This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/0988af-8d7f-4c29-b5cc-7aab6ef955a1/1/XaIcpqpb27hhGRIZ8h_xuzKRev4.roa File: XaIcpqpb27hhGRIZ8h_xuzKRev4.roa (raw, json) Hash identifier: pQLbKPAj3ndWd5qjjlikkIwvz29S32Fkmehgv5Ouuf0= Subject key identifier: 5D:A2:1C:A6:AA:5B:DB:B8:61:19:12:19:F2:1F:F1:BB:32:91:7A:FE Certificate issuer: /CN=624c494f56193b4e9adf3db72e4f01978c587f18 Certificate serial: 019B7CEE6B025A7625FD92929C380F164B60 Authority key identifier: 62:4C:49:4F:56:19:3B:4E:9A:DF:3D:B7:2E:4F:01:97:8C:58:7F:18 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YkxJT1YZO06a3z23Lk8Bl4xYfxg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/0988af-8d7f-4c29-b5cc-7aab6ef955a1/1/XaIcpqpb27hhGRIZ8h_xuzKRev4.roa Signing time: Fri 02 Jan 2026 04:19:18 +0000 ROA not before: Fri 02 Jan 2026 04:19:18 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 204720 IP address blocks: 91.231.238.0/24 maxlen: 24 91.238.111.0/24 maxlen: 24 151.236.66.0/24 maxlen: 24 151.236.68.0/24 maxlen: 24 151.236.69.0/24 maxlen: 24 151.236.71.0/24 maxlen: 24 151.236.79.0/24 maxlen: 24 151.236.82.0/24 maxlen: 24 151.236.92.0/24 maxlen: 24 151.236.93.0/24 maxlen: 24 151.236.97.0/24 maxlen: 24 151.236.98.0/24 maxlen: 24 151.236.101.0/24 maxlen: 24 151.236.103.0/24 maxlen: 24 151.236.104.0/24 maxlen: 24 151.236.105.0/24 maxlen: 24 151.236.108.0/24 maxlen: 24 151.236.110.0/24 maxlen: 24 151.236.112.0/24 maxlen: 24 151.236.114.0/24 maxlen: 24 151.236.115.0/24 maxlen: 24 151.236.116.0/24 maxlen: 24 151.236.117.0/24 maxlen: 24 151.236.118.0/24 maxlen: 24 151.236.119.0/24 maxlen: 24 151.236.120.0/24 maxlen: 24 151.236.121.0/24 maxlen: 24 151.236.124.0/24 maxlen: 24 151.236.126.0/24 maxlen: 24 185.31.113.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ee/0988af-8d7f-4c29-b5cc-7aab6ef955a1/1/YkxJT1YZO06a3z23Lk8Bl4xYfxg.crl rsync://rpki.ripe.net/repository/DEFAULT/ee/0988af-8d7f-4c29-b5cc-7aab6ef955a1/1/YkxJT1YZO06a3z23Lk8Bl4xYfxg.mft rsync://rpki.ripe.net/repository/DEFAULT/YkxJT1YZO06a3z23Lk8Bl4xYfxg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 16:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:ee:6b:02:5a:76:25:fd:92:92:9c:38:0f:16:4b:60 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=624c494f56193b4e9adf3db72e4f01978c587f18 Validity Not Before: Jan 