This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/a0f4be-4c0d-4df5-90c6-a6d45ef7d227/1/xffyY7RBwYFFWdto18bFCIkAi6M.roa File: xffyY7RBwYFFWdto18bFCIkAi6M.roa (raw, json) Hash identifier: /wOHBg089w6pbrnt+9vXF4Wu2NJ5CjjnhokCvpVnwN4= Subject key identifier: C5:F7:F2:63:B4:41:C1:81:45:59:DB:68:D7:C6:C5:08:89:00:8B:A3 Certificate issuer: /CN=f60846f21c56a8513d31c155dd199197a3ffc7c0 Certificate serial: 019B9FDA2D22C1811F270B65F26CB4519F9E Authority key identifier: F6:08:46:F2:1C:56:A8:51:3D:31:C1:55:DD:19:91:97:A3:FF:C7:C0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9ghG8hxWqFE9McFV3RmRl6P_x8A.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/a0f4be-4c0d-4df5-90c6-a6d45ef7d227/1/xffyY7RBwYFFWdto18bFCIkAi6M.roa Signing time: Thu 08 Jan 2026 23:03:54 +0000 ROA not before: Thu 08 Jan 2026 23:03:54 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 13214 IP address blocks: 31.22.88.0/21 maxlen: 24 185.109.84.0/23 maxlen: 23 185.109.86.0/24 maxlen: 24 2a03:1300::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/a0f4be-4c0d-4df5-90c6-a6d45ef7d227/1/9ghG8hxWqFE9McFV3RmRl6P_x8A.crl rsync://rpki.ripe.net/repository/DEFAULT/23/a0f4be-4c0d-4df5-90c6-a6d45ef7d227/1/9ghG8hxWqFE9McFV3RmRl6P_x8A.mft rsync://rpki.ripe.net/repository/DEFAULT/9ghG8hxWqFE9McFV3RmRl6P_x8A.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 05:00:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:9f:da:2d:22:c1:81:1f:27:0b:65:f2:6c:b4:51:9f:9e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f60846f21c56a8513d31c155dd199197a3ffc7c0 Validity Not Before: Jan 8 23:03:54 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=c5f7f263b441c1814559db68d7c6c50889008ba3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:cd:38:b5:3d:7f:bf:66:ce:05:d7:b9:22:c0: 54:c3:6b:ae:23:20:c7:9e:59:1e:0e:8d:b1:29:69: d9:6e:c9:65:bc:12:2b:4c:af:d3:8c:10:8c:ee:e3: a3:3c:35:53:f5:50:68:85:83:39:f2:a2:04:cc:4e: e1:16:85:ef:06:29:fc:d8:ed:92:0e:7a:5d:ce:68: 9e:78:ed:9b:a9:3e:2a:1d:d0:23:1e:7d:ad:01:79: c5:3f:86:b7:9d:ac:7e:17:ac:b8:c4:7c:9d:7e:9b: 88:51:cd:33:64:2c:1a:df:8a:b4:fb:da:ed:e7:73: 8a:94:dc:0c:0f:b0:47:97:22:55:71:86:07:d3:0b: f4:21:22:46:fb:47:9f:b3:92:b9:6a:cb:17:10:7e: 49:b1:91:05:ee:e1:7d:59:ca:5f:56:78:7f:57:f5: 3e:c2:ad:c1:b7:ba:d8:a7:53:d4:0c:08:e1:2a:90: 3a:15:44:68:d7:b0:44:2b:52:34:61:16:92:b3:fd: 88:28:8b:86:3a:cc:e2:e0:28:31:d4:45:3b:ad:fc: 39:78:e0:3f:2f:f3:9c:a4:1d:1b:ac:de:f2:e1:ff: 49:3b:7e:dc:9c:e9:48:d3:dc:0d:49:44:d2:e8:c0: 00:77:c1:77:bb:73:20:ba:c6:9e:0f:90:bc:a9:54: 54:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C5:F7:F2:63:B4:41:C1:81:45:59:DB:68:D7:C6:C5:08:89:00:8B:A3 X509v3 Authority Key Identifier: keyid:F6:08:46:F2:1C:56:A8:51:3D:31:C1:55:DD:19:91:97:A3:FF:C7:C0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9ghG8hxWqFE9McFV3RmRl6P_x8A.