This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/8a5a2e-4d33-4a2c-adf3-026b8cf691ba/1/Xdnvns2DRqazD189iM-2jNt4vZo.roa File: Xdnvns2DRqazD189iM-2jNt4vZo.roa (raw, json) Hash identifier: UAbhMlaae4Ik19w+3ZsFKwWR5TNpwZbcrBfdZMwkITk= Subject key identifier: 5D:D9:EF:9E:CD:83:46:A6:B3:0F:5F:3D:88:CF:B6:8C:DB:78:BD:9A Certificate issuer: /CN=a640c751ebfb4807d84622e806cb3d0b9dd81069 Certificate serial: 019B791090CFB996849FD8A08C69614D2F80 Authority key identifier: A6:40:C7:51:EB:FB:48:07:D8:46:22:E8:06:CB:3D:0B:9D:D8:10:69 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pkDHUev7SAfYRiLoBss9C53YEGk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/8a5a2e-4d33-4a2c-adf3-026b8cf691ba/1/Xdnvns2DRqazD189iM-2jNt4vZo.roa Signing time: Thu 01 Jan 2026 10:18:07 +0000 ROA not before: Thu 01 Jan 2026 10:18:07 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 21436 IP address blocks: 193.108.164.0/24 maxlen: 24 193.108.165.0/24 maxlen: 24 2001:67c:58c::/48 maxlen: 48 2001:67c:17b0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/8a5a2e-4d33-4a2c-adf3-026b8cf691ba/1/pkDHUev7SAfYRiLoBss9C53YEGk.crl rsync://rpki.ripe.net/repository/DEFAULT/4d/8a5a2e-4d33-4a2c-adf3-026b8cf691ba/1/pkDHUev7SAfYRiLoBss9C53YEGk.mft rsync://rpki.ripe.net/repository/DEFAULT/pkDHUev7SAfYRiLoBss9C53YEGk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:10:90:cf:b9:96:84:9f:d8:a0:8c:69:61:4d:2f:80 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a640c751ebfb4807d84622e806cb3d0b9dd81069 Validity Not Before: Jan 1 10:18:07 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5dd9ef9ecd8346a6b30f5f3d88cfb68cdb78bd9a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:04:3c:5d:29:65:e7:1b:28:56:c4:df:a6:75: f9:72:a1:2b:8e:70:b5:0c:6a:96:dc:60:a5:f5:59: 5e:c8:7c:0e:91:99:a3:9b:16:d6:aa:8a:06:76:ec: 3b:c2:75:47:90:47:eb:ab:f6:ee:6c:09:3f:ed:85: fc:28:59:98:cd:90:52:2c:cb:18:27:ad:d8:12:a0: 63:9b:5f:f2:cc:33:7c:15:fc:b0:8b:17:9c:35:d2: cc:de:80:8f:9e:60:65:41:f9:48:5d:70:a9:c9:50: 69:96:70:47:7a:e9:35:05:1f:cf:0a:ac:32:61:ab: bd:e5:d3:c4:27:74:25:ec:b9:90:1c:e3:32:ad:bc: e7:f3:8a:c0:d3:04:f9:cf:cd:47:32:ef:b2:df:ad: be:5b:f1:c6:bb:54:a9:3d:68:62:ec:5a:fb:8a:ab: 52:f6:b8:ba:8a:0c:1a:04:44:15:66:86:46:e0:98: 8b:18:23:16:56:23:58:02:d9:6b:3a:c4:54:0d:11: 2e:e6:e7:49:6c:3d:8b:f8:b4:4b:30:fc:2a:49:6e: 9b:5d:28:f3:ec:56:81:81:72:d7:45:09:b8:66:f2: 64:64:01:05:a9:6b:68:94:dc:48:d3:53:61:3d:20: ca:e4:ac:0b:22:ef:96:7e:e3:5e:1d:ab:a1:2d:85: b4:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:D9:EF:9E:CD:83:46:A6:B3:0F:5F:3D:88:CF:B6:8C:DB:78:BD:9A X509v3 Authority Key Identifier: keyid:A6:40:C7:51:EB:FB:48:07:D8:46:22:E8:06:CB:3D:0B:9D:D8:10:69 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pkDHUev7SAfYRiLoBss9C53YEGk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/8a5a2e-4d33-4a2c-adf3-026b8cf691ba/1/Xdnvns2DRqazD189iM-2jNt4vZo.