This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/acd7e3-9c76-4ff6-b5ae-ee80a2d2952d/1/xBNYTN26rjrftroj6bw53BOmtsE.roa File: xBNYTN26rjrftroj6bw53BOmtsE.roa (raw, json) Hash identifier: aH3rJts1biSMOKPSezn36e6c7+ndTrVwqPqYWonjaSQ= Subject key identifier: C4:13:58:4C:DD:BA:AE:3A:DF:B6:BA:23:E9:BC:39:DC:13:A6:B6:C1 Certificate issuer: /CN=5d81d1ff45b1547c00a84b46ef99eca2dfbd45bc Certificate serial: 019B7EA4C71A70934EA6FBA7A68B23A3248D Authority key identifier: 5D:81:D1:FF:45:B1:54:7C:00:A8:4B:46:EF:99:EC:A2:DF:BD:45:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XYHR_0WxVHwAqEtG75nsot-9Rbw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/acd7e3-9c76-4ff6-b5ae-ee80a2d2952d/1/xBNYTN26rjrftroj6bw53BOmtsE.roa Signing time: Fri 02 Jan 2026 12:18:06 +0000 ROA not before: Fri 02 Jan 2026 12:18:06 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 48362 IP address blocks: 45.152.52.0/22 maxlen: 24 86.111.44.0/22 maxlen: 24 91.195.116.0/23 maxlen: 24 94.199.168.0/21 maxlen: 21 185.31.212.0/22 maxlen: 22 185.252.36.0/22 maxlen: 22 2a02:1688::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/acd7e3-9c76-4ff6-b5ae-ee80a2d2952d/1/XYHR_0WxVHwAqEtG75nsot-9Rbw.crl rsync://rpki.ripe.net/repository/DEFAULT/72/acd7e3-9c76-4ff6-b5ae-ee80a2d2952d/1/XYHR_0WxVHwAqEtG75nsot-9Rbw.mft rsync://rpki.ripe.net/repository/DEFAULT/XYHR_0WxVHwAqEtG75nsot-9Rbw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a4:c7:1a:70:93:4e:a6:fb:a7:a6:8b:23:a3:24:8d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5d81d1ff45b1547c00a84b46ef99eca2dfbd45bc Validity Not Before: Jan 2 12:18:06 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=c413584cddbaae3adfb6ba23e9bc39dc13a6b6c1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:55:a2:e9:93:33:a1:25:d1:88:68:e4:0d:03: 47:a7:d6:02:ed:2b:36:29:0c:6e:d0:a3:d2:8b:f6: 49:46:90:51:2b:7e:64:9f:93:2a:3e:cd:e7:c4:f9: 41:f1:b2:39:0b:29:77:d5:40:46:72:8e:a5:4b:82: d0:28:c3:a4:27:bb:86:19:77:07:25:ed:c0:35:2d: 20:05:7e:4c:55:fc:7a:99:68:0d:d6:91:35:71:ad: 3a:62:d8:0f:8d:96:39:dd:04:7d:a9:4c:c9:87:3d: b0:9b:ae:bc:d8:d4:e8:c3:13:30:63:2c:81:99:36: 37:c7:bb:ac:5a:65:3a:15:b0:ea:c6:0c:24:3f:f7: 1f:90:ad:e7:18:6b:62:2a:0f:82:7e:85:4c:69:1d: f0:f6:92:fb:f0:30:c1:82:19:20:b3:17:2f:b2:b6: 3d:13:5a:29:0c:be:ca:7f:26:27:76:46:08:8e:9f: 15:9f:55:e3:6c:7d:97:0b:46:8b:ce:4e:4e:1d:aa: 72:85:cd:95:64:77:56:bb:a6:c7:3e:28:b8:f5:67: 8f:e5:3c:a5:30:cc:a4:cc:b5:b0:27:4f:84:c4:0b: 13:57:bf:5e:e5:6b:42:4d:9c:39:43:c8:e3:17:16: 4f:be:3c:7b:ee:ac:ee:1d:41:0d:28:c3:09:97:9c: b9:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C4:13:58:4C:DD:BA:AE:3A:DF:B6:BA:23:E9:BC:39:DC:13:A6:B6:C1 X509v3 Authority Key Identifier: keyid:5D:81:D1:FF:45:B1:54:7C:00:A8:4B:46:EF:99:EC:A2:DF:BD:45:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XYHR_0WxVHwAqEtG75nsot-9Rbw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/acd7e3-9c76-4ff6-b5ae-ee80a2d2952d/1/xBNYTN26rjrftroj6bw53BOmtsE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/72/acd7e3-9c76-4ff6-b5ae-ee80a2d2952d/1/XYHR_0WxVHwAqEtG75nsot-9Rbw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.152.52.0/22 