This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/c78df3-fc47-4edb-a9a0-94fd9e2969af/1/cxkSmIpEvqEgX4ngmD4597AK9SA.roa File: cxkSmIpEvqEgX4ngmD4597AK9SA.roa (raw, json) Hash identifier: DfRU/sR9mUrJtx0wMuwQ4hVIgyHyvsCZqXVQHIZbmPE= Subject key identifier: 73:19:12:98:8A:44:BE:A1:20:5F:89:E0:98:3E:39:F7:B0:0A:F5:20 Certificate issuer: /CN=2e1d2457e0be54dc78fc1f6687db3e94b068ac9b Certificate serial: 019B7C13306DF71608FAE42D72E5E41FA501 Authority key identifier: 2E:1D:24:57:E0:BE:54:DC:78:FC:1F:66:87:DB:3E:94:B0:68:AC:9B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Lh0kV-C-VNx4_B9mh9s-lLBorJs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/c78df3-fc47-4edb-a9a0-94fd9e2969af/1/cxkSmIpEvqEgX4ngmD4597AK9SA.roa Signing time: Fri 02 Jan 2026 00:19:50 +0000 ROA not before: Fri 02 Jan 2026 00:19:50 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 211514 IP address blocks: 2001:678:f24::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2e/c78df3-fc47-4edb-a9a0-94fd9e2969af/1/Lh0kV-C-VNx4_B9mh9s-lLBorJs.crl rsync://rpki.ripe.net/repository/DEFAULT/2e/c78df3-fc47-4edb-a9a0-94fd9e2969af/1/Lh0kV-C-VNx4_B9mh9s-lLBorJs.mft rsync://rpki.ripe.net/repository/DEFAULT/Lh0kV-C-VNx4_B9mh9s-lLBorJs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:00:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:13:30:6d:f7:16:08:fa:e4:2d:72:e5:e4:1f:a5:01 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2e1d2457e0be54dc78fc1f6687db3e94b068ac9b Validity Not Before: Jan 2 00:19:50 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=731912988a44bea1205f89e0983e39f7b00af520 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:28:ec:44:8e:b9:9d:cd:6b:38:6a:e6:95:d0: 1f:1a:a2:e8:00:d4:60:4e:f0:0b:51:3f:5c:e4:26: 2e:b6:14:31:48:4e:f6:52:c5:ef:35:84:62:7e:8a: 69:8c:e2:7b:7d:7f:6c:8f:13:b7:94:5a:ee:1b:d9: 09:8f:4f:bc:20:2e:71:d0:4f:27:52:dc:51:84:96: 17:ab:be:11:42:54:8a:ea:bb:11:13:35:c6:28:69: 71:cc:71:0e:1f:c4:3d:14:8e:15:6d:75:08:84:84: d5:c3:bd:83:b3:fc:14:c2:2a:95:41:de:9a:4c:af: f5:a0:c4:81:a1:5f:7a:b2:b5:27:7b:e9:66:98:cf: 6d:dc:93:85:ee:fa:18:97:1b:00:25:8a:d2:b9:f4: 9f:3a:5e:6c:a2:b8:8c:6f:e1:0e:a1:bd:d3:83:2e: 68:a8:08:07:34:39:87:7f:46:13:b4:ae:de:63:1d: 0e:e6:d0:c4:f1:23:a7:7d:3e:79:5a:45:d2:95:24: a9:bb:5c:f7:fd:78:3c:7b:05:16:6e:49:98:3d:22: 92:e5:12:28:33:bf:40:a6:da:5e:87:26:f7:67:46: 00:97:e0:67:9a:c8:ac:69:76:92:53:9c:a6:45:3e: df:92:94:f2:5c:a0:46:2e:e1:be:3b:72:86:b6:92: 11:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 73:19:12:98:8A:44:BE:A1:20:5F:89:E0:98:3E:39:F7:B0:0A:F5:20 X509v3 Authority Key Identifier: