This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/30f69c-410e-46d4-b6db-ff8658e1356c/1/xNXGfQ2cHBxkL5AQtEDGcoII-5w.roa File: xNXGfQ2cHBxkL5AQtEDGcoII-5w.roa (raw, json) Hash identifier: C3PdNHo+iplf0w2xsefglS7IYvVRbOVV/bVkdzRoZOM= Subject key identifier: C4:D5:C6:7D:0D:9C:1C:1C:64:2F:90:10:B4:40:C6:72:82:08:FB:9C Certificate issuer: /CN=78167dd9603b9fb7af501559cb3737d47a2d5437 Certificate serial: 019B7F834CEBC820C74638FDAF7531D84841 Authority key identifier: 78:16:7D:D9:60:3B:9F:B7:AF:50:15:59:CB:37:37:D4:7A:2D:54:37 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eBZ92WA7n7evUBVZyzc31HotVDc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/30f69c-410e-46d4-b6db-ff8658e1356c/1/xNXGfQ2cHBxkL5AQtEDGcoII-5w.roa Signing time: Fri 02 Jan 2026 16:21:09 +0000 ROA not before: Fri 02 Jan 2026 16:21:09 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 9044 IP address blocks: 185.110.100.0/22 maxlen: 22 2a01:bf00::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/26/30f69c-410e-46d4-b6db-ff8658e1356c/1/eBZ92WA7n7evUBVZyzc31HotVDc.crl rsync://rpki.ripe.net/repository/DEFAULT/26/30f69c-410e-46d4-b6db-ff8658e1356c/1/eBZ92WA7n7evUBVZyzc31HotVDc.mft rsync://rpki.ripe.net/repository/DEFAULT/eBZ92WA7n7evUBVZyzc31HotVDc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 15:35:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:83:4c:eb:c8:20:c7:46:38:fd:af:75:31:d8:48:41 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=78167dd9603b9fb7af501559cb3737d47a2d5437 Validity Not Before: Jan 2 16:21:09 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=c4d5c67d0d9c1c1c642f9010b440c6728208fb9c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:0b:7e:95:54:55:33:ed:fe:a3:4a:8f:bb:12: 70:75:96:ad:c8:9e:1c:d0:74:b5:b9:1f:13:e8:86: 2e:91:35:d2:7f:fc:0d:ca:85:5e:81:20:e8:1f:43: 5b:f3:74:c2:a9:90:70:57:4c:a0:38:74:52:98:c6: d2:1e:00:e4:21:7a:06:a2:4d:9b:54:b1:d7:fb:4c: a4:04:53:16:f1:98:2c:b4:c6:23:14:3b:8b:73:dc: 62:c8:44:3c:f3:54:7e:df:cb:9a:97:4f:d0:de:f8: 7d:96:e1:a0:a3:b9:5e:34:e9:7c:8d:c1:40:f9:e7: 0a:59:22:ea:97:73:d4:f9:53:4b:c7:69:3e:d3:f9: 7c:d2:59:5d:ab:19:53:e6:6d:ba:02:1c:5d:ff:7b: 6f:87:f8:bb:16:31:db:fe:82:d1:b3:a4:fe:6f:d6: 21:ef:c2:4d:99:10:cd:cd:64:df:89:88:8b:48:3c: 86:65:d4:3a:d3:8a:13:c7:99:07:e7:e9:d4:a3:8a: dc:17:fa:15:64:58:35:87:d9:b2:b7:55:07:e5:43: b0:04:e4:77:38:f3:e9:fa:c4:c1:97:a7:94:91:30: ad:4d:27:53:3d:51:f3:eb:b7:33:52:b2:b6:30:6c: d7:62:74:42:c0:6f:0a:53:bc:54:8b:e5:1b:74:7a: 16:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C4:D5:C6:7D:0D:9C:1C:1C:64:2F:90:10:B4:40:C6:72:82:08:FB:9C X509v3 Authority Key Identifier: keyid:78:16:7D:D9:60:3B:9F:B7:AF:50:15:59:CB:37:37:D4:7A:2D:54:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eBZ92WA7n7evUBVZyzc31HotVDc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/30f69c-410e-46d4-b6db-ff8658e1356c/1/xNXGfQ2cHBxkL5AQtEDGcoII-5w.