This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/14c1ca-1874-47ac-a18e-3a144c70e0b0/1/XdEB96U82mHFGVm_nS4xtciGIkQ.roa File: XdEB96U82mHFGVm_nS4xtciGIkQ.roa (raw, json) Hash identifier: hdzlPow2QIj+p15z7CdLi4KjuG4H8crIwMXk1C1mtMk= Subject key identifier: 5D:D1:01:F7:A5:3C:DA:61:C5:19:59:BF:9D:2E:31:B5:C8:86:22:44 Certificate issuer: /CN=1534838bb317b8186699f0a4485db6d9da1908d2 Certificate serial: 019B7E385007FD51047E8469F9119B15EE88 Authority key identifier: 15:34:83:8B:B3:17:B8:18:66:99:F0:A4:48:5D:B6:D9:DA:19:08:D2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FTSDi7MXuBhmmfCkSF222doZCNI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/14c1ca-1874-47ac-a18e-3a144c70e0b0/1/XdEB96U82mHFGVm_nS4xtciGIkQ.roa Signing time: Fri 02 Jan 2026 10:19:38 +0000 ROA not before: Fri 02 Jan 2026 10:19:38 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 2602 IP address blocks: 158.64.0.0/16 maxlen: 24 185.149.136.0/22 maxlen: 22 193.168.64.0/18 maxlen: 24 193.168.80.0/24 maxlen: 24 2001:a18::/29 maxlen: 48 2001:a18:ff00::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ee/14c1ca-1874-47ac-a18e-3a144c70e0b0/1/FTSDi7MXuBhmmfCkSF222doZCNI.crl rsync://rpki.ripe.net/repository/DEFAULT/ee/14c1ca-1874-47ac-a18e-3a144c70e0b0/1/FTSDi7MXuBhmmfCkSF222doZCNI.mft rsync://rpki.ripe.net/repository/DEFAULT/FTSDi7MXuBhmmfCkSF222doZCNI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 10:01:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:38:50:07:fd:51:04:7e:84:69:f9:11:9b:15:ee:88 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1534838bb317b8186699f0a4485db6d9da1908d2 Validity Not Before: Jan 2 10:19:38 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5dd101f7a53cda61c51959bf9d2e31b5c8862244 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:de:d6:70:4b:9a:1c:f3:70:73:66:05:ea:a2: fe:4a:ee:19:86:fa:0a:d5:94:b0:16:83:4c:34:29: 35:4b:63:d2:34:7a:6f:fa:c3:3d:90:13:d8:30:18: ae:eb:21:f2:3b:2c:f1:35:df:8f:96:aa:57:c8:80: ad:83:8d:3b:d8:6e:f6:65:f5:a6:98:d6:84:8a:bc: 62:f3:8d:6e:e8:77:f1:45:54:28:86:77:16:a6:a9: 0d:0d:73:f9:91:4d:c6:3d:19:75:50:3e:d4:59:2b: 18:c7:d4:a5:0e:1b:69:f7:08:c6:b9:7e:76:38:5e: 32:23:8b:e4:70:36:69:7e:63:64:38:ea:7c:81:77: 1b:78:19:64:91:54:b6:cb:9c:ff:da:a6:77:71:6e: 72:39:5f:55:ab:00:e1:18:9b:39:80:d1:4d:4b:46: 8c:45:c3:8d:a9:86:71:56:36:91:9a:dc:f5:af:1e: 0b:f3:59:10:0b:55:a2:3c:df:42:69:8d:03:c4:40: 67:b6:eb:fe:2f:b1:8c:d5:83:03:a5:c4:50:95:d5: 91:9f:a5:84:39:c1:df:75:94:f8:fc:05:4e:2b:6f: 06:01:5e:1e:98:19:42:f8:6b:3d:c1:a2:f2:64:2c: bb:f8:2e:6d:ae:cf:ce:73:ca:cc:a6:02:3e:9f:82: 11:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:D1:01:F7:A5:3C:DA:61:C5:19:59:BF:9D:2E:31:B5:C8:86:22:44 X509v3 Authority Key Identifier: keyid:15:34:83:8B:B3:17:B8:18:66:99:F0:A4:48:5D:B6:D9:DA:19:08:D2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FTSDi7MXuBhmmfCkSF222doZCNI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/14c1ca-1874-47ac-a18e-3a144c70e0b0/1/XdEB96U82mHFGVm_nS4xtciGIkQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/14c1ca-1874-47ac-a18e-3a144c70e0b0/1/FTSDi7MXuBhmmfCkSF222doZCNI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 158.64.0.0/16 185.149.136.0/22 193.168.64.0/18 IPv6: 2001:a18::/29 Signature Algorithm: sha256WithRSAEncryption 92:78:b0:1b:bc:16:29:3f:fb:e6:e5:68:26:92:b3:68:3d:9b: 56:d1:fb:80:15:01:8d:70:49:2c:2d:41:33:2d:98:95:2b:98: 6a:6b:4c:52:ec:f4:92:f1:20:7c:9e:8f:41:74:b7:e1:e8:81: 60:b3:14:c0:e3:a2:1f:83:30:e8:9e:50:92:c7:71:76:a4:eb: ba:74:f6:a6:81:40:a5:0f:98:c4:b4:54:ef:d6:4f:d6:53:fd: 6d:e6:60:3b:63:f6:0e:c2:c0:e2:4d:66:e2:95:34:31:cb:99: 27:59:17:de:e7:4a:0a:02:f6:c7:71:2b:28:99:17:b0:27:b6: 14:7f:14:fa:d5:b9:aa:eb:af:42:8a:61:64:9a:57:b8:60:82: ad:9b:44:d0:29:d3:25:3e:a9:96:42:b1:9e:04:b2:11:74:cf: f6:5a:d1:e0:a7:57:e7:f3:97:da:b9:ec:11:0a:1d:b8:e1:5f: 34:2e:db:65:69:a3:57:7b:f9:37:5c:ac:88:dd:92:e7:99:13: da:68:c7:f0:38:84:73:74:55:7a:e5:3a:4e:69:59:74:c8:cd: dc:50:a2:57:fb:13:b1:5b:05:fc:96:2f:62:d6:b6:87:37:f5: be:b9:a2:60:79:75:bc:e8:02:d5:0d:c4:ad:09:67:63:50:a5: 72:a5:dc:a0 -----BEGIN CERTIFICATE----- MIIFFzCCA/+gAwIBAgISAZt+OFAH/VEEfoRp+RGbFe6IMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDE1MzQ4MzhiYjMxN2I4MTg2Njk5ZjBhNDQ4NWRiNmQ5ZGEx OTA4ZDIwHhcNMjYwMTAyMTAxOTM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1ZGQxMDFmN2E1M2NkYTYxYzUxOTU5YmY5ZDJlMzFiNWM4ODYyMjQ0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtt7WcEuaHPNwc2YF6qL+Su4ZhvoK 1ZSwFoNMNCk1S2PSNHpv+sM9kBPYMBiu6yHyOyzxNd+PlqpXyICtg4072G72ZfWm mNaEirxi841u6HfxRVQohncWpqkNDXP5kU3GPRl1UD7UWSsYx9SlDhtp9wjGuX52 OF4yI4vkcDZpfmNkOOp8gXcbeBlkkVS2y5z/2qZ3cW5yOV9VqwDhGJs5gNFNS0aM RcONqYZxVjaRmtz1rx4L81kQC1WiPN9CaY0DxEBntuv+L7GM1YMDpcRQldWRn6WE OcHfdZT4/AVOK28GAV4emBlC+Gs9waLyZCy7+C5trs/Oc8rMpgI+n4IR2QIDAQAB o4ICIzCCAh8wHQYDVR0OBBYEFF3RAfelPNphxRlZv50uMbXIhiJEMB8GA1UdIwQY MBaAFBU0g4uzF7gYZpnwpEhdttnaGQjSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRlRTRGk3TVh1QmhtbWZDa1NGMjIyZG9aQ05JLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS8xNGMxY2EtMTg3NC00N2FjLWExOGUt M2ExNDRjNzBlMGIwLzEvWGRFQjk2VTgybUhGR1ZtX25TNHh0Y2lHSWtRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lZS8xNGMxY2EtMTg3NC00N2FjLWExOGUtM2ExNDRjNzBlMGIw LzEvRlRTRGk3TVh1QmhtbWZDa1NGMjIyZG9aQ05JLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAXBAIAATARAwMAnkADBAK5 lYgDBAbBqEAwDQQCAAIwBwMFAyABChgwDQYJKoZIhvcNAQELBQADggEBAJJ4sBu8 Fik/++blaCaSs2g9m1bR+4AVAY1wSSwtQTMtmJUrmGprTFLs9JLxIHyej0F0t+Ho gWCzFMDjoh+DMOieUJLHcXak67p09qaBQKUPmMS0VO/WT9ZT/W3mYDtj9g7CwOJN ZuKVNDHLmSdZF97nSgoC9sdxKyiZF7AnthR/FPrVuarrr0KKYWSaV7hggq2bRNAp 0yU+qZZCsZ4EshF0z/Za0eCnV+fzl9q57BEKHbjhXzQu22Vpo1d7+TdcrIjdkueZ E9pox/A4hHN0VXrlOk5pWXTIzdxQolf7E7FbBfyWL2LWtoc39b65omB5dbzoAtUN xK0JZ2NQpXKl3KA= -----END CERTIFICATE-----Generated at Sun Jan 25 18:41:58 2026 by rpki-client