This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/af950f-c193-45df-90d7-b842b990689e/1/xdDHjpMxa5Db0sg2IbYCFBzBU4g.roa File: xdDHjpMxa5Db0sg2IbYCFBzBU4g.roa (raw, json) Hash identifier: i6O8Zdm48WH9FHIuopoB/Fvv/PqB8Y1fepb+H0IN4zo= Subject key identifier: C5:D0:C7:8E:93:31:6B:90:DB:D2:C8:36:21:B6:02:14:1C:C1:53:88 Certificate issuer: /CN=bc85d3791f5836c415ffd391f2d585c73dbeca39 Certificate serial: 019B7DCAB85A44061F9B3AD3EBBEA4B0A504 Authority key identifier: BC:85:D3:79:1F:58:36:C4:15:FF:D3:91:F2:D5:85:C7:3D:BE:CA:39 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vIXTeR9YNsQV_9OR8tWFxz2-yjk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/af950f-c193-45df-90d7-b842b990689e/1/xdDHjpMxa5Db0sg2IbYCFBzBU4g.roa Signing time: Fri 02 Jan 2026 08:19:56 +0000 ROA not before: Fri 02 Jan 2026 08:19:56 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 201609 IP address blocks: 185.63.204.0/22 maxlen: 24 2a03:ee0::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/af950f-c193-45df-90d7-b842b990689e/1/vIXTeR9YNsQV_9OR8tWFxz2-yjk.crl rsync://rpki.ripe.net/repository/DEFAULT/4c/af950f-c193-45df-90d7-b842b990689e/1/vIXTeR9YNsQV_9OR8tWFxz2-yjk.mft rsync://rpki.ripe.net/repository/DEFAULT/vIXTeR9YNsQV_9OR8tWFxz2-yjk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 14:00:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:ca:b8:5a:44:06:1f:9b:3a:d3:eb:be:a4:b0:a5:04 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=bc85d3791f5836c415ffd391f2d585c73dbeca39 Validity Not Before: Jan 2 08:19:56 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=c5d0c78e93316b90dbd2c83621b602141cc15388 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:63:03:c3:eb:3b:2a:33:83:f9:26:e3:e1:44: d6:14:d0:be:a5:1b:65:93:65:22:19:21:04:11:a8: 35:57:90:99:0f:fd:d0:df:10:05:53:5d:6d:a3:19: e2:ba:a3:72:66:41:2d:67:e2:c7:9d:a1:f0:3b:b2: 59:e7:a8:47:c5:12:1e:25:7a:a3:2c:76:e6:77:11: 91:88:e5:19:c5:8f:47:12:0b:3c:2e:09:67:2a:6b: 0c:0f:4a:78:6b:cf:a5:27:6c:81:55:db:14:93:6c: 69:9f:f3:22:ad:63:53:19:9b:8c:15:04:9c:04:51: b5:eb:c8:e1:36:41:99:50:a2:13:1a:0c:7d:ca:27: 91:df:a3:5a:da:9a:52:90:48:97:0f:1d:10:2a:fa: 87:db:ba:b6:e9:89:01:55:07:a9:f3:1d:0e:b7:98: 95:49:7e:c6:70:e3:e2:45:40:8a:a6:5a:22:9a:d6: 82:ab:29:00:a6:6c:34:a3:ae:ff:79:7d:b4:cd:d8: 51:0b:36:e1:2b:00:64:9e:c3:9b:1c:2f:84:f6:fa: 00:a7:2a:ca:73:8e:d3:42:12:ba:8e:70:6e:92:12: e5:19:d2:29:1e:dc:e0:00:b6:f7:60:84:a6:47:c1: 45:2b:de:50:59:ef:86:25:4f:35:09:10:a8:21:38: 80:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C5:D0:C7:8E:93:31:6B:90:DB:D2:C8:36:21:B6:02:14:1C:C1:53:88 X509v3 Authority Key Identifier: keyid:BC:85:D3:79:1F:58:36:C4:15:FF:D3:91:F2:D5:85:C7:3D:BE:CA:39 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vIXTeR9YNsQV_9OR8tWFxz2-yjk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/af950f-c193-45df-90d7-b842b990689e/1/xdDHjpMxa5Db0sg2IbYCFBzBU4g.