This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/2d6ddf-d448-4566-b364-f0b2dd07f727/1/XexrTT-WjOfF1IH0hIaeXZfiLag.roa File: XexrTT-WjOfF1IH0hIaeXZfiLag.roa (raw, json) Hash identifier: HDA8bu6O9RqOeUyNIrj9FwIn/BuM4ZQvluzThKczOzQ= Subject key identifier: 5D:EC:6B:4D:3F:96:8C:E7:C5:D4:81:F4:84:86:9E:5D:97:E2:2D:A8 Certificate issuer: /CN=e2407a7696f07984143054d411e3ca5f1836ecd4 Certificate serial: 019B77C6D8314418096FFE5A35622AA73C3A Authority key identifier: E2:40:7A:76:96:F0:79:84:14:30:54:D4:11:E3:CA:5F:18:36:EC:D4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4kB6dpbweYQUMFTUEePKXxg27NQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/2d6ddf-d448-4566-b364-f0b2dd07f727/1/XexrTT-WjOfF1IH0hIaeXZfiLag.roa Signing time: Thu 01 Jan 2026 04:17:58 +0000 ROA not before: Thu 01 Jan 2026 04:17:58 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 201377 IP address blocks: 2001:67c:ae4::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/2d6ddf-d448-4566-b364-f0b2dd07f727/1/4kB6dpbweYQUMFTUEePKXxg27NQ.crl rsync://rpki.ripe.net/repository/DEFAULT/51/2d6ddf-d448-4566-b364-f0b2dd07f727/1/4kB6dpbweYQUMFTUEePKXxg27NQ.mft rsync://rpki.ripe.net/repository/DEFAULT/4kB6dpbweYQUMFTUEePKXxg27NQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c6:d8:31:44:18:09:6f:fe:5a:35:62:2a:a7:3c:3a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e2407a7696f07984143054d411e3ca5f1836ecd4 Validity Not Before: Jan 1 04:17:58 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5dec6b4d3f968ce7c5d481f484869e5d97e22da8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:e4:4d:ff:7c:2d:d7:07:e5:a9:e7:0d:90:82: f8:67:b2:76:6c:1c:ed:41:65:37:b3:b9:27:34:c6: dd:2c:04:f4:c0:20:2c:84:ef:dd:db:50:2f:4b:36: 81:b6:b5:c3:1d:88:9b:07:fc:38:68:33:68:66:0f: 5f:c8:cf:c6:24:b8:ff:71:34:01:cc:db:a8:79:af: 62:e4:da:14:91:d5:12:2e:ba:02:ee:9f:28:3e:1c: b8:dd:79:67:31:7b:15:b4:78:e6:f7:e2:14:00:d6: f5:92:a7:78:92:3d:ae:82:43:13:b2:e1:5a:4b:50: e5:70:57:41:67:23:e2:1b:80:5f:8b:0c:17:03:05: 11:b3:b3:cc:bf:9c:91:de:c9:32:b8:23:f5:2f:de: b8:aa:99:c4:6d:2f:45:1c:7b:13:f0:b1:dc:6f:55: aa:21:70:11:64:6a:14:2f:dc:f2:e5:4e:22:3c:fd: b8:85:bf:e8:2c:16:b4:9c:57:69:51:89:dc:26:ee: 74:b9:7e:c8:7e:40:0f:6d:f9:f8:f4:2d:c1:83:28: 27:6c:b9:07:fa:1c:8b:25:a4:42:f9:7c:8f:fd:23: 6e:5b:81:34:00:31:5c:1b:83:e3:77:2b:1e:d8:d3: f0:90:89:1c:41:d8:99:dc:71:5d:d7:93:0e:67:8e: 22:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:EC:6B:4D:3F:96:8C:E7:C5:D4:81:F4:84:86:9E:5D:97:E2:2D:A8 X509v3 Authority Key Identifier: keyid:E2:40:7A:76:96:F0:79:84:14:30:54:D4:11:E3:CA:5F:18:36:EC:D4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4kB6dpbweYQUMFTUEePKXxg27NQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/2d6ddf-d448-4566-b364-f0b2dd07f727/1/XexrTT-WjOfF1IH0hIaeXZfiLag.