This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/b8f5e6-c951-4ddb-b4f5-a881ec8228b5/1/x9IxkDkzEkDokkzWh7NpXLA6pSU.roa File: x9IxkDkzEkDokkzWh7NpXLA6pSU.roa (raw, json) Hash identifier: HHdD49yqs88lPuXMSPj56CT2/FilbQVuZopBY9/6oH8= Subject key identifier: C7:D2:31:90:39:33:12:40:E8:92:4C:D6:87:B3:69:5C:B0:3A:A5:25 Certificate issuer: /CN=5ccdeca171e422c79c938c2732a90d48a8c53c06 Certificate serial: 019B7E37D0917048F077A16A4DA527439403 Authority key identifier: 5C:CD:EC:A1:71:E4:22:C7:9C:93:8C:27:32:A9:0D:48:A8:C5:3C:06 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XM3soXHkIseck4wnMqkNSKjFPAY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/b8f5e6-c951-4ddb-b4f5-a881ec8228b5/1/x9IxkDkzEkDokkzWh7NpXLA6pSU.roa Signing time: Fri 02 Jan 2026 10:19:05 +0000 ROA not before: Fri 02 Jan 2026 10:19:05 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 32787 IP address blocks: 212.119.74.0/24 maxlen: 24 213.210.216.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/b8f5e6-c951-4ddb-b4f5-a881ec8228b5/1/XM3soXHkIseck4wnMqkNSKjFPAY.crl rsync://rpki.ripe.net/repository/DEFAULT/2f/b8f5e6-c951-4ddb-b4f5-a881ec8228b5/1/XM3soXHkIseck4wnMqkNSKjFPAY.mft rsync://rpki.ripe.net/repository/DEFAULT/XM3soXHkIseck4wnMqkNSKjFPAY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 20:29:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:37:d0:91:70:48:f0:77:a1:6a:4d:a5:27:43:94:03 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5ccdeca171e422c79c938c2732a90d48a8c53c06 Validity Not Before: Jan 2 10:19:05 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=c7d2319039331240e8924cd687b3695cb03aa525 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e9:eb:0f:07:34:29:10:1b:50:35:94:0d:c8:f7: eb:cf:e6:55:ac:7d:46:cb:b2:5c:77:4d:f8:5a:3f: 37:61:94:67:08:91:11:c6:c1:8f:7e:59:b8:d7:b6: b2:6c:19:75:db:66:62:0c:5f:e9:06:f2:72:10:f0: eb:cd:1c:00:82:95:19:84:76:0e:6c:a8:16:f4:f7: 88:dc:a5:4c:85:23:b6:24:4c:ae:db:07:2a:ca:94: 45:a8:44:72:a7:d9:e2:82:a8:d3:84:ad:27:a0:3c: 11:d9:19:c3:fb:e1:ab:cc:d6:74:70:95:67:c9:31: 7a:c5:36:36:35:9f:e6:e3:42:48:5e:3b:4c:8c:54: 68:2b:70:ac:94:e8:3b:3f:69:7a:a4:42:bc:58:43: 96:31:a4:10:8e:70:0b:10:a6:04:22:f5:e7:a8:45: 91:19:10:00:fc:f2:43:37:b0:3b:8a:10:9c:02:3b: 3c:6c:44:1e:97:4d:71:e5:f4:e5:9c:35:1e:58:a7: cc:0f:a3:39:c5:fe:73:e1:cf:6f:a5:6b:5f:04:dc: de:96:cd:60:a4:58:74:9c:6c:1f:57:ae:17:3d:75: 23:8b:d6:6c:70:1a:cd:4c:83:a8:c4:ab:17:eb:9d: 39:f6:e4:26:2c:cc:b0:02:56:34:7d:23:7f:89:06: 6a:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C7:D2:31:90:39:33:12:40:E8:92:4C:D6:87:B3:69:5C:B0:3A:A5:25 X509v3 Authority Key Identifier: keyid:5C:CD:EC:A1:71:E4:22:C7:9C:93:8C:27:32:A9:0D:48:A8:C5:3C:06 