keyid:2E:1D:24:57:E0:BE:54:DC:78:FC:1F:66:87:DB:3E:94:B0:68:AC:9B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Lh0kV-C-VNx4_B9mh9s-lLBorJs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/c78df3-fc47-4edb-a9a0-94fd9e2969af/1/cxkSmIpEvqEgX4ngmD4597AK9SA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/c78df3-fc47-4edb-a9a0-94fd9e2969af/1/Lh0kV-C-VNx4_B9mh9s-lLBorJs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:678:f24::/48 Signature Algorithm: sha256WithRSAEncryption 29:29:e7:9f:70:23:11:7a:c7:5e:dc:cb:1e:ee:11:94:11:3e: f3:88:2b:8c:14:45:d8:7a:b4:78:5e:6a:c3:ae:8a:87:7f:25: 25:30:bf:17:06:16:aa:da:e1:ff:bf:43:39:2b:16:9f:4b:b2: f4:d3:31:fd:61:67:f1:fc:2d:0f:4d:3f:a6:df:e1:f1:6f:c1: fa:98:17:8a:54:cb:92:44:ab:09:ee:21:65:e7:95:1d:dc:f2: b0:6c:70:10:2a:3c:2c:b2:fc:6f:f4:92:a0:11:59:d9:68:71: 1e:82:ff:13:5b:f7:74:f4:5f:4c:d2:01:84:c7:03:9f:71:26: 52:62:a5:6d:41:26:bb:f7:bb:33:87:a9:13:1a:03:fb:cf:9d: aa:65:18:a6:f6:fc:e1:f3:70:e7:0f:34:01:52:e7:c6:4c:5b: f0:b2:04:ab:b7:33:13:4b:d2:a8:8c:4b:9f:7b:72:57:26:2e: 12:27:b8:0d:28:b1:41:7b:ae:ce:82:80:3e:02:ce:46:1c:31: cc:f4:02:75:96:e9:0c:ae:9d:9a:45:65:83:0f:e4:2a:6c:d3: c9:b9:49:89:c9:3e:93:c4:dc:05:57:1f:83:82:5b:a0:ca:b7: a8:93:36:79:ef:68:86:1e:c9:6d:e9:23:c4:c9:b7:7f:2d:99: e5:a4:a5:4d -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt8EzBt9xYI+uQtcuXkH6UBMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJlMWQyNDU3ZTBiZTU0ZGM3OGZjMWY2Njg3ZGIzZTk0YjA2 OGFjOWIwHhcNMjYwMTAyMDAxOTUwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3MzE5MTI5ODhhNDRiZWExMjA1Zjg5ZTA5ODNlMzlmN2IwMGFmNTIwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ijsRI65nc1rOGrmldAfGqLoANRg TvALUT9c5CYuthQxSE72UsXvNYRifoppjOJ7fX9sjxO3lFruG9kJj0+8IC5x0E8n UtxRhJYXq74RQlSK6rsREzXGKGlxzHEOH8Q9FI4VbXUIhITVw72Ds/wUwiqVQd6a TK/1oMSBoV96srUne+lmmM9t3JOF7voYlxsAJYrSufSfOl5soriMb+EOob3Tgy5o qAgHNDmHf0YTtK7eYx0O5tDE8SOnfT55WkXSlSSpu1z3/Xg8ewUWbkmYPSKS5RIo M79Aptpehyb3Z0YAl+BnmsisaXaSU5ymRT7fkpTyXKBGLuG+O3KGtpIRQQIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFHMZEpiKRL6hIF+J4Jg+OfewCvUgMB8GA1UdIwQY MBaAFC4dJFfgvlTcePwfZofbPpSwaKybMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTGgwa1YtQy1WTng0X0I5bWg5cy1sTEJvckpzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9jNzhkZjMtZmM0Ny00ZWRiLWE5YTAt OTRmZDllMjk2OWFmLzEvY3hrU21JcEV2cUVnWDRuZ21ENDU5N0FLOVNBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yZS9jNzhkZjMtZmM0Ny00ZWRiLWE5YTAtOTRmZDllMjk2OWFm LzEvTGgwa1YtQy1WTng0X0I5bWg5cy1sTEJvckpzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeA8k MA0GCSqGSIb3DQEBCwUAA4IBAQApKeefcCMResde3Mse7hGUET7ziCuMFEXYerR4 XmrDroqHfyUlML8XBhaq2uH/v0M5KxafS7L00zH9YWfx/C0PTT+m3+Hxb8H6mBeK VMuSRKsJ7iFl55Ud3PKwbHAQKjwssvxv9JKgEVnZaHEegv8TW/d09F9M0gGExwOf cSZSYqVtQSa797szh6kTGgP7z52qZRim9vzh83DnDzQBUufGTFvwsgSrtzMTS9Ko jEufe3JXJi4SJ7gNKLFBe67OgoA+As5GHDHM9AJ1lukMrp2aRWWDD+QqbNPJuUmJ yT6TxNwFVx+DglugyreokzZ572iGHslt6SPEybd/LZnlpKVN -----END CERTIFICATE-----Generated at Tue Feb 10 00:10:08 2026 by rpki-client