This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/a1e6f2-dd5a-4483-8fdb-fee26a1c43d9/1/_xye3zL4cDBrsfPa3oaNO5DUWKk.roa File: _xye3zL4cDBrsfPa3oaNO5DUWKk.roa (raw, json) Hash identifier: f5gE3FGAqbRKSe0OsknEgvTr1MnW4+hSm41yjpSqF/s= Subject key identifier: FF:1C:9E:DF:32:F8:70:30:6B:B1:F3:DA:DE:86:8D:3B:90:D4:58:A9 Certificate issuer: /CN=f8fc3590bf49afb42ce44a8c174c44161b8fc209 Certificate serial: 019B797E66E45FA1A695BD30827FEEF99A46 Authority key identifier: F8:FC:35:90:BF:49:AF:B4:2C:E4:4A:8C:17:4C:44:16:1B:8F:C2:09 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-Pw1kL9Jr7Qs5EqMF0xEFhuPwgk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/a1e6f2-dd5a-4483-8fdb-fee26a1c43d9/1/_xye3zL4cDBrsfPa3oaNO5DUWKk.roa Signing time: Thu 01 Jan 2026 12:18:05 +0000 ROA not before: Thu 01 Jan 2026 12:18:05 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 24953 IP address blocks: 157.97.68.0/22 maxlen: 22 185.20.236.0/22 maxlen: 22 185.232.188.0/22 maxlen: 22 2a00:5320::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/a1e6f2-dd5a-4483-8fdb-fee26a1c43d9/1/1-Pw1kL9Jr7Qs5EqMF0xEFhuPwgk.crl rsync://rpki.ripe.net/repository/DEFAULT/2a/a1e6f2-dd5a-4483-8fdb-fee26a1c43d9/1/1-Pw1kL9Jr7Qs5EqMF0xEFhuPwgk.mft rsync://rpki.ripe.net/repository/DEFAULT/1-Pw1kL9Jr7Qs5EqMF0xEFhuPwgk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 15:01:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7e:66:e4:5f:a1:a6:95:bd:30:82:7f:ee:f9:9a:46 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f8fc3590bf49afb42ce44a8c174c44161b8fc209 Validity Not Before: Jan 1 12:18:05 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=ff1c9edf32f870306bb1f3dade868d3b90d458a9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:06:97:38:e4:b3:77:d3:18:83:37:54:30:d4: 54:0b:9b:f5:cd:77:2f:bb:fe:c6:99:d9:f2:a9:12: e0:21:a9:db:a0:c5:64:aa:99:32:9d:d8:be:0a:0a: c7:b6:0a:20:1a:42:14:7f:63:b6:b9:a0:80:1a:de: 2a:b1:df:2f:01:97:7e:68:8a:fa:ec:94:40:0e:fa: d1:85:95:39:4f:ef:41:d4:64:a1:2b:fd:fb:d3:69: 24:f6:31:d3:25:08:71:76:e1:77:5c:e1:cc:20:ae: f8:75:71:3e:25:c8:e7:68:f0:2c:c4:a8:d6:a8:67: e6:01:d6:19:25:12:eb:98:6d:25:da:72:f0:0c:60: a6:2c:1d:09:bd:9b:98:fa:80:f5:d3:47:44:a6:30: 9b:8e:48:d4:d6:27:38:ac:f9:3c:02:8f:5a:67:0b: a1:f9:f6:19:f6:c3:17:4b:48:71:df:91:7f:35:d3: 99:a3:09:3a:91:fb:4d:73:ca:9a:6a:c2:60:c4:eb: 69:7e:8e:25:17:a6:eb:0a:34:cc:7f:3b:b4:55:f1: a4:0f:89:38:da:54:8b:23:58:cd:b3:3d:0b:0c:f5: ec:b0:f7:8b:c2:fa:18:e2:ec:32:52:ca:29:9e:18: f1:78:27:5b:49:bf:14:b9:99:8c:2c:f5:26:82:b9: 5d:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FF:1C:9E:DF:32:F8:70:30:6B:B1:F3:DA:DE:86:8D:3B:90:D4:58:A9 X509v3 Authority Key Identifier: keyid:F8:FC:35:90:BF:49:AF:B4:2C:E4:4A:8C:17:4C:44:16:1B:8F:C2:09 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-Pw1kL9Jr7Qs5EqMF0xEFhuPwgk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/a1e6f2-dd5a-4483-8fdb-fee26a1c43d9/1/_xye3zL4cDBrsfPa3oaNO5DUWKk.