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/26/30f69c-410e-46d4-b6db-ff8658e1356c/1/eBZ92WA7n7evUBVZyzc31HotVDc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.110.100.0/22 IPv6: 2a01:bf00::/32 Signature Algorithm: sha256WithRSAEncryption a1:2f:73:71:9f:31:fa:38:20:6e:8b:0f:fb:b6:b5:c8:ec:c5: 36:1b:a8:2c:81:68:d4:f4:23:cb:e2:22:7b:8f:cd:35:d0:73: fa:52:ce:aa:7b:5a:67:e8:e2:81:74:ee:4a:9a:e1:fb:5e:4d: 20:bc:1b:af:68:2c:7e:08:5d:26:32:8e:09:d2:e1:ae:da:0f: 60:d5:b0:b2:53:c5:74:27:f3:5b:38:6d:72:31:c8:1d:b5:c6: 93:09:43:db:cb:c7:b2:f7:18:0c:4e:ae:ec:85:82:3a:d7:8a: 27:8b:db:db:e1:30:68:f6:60:ea:e3:7e:9b:42:4c:71:66:cb: 57:b0:d3:e5:19:09:04:0b:22:c9:69:7c:2a:5d:4c:72:57:ee: 69:0f:cd:30:51:46:d8:bc:1a:64:bd:53:5c:6c:b5:f9:16:33: 74:37:27:32:27:59:70:33:12:01:fc:1e:e9:71:ba:60:62:9c: c0:6b:3c:fb:c1:de:a1:a1:6f:fc:44:09:c7:6f:05:5c:4d:74: d6:73:7a:a0:ee:79:9a:59:ad:c5:f2:01:b2:3c:74:c0:8a:6f: c9:dc:0d:f4:d3:22:56:59:0f:8f:ec:2d:e4:78:3a:07:de:91: 01:d7:d6:90:ba:dc:83:b5:09:33:88:54:9b:29:4a:c2:aa:d8: 93:38:29:9d -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt/g0zryCDHRjj9r3Ux2EhBMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc4MTY3ZGQ5NjAzYjlmYjdhZjUwMTU1OWNiMzczN2Q0N2Ey ZDU0MzcwHhcNMjYwMTAyMTYyMTA5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjNGQ1YzY3ZDBkOWMxYzFjNjQyZjkwMTBiNDQwYzY3MjgyMDhmYjljMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAswt+lVRVM+3+o0qPuxJwdZatyJ4c 0HS1uR8T6IYukTXSf/wNyoVegSDoH0Nb83TCqZBwV0ygOHRSmMbSHgDkIXoGok2b VLHX+0ykBFMW8ZgstMYjFDuLc9xiyEQ881R+38ual0/Q3vh9luGgo7leNOl8jcFA +ecKWSLql3PU+VNLx2k+0/l80lldqxlT5m26Ahxd/3tvh/i7FjHb/oLRs6T+b9Yh 78JNmRDNzWTfiYiLSDyGZdQ604oTx5kH5+nUo4rcF/oVZFg1h9myt1UH5UOwBOR3 OPPp+sTBl6eUkTCtTSdTPVHz67czUrK2MGzXYnRCwG8KU7xUi+UbdHoWSQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFMTVxn0NnBwcZC+QELRAxnKCCPucMB8GA1UdIwQY MBaAFHgWfdlgO5+3r1AVWcs3N9R6LVQ3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZUJaOTJXQTduN2V2VUJWWnl6YzMxSG90VkRjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8zMGY2OWMtNDEwZS00NmQ0LWI2ZGIt ZmY4NjU4ZTEzNTZjLzEveE5YR2ZRMmNIQnhrTDVBUXRFREdjb0lJLTV3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNi8zMGY2OWMtNDEwZS00NmQ0LWI2ZGItZmY4NjU4ZTEzNTZj LzEvZUJaOTJXQTduN2V2VUJWWnl6YzMxSG90VkRjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuW5kMA0E AgACMAcDBQAqAb8AMA0GCSqGSIb3DQEBCwUAA4IBAQChL3NxnzH6OCBuiw/7trXI 7MU2G6gsgWjU9CPL4iJ7j8010HP6Us6qe1pn6OKBdO5KmuH7Xk0gvBuvaCx+CF0m Mo4J0uGu2g9g1bCyU8V0J/NbOG1yMcgdtcaTCUPby8ey9xgMTq7shYI614oni9vb 4TBo9mDq436bQkxxZstXsNPlGQkECyLJaXwqXUxyV+5pD80wUUbYvBpkvVNcbLX5 FjN0NycyJ1lwMxIB/B7pcbpgYpzAazz7wd6hoW/8RAnHbwVcTXTWc3qg7nmaWa3F 8gGyPHTAim/J3A300yJWWQ+P7C3keDoH3pEB19aQutyDtQkziFSbKUrCqtiTOCmd -----END CERTIFICATE-----Generated at Mon Jan 26 19:17:17 2026 by rpki-client