This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/xqMMWefGU2vgougCenjCqg2IdD4.roa File: xqMMWefGU2vgougCenjCqg2IdD4.roa (raw, json) Hash identifier: APHG/lLqSBGaeSFETUTuI3S0WLItY759pWaUuQxJdnA= Subject key identifier: C6:A3:0C:59:E7:C6:53:6B:E0:A2:E8:02:7A:78:C2:AA:0D:88:74:3E Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75 Certificate serial: 019B76EB14FC11C3B457B6FC6F0CDF49767F Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/xqMMWefGU2vgougCenjCqg2IdD4.roa Signing time: Thu 01 Jan 2026 00:17:56 +0000 ROA not before: Thu 01 Jan 2026 00:17:56 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 204463 IP address blocks: 91.221.76.0/23 maxlen: 24 91.221.86.0/23 maxlen: 24 185.185.52.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.mft rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:76:eb:14:fc:11:c3:b4:57:b6:fc:6f:0c:df:49:76:7f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75 Validity Not Before: Jan 1 00:17:56 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=c6a30c59e7c6536be0a2e8027a78c2aa0d88743e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:3b:c3:0b:90:b0:fc:a2:e9:72:38:8e:df:37: a5:66:8d:94:1b:80:5e:71:42:c2:6b:3a:ab:1d:90: 9b:2b:eb:83:36:16:ea:1e:50:fc:5f:dc:51:38:65: a8:5e:de:e1:03:fd:50:a5:09:3a:90:f7:fe:c1:89: 0e:39:60:97:70:17:49:8c:84:8d:46:80:03:cd:32: bc:58:19:d8:8a:c1:64:aa:19:da:34:7d:bd:e0:46: 11:01:fb:62:5d:17:50:e4:6b:99:41:5a:3c:55:2e: 0d:f0:63:70:38:52:d6:56:a9:9a:40:0e:40:62:36: 08:d7:11:cb:e6:17:31:ee:3f:cf:3a:ba:0a:4d:d0: 57:33:e1:89:40:16:a1:4b:25:dd:a4:f6:41:45:aa: a2:a5:39:f0:a3:79:bb:93:24:3b:e9:a0:51:1f:14: b9:69:7d:10:63:ad:29:17:73:ff:78:9b:81:85:e6: f5:09:71:8c:fe:09:72:bc:c2:93:43:5e:96:fe:22: e5:91:04:9f:2a:11:ca:bc:ea:90:e0:4d:5b:9a:4a: b9:81:d6:4b:a3:f0:41:15:c7:56:a6:80:d7:f0:93: 6c:ba:df:18:85:97:6c:3a:7c:00:7c:9c:ea:5c:12: 03:05:2b:f9:fa:93:7a:e9:38:df:bd:00:ba:fa:64: bb:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C6:A3:0C:59:E7:C6:53:6B:E0:A2:E8:02:7A:78:C2:AA:0D:88:74:3E X509v3 Authority Key Identifier: keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/xqMMWefGU2vgougCenjCqg2IdD4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.221.76.0/23 91.221.86.0/23 185.185.52.0/22 Signature Algorithm: sha256WithRSAEncryption 1b:42:20:df:85:36:8f:a1:63:9f:98:0f:f4:1d:e5:8a:14:a1: 9d:ca:c1:58:42:e1:c6:33:54:af:1e:e5:69:1d:f6:81:55:a5: db:f7:04:57:84:14:12:ed:6d:5f:1c:a0:e2:fb:cf:d2:f9:5c: 0e:72:31:76:b3:db:3b:10:1a:05:63:e6:36:5f:82:16:d7:12: a7:b6:bf:fd:3b:36:47:4c:eb:be:98:7e:92:ac:5a:8b:f9:5d: bc:a3:63:72:e5:e2:3b:ca:64:84:02:a0:26:65:f6:df:3f:7a: 63:95:44:ff:9a:da:74:09:0a:db:ed:eb:0c:33:85:bf:f9:6b: bb:f6:38:99:74:84:de:b5:41:fa:99:c5:2f:b4:83:8e:85:1e: c0:3e:6d:5d:62:63:a3:5e:08:3e:76:e3:d3:9e:f2:4e:78:15: 4f:f9:82:5b:4c:12:14:70:e6:9e:03:44:67:d7:6e:66:b0:7a: 32:b1:bf:e9:93:5c:84:5d:b6:65:74:5c:9a:55:15:e7:85:5c: 96:08:d7:0b:19:f3:bd:a7:23:95:4c:0f:28:5a:6a:68:db:11: 95:69:48:36:e8:60:45:f2:35:ab:91:1c:40:d6:c7:54:00:14: 30:76:5f:f0:87:d4:6b:42:cf:50:cd:73:ce:6e:a1:b6:5c:b3: 32:15:d0:c1 -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt26xT8EcO0V7b8bwzfSXZ/MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4 YjZiNzUwHhcNMjYwMTAxMDAxNzU2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjNmEzMGM1OWU3YzY1MzZiZTBhMmU4MDI3YTc4YzJhYTBkODg3NDNlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvDvDC5Cw/KLpcjiO3zelZo2UG4Be cULCazqrHZCbK+uDNhbqHlD8X9xROGWoXt7hA/1QpQk6kPf+wYkOOWCXcBdJjISN RoADzTK8WBnYisFkqhnaNH294EYRAftiXRdQ5GuZQVo8VS4N8GNwOFLWVqmaQA5A YjYI1xHL5hcx7j/POroKTdBXM+GJQBahSyXdpPZBRaqipTnwo3m7kyQ76aBRHxS5 aX0QY60pF3P/eJuBheb1CXGM/glyvMKTQ16W/iLlkQSfKhHKvOqQ4E1bmkq5gdZL o/BBFcdWpoDX8JNsut8YhZdsOnwAfJzqXBIDBSv5+pN66TjfvQC6+mS7BQIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFMajDFnnxlNr4KLoAnp4wqoNiHQ+MB8GA1UdIwQY MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt Yzc5MTRhYjY0MjczLzEveHFNTVdlZkdVMnZnb3VnQ2VuakNxZzJJZEQ0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBW91MAwQB W91WAwQCubk0MA0GCSqGSIb3DQEBCwUAA4IBAQAbQiDfhTaPoWOfmA/0HeWKFKGd ysFYQuHGM1SvHuVpHfaBVaXb9wRXhBQS7W1fHKDi+8/S+VwOcjF2s9s7EBoFY+Y2 X4IW1xKntr/9OzZHTOu+mH6SrFqL+V28o2Ny5eI7ymSEAqAmZfbfP3pjlUT/mtp0 CQrb7esMM4W/+Wu79jiZdITetUH6mcUvtIOOhR7APm1dYmOjXgg+duPTnvJOeBVP +YJbTBIUcOaeA0Rn125msHoysb/pk1yEXbZldFyaVRXnhVyWCNcLGfO9pyOVTA8o Wmpo2xGVaUg26GBF8jWrkRxA1sdUABQwdl/wh9RrQs9QzXPObqG2XLMyFdDB -----END CERTIFICATE-----Generated at Sun Jan 25 17:46:01 2026 by rpki-client