This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/XQTZ_LtV57mZRaGBHm-8jfWoV4Q.roa File: XQTZ_LtV57mZRaGBHm-8jfWoV4Q.roa (raw, json) Hash identifier: 5KXyUaHmme5U++rqXY/Tbp2zYQdF6AdBZuhTTX4YU/Y= Subject key identifier: 5D:04:D9:FC:BB:55:E7:B9:99:45:A1:81:1E:6F:BC:8D:F5:A8:57:84 Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b Certificate serial: 019B5FC826A7D775B73F2609AFFA69DFD20B Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/XQTZ_LtV57mZRaGBHm-8jfWoV4Q.roa Signing time: Sat 27 Dec 2025 12:28:31 +0000 ROA not before: Sat 27 Dec 2025 12:28:31 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 208068 IP address blocks: 2a0e:97c0:520::/44 maxlen: 48 2a0e:97c0:520::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 29 Dec 2025 00:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5f:c8:26:a7:d7:75:b7:3f:26:09:af:fa:69:df:d2:0b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b Validity Not Before: Dec 27 12:28:31 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=5d04d9fcbb55e7b99945a1811e6fbc8df5a85784 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:98:31:f6:8f:09:4c:36:3a:dd:8e:47:77:f8: ca:3f:84:b3:c6:04:ee:05:b9:c3:46:68:f9:44:ef: ce:ff:87:23:63:a2:76:19:db:61:20:a8:41:99:40: 16:69:a0:06:1e:6f:9a:18:20:e8:a6:c1:e9:b9:48: 47:aa:86:d0:f0:04:e7:62:cd:e9:16:59:7c:c2:90: 40:bb:c8:1e:cb:a5:a9:1c:ea:86:b5:b5:df:f6:1f: 08:5c:2e:02:26:b3:3a:37:92:71:c8:b2:a0:64:e3: 4e:b2:e2:15:70:32:41:3e:92:b3:af:0e:b1:1f:a8: d7:a4:29:6c:fc:b9:92:a3:89:1f:ca:f7:b6:a8:06: a5:f5:b4:66:b3:83:68:9b:40:78:c5:c4:7d:80:d5: af:c5:c5:b3:ee:41:20:aa:65:d4:60:08:99:da:e1: a9:c7:78:4e:2f:7e:d0:7e:3c:a2:84:7f:da:f2:a7: bc:94:de:cb:ff:2e:0a:d8:81:4c:e7:9c:05:3c:bd: 6f:51:73:f6:c4:99:70:fe:00:74:ce:25:72:bd:8d: 16:23:f2:6d:08:ab:00:96:ae:53:bc:20:5b:fa:77: 69:a2:9e:f1:35:59:6d:ae:44:e0:d6:79:4d:cf:60: 07:59:f1:ab:c2:94:42:74:18:2c:6e:87:ce:db:f4: 2c:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:04:D9:FC:BB:55:E7:B9:99:45:A1:81:1E:6F:BC:8D:F5:A8:57:84 X509v3 Authority Key Identifier: keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/XQTZ_LtV57mZRaGBHm-8jfWoV4Q.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0e:97c0:520::/44 Signature Algorithm: sha256WithRSAEncryption a4:e9:6e:bc:4d:80:69:57:30:d8:9c:86:33:ca:5f:f7:97:7f: 1b:e1:75:6f:c4:df:5f:71:df:da:40:01:4e:41:9d:c6:e9:de: f9:5a:97:cf:8a:b8:5c:e9:29:b5:4d:07:8e:9d:eb:4a:1d:77: b4:14:f0:23:81:22:09:9a:5e:e5:61:74:c2:4d:2c:09:8f:d6: 1a:4d:60:75:45:1e:f7:fe:ff:28:31:3e:23:f3:a0:e2:f7:9f: 0f:bc:4c:d4:b0:4b:47:df:47:b0:fc:6c:cc:b8:4d:cb:59:42: 99:6e:0f:31:2d:96:86:6c:2e:75:ec:a3:4f:53:e7:7a:5e:9a: 44:84:48:d4:05:59:c4:5a:37:04:2d:6d:a0:50:30:b7:a7:b7: 07:1d:ea:55:70:4c:bb:e6:b4:e8:02:8d:4f:f6:b0:60:8c:97: fa:79:e8:46:09:83:9a:53:d8:a5:91:6f:3f:71:78:89:06:8d: ba:29:a0:f3:4c:7e:e3:b1:60:69:d6:4b:84:80:cf:39:b7:a6: 63:9c:ee:a7:3f:50:21:5b:62:02:19:03:53:8c:ce:db:af:d1: 00:bf:24:60:70:21:86:d3:c7:ad:74:f3:ef:9a:32:c0:df:c4: 39:53:3e:64:69:76:96:bb:bb:f1:2a:d3:20:3b:90:c6:ae:3f: 25:cd:67:45 -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZtfyCan13W3PyYJr/pp39ILMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw ZmFkOWIwHhcNMjUxMjI3MTIyODMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1ZDA0ZDlmY2JiNTVlN2I5OTk0NWExODExZTZmYmM4ZGY1YTg1Nzg0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtpgx9o8JTDY63Y5Hd/jKP4SzxgTu BbnDRmj5RO/O/4cjY6J2GdthIKhBmUAWaaAGHm+aGCDopsHpuUhHqobQ8ATnYs3p Fll8wpBAu8gey6WpHOqGtbXf9h8IXC4CJrM6N5JxyLKgZONOsuIVcDJBPpKzrw6x H6jXpCls/LmSo4kfyve2qAal9bRms4Nom0B4xcR9gNWvxcWz7kEgqmXUYAiZ2uGp x3hOL37QfjyihH/a8qe8lN7L/y4K2IFM55wFPL1vUXP2xJlw/gB0ziVyvY0WI/Jt CKsAlq5TvCBb+ndpop7xNVltrkTg1nlNz2AHWfGrwpRCdBgsbofO2/QshQIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFF0E2fy7Vee5mUWhgR5vvI31qFeEMB8GA1UdIwQY MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt ZGM1ZWM3NDhmNmE1LzEvWFFUWl9MdFY1N21aUmFHQkhtLThqZldvVjRRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1 LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6XwAUg MA0GCSqGSIb3DQEBCwUAA4IBAQCk6W68TYBpVzDYnIYzyl/3l38b4XVvxN9fcd/a QAFOQZ3G6d75WpfPirhc6Sm1TQeOnetKHXe0FPAjgSIJml7lYXTCTSwJj9YaTWB1 RR73/v8oMT4j86Di958PvEzUsEtH30ew/GzMuE3LWUKZbg8xLZaGbC517KNPU+d6 XppEhEjUBVnEWjcELW2gUDC3p7cHHepVcEy75rToAo1P9rBgjJf6eehGCYOaU9il kW8/cXiJBo26KaDzTH7jsWBp1kuEgM85t6ZjnO6nP1AhW2ICGQNTjM7br9EAvyRg cCGG08etdPPvmjLA38Q5Uz5kaXaWu7vxKtMgO5DGrj8lzWdF -----END CERTIFICATE-----Generated at Sun Dec 28 09:58:42 2025 by rpki-client