkY1YmhScEJVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iNy9jZjdmNmQtYjIyNS00YmRmLTk1MDQtODM4ZWJmNDEyYTYx LzEveUt6MW1yMUt1X3Y0TUtCZ0lscVdvaGVhSnBRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIIBMAYIKwYBBQUHAQcBAf8EggEfMIIBGzCB0wQCAAEwgcwD BAAlEE4DBAMl61gDBAItD8wDBAAtVYQDBAItWIwDBAItisADBAMuHXgDBAJV0NgD BABb1OwDBABb5YgDBAJenrQDBANtR4gDBANtxfADBANtzQADBAK5H5QDBAK5J6gD BAK5R5QDBAK5S4wDBAG5dRIDBAK5oSwDBAC5p0wDBAK5tQQDBAK52tQDBAK53EgD BAK54wADBAK55mADBAC59hoDBAK59mADBAK5/JwDBALBsEADBAPCWHADBADCfrID BALDWnQDBADDvhswQwQCAAIwPTAOAwUFKgC6YAMFACoAumIDBQAqALpnAwYAKgFm AC4wDgMFACoBZgMDBQEqAWYEAwUAKgIhyAMFAyoJjEAwDQYJKoZIhvcNAQELBQAD ggEBAGH5pUsO+Vo9+eYgE9AMF6yJ4G7OwFuhxK1/X6Hdt9zn7qoVmn4IF2oELwc5 zLRTJtRCjKnzVynFstjjhvqEG3UbAq61dMmUWe66D/QSgF87FYG1ikilYB/z+Gd9 3gxaaPwqrDXUSomiOP6an2fnu+RdTTiuUguUsBRctgnqtcA5p/+bE0Z8rdEH06rh FVWmWXsgIsA9sa3oxFpjIVUUsttDukLSONBqhXa7hA4hVW79MnzxKQc9ZYNup8lJ YmUYT1Pa3jCeCRdSzx+SLryh3C19v2l0iy4YA2xufl4GZ0wOjgsW4VlGBi/jumV+ g1ls+lhTCy2oGVNZXVOFD4Fs/Dk= -----END CERTIFICATE-----Generated at Sun Jan 25 13:02:49 2026 by rpki-client