This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/44a155-4d02-4002-8f3d-c36d1c460e2f/1/XN_BGWEzxZjhg6iXlmQqSDhpeZU.roa File: XN_BGWEzxZjhg6iXlmQqSDhpeZU.roa (raw, json) Hash identifier: nt1Dqzzch0xHlTVsHiqUIJZJJ7P5OL+fpAG1RALu8GE= Subject key identifier: 5C:DF:C1:19:61:33:C5:98:E1:83:A8:97:96:64:2A:48:38:69:79:95 Certificate issuer: /CN=5c61dcd3eb50c83d68060bcba4af152204193503 Certificate serial: 019B7F152A93FEC5D639FA1CD5FFF87FFA87 Authority key identifier: 5C:61:DC:D3:EB:50:C8:3D:68:06:0B:CB:A4:AF:15:22:04:19:35:03 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XGHc0-tQyD1oBgvLpK8VIgQZNQM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/44a155-4d02-4002-8f3d-c36d1c460e2f/1/XN_BGWEzxZjhg6iXlmQqSDhpeZU.roa Signing time: Fri 02 Jan 2026 14:20:52 +0000 ROA not before: Fri 02 Jan 2026 14:20:52 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 207281 IP address blocks: 45.128.120.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1a/44a155-4d02-4002-8f3d-c36d1c460e2f/1/XGHc0-tQyD1oBgvLpK8VIgQZNQM.crl rsync://rpki.ripe.net/repository/DEFAULT/1a/44a155-4d02-4002-8f3d-c36d1c460e2f/1/XGHc0-tQyD1oBgvLpK8VIgQZNQM.mft rsync://rpki.ripe.net/repository/DEFAULT/XGHc0-tQyD1oBgvLpK8VIgQZNQM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 03 Feb 2026 06:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:15:2a:93:fe:c5:d6:39:fa:1c:d5:ff:f8:7f:fa:87 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5c61dcd3eb50c83d68060bcba4af152204193503 Validity Not Before: Jan 2 14:20:52 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5cdfc1196133c598e183a89796642a4838697995 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:93:f3:1c:4a:5b:3e:4e:e1:7b:45:00:13:2d:ac: 68:c7:f9:13:92:bb:15:01:f9:24:02:2f:c2:b7:9d: 92:4b:d0:21:ca:56:69:d1:e9:e0:0f:fc:ba:4b:77: 0d:cb:84:fe:3b:1c:ce:e9:0c:07:ec:21:dc:e3:86: 31:af:5b:cd:ae:55:bb:32:90:e1:c6:f3:d9:d3:f8: 62:6a:05:5a:e4:13:74:fc:3d:ba:d2:98:f3:e1:35: 7f:b9:70:17:15:c1:60:dd:da:c4:af:d2:84:7c:e6: b2:15:09:e1:f2:64:ff:cc:f2:36:69:62:72:58:17: 8d:0f:5f:34:ef:3c:e8:f5:1d:6d:67:e5:73:21:43: 07:6f:cf:71:a1:de:2e:ea:05:78:d6:7d:3f:9c:09: e5:22:59:4b:ab:08:b2:3b:7a:19:9e:bf:22:2a:6d: 4a:f2:e2:9c:1c:39:95:b2:59:cb:7e:7d:3e:b3:f2: 64:ba:0c:22:58:53:86:ea:9a:d5:70:05:79:84:dc: 30:f0:ff:9a:e5:14:62:e5:01:b5:9a:3f:f6:0e:8a: 05:84:aa:ac:07:7e:67:78:02:49:e4:9a:48:f4:4a: f1:b3:af:31:c9:d2:a5:be:1a:89:38:0d:14:d4:e0: 16:38:74:c9:73:10:86:a0:24:eb:4e:44:3f:55:e2: 6f:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5C:DF:C1:19:61:33:C5:98:E1:83:A8:97:96:64:2A:48:38:69:79:95 X509v3 Authority Key Identifier: keyid:5C:61:DC:D3:EB:50:C8:3D:68:06:0B:CB:A4:AF:15:22:04:19:35:03 