This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/ff5b83-9c20-4d97-97c7-5a1d5584378d/1/xyNMPOjdSXVrOkDnqACX6hpPikY.roa File: xyNMPOjdSXVrOkDnqACX6hpPikY.roa (raw, json) Hash identifier: GWpndT2t/1Gpwi+SLRm0phgKLCkd6P4JAMgA+uJmCIQ= Subject key identifier: C7:23:4C:3C:E8:DD:49:75:6B:3A:40:E7:A8:00:97:EA:1A:4F:8A:46 Certificate issuer: /CN=1ac2456c70f8aaa53bd8940fe23f13cfa270e748 Certificate serial: 019B783541A12EA36106A6B8827DC4D13B9C Authority key identifier: 1A:C2:45:6C:70:F8:AA:A5:3B:D8:94:0F:E2:3F:13:CF:A2:70:E7:48 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GsJFbHD4qqU72JQP4j8Tz6Jw50g.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/ff5b83-9c20-4d97-97c7-5a1d5584378d/1/xyNMPOjdSXVrOkDnqACX6hpPikY.roa Signing time: Thu 01 Jan 2026 06:18:34 +0000 ROA not before: Thu 01 Jan 2026 06:18:34 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 29316 IP address blocks: 185.49.76.0/22 maxlen: 22 2a01:9fa0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cc/ff5b83-9c20-4d97-97c7-5a1d5584378d/1/GsJFbHD4qqU72JQP4j8Tz6Jw50g.crl rsync://rpki.ripe.net/repository/DEFAULT/cc/ff5b83-9c20-4d97-97c7-5a1d5584378d/1/GsJFbHD4qqU72JQP4j8Tz6Jw50g.mft rsync://rpki.ripe.net/repository/DEFAULT/GsJFbHD4qqU72JQP4j8Tz6Jw50g.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 13 Jan 2026 12:01:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:35:41:a1:2e:a3:61:06:a6:b8:82:7d:c4:d1:3b:9c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1ac2456c70f8aaa53bd8940fe23f13cfa270e748 Validity Not Before: Jan 1 06:18:34 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=c7234c3ce8dd49756b3a40e7a80097ea1a4f8a46 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:e1:f9:7c:c4:41:d8:9a:2a:b3:7e:fd:08:ce: 61:f7:be:ac:6b:b0:bf:6f:9c:6e:18:a4:e7:ae:bf: 82:2f:b4:16:a0:66:81:ce:70:36:19:cb:e0:3a:34: 49:3c:71:e9:0d:ab:0d:7e:0c:86:76:5e:ed:91:ba: d0:ed:36:4c:01:96:9d:84:b0:ab:28:92:0e:c8:79: e3:1f:0c:ee:d5:54:08:e2:1f:1c:ab:80:a4:1d:e1: 8b:9f:6f:1e:41:03:1c:24:31:cd:73:13:5a:49:bc: fa:76:08:ed:6c:77:f4:8c:1c:64:04:51:99:f8:c0: 7d:4d:bb:52:e3:27:65:93:9c:d4:4e:a7:56:0f:f4: b9:34:83:61:d2:ca:e0:29:73:a5:de:88:c3:0e:3e: 4a:6e:a4:9a:fd:7c:84:f1:59:dd:a0:16:4f:95:c3: 23:1a:ec:b9:2e:29:26:91:6b:5a:55:6c:15:47:72: d3:5e:48:21:10:c8:09:f9:a4:d2:fd:26:a9:08:ea: 82:f7:3f:2e:74:f6:2b:d3:52:c1:61:28:bf:51:bb: 59:08:d4:38:e8:b4:a5:49:87:57:77:6c:fe:1d:90: 15:6b:a7:70:a9:40:4c:66:fd:30:0b:36:fc:5d:56: 24:de:1d:70:a2:d8:66:be:e8:25:c7:33:a8:d1:f2: a1:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C7:23:4C:3C:E8:DD:49:75:6B:3A:40:E7:A8:00:97:EA:1A:4F:8A:46 X509v3 Authority Key Identifier: keyid:1A:C2:45:6C:70:F8:AA:A5:3B:D8:94:0F:E2:3F:13:CF:A2:70:E7:48 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GsJFbHD4qqU72JQP4j8Tz6Jw50g.