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XM3soXHkIseck4wnMqkNSKjFPAY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/b8f5e6-c951-4ddb-b4f5-a881ec8228b5/1/x9IxkDkzEkDokkzWh7NpXLA6pSU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/b8f5e6-c951-4ddb-b4f5-a881ec8228b5/1/XM3soXHkIseck4wnMqkNSKjFPAY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 212.119.74.0/24 213.210.216.0/24 Signature Algorithm: sha256WithRSAEncryption 20:22:f1:be:07:73:f5:d3:fa:ee:90:0f:9b:d2:33:36:9c:2b: 41:5f:b5:9e:27:91:25:47:7e:dc:7b:fa:16:0f:35:a7:0f:cf: a5:ab:cb:bb:94:16:17:a5:87:fe:68:0b:d1:cb:d3:13:6f:4a: f6:92:1c:18:1b:cd:a5:56:e1:5b:99:1d:73:16:9a:01:17:79: fc:de:85:92:0e:21:a9:24:e7:2e:3d:82:15:4b:27:37:6f:a2: f9:d1:79:f3:01:c8:f4:5a:54:21:77:c4:09:76:11:1f:fa:54: bb:e3:47:3a:65:d1:07:23:8c:aa:67:32:68:02:1a:32:75:7f: 8d:ca:fb:2f:f3:9a:c9:cc:5f:4c:62:a9:d6:e6:00:a4:83:92: 0c:a1:12:e0:f1:f6:0b:4a:65:a0:f6:e3:ce:70:be:d6:c0:68: 12:9f:1c:dc:f3:b2:8f:28:59:f1:e4:d8:a0:b4:0e:be:3e:5d: 85:84:68:51:7a:c2:1b:4f:fe:38:89:59:a4:40:93:0f:a1:95: f7:72:2a:6d:87:db:96:ad:73:fc:41:d3:2f:05:7a:a9:83:a7: d5:ef:c7:65:d8:49:33:f6:7a:2c:39:26:58:53:94:86:1c:66: 2e:20:3a:f8:cd:79:74:0d:8f:10:4a:b2:27:27:39:cc:6b:0b: fe:be:d0:d8 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt+N9CRcEjwd6FqTaUnQ5QDMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVjY2RlY2ExNzFlNDIyYzc5YzkzOGMyNzMyYTkwZDQ4YThj NTNjMDYwHhcNMjYwMTAyMTAxOTA1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjN2QyMzE5MDM5MzMxMjQwZTg5MjRjZDY4N2IzNjk1Y2IwM2FhNTI1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6esPBzQpEBtQNZQNyPfrz+ZVrH1G y7Jcd034Wj83YZRnCJERxsGPflm417aybBl122ZiDF/pBvJyEPDrzRwAgpUZhHYO bKgW9PeI3KVMhSO2JEyu2wcqypRFqERyp9nigqjThK0noDwR2RnD++GrzNZ0cJVn yTF6xTY2NZ/m40JIXjtMjFRoK3CslOg7P2l6pEK8WEOWMaQQjnALEKYEIvXnqEWR GRAA/PJDN7A7ihCcAjs8bEQel01x5fTlnDUeWKfMD6M5xf5z4c9vpWtfBNzels1g pFh0nGwfV64XPXUji9ZscBrNTIOoxKsX65059uQmLMywAlY0fSN/iQZqVwIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFMfSMZA5MxJA6JJM1oezaVywOqUlMB8GA1UdIwQY MBaAFFzN7KFx5CLHnJOMJzKpDUioxTwGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWE0zc29YSGtJc2VjazR3bk1xa05TS2pGUEFZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9iOGY1ZTYtYzk1MS00ZGRiLWI0ZjUt YTg4MWVjODIyOGI1LzEveDlJeGtEa3pFa0Rva2t6V2g3TnBYTEE2cFNVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yZi9iOGY1ZTYtYzk1MS00ZGRiLWI0ZjUtYTg4MWVjODIyOGI1 LzEvWE0zc29YSGtJc2VjazR3bk1xa05TS2pGUEFZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQA1HdKAwQA 1dLYMA0GCSqGSIb3DQEBCwUAA4IBAQAgIvG+B3P10/rukA+b0jM2nCtBX7WeJ5El R37ce/oWDzWnD8+lq8u7lBYXpYf+aAvRy9MTb0r2khwYG82lVuFbmR1zFpoBF3n8 3oWSDiGpJOcuPYIVSyc3b6L50XnzAcj0WlQhd8QJdhEf+lS740c6ZdEHI4yqZzJo AhoydX+Nyvsv85rJzF9MYqnW5gCkg5IMoRLg8fYLSmWg9uPOcL7WwGgSnxzc87KP KFnx5NigtA6+Pl2FhGhResIbT/44iVmkQJMPoZX3cipth9uWrXP8QdMvBXqpg6fV 78dl2Ekz9nosOSZYU5SGHGYuIDr4zXl0DY8QSrInJznMawv+vtDY -----END CERTIFICATE-----Generated at Tue Jan 20 04:47:42 2026 by rpki-client