2 04:19:18 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5da21ca6aa5bdbb861191219f21ff1bb32917afe Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:90:02:26:f5:06:6a:5c:be:e4:90:b2:15:a1: b0:68:0e:d3:25:e4:0b:4a:aa:4c:f0:d7:4b:c8:c8: 67:8f:71:92:51:b0:20:4c:1b:67:8f:2f:69:5a:2e: 7e:31:c0:0a:f1:94:b0:d4:51:90:f8:c4:e8:55:22: 14:4b:43:66:18:6b:ca:85:ab:ef:89:49:27:0e:d3: 83:2b:d8:1b:62:ba:7f:4b:63:a0:a7:af:e1:7d:4c: 52:7f:75:2b:c6:31:43:d5:56:c2:b3:70:7a:b0:7a: ee:c5:c8:a8:db:6e:e6:90:0f:85:0b:3a:37:9e:fc: 5b:69:60:21:0f:56:70:ab:01:a5:bd:76:66:7d:33: 83:7e:b0:6e:1a:38:fe:bf:ff:be:98:02:ef:24:2d: d8:91:0b:d0:98:2f:27:b3:7b:96:8f:fb:a3:7a:e9: 34:d4:89:8d:27:26:c7:ca:03:7b:e5:e4:cc:37:f1: b7:b8:ea:70:41:6c:d1:9e:b6:5a:10:1b:19:50:02: 7a:a9:15:1a:6a:ff:b3:59:08:49:d7:59:67:21:af: c2:83:8e:aa:4a:1b:ed:54:f5:2f:a1:2a:64:fd:1f: 9c:c9:fb:12:6f:7b:82:6e:c7:11:2d:4e:87:5c:75: bd:25:90:8d:fd:0c:56:49:d9:60:12:32:ad:36:9c: f2:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:A2:1C:A6:AA:5B:DB:B8:61:19:12:19:F2:1F:F1:BB:32:91:7A:FE X509v3 Authority Key Identifier: keyid:62:4C:49:4F:56:19:3B:4E:9A:DF:3D:B7:2E:4F:01:97:8C:58:7F:18 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YkxJT1YZO06a3z23Lk8Bl4xYfxg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/0988af-8d7f-4c29-b5cc-7aab6ef955a1/1/XaIcpqpb27hhGRIZ8h_xuzKRev4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/0988af-8d7f-4c29-b5cc-7aab6ef955a1/1/YkxJT1YZO06a3z23Lk8Bl4xYfxg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.231.238.0/24 91.238.111.0/24 151.236.66.0/24 151.236.68.0/23 151.236.71.0/24 151.236.79.0/24 151.236.82.0/24 151.236.92.0/23 151.236.97.0-151.236.98.255 151.236.101.0/24 151.236.103.0-151.236.105.255 151.236.108.0/24 151.236.110.0/24 151.236.112.0/24 151.236.114.0-151.236.121.255 151.236.124.0/24 151.236.126.0/24 185.31.113.0/24 Signature Algorithm: sha256WithRSAEncryption 7a:4a:a3:77:47:2e:eb:e0:4d:bd:c8:c4:f4:2a:eb:ae:de:31: df:92:c4:28:20:8e:96:87:75:23:9e:7b:80:b4:c5:54:6e:6a: 6f:15:79:ca:fb:2b:d2:df:7a:46:b6:16:27:ef:91:60:93:16: c4:69:8d:b9:19:f9:d7:a0:ef:3e:48:49:7f:dc:67:fd:e2:36: d6:93:23:c3:67:ca:69:03:33:70:c6:e4:c6:4c:ee:05:f3:9e: 5a:f7:bf:5a:d0:c7:0c:96:ae:c1:5f:41:f1:88:36:7b:a3:83: 23:41:cc:80:2b:c0:cd:29:a0:46:4f:62:25:23:4c:f9:1b:33: 