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/8a5a2e-4d33-4a2c-adf3-026b8cf691ba/1/pkDHUev7SAfYRiLoBss9C53YEGk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 193.108.164.0/23 IPv6: 2001:67c:58c::/48 2001:67c:17b0::/48 Signature Algorithm: sha256WithRSAEncryption 8a:1e:5d:92:91:25:45:a4:83:08:cc:64:5e:a3:66:ab:39:84: 8f:10:e3:62:3d:17:b6:d5:fd:16:1b:81:f4:fb:35:62:0e:83: f9:40:6a:66:a4:f4:a1:ef:09:2f:7f:32:41:a8:48:5b:de:2b: dc:fb:48:4d:d1:7c:f6:c8:ac:db:e8:d7:46:09:20:b2:03:7f: 12:a0:50:35:80:24:94:d9:16:f8:45:64:d7:16:a8:dd:e9:1b: 7c:85:37:eb:41:2f:02:d1:02:6e:be:8d:48:c3:8f:79:53:70: b7:82:70:76:23:57:c5:70:40:6e:b5:a8:20:0f:bc:29:e0:0a: 16:b3:26:98:38:c8:f2:52:18:35:4d:49:98:1b:66:7b:27:2f: 61:a8:07:ee:c5:da:11:b4:66:22:f1:cf:e1:13:47:a9:36:87: b6:7f:a1:ae:1f:a5:f4:3c:f0:3c:cd:5b:ce:ca:d7:4d:36:14: 58:0a:ee:12:b0:84:3b:65:d3:09:61:6f:af:67:6b:fe:90:1e: 0d:7e:5c:e2:5d:e7:4c:f4:60:7d:77:08:c9:6f:2c:02:99:f6: 7d:67:ed:87:10:19:f3:b9:c9:6f:1b:a8:90:b8:89:46:9f:c1: 6f:3a:a2:27:19:6e:1a:a7:9c:55:05:4a:23:ed:87:fe:f5:d3: e4:ab:ad:8f -----BEGIN CERTIFICATE----- MIIFFzCCA/+gAwIBAgISAZt5EJDPuZaEn9igjGlhTS+AMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE2NDBjNzUxZWJmYjQ4MDdkODQ2MjJlODA2Y2IzZDBiOWRk ODEwNjkwHhcNMjYwMTAxMTAxODA3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1ZGQ5ZWY5ZWNkODM0NmE2YjMwZjVmM2Q4OGNmYjY4Y2RiNzhiZDlhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmQQ8XSll5xsoVsTfpnX5cqErjnC1 DGqW3GCl9VleyHwOkZmjmxbWqooGduw7wnVHkEfrq/bubAk/7YX8KFmYzZBSLMsY J63YEqBjm1/yzDN8FfywixecNdLM3oCPnmBlQflIXXCpyVBplnBHeuk1BR/PCqwy Yau95dPEJ3Ql7LmQHOMyrbzn84rA0wT5z81HMu+y362+W/HGu1SpPWhi7Fr7iqtS 9ri6igwaBEQVZoZG4JiLGCMWViNYAtlrOsRUDREu5udJbD2L+LRLMPwqSW6bXSjz 7FaBgXLXRQm4ZvJkZAEFqWtolNxI01NhPSDK5KwLIu+WfuNeHauhLYW02QIDAQAB o4ICIzCCAh8wHQYDVR0OBBYEFF3Z757Ng0amsw9fPYjPtozbeL2aMB8GA1UdIwQY MBaAFKZAx1Hr+0gH2EYi6AbLPQud2BBpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcGtESFVldjdTQWZZUmlMb0JzczlDNTNZRUdrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC84YTVhMmUtNGQzMy00YTJjLWFkZjMt MDI2YjhjZjY5MWJhLzEvWGRudm5zMkRScWF6RDE4OWlNLTJqTnQ0dlpvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80ZC84YTVhMmUtNGQzMy00YTJjLWFkZjMtMDI2YjhjZjY5MWJh LzEvcGtESFVldjdTQWZZUmlMb0JzczlDNTNZRUdrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQBwWykMBgE AgACMBIDBwAgAQZ8BYwDBwAgAQZ8F7AwDQYJKoZIhvcNAQELBQADggEBAIoeXZKR JUWkgwjMZF6jZqs5hI8Q42I9F7bV/RYbgfT7NWIOg/lAamak9KHvCS9/MkGoSFve K9z7SE3RfPbIrNvo10YJILIDfxKgUDWAJJTZFvhFZNcWqN3pG3yFN+tBLwLRAm6+ jUjDj3lTcLeCcHYjV8VwQG61qCAPvCngChazJpg4yPJSGDVNSZgbZnsnL2GoB+7F 2hG0ZiLxz+ETR6k2h7Z/oa4fpfQ88DzNW87K1002FFgK7hKwhDtl0wlhb69na/6Q Hg1+XOJd50z0YH13CMlvLAKZ9n1n7YcQGfO5yW8bqJC4iUafwW86oicZbhqnnFUF SiPth/710+SrrY8= -----END CERTIFICATE-----Generated at Mon Feb 9 22:15:44 2026 by rpki-client