This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/XqO1nEg3NvmwOsaNE2Oh2BHFXz8.roa File: XqO1nEg3NvmwOsaNE2Oh2BHFXz8.roa (raw, json) Hash identifier: vGJTYxpuxpaAHoJ/yOWJmlIxhd/hTqPWOG6NLS3RDec= Subject key identifier: 5E:A3:B5:9C:48:37:36:F9:B0:3A:C6:8D:13:63:A1:D8:11:C5:5F:3F Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb Certificate serial: 019B7E39215B80197661D5E16B21F8E2DFB4 Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/XqO1nEg3NvmwOsaNE2Oh2BHFXz8.roa Signing time: Fri 02 Jan 2026 10:20:31 +0000 ROA not before: Fri 02 Jan 2026 10:20:31 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 42831 IP address blocks: 163.5.86.0/24 maxlen: 24 163.5.111.0/24 maxlen: 24 163.5.142.0/24 maxlen: 24 163.5.155.0/24 maxlen: 24 163.5.156.0/24 maxlen: 24 163.5.170.0/24 maxlen: 24 163.5.177.0/24 maxlen: 24 163.5.219.0/24 maxlen: 24 163.5.230.0/24 maxlen: 24 163.5.242.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.mft rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 13:02:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:39:21:5b:80:19:76:61:d5:e1:6b:21:f8:e2:df:b4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb Validity Not Before: Jan 2 10:20:31 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5ea3b59c483736f9b03ac68d1363a1d811c55f3f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:ca:4b:9a:b0:f7:7b:ca:33:60:cf:bf:90:44: 71:7c:0d:7e:e4:5c:93:ac:ca:fe:f9:2a:04:da:14: d5:59:3c:3d:b7:ab:c6:fd:c3:ad:4a:84:c8:68:06: 32:c1:9d:e7:54:6b:0b:7f:77:00:e0:67:08:92:b2: de:05:bd:6b:8a:da:23:8f:b1:be:ac:78:37:3e:69: 94:7d:55:42:ff:6b:f9:37:aa:f9:05:8f:a9:7b:63: bc:04:cd:74:0b:2c:03:e3:f4:08:b6:c2:c5:d8:8f: 1c:40:ae:3c:8f:ba:16:90:6b:98:25:74:5e:dc:28: 2e:e0:16:92:68:5e:c0:37:6e:b7:c8:bc:37:15:c3: 92:65:cf:dd:f4:03:6b:d7:a8:57:ce:38:e5:85:c4: aa:cf:60:13:6f:69:41:c2:6a:6e:6d:50:0e:57:70: 55:37:7d:02:e6:08:ef:a7:b3:5c:f9:6f:7c:b8:b0: 14:54:cb:72:77:a6:15:ea:da:f5:6e:64:85:1c:62: 5d:00:70:50:a1:f7:29:10:e1:a4:ce:53:18:59:e1: 90:d8:42:06:5b:26:9f:c1:06:c6:b5:53:35:f6:e6: 00:66:68:a5:41:17:db:14:29:f8:33:d5:87:9f:0b: 08:d8:57:40:a7:0a:f6:59:07:b7:f3:6d:c1:1c:9f: 7f:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5E:A3:B5:9C:48:37:36:F9:B0:3A:C6:8D:13:63:A1:D8:11:C5:5F:3F X509v3 Authority Key Identifier: keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/XqO1nEg3NvmwOsaNE2Oh2BHFXz8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 