79:e5:1e:0b:c1:8c:e4:62:29:4f:e0:a6:02:48:bf:b3:6b:59: 2c:a9:d9:8a:42:69:13:b5:23:43:89:4d:15:1a:dd:96:7d:31: a5:9f:45:35:ad:90:2a:ef:35:e6:6e:ad:29:3a:49:17:e3:30: 4d:e4:c5:8b:3c:6c:7c:04:04:7d:96:22:c4:1b:cb:b7:d3:10: 98:29:0c:ce:42:be:ab:e3:48:2f:75:e7:f6:b4:44:bc:03:7b: f8:53:b3:57:c0:b3:1b:ed:c8:a3:0a:23:00:45:26:9b:01:c9: a3:d7:da:d9:04:a2:10:ef:7a:c1:5e:fd:2a:99:72:c1:f9:6f: 91:34:2e:b5 -----BEGIN CERTIFICATE----- MIIFgDCCBGigAwIBAgISAZt87msCWnYl/ZKSnDgPFktgMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYyNGM0OTRmNTYxOTNiNGU5YWRmM2RiNzJlNGYwMTk3OGM1 ODdmMTgwHhcNMjYwMTAyMDQxOTE4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1ZGEyMWNhNmFhNWJkYmI4NjExOTEyMTlmMjFmZjFiYjMyOTE3YWZlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAupACJvUGaly+5JCyFaGwaA7TJeQL SqpM8NdLyMhnj3GSUbAgTBtnjy9pWi5+McAK8ZSw1FGQ+MToVSIUS0NmGGvKhavv iUknDtODK9gbYrp/S2Ogp6/hfUxSf3UrxjFD1VbCs3B6sHruxcio227mkA+FCzo3 nvxbaWAhD1ZwqwGlvXZmfTODfrBuGjj+v/++mALvJC3YkQvQmC8ns3uWj/ujeuk0 1ImNJybHygN75eTMN/G3uOpwQWzRnrZaEBsZUAJ6qRUaav+zWQhJ11lnIa/Cg46q ShvtVPUvoSpk/R+cyfsSb3uCbscRLU6HXHW9JZCN/QxWSdlgEjKtNpzyvQIDAQAB o4ICjDCCAogwHQYDVR0OBBYEFF2iHKaqW9u4YRkSGfIf8bsykXr+MB8GA1UdIwQY MBaAFGJMSU9WGTtOmt89ty5PAZeMWH8YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWWt4SlQxWVpPMDZhM3oyM0xrOEJsNHhZZnhnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS8wOTg4YWYtOGQ3Zi00YzI5LWI1Y2Mt N2FhYjZlZjk1NWExLzEvWGFJY3BxcGIyN2hoR1JJWjhoX3h1ektSZXY0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lZS8wOTg4YWYtOGQ3Zi00YzI5LWI1Y2MtN2FhYjZlZjk1NWEx LzEvWWt4SlQxWVpPMDZhM3oyM0xrOEJsNHhZZnhnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIGhBggrBgEFBQcBBwEB/wSBkTCBjjCBiwQCAAEwgYQDBABb 5+4DBABb7m8DBACX7EIDBAGX7EQDBACX7EcDBACX7E8DBACX7FIDBAGX7FwwDAME AJfsYQMEAJfsYgMEAJfsZTAMAwQAl+xnAwQBl+xoAwQAl+xsAwQAl+xuAwQAl+xw MAwDBAGX7HIDBAGX7HgDBACX7HwDBACX7H4DBAC5H3EwDQYJKoZIhvcNAQELBQAD ggEBAHpKo3dHLuvgTb3IxPQq667eMd+SxCggjpaHdSOee4C0xVRuam8Vecr7K9Lf eka2FifvkWCTFsRpjbkZ+deg7z5ISX/cZ/3iNtaTI8NnymkDM3DG5MZM7gXznlr3 v1rQxwyWrsFfQfGINnujgyNBzIArwM0poEZPYiUjTPkbM3nlHgvBjORiKU/gpgJI v7NrWSyp2YpCaRO1I0OJTRUa3ZZ9MaWfRTWtkCrvNeZurSk6SRfjME3kxYs8bHwE BH2WIsQby7fTEJgpDM5CvqvjSC915/a0RLwDe/hTs1fAsxvtyKMKIwBFJpsByaPX 2tkEohDvesFe/SqZcsH5b5E0LrU= -----END CERTIFICATE-----Generated at Sun Jan 25 23:48:28 2026 by rpki-client