This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/410232-b1fd-4137-832d-bdb21313c3ec/1/XbqOwXYkjht0nJnceNJjzX2ebKs.roa File: XbqOwXYkjht0nJnceNJjzX2ebKs.roa (raw, json) Hash identifier: knPH99gttVNm7VTufmRAs4k/asX/iKOhw3wnBmFxMfs= Subject key identifier: 5D:BA:8E:C1:76:24:8E:1B:74:9C:99:DC:78:D2:63:CD:7D:9E:6C:AB Certificate issuer: /CN=36eaa00ea777098b1bf036756d640e9d31d63b3b Certificate serial: 019B7AC7C8407A3C4E2C984BC12110F4B95F Authority key identifier: 36:EA:A0:0E:A7:77:09:8B:1B:F0:36:75:6D:64:0E:9D:31:D6:3B:3B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NuqgDqd3CYsb8DZ1bWQOnTHWOzs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/410232-b1fd-4137-832d-bdb21313c3ec/1/XbqOwXYkjht0nJnceNJjzX2ebKs.roa Signing time: Thu 01 Jan 2026 18:17:51 +0000 ROA not before: Thu 01 Jan 2026 18:17:51 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 5459 IP address blocks: 195.66.232.0/22 maxlen: 22 195.66.240.0/22 maxlen: 22 195.66.240.0/24 maxlen: 24 195.66.248.0/22 maxlen: 22 2a01:40::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/410232-b1fd-4137-832d-bdb21313c3ec/1/NuqgDqd3CYsb8DZ1bWQOnTHWOzs.crl rsync://rpki.ripe.net/repository/DEFAULT/5a/410232-b1fd-4137-832d-bdb21313c3ec/1/NuqgDqd3CYsb8DZ1bWQOnTHWOzs.mft rsync://rpki.ripe.net/repository/DEFAULT/NuqgDqd3CYsb8DZ1bWQOnTHWOzs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 10 Jan 2026 21:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:c7:c8:40:7a:3c:4e:2c:98:4b:c1:21:10:f4:b9:5f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=36eaa00ea777098b1bf036756d640e9d31d63b3b Validity Not Before: Jan 1 18:17:51 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5dba8ec176248e1b749c99dc78d263cd7d9e6cab Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:7b:46:61:22:a5:38:36:51:51:eb:f6:8b:ed: ea:15:61:98:99:60:07:c9:7a:df:4e:4d:ed:48:cc: 1f:37:17:b0:44:7c:61:68:85:f4:51:20:fd:c3:be: d0:81:3b:14:96:06:24:5c:f4:57:72:cc:a1:47:07: 2d:d9:ed:94:5c:04:4c:b7:8a:3a:81:6f:cf:df:9a: e8:aa:ed:d2:54:69:1c:4d:f7:23:78:15:7d:32:4e: dc:2c:14:35:0d:70:42:5a:e8:96:5f:87:e4:a1:ea: 5d:80:2e:b3:c7:ec:07:84:a6:0d:92:a5:c1:0d:46: 66:5e:61:ce:e7:dd:9f:aa:88:c8:ef:a6:d0:7b:95: dc:16:3c:ea:c7:63:53:51:82:b8:bb:0c:87:28:b7: 9c:94:f3:b3:2a:df:e0:fc:7d:7d:c4:cf:22:fb:4a: ec:80:1b:bc:2f:f8:e5:1e:4e:6f:8d:87:95:7c:66: 09:38:20:81:b4:8d:62:2a:16:9d:ea:c9:e2:c7:a8: 74:92:ae:dd:21:ab:91:cb:71:dd:2d:0b:cd:30:aa: ef:41:33:5b:af:32:e7:c0:99:48:ff:4a:8f:75:ef: 5a:fe:2d:4c:0c:c7:98:b6:89:aa:55:5c:43:ac:d9: 6a:34:12:8d:f3:84:92:c9:56:b5:cb:ca:57:cb:7d: 02:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:BA:8E:C1:76:24:8E:1B:74:9C:99:DC:78:D2:63:CD:7D:9E:6C:AB X509v3 Authority Key Identifier: keyid:36:EA:A0:0E:A7:77:09:8B:1B:F0:36:75:6D:64:0E:9D:31:D6:3B:3B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NuqgDqd3CYsb8DZ1bWQOnTHWOzs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/410232-b1fd-4137-832d-bdb21313c3ec/1/XbqOwXYkjht0nJnceNJjzX2ebKs.