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/51/2d6ddf-d448-4566-b364-f0b2dd07f727/1/4kB6dpbweYQUMFTUEePKXxg27NQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:67c:ae4::/48 Signature Algorithm: sha256WithRSAEncryption 70:c8:fa:cb:c1:2a:36:5f:0c:68:8c:11:db:ad:0c:d1:05:37: 90:9d:6d:5a:d6:94:e4:03:76:46:8c:99:6e:5a:28:8d:c5:83: 50:5f:f0:d6:03:e4:0e:1f:b6:4d:5e:18:b5:7b:a2:79:8b:3f: 6c:f6:10:1e:6d:88:0a:89:7d:d5:8c:84:8d:75:0d:0c:32:b1: 9c:b9:b5:c2:33:46:e2:0f:7d:90:d8:5d:1c:9b:2e:aa:73:93: 1f:52:a0:28:ba:13:81:81:dc:f0:ad:70:68:20:75:66:7f:61: 6a:cd:b7:2c:10:47:a0:18:80:cb:3d:b0:60:ae:e4:ac:1c:39: 96:06:69:30:7f:ae:0a:97:cb:de:8d:9d:3c:09:c7:d0:5d:d5: d7:b2:22:4a:9e:03:54:56:75:f4:cd:37:26:66:55:12:17:f3: f0:49:04:1c:66:f6:bd:61:8c:43:44:13:67:25:cd:22:59:b2: a7:f7:f6:e6:2f:d1:68:a2:62:5d:17:09:d2:fc:7e:b1:0f:c2: c0:0d:12:50:fe:e4:c0:2c:5e:b5:cf:36:22:de:5b:dc:f5:78: a0:45:a7:3c:d5:d8:9d:88:03:7c:05:6e:f4:41:26:69:18:e8: aa:77:65:af:31:68:d1:6c:f8:82:d7:dd:02:50:a1:80:8b:ab: 3c:7e:ad:07 -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt3xtgxRBgJb/5aNWIqpzw6MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGUyNDA3YTc2OTZmMDc5ODQxNDMwNTRkNDExZTNjYTVmMTgz NmVjZDQwHhcNMjYwMTAxMDQxNzU4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1ZGVjNmI0ZDNmOTY4Y2U3YzVkNDgxZjQ4NDg2OWU1ZDk3ZTIyZGE4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz+RN/3wt1wflqecNkIL4Z7J2bBzt QWU3s7knNMbdLAT0wCAshO/d21AvSzaBtrXDHYibB/w4aDNoZg9fyM/GJLj/cTQB zNuoea9i5NoUkdUSLroC7p8oPhy43XlnMXsVtHjm9+IUANb1kqd4kj2ugkMTsuFa S1DlcFdBZyPiG4BfiwwXAwURs7PMv5yR3skyuCP1L964qpnEbS9FHHsT8LHcb1Wq IXARZGoUL9zy5U4iPP24hb/oLBa0nFdpUYncJu50uX7IfkAPbfn49C3BgygnbLkH +hyLJaRC+XyP/SNuW4E0ADFcG4Pjdyse2NPwkIkcQdiZ3HFd15MOZ44isQIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFF3sa00/loznxdSB9ISGnl2X4i2oMB8GA1UdIwQY MBaAFOJAenaW8HmEFDBU1BHjyl8YNuzUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNGtCNmRwYndlWVFVTUZUVUVlUEtYeGcyN05RLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8yZDZkZGYtZDQ0OC00NTY2LWIzNjQt ZjBiMmRkMDdmNzI3LzEvWGV4clRULVdqT2ZGMUlIMGhJYWVYWmZpTGFnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81MS8yZDZkZGYtZDQ0OC00NTY2LWIzNjQtZjBiMmRkMDdmNzI3 LzEvNGtCNmRwYndlWVFVTUZUVUVlUEtYeGcyN05RLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfArk MA0GCSqGSIb3DQEBCwUAA4IBAQBwyPrLwSo2XwxojBHbrQzRBTeQnW1a1pTkA3ZG jJluWiiNxYNQX/DWA+QOH7ZNXhi1e6J5iz9s9hAebYgKiX3VjISNdQ0MMrGcubXC M0biD32Q2F0cmy6qc5MfUqAouhOBgdzwrXBoIHVmf2FqzbcsEEegGIDLPbBgruSs HDmWBmkwf64Kl8vejZ08CcfQXdXXsiJKngNUVnX0zTcmZlUSF/PwSQQcZva9YYxD RBNnJc0iWbKn9/bmL9FoomJdFwnS/H6xD8LADRJQ/uTALF61zzYi3lvc9XigRac8 1didiAN8BW70QSZpGOiqd2WvMWjRbPiC190CUKGAi6s8fq0H -----END CERTIFICATE-----Generated at Tue Feb 10 00:13:45 2026 by rpki-client