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/a1e6f2-dd5a-4483-8fdb-fee26a1c43d9/1/1-Pw1kL9Jr7Qs5EqMF0xEFhuPwgk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.97.68.0/22 185.20.236.0/22 185.232.188.0/22 IPv6: 2a00:5320::/32 Signature Algorithm: sha256WithRSAEncryption 3c:54:87:33:a2:0e:68:4b:d2:20:f8:69:5e:5b:b7:ae:c6:e0: 6f:8c:e2:85:b0:ea:12:0a:02:b6:d6:9e:43:2f:2b:41:61:e4: c5:8b:d6:ad:f9:4f:2f:42:08:58:88:7e:62:2f:5a:43:19:5d: 30:eb:40:ce:ad:96:28:a0:4b:17:e7:5f:74:f8:41:6e:71:10: fe:e4:af:b5:d7:92:0c:48:64:ae:24:50:8e:35:c6:60:16:d0: 03:4f:a6:a8:d3:09:2d:b6:31:fc:38:e8:23:5d:db:97:d2:f7: e6:49:2c:70:3c:f2:b0:bd:09:bb:cb:8c:6b:4a:b9:d3:66:7a: 45:98:71:88:1b:2d:86:a0:e2:2a:a5:a2:e8:67:3f:df:03:41: 14:71:26:57:f9:7a:3f:f6:33:d8:89:67:c6:12:9a:79:e5:61: e7:21:65:ab:e6:48:cb:31:bc:b0:c8:08:74:02:7b:28:7b:cb: a0:ca:9c:42:f0:2e:69:64:0b:17:4a:d1:e8:d1:2a:cc:c1:a9: 6c:b4:91:17:82:3e:e4:a0:07:30:fc:11:73:b8:9e:32:dd:5c: 14:4f:a7:6c:10:b7:d5:9d:6c:46:60:ad:5b:f3:e2:d7:4a:b5: 0f:ce:b3:cb:e9:b9:69:7b:d6:2a:f0:93:fe:2a:a2:0f:8f:ff: 02:94:2b:2d -----BEGIN CERTIFICATE----- MIIFGjCCBAKgAwIBAgISAZt5fmbkX6Gmlb0wgn/u+ZpGMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGY4ZmMzNTkwYmY0OWFmYjQyY2U0NGE4YzE3NGM0NDE2MWI4 ZmMyMDkwHhcNMjYwMTAxMTIxODA1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmZjFjOWVkZjMyZjg3MDMwNmJiMWYzZGFkZTg2OGQzYjkwZDQ1OGE5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArQaXOOSzd9MYgzdUMNRUC5v1zXcv u/7GmdnyqRLgIanboMVkqpkyndi+CgrHtgogGkIUf2O2uaCAGt4qsd8vAZd+aIr6 7JRADvrRhZU5T+9B1GShK/3702kk9jHTJQhxduF3XOHMIK74dXE+JcjnaPAsxKjW qGfmAdYZJRLrmG0l2nLwDGCmLB0JvZuY+oD100dEpjCbjkjU1ic4rPk8Ao9aZwuh +fYZ9sMXS0hx35F/NdOZowk6kftNc8qaasJgxOtpfo4lF6brCjTMfzu0VfGkD4k4 2lSLI1jNsz0LDPXssPeLwvoY4uwyUsopnhjxeCdbSb8UuZmMLPUmgrldQwIDAQAB o4ICJjCCAiIwHQYDVR0OBBYEFP8cnt8y+HAwa7Hz2t6GjTuQ1FipMB8GA1UdIwQY MBaAFPj8NZC/Sa+0LORKjBdMRBYbj8IJMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMS1QdzFrTDlKcjdRczVFcU1GMHhFRmh1UHdnay5jZXIw gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmEvYTFlNmYyLWRkNWEtNDQ4My04ZmRi LWZlZTI2YTFjNDNkOS8xL194eWUzekw0Y0RCcnNmUGEzb2FOTzVEVVdLay5yb2Ew gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0 b3J5L0RFRkFVTFQvMmEvYTFlNmYyLWRkNWEtNDQ4My04ZmRiLWZlZTI2YTFjNDNk OS8xLzEtUHcxa0w5SnI3UXM1RXFNRjB4RUZodVB3Z2suY3JsMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwOgYIKwYBBQUHAQcBAf8EKzApMBgEAgABMBIDBAKdYUQD BAK5FOwDBAK56LwwDQQCAAIwBwMFACoAUyAwDQYJKoZIhvcNAQELBQADggEBADxU hzOiDmhL0iD4aV5bt67G4G+M4oWw6hIKArbWnkMvK0Fh5MWL1q35Ty9CCFiIfmIv WkMZXTDrQM6tliigSxfnX3T4QW5xEP7kr7XXkgxIZK4kUI41xmAW0ANPpqjTCS22 Mfw46CNd25fS9+ZJLHA88rC9CbvLjGtKudNmekWYcYgbLYag4iqlouhnP98DQRRx Jlf5ej/2M9iJZ8YSmnnlYechZavmSMsxvLDICHQCeyh7y6DKnELwLmlkCxdK0ejR KszBqWy0kReCPuSgBzD8EXO4njLdXBRPp2wQt9WdbEZgrVvz4tdKtQ/Os8vpuWl7 1irwk/4qog+P/wKUKy0= -----END CERTIFICATE-----Generated at Mon Jan 26 18:42:36 2026 by rpki-client