This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/699292-3da0-4772-af82-8334e362236d/1/XjQJl2a4wVJ5vbGz2VtG7fUNbWk.roa File: XjQJl2a4wVJ5vbGz2VtG7fUNbWk.roa (raw, json) Hash identifier: T4dfrQILAEkH/eyRrkFYsCcye4GAdljvbKUoaz/5NDg= Subject key identifier: 5E:34:09:97:66:B8:C1:52:79:BD:B1:B3:D9:5B:46:ED:F5:0D:6D:69 Certificate issuer: /CN=8ceb23e2c5d9f2c734488904505835ef2809fb3b Certificate serial: 019B7EA48B4D0790D4E6F2EF0FD7728958C6 Authority key identifier: 8C:EB:23:E2:C5:D9:F2:C7:34:48:89:04:50:58:35:EF:28:09:FB:3B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jOsj4sXZ8sc0SIkEUFg17ygJ-zs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/699292-3da0-4772-af82-8334e362236d/1/XjQJl2a4wVJ5vbGz2VtG7fUNbWk.roa Signing time: Fri 02 Jan 2026 12:17:51 +0000 ROA not before: Fri 02 Jan 2026 12:17:51 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 51497 IP address blocks: 109.105.138.0/24 maxlen: 24 109.105.152.0/22 maxlen: 22 109.105.153.0/24 maxlen: 24 109.105.156.0/23 maxlen: 23 185.47.156.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/699292-3da0-4772-af82-8334e362236d/1/jOsj4sXZ8sc0SIkEUFg17ygJ-zs.crl rsync://rpki.ripe.net/repository/DEFAULT/16/699292-3da0-4772-af82-8334e362236d/1/jOsj4sXZ8sc0SIkEUFg17ygJ-zs.mft rsync://rpki.ripe.net/repository/DEFAULT/jOsj4sXZ8sc0SIkEUFg17ygJ-zs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 09:00:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a4:8b:4d:07:90:d4:e6:f2:ef:0f:d7:72:89:58:c6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8ceb23e2c5d9f2c734488904505835ef2809fb3b Validity Not Before: Jan 2 12:17:51 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5e34099766b8c15279bdb1b3d95b46edf50d6d69 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:72:85:af:12:f3:19:34:4b:0b:fd:39:f8:6a: b4:f9:cf:9d:38:ff:30:b9:18:4b:71:9a:1b:b5:f2: 2f:5d:cf:b7:fc:1a:a7:dc:2e:59:a2:17:78:c6:b2: ba:52:d4:f1:66:77:83:a6:09:bf:3e:c1:bb:0c:e9: 92:b4:5d:a3:da:de:b1:2e:92:59:38:d1:d5:98:5d: 1e:2d:bf:e9:12:fa:7b:36:ea:12:67:d8:74:2b:c8: 5c:72:c5:d6:4c:62:1f:fc:2b:84:30:58:7a:bf:e3: 31:d2:61:0f:b1:a4:33:41:bb:d2:03:8a:3c:74:71: 3d:41:ba:a3:dd:0c:65:d8:da:b8:e3:a8:08:43:65: f8:79:a9:41:28:a4:f7:c5:2f:a9:a8:52:e4:8c:78: d6:44:dd:90:1c:f2:a2:1c:9d:d3:03:75:64:b9:1a: 13:b5:1d:73:fa:8b:70:2b:86:fe:61:91:68:57:ed: 70:e3:0b:be:53:11:bb:d3:e6:a0:dd:d6:23:c5:8e: 4e:2a:b1:6a:a8:57:fa:e6:95:4c:47:5c:e7:63:e4: 72:f5:b3:2f:38:72:72:4c:a0:89:33:ef:32:4c:7e: 20:7a:86:d5:b0:e4:99:55:43:d0:aa:0a:77:aa:d1: 70:1e:83:4b:9c:31:eb:18:75:ac:df:9d:b7:b2:79: 7c:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5E:34:09:97:66:B8:C1:52:79:BD:B1:B3:D9:5B:46:ED:F5:0D:6D:69 X509v3 Authority Key Identifier: keyid:8C:EB:23:E2:C5:D9:F2:C7:34:48:89:04:50:58:35:EF:28:09:FB:3B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jOsj4sXZ8sc0SIkEUFg17ygJ-zs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/699292-3da0-4772-af82-8334e362236d/1/XjQJl2a4wVJ5vbGz2VtG7fUNbWk.