This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/6ac73a-6b5f-4232-9b8c-305e33ef8b29/1/xhzE5qx5c_vKPAy0deGs6eofNZ0.roa File: xhzE5qx5c_vKPAy0deGs6eofNZ0.roa (raw, json) Hash identifier: jXZvydAfDIyrWuRlwsg2DPksah0YrS3WxzlZdKuIQXI= Subject key identifier: C6:1C:C4:E6:AC:79:73:FB:CA:3C:0C:B4:75:E1:AC:E9:EA:1F:35:9D Certificate issuer: /CN=08b147d39e43bb75f9f7aff45e7bf2b83530f874 Certificate serial: 019B7C7F924BDBE0847F55154DD3488D57B6 Authority key identifier: 08:B1:47:D3:9E:43:BB:75:F9:F7:AF:F4:5E:7B:F2:B8:35:30:F8:74 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CLFH055Du3X596_0XnvyuDUw-HQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/6ac73a-6b5f-4232-9b8c-305e33ef8b29/1/xhzE5qx5c_vKPAy0deGs6eofNZ0.roa Signing time: Fri 02 Jan 2026 02:18:13 +0000 ROA not before: Fri 02 Jan 2026 02:18:13 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 25526 IP address blocks: 109.197.216.0/21 maxlen: 21 193.254.220.0/23 maxlen: 23 195.39.242.0/23 maxlen: 23 2001:678:b44::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/6ac73a-6b5f-4232-9b8c-305e33ef8b29/1/CLFH055Du3X596_0XnvyuDUw-HQ.crl rsync://rpki.ripe.net/repository/DEFAULT/0d/6ac73a-6b5f-4232-9b8c-305e33ef8b29/1/CLFH055Du3X596_0XnvyuDUw-HQ.mft rsync://rpki.ripe.net/repository/DEFAULT/CLFH055Du3X596_0XnvyuDUw-HQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 17:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:7f:92:4b:db:e0:84:7f:55:15:4d:d3:48:8d:57:b6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=08b147d39e43bb75f9f7aff45e7bf2b83530f874 Validity Not Before: Jan 2 02:18:13 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=c61cc4e6ac7973fbca3c0cb475e1ace9ea1f359d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:11:a0:38:fb:f8:75:d1:76:2a:53:7d:f8:d4: be:ed:12:77:43:54:46:da:d0:af:0d:2f:56:c6:94: 52:27:6f:dd:52:ca:d1:60:99:8f:81:e5:0c:6f:34: 08:1f:86:a6:90:68:a0:c1:74:65:bc:8a:18:62:60: db:f7:c4:1d:b3:f8:d0:6c:63:d4:06:5e:f3:70:91: 61:41:80:fd:52:c0:5c:b0:ab:61:5d:07:e1:d7:35: 90:27:fa:ab:76:9f:90:3d:52:5e:65:41:a0:e0:be: f6:b2:4e:28:21:1d:2e:38:8d:2a:47:c4:fa:23:4b: 24:5d:11:b0:a0:e2:e8:55:1d:72:41:eb:6f:a9:fb: 49:91:16:70:bd:79:36:f2:b9:60:d9:ec:a1:1c:1a: 0d:b5:a6:01:4f:2c:fb:f9:c2:e8:d7:9c:d9:ce:f4: 1b:7d:ba:b8:0a:58:26:02:d3:0b:67:ee:80:c6:c2: dc:f9:28:c9:de:6f:eb:d6:f1:3d:8e:12:50:d7:e0: 78:e3:ba:8c:31:92:b9:ed:13:a3:ad:5e:bd:17:e4: 24:f5:9f:17:eb:7a:d9:7d:c4:57:a7:ce:e9:4b:48: d3:52:f8:86:24:4b:80:04:b3:b8:b5:59:ae:df:d5: e3:65:c7:e1:ff:44:cc:5f:b3:ef:84:6a:4f:c0:33: 7c:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C6:1C:C4:E6:AC:79:73:FB:CA:3C:0C:B4:75:E1:AC:E9:EA:1F:35:9D X509v3 Authority Key Identifier: keyid:08:B1:47:D3:9E:43:BB:75:F9:F7:AF:F4:5E:7B:F2:B8:35:30:F8:74 