This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/936d98-7019-401f-9e2a-3e3660da13a4/1/XGanTFBQAZ33sQ9Am0M5XIEmOKo.roa File: XGanTFBQAZ33sQ9Am0M5XIEmOKo.roa (raw, json) Hash identifier: tk+B6re3rpRoBjg7UDNsVYSuSSnejyoxsoqWHW24Ts4= Subject key identifier: 5C:66:A7:4C:50:50:01:9D:F7:B1:0F:40:9B:43:39:5C:81:26:38:AA Certificate issuer: /CN=7b1f557ee263cb359a19ea2cd7fa0e8c9139eb76 Certificate serial: 019B7EA68A294F39F04BC207EC5394538EF1 Authority key identifier: 7B:1F:55:7E:E2:63:CB:35:9A:19:EA:2C:D7:FA:0E:8C:91:39:EB:76 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ex9VfuJjyzWaGeos1_oOjJE563Y.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/936d98-7019-401f-9e2a-3e3660da13a4/1/XGanTFBQAZ33sQ9Am0M5XIEmOKo.roa Signing time: Fri 02 Jan 2026 12:20:02 +0000 ROA not before: Fri 02 Jan 2026 12:20:02 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 205424 IP address blocks: 185.42.172.0/24 maxlen: 24 185.42.173.0/24 maxlen: 24 185.42.174.0/24 maxlen: 24 185.42.175.0/24 maxlen: 24 194.24.188.0/24 maxlen: 24 2a01:63a0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/07/936d98-7019-401f-9e2a-3e3660da13a4/1/ex9VfuJjyzWaGeos1_oOjJE563Y.crl rsync://rpki.ripe.net/repository/DEFAULT/07/936d98-7019-401f-9e2a-3e3660da13a4/1/ex9VfuJjyzWaGeos1_oOjJE563Y.mft rsync://rpki.ripe.net/repository/DEFAULT/ex9VfuJjyzWaGeos1_oOjJE563Y.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a6:8a:29:4f:39:f0:4b:c2:07:ec:53:94:53:8e:f1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7b1f557ee263cb359a19ea2cd7fa0e8c9139eb76 Validity Not Before: Jan 2 12:20:02 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5c66a74c5050019df7b10f409b43395c812638aa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:9a:d3:51:d6:36:9a:3e:58:52:8d:e0:5e:6d: 2b:96:9a:e7:4f:30:b8:0f:9e:2b:b6:fa:ec:93:0a: d3:12:5f:25:b3:76:d0:72:de:6e:eb:59:9b:8b:28: c7:39:10:0e:60:8a:d0:05:81:80:92:1e:d4:24:2a: bd:5f:6b:5a:2a:8f:08:29:c0:28:35:91:ad:72:43: 12:c4:1b:7a:04:3e:ae:16:67:fa:87:ee:98:4e:bd: de:e1:79:a1:13:c3:5a:54:ec:47:a5:27:10:95:64: 23:67:4a:89:5f:bb:0b:9b:4e:22:0f:3a:e0:3a:94: 72:fe:1b:b7:90:bb:1c:a7:22:f8:7e:a7:f5:5d:f1: 80:23:46:6f:db:65:da:e2:5b:5c:73:a9:54:73:54: b6:98:cc:6b:02:64:17:03:2e:15:cf:65:a4:9f:06: 3a:24:72:7e:e6:16:96:c4:28:0c:c3:ed:23:9f:68: a0:a1:a7:af:45:45:45:b9:4b:60:c8:5b:fa:ad:5a: d2:dd:95:db:31:2c:fe:6f:e6:bd:04:30:27:13:7b: 65:46:7b:bd:d6:90:a6:20:7b:84:4c:20:61:44:08: 31:23:58:ec:7d:50:74:06:f4:1a:f9:19:f9:d0:8a: 7f:5d:f6:fd:34:19:c7:fb:ed:72:e0:38:28:e8:8f: ab:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5C:66:A7:4C:50:50:01:9D:F7:B1:0F:40:9B:43:39:5C:81:26:38:AA X509v3 Authority Key Identifier: keyid:7B:1F:55:7E:E2:63:CB:35:9A:19:EA:2C:D7:FA:0E:8C:91:39:EB:76 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ex9VfuJjyzWaGeos1_oOjJE563Y.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/936d98-7019-401f-9e2a-3e3660da13a4/1/XGanTFBQAZ33sQ9Am0M5XIEmOKo.