86.111.44.0/22 91.195.116.0/23 94.199.168.0/21 185.31.212.0/22 185.252.36.0/22 IPv6: 2a02:1688::/32 Signature Algorithm: sha256WithRSAEncryption 2c:69:c3:ee:5e:ca:b3:1b:94:5d:b5:e2:9c:f5:11:5e:27:05: 9b:be:e7:77:cc:33:ba:9b:88:c0:fa:7b:26:ab:fb:4a:61:63: 40:06:9e:f4:d8:b4:de:c8:de:c1:fb:b7:0b:9a:ee:4e:f8:f5: dc:c2:d0:fc:26:87:40:8a:c3:f7:45:01:c9:47:51:0a:90:a1: 48:5c:38:90:f0:09:08:8e:7c:fa:28:04:81:d0:fa:c3:27:ad: 43:74:c4:97:24:d7:98:76:3b:11:da:d2:6c:20:2e:f3:46:fb: 29:12:a6:cf:b3:25:9b:0a:e5:d9:0c:ec:6d:9a:a4:5c:92:3e: 1a:f0:2c:dc:fa:f8:4d:1c:9b:67:f9:ec:ef:5a:48:bb:c0:d8: c1:6f:d1:84:a4:3d:81:fb:37:e8:74:f9:bb:80:51:e7:cd:7d: 30:19:6e:53:03:a0:73:9e:67:74:64:c1:5c:8e:31:75:9a:d6: 5f:ac:83:c9:87:2f:fb:b4:ee:68:07:72:2b:c9:61:c3:70:fd: ee:dd:f7:43:c5:4a:97:6f:23:bd:64:6e:8b:fc:bf:6a:3e:28: c4:b2:dd:51:dd:34:42:65:b1:7d:93:13:80:26:2e:db:18:e6: c2:24:0a:41:a8:d6:fe:25:b6:73:44:f6:90:b8:c2:5f:a2:e5: 4d:55:a1:ec -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgISAZt+pMcacJNOpvunposjoySNMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVkODFkMWZmNDViMTU0N2MwMGE4NGI0NmVmOTllY2EyZGZi ZDQ1YmMwHhcNMjYwMTAyMTIxODA2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjNDEzNTg0Y2RkYmFhZTNhZGZiNmJhMjNlOWJjMzlkYzEzYTZiNmMxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5FWi6ZMzoSXRiGjkDQNHp9YC7Ss2 KQxu0KPSi/ZJRpBRK35kn5MqPs3nxPlB8bI5Cyl31UBGco6lS4LQKMOkJ7uGGXcH Je3ANS0gBX5MVfx6mWgN1pE1ca06YtgPjZY53QR9qUzJhz2wm6682NTowxMwYyyB mTY3x7usWmU6FbDqxgwkP/cfkK3nGGtiKg+CfoVMaR3w9pL78DDBghkgsxcvsrY9 E1opDL7KfyYndkYIjp8Vn1XjbH2XC0aLzk5OHapyhc2VZHdWu6bHPii49WeP5Tyl MMykzLWwJ0+ExAsTV79e5WtCTZw5Q8jjFxZPvjx77qzuHUENKMMJl5y57wIDAQAB o4ICNjCCAjIwHQYDVR0OBBYEFMQTWEzduq4637a6I+m8OdwTprbBMB8GA1UdIwQY MBaAFF2B0f9FsVR8AKhLRu+Z7KLfvUW8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWFlIUl8wV3hWSHdBcUV0Rzc1bnNvdC05UmJ3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9hY2Q3ZTMtOWM3Ni00ZmY2LWI1YWUt ZWU4MGEyZDI5NTJkLzEveEJOWVROMjZyanJmdHJvajZidzUzQk9tdHNFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83Mi9hY2Q3ZTMtOWM3Ni00ZmY2LWI1YWUtZWU4MGEyZDI5NTJk LzEvWFlIUl8wV3hWSHdBcUV0Rzc1bnNvdC05UmJ3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQCLZg0AwQC Vm8sAwQBW8N0AwQDXseoAwQCuR/UAwQCufwkMA0EAgACMAcDBQAqAhaIMA0GCSqG SIb3DQEBCwUAA4IBAQAsacPuXsqzG5RdteKc9RFeJwWbvud3zDO6m4jA+nsmq/tK YWNABp702LTeyN7B+7cLmu5O+PXcwtD8JodAisP3RQHJR1EKkKFIXDiQ8AkIjnz6 KASB0PrDJ61DdMSXJNeYdjsR2tJsIC7zRvspEqbPsyWbCuXZDOxtmqRckj4a8Czc +vhNHJtn+ezvWki7wNjBb9GEpD2B+zfodPm7gFHnzX0wGW5TA6Bznmd0ZMFcjjF1 mtZfrIPJhy/7tO5oB3IryWHDcP3u3fdDxUqXbyO9ZG6L/L9qPijEst1R3TRCZbF9 kxOAJi7bGObCJApBqNb+JbZzRPaQuMJfouVNVaHs -----END CERTIFICATE-----Generated at Mon Feb 9 22:37:02 2026 by rpki-client