This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/e17fa2-7866-4fa1-972b-1776813e7224/1/XzphqRpkRrzjOv5FtFqro4DwZLQ.roa File: XzphqRpkRrzjOv5FtFqro4DwZLQ.roa (raw, json) Hash identifier: h/AVe6fTP5tyOHDPmKSbzLzgs09QReFXbQnEVOq2pVg= Subject key identifier: 5F:3A:61:A9:1A:64:46:BC:E3:3A:FE:45:B4:5A:AB:A3:80:F0:64:B4 Certificate issuer: /CN=5e35ed043c8de151bebdc09dfcbffcc7dc7759c7 Certificate serial: 019B7E37FD4BAC3CFE15396B101E706BCF7A Authority key identifier: 5E:35:ED:04:3C:8D:E1:51:BE:BD:C0:9D:FC:BF:FC:C7:DC:77:59:C7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XjXtBDyN4VG-vcCd_L_8x9x3Wcc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/e17fa2-7866-4fa1-972b-1776813e7224/1/XzphqRpkRrzjOv5FtFqro4DwZLQ.roa Signing time: Fri 02 Jan 2026 10:19:17 +0000 ROA not before: Fri 02 Jan 2026 10:19:17 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 34942 IP address blocks: 185.100.36.0/22 maxlen: 24 193.189.139.0/24 maxlen: 24 2a06:340::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/04/e17fa2-7866-4fa1-972b-1776813e7224/1/XjXtBDyN4VG-vcCd_L_8x9x3Wcc.crl rsync://rpki.ripe.net/repository/DEFAULT/04/e17fa2-7866-4fa1-972b-1776813e7224/1/XjXtBDyN4VG-vcCd_L_8x9x3Wcc.mft rsync://rpki.ripe.net/repository/DEFAULT/XjXtBDyN4VG-vcCd_L_8x9x3Wcc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:37:fd:4b:ac:3c:fe:15:39:6b:10:1e:70:6b:cf:7a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5e35ed043c8de151bebdc09dfcbffcc7dc7759c7 Validity Not Before: Jan 2 10:19:17 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5f3a61a91a6446bce33afe45b45aaba380f064b4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:cc:a9:79:ca:e5:9c:46:6e:49:c8:89:d8:8c: cc:ea:24:cb:53:49:a4:7f:62:04:f9:9b:49:a3:41: 84:67:74:08:4e:bd:bd:2c:10:71:f6:fe:89:aa:10: e8:7b:ff:42:9b:67:cb:44:6e:84:f7:43:fe:29:f3: ac:44:32:b5:46:bb:86:cc:42:19:e2:6d:5f:5a:ef: c3:ca:c0:4f:9a:c3:83:ab:cc:55:06:92:e6:cf:3c: b4:61:2d:1e:ae:4f:e8:86:25:bd:5c:15:bd:09:bb: 29:8c:38:6c:e5:5b:c7:ac:75:a3:8a:f6:d9:bb:cc: 33:76:8a:e4:58:10:ed:a3:4b:e6:a7:21:e7:1f:6c: 39:9f:85:5e:24:91:e8:40:d1:84:b1:ae:09:5b:66: af:74:bc:3e:92:98:c6:4a:61:ea:5c:3b:43:26:a3: 7b:26:78:da:aa:85:77:ff:42:c9:e3:03:27:a6:91: f7:dd:cf:73:7e:fb:c4:d5:33:73:ff:19:df:13:14: 45:ea:1a:c0:7e:f3:0e:14:15:00:32:38:44:b4:06: 5a:54:e3:26:bf:e8:88:a9:17:76:89:91:c1:9c:9f: 86:da:32:62:b5:89:87:e5:8f:03:e8:e5:f5:26:87: ea:e1:ea:de:f7:ea:a8:1d:08:a5:ae:92:ae:97:e4: d3:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5F:3A:61:A9:1A:64:46:BC:E3:3A:FE:45:B4:5A:AB:A3:80:F0:64:B4 X509v3 Authority Key Identifier: keyid:5E:35:ED:04:3C:8D:E1:51:BE:BD:C0:9D:FC:BF:FC:C7:DC:77:59:C7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XjXtBDyN4VG-vcCd_L_8x9x3Wcc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/e17fa2-7866-4fa1-972b-1776813e7224/1/XzphqRpkRrzjOv5FtFqro4DwZLQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/04/e17fa2-7866-4fa1-972b-1776813e7224/1/XjXtBDyN4VG-vcCd_L_8x9x3Wcc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.100.36.0/22 