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CLFH055Du3X596_0XnvyuDUw-HQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/6ac73a-6b5f-4232-9b8c-305e33ef8b29/1/xhzE5qx5c_vKPAy0deGs6eofNZ0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/6ac73a-6b5f-4232-9b8c-305e33ef8b29/1/CLFH055Du3X596_0XnvyuDUw-HQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 109.197.216.0/21 193.254.220.0/23 195.39.242.0/23 IPv6: 2001:678:b44::/48 Signature Algorithm: sha256WithRSAEncryption 56:f2:44:c5:d0:91:f4:e3:c6:2a:e3:00:5e:ca:53:f3:5d:31: 32:4e:6f:92:3d:be:d0:7c:e9:f5:1d:1d:2f:aa:58:9b:7e:eb: 4b:95:cb:d1:e9:59:39:ee:99:ea:fc:e1:22:ee:b0:c4:dd:4f: 3f:ae:04:a4:61:b0:1a:6b:61:c2:c3:07:6c:64:86:ba:bd:dd: 29:33:42:b4:f4:c3:88:62:80:48:10:0b:c0:00:ae:b6:1c:41: 1d:98:0c:c6:46:89:3a:fa:97:34:37:72:d6:aa:95:55:df:9f: 6c:f2:02:d0:f7:72:09:07:6f:91:c9:45:03:96:0b:5d:22:ea: 95:c8:cc:84:68:0e:5d:0c:17:c0:67:93:dc:9b:58:b5:63:69: ff:ac:48:cf:2e:c7:c3:5d:da:b3:56:02:e5:c8:66:09:ae:2c: 90:35:96:6d:85:40:20:9d:a1:9d:bb:ec:b2:a0:02:c5:34:19: fe:bb:5c:c2:d8:99:2e:f7:89:78:38:c2:0c:00:2c:cb:3b:54: 67:1c:8a:f9:68:e8:54:f9:fb:b9:b4:b6:f2:60:4d:65:27:0a: 9b:de:29:a4:bd:cc:5a:98:c7:0c:cf:b5:7a:91:4a:3c:6e:7f: 96:1d:94:8a:7a:cf:8f:be:b7:6c:f7:d6:75:22:eb:8d:2f:fe: c8:ec:b7:1e -----BEGIN CERTIFICATE----- MIIFGjCCBAKgAwIBAgISAZt8f5JL2+CEf1UVTdNIjVe2MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA4YjE0N2QzOWU0M2JiNzVmOWY3YWZmNDVlN2JmMmI4MzUz MGY4NzQwHhcNMjYwMTAyMDIxODEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjNjFjYzRlNmFjNzk3M2ZiY2EzYzBjYjQ3NWUxYWNlOWVhMWYzNTlkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqRGgOPv4ddF2KlN9+NS+7RJ3Q1RG 2tCvDS9WxpRSJ2/dUsrRYJmPgeUMbzQIH4amkGigwXRlvIoYYmDb98Qds/jQbGPU Bl7zcJFhQYD9UsBcsKthXQfh1zWQJ/qrdp+QPVJeZUGg4L72sk4oIR0uOI0qR8T6 I0skXRGwoOLoVR1yQetvqftJkRZwvXk28rlg2eyhHBoNtaYBTyz7+cLo15zZzvQb fbq4ClgmAtMLZ+6AxsLc+SjJ3m/r1vE9jhJQ1+B447qMMZK57ROjrV69F+Qk9Z8X 63rZfcRXp87pS0jTUviGJEuABLO4tVmu39XjZcfh/0TMX7PvhGpPwDN85wIDAQAB o4ICJjCCAiIwHQYDVR0OBBYEFMYcxOaseXP7yjwMtHXhrOnqHzWdMB8GA1UdIwQY MBaAFAixR9OeQ7t1+fev9F578rg1MPh0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQ0xGSDA1NUR1M1g1OTZfMFhudnl1RFV3LUhRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC82YWM3M2EtNmI1Zi00MjMyLTliOGMt MzA1ZTMzZWY4YjI5LzEveGh6RTVxeDVjX3ZLUEF5MGRlR3M2ZW9mTlowLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wZC82YWM3M2EtNmI1Zi00MjMyLTliOGMtMzA1ZTMzZWY4YjI5 LzEvQ0xGSDA1NUR1M1g1OTZfMFhudnl1RFV3LUhRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQDbcXYAwQB wf7cAwQBwyfyMA8EAgACMAkDBwAgAQZ4C0QwDQYJKoZIhvcNAQELBQADggEBAFby RMXQkfTjxirjAF7KU/NdMTJOb5I9vtB86fUdHS+qWJt+60uVy9HpWTnumer84SLu sMTdTz+uBKRhsBprYcLDB2xkhrq93SkzQrT0w4higEgQC8AArrYcQR2YDMZGiTr6 lzQ3ctaqlVXfn2zyAtD3cgkHb5HJRQOWC10i6pXIzIRoDl0MF8Bnk9ybWLVjaf+s SM8ux8Nd2rNWAuXIZgmuLJA1lm2FQCCdoZ277LKgAsU0Gf67XMLYmS73iXg4wgwA LMs7VGccivlo6FT5+7m0tvJgTWUnCpveKaS9zFqYxwzPtXqRSjxuf5YdlIp6z4++ t2z31nUi640v/sjstx4= -----END CERTIFICATE-----Generated at Tue Feb 10 03:11:59 2026 by rpki-client