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/16/699292-3da0-4772-af82-8334e362236d/1/jOsj4sXZ8sc0SIkEUFg17ygJ-zs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 109.105.138.0/24 109.105.152.0-109.105.157.255 185.47.156.0/22 Signature Algorithm: sha256WithRSAEncryption 61:0e:1a:7a:e1:3c:0c:2d:a9:fa:69:2a:3e:f0:96:87:1d:00: 51:26:a9:32:3e:f8:5e:2f:b1:9d:b8:c3:f2:ee:5a:be:ba:25: fd:08:c1:c2:82:b1:13:a3:9f:1c:09:39:d1:41:2d:c5:b2:8c: cf:63:78:92:14:c0:53:83:c5:c5:66:6c:88:4a:94:63:9f:e3: a7:a5:50:b4:86:49:20:64:15:52:34:9a:c9:f7:2a:c9:6a:a7: 53:71:c0:b7:ab:6e:a8:15:13:e4:dd:59:fb:8b:c8:53:93:4d: a4:ac:e2:22:57:79:07:45:2c:91:7d:ff:81:98:86:fe:89:cd: 5a:72:ea:d8:1b:d8:2d:e2:13:47:5b:b9:0a:f6:d8:9a:c6:c4: d0:ef:ee:17:95:52:b2:9b:c7:be:af:23:22:d9:a0:c8:a5:be: f8:84:10:eb:a7:78:69:75:f3:dc:3d:ea:5c:ac:a8:25:5c:83: 04:70:16:27:6b:77:43:bb:63:45:72:c2:10:5e:8d:4d:ad:2e: 87:72:43:fb:1e:55:a0:de:e2:df:d7:6b:41:b3:ea:b1:a9:36: bd:70:ed:02:32:f7:36:da:a3:11:46:be:d7:b6:53:1e:9c:b0: e9:08:f7:16:dd:8e:7c:dc:66:43:36:a1:dd:2d:b6:87:3c:c0: d2:a7:3d:06 -----BEGIN CERTIFICATE----- MIIFETCCA/mgAwIBAgISAZt+pItNB5DU5vLvD9dyiVjGMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDhjZWIyM2UyYzVkOWYyYzczNDQ4ODkwNDUwNTgzNWVmMjgw OWZiM2IwHhcNMjYwMTAyMTIxNzUxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1ZTM0MDk5NzY2YjhjMTUyNzliZGIxYjNkOTViNDZlZGY1MGQ2ZDY5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0nKFrxLzGTRLC/05+Gq0+c+dOP8w uRhLcZobtfIvXc+3/Bqn3C5Zohd4xrK6UtTxZneDpgm/PsG7DOmStF2j2t6xLpJZ ONHVmF0eLb/pEvp7NuoSZ9h0K8hccsXWTGIf/CuEMFh6v+Mx0mEPsaQzQbvSA4o8 dHE9Qbqj3Qxl2Nq446gIQ2X4ealBKKT3xS+pqFLkjHjWRN2QHPKiHJ3TA3VkuRoT tR1z+otwK4b+YZFoV+1w4wu+UxG70+ag3dYjxY5OKrFqqFf65pVMR1znY+Ry9bMv OHJyTKCJM+8yTH4geobVsOSZVUPQqgp3qtFwHoNLnDHrGHWs3523snl8swIDAQAB o4ICHTCCAhkwHQYDVR0OBBYEFF40CZdmuMFSeb2xs9lbRu31DW1pMB8GA1UdIwQY MBaAFIzrI+LF2fLHNEiJBFBYNe8oCfs7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvak9zajRzWFo4c2MwU0lrRVVGZzE3eWdKLXpzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82OTkyOTItM2RhMC00NzcyLWFmODIt ODMzNGUzNjIyMzZkLzEvWGpRSmwyYTR3Vko1dmJHejJWdEc3ZlVOYldrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNi82OTkyOTItM2RhMC00NzcyLWFmODItODMzNGUzNjIyMzZk LzEvak9zajRzWFo4c2MwU0lrRVVGZzE3eWdKLXpzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAbWmKMAwD BANtaZgDBAFtaZwDBAK5L5wwDQYJKoZIhvcNAQELBQADggEBAGEOGnrhPAwtqfpp Kj7wlocdAFEmqTI++F4vsZ24w/LuWr66Jf0IwcKCsROjnxwJOdFBLcWyjM9jeJIU wFODxcVmbIhKlGOf46elULSGSSBkFVI0msn3Kslqp1NxwLerbqgVE+TdWfuLyFOT TaSs4iJXeQdFLJF9/4GYhv6JzVpy6tgb2C3iE0dbuQr22JrGxNDv7heVUrKbx76v IyLZoMilvviEEOuneGl189w96lysqCVcgwRwFidrd0O7Y0VywhBejU2tLodyQ/se VaDe4t/Xa0Gz6rGpNr1w7QIy9zbaoxFGvte2Ux6csOkI9xbdjnzcZkM2od0ttoc8 wNKnPQY= -----END CERTIFICATE-----Generated at Mon Feb 9 18:44:04 2026 by rpki-client