193.189.139.0/24 IPv6: 2a06:340::/29 Signature Algorithm: sha256WithRSAEncryption 80:80:81:7e:f5:dd:bd:49:76:6b:14:03:c4:62:5b:c9:b5:ed: 36:09:18:e9:41:8c:97:ff:a0:07:e5:6a:fc:45:dd:70:ce:7f: 8c:3b:21:f0:ef:ae:3d:b3:bb:b0:e9:fe:d0:e3:37:ea:b4:f3: a8:e5:e4:28:3a:6a:56:32:5f:db:10:dd:e9:6f:fb:26:c1:f0: 59:e9:95:91:29:f5:b4:83:8f:33:e5:94:70:2c:0c:47:4a:68: 01:c8:05:72:bc:c3:4e:48:d0:71:24:ed:f2:d6:6a:ed:33:39: ae:34:0f:eb:5e:29:67:e6:66:ae:bf:f3:69:1d:81:b9:23:26: 45:3c:f0:3f:9e:9e:85:e6:56:af:a1:bb:4b:f0:11:f8:9d:ab: f8:74:0d:b2:bf:4a:99:65:a3:8d:f4:f0:4a:c6:ae:49:2e:b0: 76:77:e1:ff:dc:6c:e5:2a:31:0c:20:ef:27:08:d2:fb:10:d2: 40:46:42:05:b5:ad:90:8d:d9:77:e6:2c:63:ca:d3:53:c6:4e: 0d:3d:2e:0c:fe:d5:1d:3a:9a:98:69:8e:3d:1f:e4:fb:54:8c: be:3f:b0:8d:22:30:40:19:06:2a:59:fa:27:70:d1:cb:08:1e: 3c:b4:43:0a:b9:d7:84:46:54:bc:f6:cb:9f:7e:f5:7f:59:9d: 59:eb:7f:2a -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt+N/1LrDz+FTlrEB5wa896MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVlMzVlZDA0M2M4ZGUxNTFiZWJkYzA5ZGZjYmZmY2M3ZGM3 NzU5YzcwHhcNMjYwMTAyMTAxOTE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1ZjNhNjFhOTFhNjQ0NmJjZTMzYWZlNDViNDVhYWJhMzgwZjA2NGI0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxsypecrlnEZuSciJ2IzM6iTLU0mk f2IE+ZtJo0GEZ3QITr29LBBx9v6JqhDoe/9Cm2fLRG6E90P+KfOsRDK1RruGzEIZ 4m1fWu/DysBPmsODq8xVBpLmzzy0YS0erk/ohiW9XBW9CbspjDhs5VvHrHWjivbZ u8wzdorkWBDto0vmpyHnH2w5n4VeJJHoQNGEsa4JW2avdLw+kpjGSmHqXDtDJqN7 JnjaqoV3/0LJ4wMnppH33c9zfvvE1TNz/xnfExRF6hrAfvMOFBUAMjhEtAZaVOMm v+iIqRd2iZHBnJ+G2jJitYmH5Y8D6OX1Jofq4ere9+qoHQilrpKul+TTowIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFF86YakaZEa84zr+RbRaq6OA8GS0MB8GA1UdIwQY MBaAFF417QQ8jeFRvr3Anfy//Mfcd1nHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWGpYdEJEeU40VkctdmNDZF9MXzh4OXgzV2NjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC9lMTdmYTItNzg2Ni00ZmExLTk3MmIt MTc3NjgxM2U3MjI0LzEvWHpwaHFScGtScnpqT3Y1RnRGcXJvNER3WkxRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wNC9lMTdmYTItNzg2Ni00ZmExLTk3MmItMTc3NjgxM2U3MjI0 LzEvWGpYdEJEeU40VkctdmNDZF9MXzh4OXgzV2NjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuWQkAwQA wb2LMA0EAgACMAcDBQMqBgNAMA0GCSqGSIb3DQEBCwUAA4IBAQCAgIF+9d29SXZr FAPEYlvJte02CRjpQYyX/6AH5Wr8Rd1wzn+MOyHw7649s7uw6f7Q4zfqtPOo5eQo OmpWMl/bEN3pb/smwfBZ6ZWRKfW0g48z5ZRwLAxHSmgByAVyvMNOSNBxJO3y1mrt MzmuNA/rXiln5mauv/NpHYG5IyZFPPA/np6F5lavobtL8BH4nav4dA2yv0qZZaON 9PBKxq5JLrB2d+H/3GzlKjEMIO8nCNL7ENJARkIFta2Qjdl35ixjytNTxk4NPS4M /tUdOpqYaY49H+T7VIy+P7CNIjBAGQYqWfoncNHLCB48tEMKudeERlS89suffvV/ WZ1Z638q -----END CERTIFICATE-----Generated at Tue Feb 10 00:09:58 2026 by rpki-client