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XGHc0-tQyD1oBgvLpK8VIgQZNQM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/44a155-4d02-4002-8f3d-c36d1c460e2f/1/XN_BGWEzxZjhg6iXlmQqSDhpeZU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/44a155-4d02-4002-8f3d-c36d1c460e2f/1/XGHc0-tQyD1oBgvLpK8VIgQZNQM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.128.120.0/22 Signature Algorithm: sha256WithRSAEncryption 2d:fb:6b:d5:d6:12:17:a7:a1:5e:d3:b5:83:be:eb:49:44:e7: 3a:7c:b0:3a:4f:6d:f2:62:d1:ad:ba:91:d8:98:4a:4d:5d:48: df:f9:13:27:7a:d7:6d:86:85:0e:f4:d3:a0:0e:a9:0c:f3:b2: cc:80:6a:e7:91:09:08:7f:0a:1b:09:50:20:c6:7b:18:36:09: d0:84:9c:71:1f:f8:9e:bf:7d:d4:11:90:b1:2e:ce:fb:17:89: bf:73:47:2f:5f:f0:1a:23:81:16:2d:ae:8a:b8:42:b7:c2:a2: de:da:71:b6:fb:0d:b3:da:2b:92:58:62:f3:1e:19:42:e0:38: e1:86:b8:e0:ba:70:90:84:f2:b5:c3:d8:1f:e2:d0:0c:b1:fb: 10:45:3d:d3:f9:39:af:cf:9d:f7:01:27:1b:ec:1c:d3:4c:78: 3e:9c:67:f0:05:59:78:1e:ff:d2:7f:6b:1b:bd:86:1c:4f:ba: 4e:74:f3:21:dc:7d:cf:f6:9d:cd:f1:86:c6:8b:0c:c6:47:73: 74:80:20:ac:ed:41:cd:05:a8:5a:5e:40:eb:ed:29:96:54:d6: 6e:5f:2c:7d:9a:f0:67:ae:47:93:98:81:34:47:bf:39:20:12: 03:bd:e4:79:c2:16:d8:cb:44:e7:64:2f:98:a8:9a:71:43:49: 86:f8:98:ac -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt/FSqT/sXWOfoc1f/4f/qHMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVjNjFkY2QzZWI1MGM4M2Q2ODA2MGJjYmE0YWYxNTIyMDQx OTM1MDMwHhcNMjYwMTAyMTQyMDUyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1Y2RmYzExOTYxMzNjNTk4ZTE4M2E4OTc5NjY0MmE0ODM4Njk3OTk1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk/McSls+TuF7RQATLaxox/kTkrsV AfkkAi/Ct52SS9AhylZp0engD/y6S3cNy4T+OxzO6QwH7CHc44Yxr1vNrlW7MpDh xvPZ0/hiagVa5BN0/D260pjz4TV/uXAXFcFg3drEr9KEfOayFQnh8mT/zPI2aWJy WBeND1807zzo9R1tZ+VzIUMHb89xod4u6gV41n0/nAnlIllLqwiyO3oZnr8iKm1K 8uKcHDmVslnLfn0+s/JkugwiWFOG6prVcAV5hNww8P+a5RRi5QG1mj/2DooFhKqs B35neAJJ5JpI9Erxs68xydKlvhqJOA0U1OAWOHTJcxCGoCTrTkQ/VeJvfwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFFzfwRlhM8WY4YOol5ZkKkg4aXmVMB8GA1UdIwQY MBaAFFxh3NPrUMg9aAYLy6SvFSIEGTUDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWEdIYzAtdFF5RDFvQmd2THBLOFZJZ1FaTlFNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS80NGExNTUtNGQwMi00MDAyLThmM2Qt YzM2ZDFjNDYwZTJmLzEvWE5fQkdXRXp4WmpoZzZpWGxtUXFTRGhwZVpVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xYS80NGExNTUtNGQwMi00MDAyLThmM2QtYzM2ZDFjNDYwZTJm LzEvWEdIYzAtdFF5RDFvQmd2THBLOFZJZ1FaTlFNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLYB4MA0G CSqGSIb3DQEBCwUAA4IBAQAt+2vV1hIXp6Fe07WDvutJROc6fLA6T23yYtGtupHY mEpNXUjf+RMnetdthoUO9NOgDqkM87LMgGrnkQkIfwobCVAgxnsYNgnQhJxxH/ie v33UEZCxLs77F4m/c0cvX/AaI4EWLa6KuEK3wqLe2nG2+w2z2iuSWGLzHhlC4Djh hrjgunCQhPK1w9gf4tAMsfsQRT3T+Tmvz533AScb7BzTTHg+nGfwBVl4Hv/Sf2sb vYYcT7pOdPMh3H3P9p3N8YbGiwzGR3N0gCCs7UHNBahaXkDr7SmWVNZuXyx9mvBn rkeTmIE0R785IBIDveR5whbYy0TnZC+YqJpxQ0mG+Jis -----END CERTIFICATE-----Generated at Mon Feb 2 14:23:09 2026 by rpki-client