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/ff5b83-9c20-4d97-97c7-5a1d5584378d/1/xyNMPOjdSXVrOkDnqACX6hpPikY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/ff5b83-9c20-4d97-97c7-5a1d5584378d/1/GsJFbHD4qqU72JQP4j8Tz6Jw50g.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.49.76.0/22 IPv6: 2a01:9fa0::/32 Signature Algorithm: sha256WithRSAEncryption 51:0d:4f:8a:65:f6:6a:14:3a:99:3c:0d:f5:e2:1c:58:90:dc: 79:e4:13:af:b6:15:0d:39:76:eb:1c:3f:5b:47:13:6c:cd:ac: 47:7f:11:78:8b:e0:8c:8e:d9:5b:88:aa:a6:85:11:89:eb:09: 65:22:3e:cf:49:5a:f4:59:aa:16:f9:36:68:b6:ed:45:08:61: 1c:e6:45:dc:d5:bf:47:0f:7f:cf:21:88:7a:dc:df:71:aa:5f: 1b:1b:9e:20:b0:55:49:d7:ed:43:ae:b7:14:89:9c:ce:46:ba: 0d:29:60:c1:1d:2d:55:2a:3a:ac:48:56:36:e4:32:b5:fb:fe: d5:62:c5:7d:05:1b:fe:88:16:be:ee:ce:0a:7e:eb:b7:0a:c8: 3c:82:c6:65:97:57:89:0e:c9:95:7a:bf:3f:53:26:c5:bb:7d: fd:30:38:a4:57:85:a5:70:74:80:11:d3:3c:4c:8a:8d:9f:66: e0:48:c7:1c:ce:03:83:9d:4b:3a:d9:d2:58:14:79:6a:b5:8c: 8c:a2:b5:47:da:30:4b:a9:8c:c2:8d:8c:1c:19:da:30:e1:47: 74:9e:0e:21:7e:b2:7c:f9:73:ce:45:c8:18:27:4e:24:12:91: d2:0c:3a:cd:19:90:96:d7:23:ed:4f:c8:55:dd:d1:51:dc:04: 8f:17:cd:61 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt4NUGhLqNhBqa4gn3E0TucMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFhYzI0NTZjNzBmOGFhYTUzYmQ4OTQwZmUyM2YxM2NmYTI3 MGU3NDgwHhcNMjYwMTAxMDYxODM0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjNzIzNGMzY2U4ZGQ0OTc1NmIzYTQwZTdhODAwOTdlYTFhNGY4YTQ2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsOH5fMRB2Joqs379CM5h976sa7C/ b5xuGKTnrr+CL7QWoGaBznA2GcvgOjRJPHHpDasNfgyGdl7tkbrQ7TZMAZadhLCr KJIOyHnjHwzu1VQI4h8cq4CkHeGLn28eQQMcJDHNcxNaSbz6dgjtbHf0jBxkBFGZ +MB9TbtS4ydlk5zUTqdWD/S5NINh0srgKXOl3ojDDj5KbqSa/XyE8VndoBZPlcMj Guy5LikmkWtaVWwVR3LTXkghEMgJ+aTS/SapCOqC9z8udPYr01LBYSi/UbtZCNQ4 6LSlSYdXd2z+HZAVa6dwqUBMZv0wCzb8XVYk3h1wothmvuglxzOo0fKheQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFMcjTDzo3Ul1azpA56gAl+oaT4pGMB8GA1UdIwQY MBaAFBrCRWxw+KqlO9iUD+I/E8+icOdIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvR3NKRmJIRDRxcVU3MkpRUDRqOFR6Nkp3NTBnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9mZjViODMtOWMyMC00ZDk3LTk3Yzct NWExZDU1ODQzNzhkLzEveHlOTVBPamRTWFZyT2tEbnFBQ1g2aHBQaWtZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jYy9mZjViODMtOWMyMC00ZDk3LTk3YzctNWExZDU1ODQzNzhk LzEvR3NKRmJIRDRxcVU3MkpRUDRqOFR6Nkp3NTBnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuTFMMA0E AgACMAcDBQAqAZ+gMA0GCSqGSIb3DQEBCwUAA4IBAQBRDU+KZfZqFDqZPA314hxY kNx55BOvthUNOXbrHD9bRxNszaxHfxF4i+CMjtlbiKqmhRGJ6wllIj7PSVr0WaoW +TZotu1FCGEc5kXc1b9HD3/PIYh63N9xql8bG54gsFVJ1+1DrrcUiZzORroNKWDB HS1VKjqsSFY25DK1+/7VYsV9BRv+iBa+7s4Kfuu3Csg8gsZll1eJDsmVer8/UybF u339MDikV4WlcHSAEdM8TIqNn2bgSMcczgODnUs62dJYFHlqtYyMorVH2jBLqYzC jYwcGdow4Ud0ng4hfrJ8+XPORcgYJ04kEpHSDDrNGZCW1yPtT8hV3dFR3ASPF81h -----END CERTIFICATE-----Generated at Mon Jan 12 17:31:48 2026 by rpki-client