This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/xIdot6FAjw7dfRg6u_ByXcj3lDM.roa File: xIdot6FAjw7dfRg6u_ByXcj3lDM.roa (raw, json) Hash identifier: 8+XjLrCilLhi21bpw8d0FOgL/oy8JtzB6AjiHlyT9fw= Subject key identifier: C4:87:68:B7:A1:40:8F:0E:DD:7D:18:3A:BB:F0:72:5D:C8:F7:94:33 Certificate issuer: /CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd Certificate serial: 019B7DCA259BD39CB60B7DA828D83E93CB76 Authority key identifier: E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/xIdot6FAjw7dfRg6u_ByXcj3lDM.roa Signing time: Fri 02 Jan 2026 08:19:18 +0000 ROA not before: Fri 02 Jan 2026 08:19:18 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 35830 IP address blocks: 89.19.35.0/24 maxlen: 24 193.151.188.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.mft rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 18:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:ca:25:9b:d3:9c:b6:0b:7d:a8:28:d8:3e:93:cb:76 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd Validity Not Before: Jan 2 08:19:18 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=c48768b7a1408f0edd7d183abbf0725dc8f79433 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:fe:a8:96:ae:e9:46:df:2b:a7:f7:dd:ef:7b: f4:ed:2c:82:50:5b:c5:55:b6:a5:d0:8f:9c:eb:4b: f5:c2:eb:84:ea:11:8a:46:55:da:30:7c:5f:a7:30: 8b:b8:79:d8:19:b4:78:3b:c5:83:ff:d6:d8:c7:9e: 1b:a8:3a:61:a0:ba:ce:1b:ab:a8:1f:a9:d1:77:ed: 15:e3:3f:ab:0a:0c:65:8c:24:20:a7:f3:01:90:99: e2:b1:da:59:17:68:40:ee:2c:68:87:d3:d8:58:4b: fc:61:5a:cf:66:c2:50:f0:d0:c4:f8:c1:1c:66:a1: 24:d2:14:cf:23:75:fa:36:57:7b:59:35:24:cc:1c: d9:7b:56:b9:ee:e7:19:c4:87:76:33:22:5e:cd:e5: c8:20:8d:92:39:57:cc:38:41:75:49:9f:21:ef:f2: f2:3c:88:f0:57:26:aa:43:13:7f:90:0e:a1:0e:58: 2b:45:fc:32:55:cd:ae:3e:72:fe:e3:6c:0e:e9:34: 43:df:4c:e5:41:3d:05:2b:8c:fa:7b:02:a2:3c:01: 10:f4:9a:d2:cd:7c:dd:6b:34:e5:c2:b2:48:2d:3b: a4:51:8b:73:35:64:b8:57:2c:69:d7:7e:bd:d8:ce: 4d:65:c7:87:c3:ba:de:11:39:04:82:ca:8c:02:45: db:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C4:87:68:B7:A1:40:8F:0E:DD:7D:18:3A:BB:F0:72:5D:C8:F7:94:33 X509v3 Authority Key Identifier: keyid:E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/xIdot6FAjw7dfRg6u_ByXcj3lDM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 89.19.35.0/24 193.151.188.0/24 Signature Algorithm: sha256WithRSAEncryption 43:85:92:11:34:16:bc:b7:de:c9:3a:a8:05:00:fc:f6:19:0b: ec:af:a2:76:ae:4b:8f:12:af:6a:ca:ea:4e:52:05:b9:39:f2: 78:95:ae:b3:55:9d:aa:cb:fe:14:72:29:a7:35:2f:fa:82:91: 13:e9:4a:2e:90:45:35:11:58:69:d0:7b:59:95:08:0b:0e:2f: 2f:62:62:8e:f4:5c:f8:8f:92:b3:49:a5:c6:93:f5:b9:45:1f: dc:0c:ac:e8:70:44:ec:70:da:be:c1:1d:e9:bf:78:b5:09:9f: d3:e5:08:2d:9b:41:cb:c3:f6:de:d7:46:a2:65:49:9c:1b:15: 7c:ad:dc:65:30:31:04:e3:89:bc:7f:1f:d8:cb:fc:27:cf:9c: ce:77:c0:0a:08:f0:c0:73:e7:f2:88:ee:da:4a:8d:28:dd:09: d1:7f:da:6b:f7:19:18:b2:5e:2f:57:1f:35:ce:6e:7d:18:57: b4:99:85:14:9e:32:25:1f:a5:42:2d:ed:a2:fa:cf:c4:f3:13: b9:97:16:74:be:a4:15:02:a0:92:5e:23:e1:29:b5:bd:a2:e7: a8:96:e8:f6:34:a5:77:a6:82:d1:54:60:3d:8b:5c:3d:3f:99: 33:0f:02:10:a7:28:c1:9c:14:71:5e:88:4d:ef:e1:e5:9a:70: 18:53:2a:da -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt9yiWb05y2C32oKNg+k8t2MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGUyYzJiODM0ZmJjOTFhZjBlYzZiMWQzNGZkNjQwNTRkMjI2 OWExZmQwHhcNMjYwMTAyMDgxOTE4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjNDg3NjhiN2ExNDA4ZjBlZGQ3ZDE4M2FiYmYwNzI1ZGM4Zjc5NDMzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvP6olq7pRt8rp/fd73v07SyCUFvF Vbal0I+c60v1wuuE6hGKRlXaMHxfpzCLuHnYGbR4O8WD/9bYx54bqDphoLrOG6uo H6nRd+0V4z+rCgxljCQgp/MBkJnisdpZF2hA7ixoh9PYWEv8YVrPZsJQ8NDE+MEc ZqEk0hTPI3X6Nld7WTUkzBzZe1a57ucZxId2MyJezeXIII2SOVfMOEF1SZ8h7/Ly PIjwVyaqQxN/kA6hDlgrRfwyVc2uPnL+42wO6TRD30zlQT0FK4z6ewKiPAEQ9JrS zXzdazTlwrJILTukUYtzNWS4Vyxp13692M5NZceHw7reETkEgsqMAkXbpwIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFMSHaLehQI8O3X0YOrvwcl3I95QzMB8GA1UdIwQY MBaAFOLCuDT7yRrw7GsdNP1kBU0iaaH9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2Et OTk0ODA2ZjA4MWYwLzEveElkb3Q2RkFqdzdkZlJnNnVfQnlYY2ozbERNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2EtOTk0ODA2ZjA4MWYw LzEvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWRMjAwQA wZe8MA0GCSqGSIb3DQEBCwUAA4IBAQBDhZIRNBa8t97JOqgFAPz2GQvsr6J2rkuP Eq9qyupOUgW5OfJ4la6zVZ2qy/4UcimnNS/6gpET6UoukEU1EVhp0HtZlQgLDi8v YmKO9Fz4j5KzSaXGk/W5RR/cDKzocETscNq+wR3pv3i1CZ/T5Qgtm0HLw/be10ai ZUmcGxV8rdxlMDEE44m8fx/Yy/wnz5zOd8AKCPDAc+fyiO7aSo0o3QnRf9pr9xkY sl4vVx81zm59GFe0mYUUnjIlH6VCLe2i+s/E8xO5lxZ0vqQVAqCSXiPhKbW9oueo luj2NKV3poLRVGA9i1w9P5kzDwIQpyjBnBRxXohN7+HlmnAYUyra -----END CERTIFICATE-----Generated at Mon Jan 19 21:25:28 2026 by rpki-client