163.5.86.0/24 163.5.111.0/24 163.5.142.0/24 163.5.155.0-163.5.156.255 163.5.170.0/24 163.5.177.0/24 163.5.219.0/24 163.5.230.0/24 163.5.242.0/24 Signature Algorithm: sha256WithRSAEncryption 3e:60:c7:f0:6c:0f:75:b5:af:62:fb:58:e2:ae:5e:02:09:ca: c3:7d:6e:fd:ba:1d:9a:45:50:ce:18:53:4e:0c:e4:3d:3a:eb: 5f:7a:06:84:80:bf:b0:7b:fd:93:46:12:1d:e8:69:7c:87:3f: 9e:74:35:de:31:e2:b3:67:02:56:0c:df:5a:be:7c:77:ab:e5: bc:1a:f4:90:cb:62:46:ed:64:2a:64:ac:6e:02:3a:61:0d:38: 02:48:5a:5c:a4:c0:cc:a0:dd:40:62:c3:67:f5:3b:71:84:67: 8a:58:29:1e:eb:b2:17:09:a1:83:b0:e1:90:7b:6d:e8:2e:76: 70:57:db:52:a2:7e:86:28:79:fe:2b:92:73:65:ed:45:ed:0f: b6:47:ca:2b:76:73:ba:cb:f1:99:4d:ce:0f:24:c6:ca:c5:dc: fd:63:e8:28:93:8c:ad:d4:34:71:a3:cf:d3:40:7a:29:5e:e9: 15:8b:2c:75:42:4c:e2:66:d3:ec:9f:fd:5f:1a:05:1b:44:85: 94:b9:03:67:0d:12:cb:23:f2:bf:d8:95:dc:c3:d9:f3:c2:8b: 0e:f9:57:b0:6a:d5:58:ad:9e:a1:87:bb:cd:f5:3d:26:c2:77: ec:0c:93:0b:78:a2:95:8d:93:3b:40:bb:9e:1b:1d:f3:44:08: 24:5a:7e:9a -----BEGIN CERTIFICATE----- MIIFNTCCBB2gAwIBAgISAZt+OSFbgBl2YdXhayH44t+0MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2 MjRiY2IwHhcNMjYwMTAyMTAyMDMxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1ZWEzYjU5YzQ4MzczNmY5YjAzYWM2OGQxMzYzYTFkODExYzU1ZjNmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsspLmrD3e8ozYM+/kERxfA1+5FyT rMr++SoE2hTVWTw9t6vG/cOtSoTIaAYywZ3nVGsLf3cA4GcIkrLeBb1ritojj7G+ rHg3PmmUfVVC/2v5N6r5BY+pe2O8BM10CywD4/QItsLF2I8cQK48j7oWkGuYJXRe 3Cgu4BaSaF7AN263yLw3FcOSZc/d9ANr16hXzjjlhcSqz2ATb2lBwmpubVAOV3BV N30C5gjvp7Nc+W98uLAUVMtyd6YV6tr1bmSFHGJdAHBQofcpEOGkzlMYWeGQ2EIG WyafwQbGtVM19uYAZmilQRfbFCn4M9WHnwsI2FdApwr2WQe3823BHJ9/rQIDAQAB o4ICQTCCAj0wHQYDVR0OBBYEFF6jtZxINzb5sDrGjRNjodgRxV8/MB8GA1UdIwQY MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt OWZlOTQxMDhmZjAxLzEvWHFPMW5FZzNOdm13T3NhTkUyT2gyQkhGWHo4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQAowVWAwQA owVvAwQAowWOMAwDBACjBZsDBACjBZwDBACjBaoDBACjBbEDBACjBdsDBACjBeYD BACjBfIwDQYJKoZIhvcNAQELBQADggEBAD5gx/BsD3W1r2L7WOKuXgIJysN9bv26 HZpFUM4YU04M5D066196BoSAv7B7/ZNGEh3oaXyHP550Nd4x4rNnAlYM31q+fHer 5bwa9JDLYkbtZCpkrG4COmENOAJIWlykwMyg3UBiw2f1O3GEZ4pYKR7rshcJoYOw 4ZB7begudnBX21KifoYoef4rknNl7UXtD7ZHyit2c7rL8ZlNzg8kxsrF3P1j6CiT jK3UNHGjz9NAeile6RWLLHVCTOJm0+yf/V8aBRtEhZS5A2cNEssj8r/YldzD2fPC iw75V7Bq1VitnqGHu831PSbCd+wMkwt4opWNkztAu54bHfNECCRafpo= -----END CERTIFICATE-----Generated at Mon Jan 19 20:00:01 2026 by rpki-client