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/a0f4be-4c0d-4df5-90c6-a6d45ef7d227/1/xffyY7RBwYFFWdto18bFCIkAi6M.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/23/a0f4be-4c0d-4df5-90c6-a6d45ef7d227/1/9ghG8hxWqFE9McFV3RmRl6P_x8A.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.22.88.0/21 185.109.84.0-185.109.86.255 IPv6: 2a03:1300::/32 Signature Algorithm: sha256WithRSAEncryption 03:10:2c:9c:e1:b2:46:8f:42:57:84:0d:40:87:fb:2a:24:c4: 41:a6:50:b7:71:f2:c2:2d:2e:01:2b:e6:6c:aa:c3:74:87:17: e4:01:14:11:2e:8e:c6:85:eb:ee:18:35:da:6b:29:c8:3f:03: 80:0d:0e:bf:de:f0:45:97:ba:e2:94:3e:8f:bc:d9:ea:5f:3e: 8d:29:5c:09:f3:90:55:c4:b4:93:22:19:37:3e:d7:86:21:c2: fe:68:53:ef:57:50:1e:ae:51:a5:f7:c9:4b:41:2b:e7:3f:93: 8b:78:00:cf:a8:88:b9:01:7a:1e:e5:bf:d0:8a:71:bd:49:1c: 44:33:d7:54:13:6b:b8:3c:b4:1a:64:7d:ad:76:1c:2b:16:97: 41:55:f8:e6:3b:0c:16:e0:b4:0d:08:67:db:f2:4d:04:ad:47: 6e:1e:d6:56:98:3d:4f:b0:de:2f:75:28:08:61:ba:c3:4f:4b: 43:01:0f:77:77:57:c4:0c:67:45:8f:fb:e1:89:05:91:39:00: 16:e6:c4:6b:08:45:95:93:9a:2d:26:eb:b3:07:8a:b7:e0:99: 7d:5b:97:49:ec:de:07:7b:8b:7a:81:6d:03:02:9c:ac:6d:55: 5e:87:18:29:22:a7:cc:89:ad:74:32:4f:d5:b0:6a:dd:3b:7b: ed:ae:9c:65 -----BEGIN CERTIFICATE----- MIIFGjCCBAKgAwIBAgISAZuf2i0iwYEfJwtl8my0UZ+eMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGY2MDg0NmYyMWM1NmE4NTEzZDMxYzE1NWRkMTk5MTk3YTNm ZmM3YzAwHhcNMjYwMTA4MjMwMzU0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjNWY3ZjI2M2I0NDFjMTgxNDU1OWRiNjhkN2M2YzUwODg5MDA4YmEzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp804tT1/v2bOBde5IsBUw2uuIyDH nlkeDo2xKWnZbsllvBIrTK/TjBCM7uOjPDVT9VBohYM58qIEzE7hFoXvBin82O2S DnpdzmieeO2bqT4qHdAjHn2tAXnFP4a3nax+F6y4xHydfpuIUc0zZCwa34q0+9rt 53OKlNwMD7BHlyJVcYYH0wv0ISJG+0efs5K5assXEH5JsZEF7uF9WcpfVnh/V/U+ wq3Bt7rYp1PUDAjhKpA6FURo17BEK1I0YRaSs/2IKIuGOszi4Cgx1EU7rfw5eOA/ L/OcpB0brN7y4f9JO37cnOlI09wNSUTS6MAAd8F3u3MgusaeD5C8qVRUwQIDAQAB o4ICJjCCAiIwHQYDVR0OBBYEFMX38mO0QcGBRVnbaNfGxQiJAIujMB8GA1UdIwQY MBaAFPYIRvIcVqhRPTHBVd0ZkZej/8fAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvOWdoRzhoeFdxRkU5TWNGVjNSbVJsNlBfeDhBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9hMGY0YmUtNGMwZC00ZGY1LTkwYzYt YTZkNDVlZjdkMjI3LzEveGZmeVk3UkJ3WUZGV2R0bzE4YkZDSWtBaTZNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMy9hMGY0YmUtNGMwZC00ZGY1LTkwYzYtYTZkNDVlZjdkMjI3 LzEvOWdoRzhoeFdxRkU5TWNGVjNSbVJsNlBfeDhBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQDHxZYMAwD BAK5bVQDBAC5bVYwDQQCAAIwBwMFACoDEwAwDQYJKoZIhvcNAQELBQADggEBAAMQ LJzhskaPQleEDUCH+yokxEGmULdx8sItLgEr5myqw3SHF+QBFBEujsaF6+4YNdpr Kcg/A4ANDr/e8EWXuuKUPo+82epfPo0pXAnzkFXEtJMiGTc+14Yhwv5oU+9XUB6u UaX3yUtBK+c/k4t4AM+oiLkBeh7lv9CKcb1JHEQz11QTa7g8tBpkfa12HCsWl0FV +OY7DBbgtA0IZ9vyTQStR24e1laYPU+w3i91KAhhusNPS0MBD3d3V8QMZ0WP++GJ BZE5ABbmxGsIRZWTmi0m67MHirfgmX1bl0ns3gd7i3qBbQMCnKxtVV6HGCkip8yJ rXQyT9Wwat07e+2unGU= -----END CERTIFICATE-----Generated at Mon Jan 26 15:34:06 2026 by rpki-client