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/af950f-c193-45df-90d7-b842b990689e/1/vIXTeR9YNsQV_9OR8tWFxz2-yjk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.63.204.0/22 IPv6: 2a03:ee0::/29 Signature Algorithm: sha256WithRSAEncryption 49:e8:49:f4:55:b8:ec:fe:5b:ba:6c:80:94:bc:99:c3:2b:b8: a7:4d:8d:24:07:26:f6:b7:e8:13:55:a6:e2:52:0b:42:b7:c0: b3:b5:c5:0b:7f:6e:c5:98:3b:77:a7:cc:fc:52:62:91:5a:91: 57:68:2b:93:e4:db:7f:40:51:15:6d:3b:74:53:88:41:01:a2: 12:cb:21:49:ce:97:28:2b:2a:de:82:10:b6:d8:af:74:1b:73: ef:2f:5f:b0:37:1d:6a:f2:b8:8d:f2:09:7d:d6:15:7d:a0:be: 63:95:cf:f0:a9:85:b3:a5:01:d1:55:5d:99:f1:3f:6a:e4:bb: ec:a1:2b:44:b5:02:3c:d4:0d:a7:3a:e4:7f:34:00:0d:0b:78: ab:7c:8c:e6:a0:e6:3e:50:74:bd:40:1c:5a:54:a6:1d:4e:92: fa:1a:ef:14:28:3f:eb:4e:0d:e3:af:6b:85:91:02:ef:66:c8: 93:2d:9c:e2:4c:85:dc:c5:9c:46:7b:a2:1a:17:00:4a:a7:8e: a1:60:d7:cd:88:c1:01:22:bf:dc:bb:3c:10:88:cf:3e:5a:9f: bb:96:c8:15:8c:ac:d4:48:f3:16:aa:4f:cc:0b:80:ff:be:80: e5:3f:89:ad:9b:d2:c6:35:73:50:88:1c:e6:c5:46:11:f8:02: 55:92:92:df -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt9yrhaRAYfmzrT676ksKUEMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGJjODVkMzc5MWY1ODM2YzQxNWZmZDM5MWYyZDU4NWM3M2Ri ZWNhMzkwHhcNMjYwMTAyMDgxOTU2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjNWQwYzc4ZTkzMzE2YjkwZGJkMmM4MzYyMWI2MDIxNDFjYzE1Mzg4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt2MDw+s7KjOD+Sbj4UTWFNC+pRtl k2UiGSEEEag1V5CZD/3Q3xAFU11toxniuqNyZkEtZ+LHnaHwO7JZ56hHxRIeJXqj LHbmdxGRiOUZxY9HEgs8LglnKmsMD0p4a8+lJ2yBVdsUk2xpn/MirWNTGZuMFQSc BFG168jhNkGZUKITGgx9yieR36Na2ppSkEiXDx0QKvqH27q26YkBVQep8x0Ot5iV SX7GcOPiRUCKploimtaCqykApmw0o67/eX20zdhRCzbhKwBknsObHC+E9voApyrK c47TQhK6jnBukhLlGdIpHtzgALb3YISmR8FFK95QWe+GJU81CRCoITiAAQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFMXQx46TMWuQ29LINiG2AhQcwVOIMB8GA1UdIwQY MBaAFLyF03kfWDbEFf/TkfLVhcc9vso5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdklYVGVSOVlOc1FWXzlPUjh0V0Z4ejIteWprLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy9hZjk1MGYtYzE5My00NWRmLTkwZDct Yjg0MmI5OTA2ODllLzEveGRESGpwTXhhNURiMHNnMkliWUNGQnpCVTRnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Yy9hZjk1MGYtYzE5My00NWRmLTkwZDctYjg0MmI5OTA2ODll LzEvdklYVGVSOVlOc1FWXzlPUjh0V0Z4ejIteWprLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuT/MMA0E AgACMAcDBQMqAw7gMA0GCSqGSIb3DQEBCwUAA4IBAQBJ6En0Vbjs/lu6bICUvJnD K7inTY0kByb2t+gTVabiUgtCt8CztcULf27FmDt3p8z8UmKRWpFXaCuT5Nt/QFEV bTt0U4hBAaISyyFJzpcoKyreghC22K90G3PvL1+wNx1q8riN8gl91hV9oL5jlc/w qYWzpQHRVV2Z8T9q5LvsoStEtQI81A2nOuR/NAANC3irfIzmoOY+UHS9QBxaVKYd TpL6Gu8UKD/rTg3jr2uFkQLvZsiTLZziTIXcxZxGe6IaFwBKp46hYNfNiMEBIr/c uzwQiM8+Wp+7lsgVjKzUSPMWqk/MC4D/voDlP4mtm9LGNXNQiBzmxUYR+AJVkpLf -----END CERTIFICATE-----Generated at Mon Feb 9 23:46:02 2026 by rpki-client