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/410232-b1fd-4137-832d-bdb21313c3ec/1/NuqgDqd3CYsb8DZ1bWQOnTHWOzs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 195.66.232.0/22 195.66.240.0/22 195.66.248.0/22 IPv6: 2a01:40::/32 Signature Algorithm: sha256WithRSAEncryption 3a:38:33:bd:d3:07:2e:77:7c:df:00:83:ab:86:24:f7:89:e8: a5:21:70:5b:59:8e:05:fe:d7:bc:be:2c:71:da:0d:55:4e:df: 60:5a:d5:59:ac:91:77:34:1d:06:69:8e:e5:df:f9:4a:a9:bc: 21:c1:34:fb:14:f9:37:c5:17:7e:d8:79:31:c9:2f:3e:12:0b: c4:a6:7b:32:8a:ee:94:2e:65:0a:bd:5f:c9:ae:61:d1:76:67: 2d:c9:33:8f:94:b5:1e:c3:0e:df:ca:35:7f:fd:da:a4:a7:7d: 12:5f:ca:4d:95:5f:15:cc:7c:ab:65:44:83:69:f1:1d:22:28: 5e:c2:20:66:1a:e7:2e:b7:96:de:12:73:f3:9b:4a:b4:f0:70: 7f:5f:49:9a:10:12:e0:62:79:99:ee:18:be:25:2a:4d:eb:c0: 9c:11:80:91:80:1c:f0:68:17:de:4c:5c:09:03:cc:2f:9d:e4: 58:6e:a7:99:28:98:ba:70:af:26:37:c9:c4:f8:70:45:5e:5d: aa:19:fd:d4:33:55:11:5e:5f:86:4a:e6:57:3d:1e:e0:fe:b4: b1:a4:e0:83:02:b1:dc:f2:d8:ab:5f:85:fd:6c:06:aa:e6:91: f1:2d:30:a4:44:a5:f1:bb:a2:d3:0b:fe:e7:54:03:e3:8b:71: 8d:a4:2f:01 -----BEGIN CERTIFICATE----- MIIFGDCCBACgAwIBAgISAZt6x8hAejxOLJhLwSEQ9LlfMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM2ZWFhMDBlYTc3NzA5OGIxYmYwMzY3NTZkNjQwZTlkMzFk NjNiM2IwHhcNMjYwMTAxMTgxNzUxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1ZGJhOGVjMTc2MjQ4ZTFiNzQ5Yzk5ZGM3OGQyNjNjZDdkOWU2Y2FiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtHtGYSKlODZRUev2i+3qFWGYmWAH yXrfTk3tSMwfNxewRHxhaIX0USD9w77QgTsUlgYkXPRXcsyhRwct2e2UXARMt4o6 gW/P35roqu3SVGkcTfcjeBV9Mk7cLBQ1DXBCWuiWX4fkoepdgC6zx+wHhKYNkqXB DUZmXmHO592fqojI76bQe5XcFjzqx2NTUYK4uwyHKLeclPOzKt/g/H19xM8i+0rs gBu8L/jlHk5vjYeVfGYJOCCBtI1iKhad6snix6h0kq7dIauRy3HdLQvNMKrvQTNb rzLnwJlI/0qPde9a/i1MDMeYtomqVVxDrNlqNBKN84SSyVa1y8pXy30CowIDAQAB o4ICJDCCAiAwHQYDVR0OBBYEFF26jsF2JI4bdJyZ3HjSY819nmyrMB8GA1UdIwQY MBaAFDbqoA6ndwmLG/A2dW1kDp0x1js7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTnVxZ0RxZDNDWXNiOERaMWJXUU9uVEhXT3pzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS80MTAyMzItYjFmZC00MTM3LTgzMmQt YmRiMjEzMTNjM2VjLzEvWGJxT3dYWWtqaHQwbkpuY2VOSmp6WDJlYktzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81YS80MTAyMzItYjFmZC00MTM3LTgzMmQtYmRiMjEzMTNjM2Vj LzEvTnVxZ0RxZDNDWXNiOERaMWJXUU9uVEhXT3pzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCw0LoAwQC w0LwAwQCw0L4MA0EAgACMAcDBQAqAQBAMA0GCSqGSIb3DQEBCwUAA4IBAQA6ODO9 0wcud3zfAIOrhiT3ieilIXBbWY4F/te8vixx2g1VTt9gWtVZrJF3NB0GaY7l3/lK qbwhwTT7FPk3xRd+2HkxyS8+EgvEpnsyiu6ULmUKvV/JrmHRdmctyTOPlLUeww7f yjV//dqkp30SX8pNlV8VzHyrZUSDafEdIihewiBmGucut5beEnPzm0q08HB/X0ma EBLgYnmZ7hi+JSpN68CcEYCRgBzwaBfeTFwJA8wvneRYbqeZKJi6cK8mN8nE+HBF Xl2qGf3UM1URXl+GSuZXPR7g/rSxpOCDArHc8tirX4X9bAaq5pHxLTCkRKXxu6LT C/7nVAPji3GNpC8B -----END CERTIFICATE-----Generated at Sat Jan 10 07:01:17 2026 by rpki-client