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/07/936d98-7019-401f-9e2a-3e3660da13a4/1/ex9VfuJjyzWaGeos1_oOjJE563Y.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.42.172.0/22 194.24.188.0/24 IPv6: 2a01:63a0::/32 Signature Algorithm: sha256WithRSAEncryption 3f:ff:42:2c:6d:b5:92:22:96:5c:0c:34:f8:e2:8d:c3:6c:d4: 88:2b:38:8f:81:f4:15:50:ed:69:ec:f7:f1:87:cc:f9:ba:b0: da:55:bc:aa:cd:a0:9c:3b:5d:d1:02:e6:ce:bb:58:6f:7d:38: 91:af:c5:a7:80:1f:8b:93:5c:00:25:2c:d6:4c:9f:19:21:26: 9c:11:87:1c:09:7d:16:ba:ea:25:6f:50:f3:7b:f9:6b:06:b3: 6d:89:db:ad:dd:6f:6b:75:4a:92:0a:d5:e3:76:ed:52:f9:01: d7:e4:57:4c:0e:10:f0:eb:ea:ed:59:a3:d6:a4:b0:1d:b4:dd: 74:ce:9b:66:1f:74:0f:e6:c5:fb:69:74:54:8d:d0:ac:a0:22: 21:c9:37:23:63:01:d7:dc:bf:9f:37:e4:d1:f4:06:26:a8:ab: e0:03:0d:8c:2d:74:44:2c:4f:c3:0b:bf:6c:a6:52:93:aa:1b: 84:e2:cc:4d:f3:3e:77:0f:9f:46:d3:6b:f3:b9:be:e0:01:9f: ab:b4:58:91:a8:31:17:c6:10:f7:f5:57:97:ce:00:75:ea:9b: 00:65:fb:da:e9:b2:ba:1f:a1:4c:74:7f:49:e5:9f:c9:3f:b3: d7:e7:5f:66:30:5b:da:bb:f2:66:07:a6:23:fe:26:67:3b:ef: 37:35:b7:6b -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt+poopTznwS8IH7FOUU47xMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDdiMWY1NTdlZTI2M2NiMzU5YTE5ZWEyY2Q3ZmEwZThjOTEz OWViNzYwHhcNMjYwMTAyMTIyMDAyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1YzY2YTc0YzUwNTAwMTlkZjdiMTBmNDA5YjQzMzk1YzgxMjYzOGFhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmZrTUdY2mj5YUo3gXm0rlprnTzC4 D54rtvrskwrTEl8ls3bQct5u61mbiyjHORAOYIrQBYGAkh7UJCq9X2taKo8IKcAo NZGtckMSxBt6BD6uFmf6h+6YTr3e4XmhE8NaVOxHpScQlWQjZ0qJX7sLm04iDzrg OpRy/hu3kLscpyL4fqf1XfGAI0Zv22Xa4ltcc6lUc1S2mMxrAmQXAy4Vz2WknwY6 JHJ+5haWxCgMw+0jn2igoaevRUVFuUtgyFv6rVrS3ZXbMSz+b+a9BDAnE3tlRnu9 1pCmIHuETCBhRAgxI1jsfVB0BvQa+Rn50Ip/Xfb9NBnH++1y4Dgo6I+r3wIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFFxmp0xQUAGd97EPQJtDOVyBJjiqMB8GA1UdIwQY MBaAFHsfVX7iY8s1mhnqLNf6DoyROet2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZXg5VmZ1Smp5eldhR2VvczFfb09qSkU1NjNZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy85MzZkOTgtNzAxOS00MDFmLTllMmEt M2UzNjYwZGExM2E0LzEvWEdhblRGQlFBWjMzc1E5QW0wTTVYSUVtT0tvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wNy85MzZkOTgtNzAxOS00MDFmLTllMmEtM2UzNjYwZGExM2E0 LzEvZXg5VmZ1Smp5eldhR2VvczFfb09qSkU1NjNZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuSqsAwQA whi8MA0EAgACMAcDBQAqAWOgMA0GCSqGSIb3DQEBCwUAA4IBAQA//0IsbbWSIpZc DDT44o3DbNSIKziPgfQVUO1p7Pfxh8z5urDaVbyqzaCcO13RAubOu1hvfTiRr8Wn gB+Lk1wAJSzWTJ8ZISacEYccCX0Wuuolb1Dze/lrBrNtidut3W9rdUqSCtXjdu1S +QHX5FdMDhDw6+rtWaPWpLAdtN10zptmH3QP5sX7aXRUjdCsoCIhyTcjYwHX3L+f N+TR9AYmqKvgAw2MLXRELE/DC79splKTqhuE4sxN8z53D59G02vzub7gAZ+rtFiR qDEXxhD39VeXzgB16psAZfva6bK6H6FMdH9J5Z/JP7PX519mMFvau/JmB6Yj/iZn O+83Nbdr -----END CERTIFICATE-----Generated at Mon Feb 9 22:57:51 2026 by rpki-client