This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/499c41-945e-4da3-a498-9209f7b7ef81/1/XSFTvG30peL-Kn62TsHybP5e2LQ.roa File: XSFTvG30peL-Kn62TsHybP5e2LQ.roa (raw, json) Hash identifier: hKqS2z7qaczfk09NCF5iaBR9nZGsLrOWfkCwmF1NQns= Subject key identifier: 5D:21:53:BC:6D:F4:A5:E2:FE:2A:7E:B6:4E:C1:F2:6C:FE:5E:D8:B4 Certificate issuer: /CN=c39bc30a748960b227a1bf26216067edd05c1a7d Certificate serial: 019B7758DE02563581C991F286B6D8DBABF8 Authority key identifier: C3:9B:C3:0A:74:89:60:B2:27:A1:BF:26:21:60:67:ED:D0:5C:1A:7D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w5vDCnSJYLInob8mIWBn7dBcGn0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/499c41-945e-4da3-a498-9209f7b7ef81/1/XSFTvG30peL-Kn62TsHybP5e2LQ.roa Signing time: Thu 01 Jan 2026 02:17:51 +0000 ROA not before: Thu 01 Jan 2026 02:17:51 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 51683 IP address blocks: 31.40.241.0/24 maxlen: 24 31.40.243.0/24 maxlen: 24 185.9.138.0/24 maxlen: 24 185.115.209.0/24 maxlen: 24 2a07:9d40::/48 maxlen: 48 2a07:9d40:1::/48 maxlen: 48 2a07:9d40:2::/48 maxlen: 48 2a07:9d40:3::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/88/499c41-945e-4da3-a498-9209f7b7ef81/1/w5vDCnSJYLInob8mIWBn7dBcGn0.crl rsync://rpki.ripe.net/repository/DEFAULT/88/499c41-945e-4da3-a498-9209f7b7ef81/1/w5vDCnSJYLInob8mIWBn7dBcGn0.mft rsync://rpki.ripe.net/repository/DEFAULT/w5vDCnSJYLInob8mIWBn7dBcGn0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 20:01:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:58:de:02:56:35:81:c9:91:f2:86:b6:d8:db:ab:f8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c39bc30a748960b227a1bf26216067edd05c1a7d Validity Not Before: Jan 1 02:17:51 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5d2153bc6df4a5e2fe2a7eb64ec1f26cfe5ed8b4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:5a:b6:a4:9e:1b:72:b5:25:a0:2a:bb:91:a9: d6:72:1e:5d:75:ad:40:0b:d6:c4:26:da:74:7d:21: a7:24:1f:5c:b1:21:6c:62:46:79:63:65:2f:86:67: c0:02:75:bb:03:11:f7:d8:31:0e:0a:8f:27:78:a0: 82:0d:85:0a:d4:24:7d:cb:09:8c:ab:bb:80:5e:3d: fc:98:20:1a:15:4f:3f:9e:af:82:e7:fa:0d:ae:4d: 70:e0:03:3e:95:5d:63:d4:61:2a:50:63:f0:c8:5b: ed:6e:bf:b1:d7:e1:e1:64:50:af:38:05:23:5d:23: c9:a9:2e:2d:07:f2:e3:ff:d3:cb:69:94:34:11:1c: bb:98:a7:85:56:12:29:ea:3f:f6:1c:21:b2:06:e8: 0c:2b:b5:a6:c4:65:89:ee:56:5c:f4:44:e1:f8:bb: 39:4a:5d:2e:28:52:f8:0a:a1:73:d3:c2:b6:b7:3e: c3:12:a9:95:f5:0a:61:5e:b7:da:9c:0e:95:4f:bc: 68:e4:2e:04:fe:ad:c4:6c:c8:11:f4:ff:a4:4e:64: 83:c8:f8:31:28:7f:b4:2a:c6:48:63:f8:21:1c:a3: 96:45:fb:ba:25:25:60:8c:04:e0:05:dd:f0:91:d2: 3c:7f:8b:aa:ba:1c:2a:f0:90:6c:5c:0f:92:1f:4e: 1f:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:21:53:BC:6D:F4:A5:E2:FE:2A:7E:B6:4E:C1:F2:6C:FE:5E:D8:B4 X509v3 Authority Key Identifier: keyid:C3:9B:C3:0A:74:89:60:B2:27:A1:BF:26:21:60:67:ED:D0:5C:1A:7D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w5vDCnSJYLInob8mIWBn7dBcGn0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/499c41-945e-4da3-a498-9209f7b7ef81/1/XSFTvG30peL-Kn62TsHybP5e2LQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/88/499c41-945e-4da3-a498-9209f7b7ef81/1/w5vDCnSJYLInob8mIWBn7dBcGn0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.40.241.0/24 31.40.243.0/24 185.9.138.0/24 185.115.209.0/24 IPv6: 2a07:9d40::/46 Signature Algorithm: sha256WithRSAEncryption 37:c2:40:c2:10:df:e3:37:ea:2c:0e:36:15:83:c0:9f:6d:fd: 39:41:54:90:03:3e:cd:19:72:30:04:2e:89:d4:2a:14:2f:6f: a4:ea:1d:52:f5:d5:04:5a:46:da:d9:45:02:26:86:e1:d7:6f: 54:bd:b9:d5:1b:9d:21:2e:ca:30:b3:b6:40:5a:37:52:f6:27: 29:0f:d2:1a:21:fc:48:9b:f5:f1:d7:ff:5f:e4:a6:80:76:5e: 83:ac:34:e7:19:00:93:b8:5f:95:07:7f:a3:59:bf:b4:16:97: 7e:99:3d:0c:af:11:c3:b1:62:7a:a9:4d:c8:da:5c:9d:e3:da: f6:51:4a:4c:f4:03:67:12:12:77:e5:98:2d:2d:4f:49:0c:60: 22:96:f7:f5:81:7a:f6:85:0b:28:1f:33:6a:da:9a:01:c0:e7: e4:18:83:f2:4f:8d:30:50:92:4f:20:1a:dc:59:4a:dc:fc:9d: 3a:2d:5a:40:4b:de:8f:5d:1a:1c:cf:d4:38:a3:51:1f:94:bd: cb:7b:0c:ff:aa:12:65:b5:cd:76:7b:55:73:0d:15:f7:cb:43: 8f:33:3f:c9:d4:66:51:fd:f4:b1:a7:47:05:51:96:2c:75:d4: 80:1c:c5:96:b8:da:fb:cc:7f:67:fb:3a:7c:3e:bf:3c:9e:81: c6:e1:12:a6 -----BEGIN CERTIFICATE----- MIIFIDCCBAigAwIBAgISAZt3WN4CVjWByZHyhrbY26v4MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGMzOWJjMzBhNzQ4OTYwYjIyN2ExYmYyNjIxNjA2N2VkZDA1 YzFhN2QwHhcNMjYwMTAxMDIxNzUxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1ZDIxNTNiYzZkZjRhNWUyZmUyYTdlYjY0ZWMxZjI2Y2ZlNWVkOGI0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5Vq2pJ4bcrUloCq7kanWch5dda1A C9bEJtp0fSGnJB9csSFsYkZ5Y2UvhmfAAnW7AxH32DEOCo8neKCCDYUK1CR9ywmM q7uAXj38mCAaFU8/nq+C5/oNrk1w4AM+lV1j1GEqUGPwyFvtbr+x1+HhZFCvOAUj XSPJqS4tB/Lj/9PLaZQ0ERy7mKeFVhIp6j/2HCGyBugMK7WmxGWJ7lZc9ETh+Ls5 Sl0uKFL4CqFz08K2tz7DEqmV9QphXrfanA6VT7xo5C4E/q3EbMgR9P+kTmSDyPgx KH+0KsZIY/ghHKOWRfu6JSVgjATgBd3wkdI8f4uquhwq8JBsXA+SH04fmQIDAQAB o4ICLDCCAigwHQYDVR0OBBYEFF0hU7xt9KXi/ip+tk7B8mz+Xti0MB8GA1UdIwQY MBaAFMObwwp0iWCyJ6G/JiFgZ+3QXBp9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdzV2RENuU0pZTElub2I4bUlXQm43ZEJjR24wLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC80OTljNDEtOTQ1ZS00ZGEzLWE0OTgt OTIwOWY3YjdlZjgxLzEvWFNGVHZHMzBwZUwtS242MlRzSHliUDVlMkxRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84OC80OTljNDEtOTQ1ZS00ZGEzLWE0OTgtOTIwOWY3YjdlZjgx LzEvdzV2RENuU0pZTElub2I4bUlXQm43ZEJjR24wLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAeBAIAATAYAwQAHyjxAwQA HyjzAwQAuQmKAwQAuXPRMA8EAgACMAkDBwIqB51AAAAwDQYJKoZIhvcNAQELBQAD ggEBADfCQMIQ3+M36iwONhWDwJ9t/TlBVJADPs0ZcjAELonUKhQvb6TqHVL11QRa RtrZRQImhuHXb1S9udUbnSEuyjCztkBaN1L2JykP0hoh/Eib9fHX/1/kpoB2XoOs NOcZAJO4X5UHf6NZv7QWl36ZPQyvEcOxYnqpTcjaXJ3j2vZRSkz0A2cSEnflmC0t T0kMYCKW9/WBevaFCygfM2ramgHA5+QYg/JPjTBQkk8gGtxZStz8nTotWkBL3o9d GhzP1DijUR+Uvct7DP+qEmW1zXZ7VXMNFffLQ48zP8nUZlH99LGnRwVRlix11IAc xZa42vvMf2f7Onw+vzyegcbhEqY= -----END CERTIFICATE-----Generated at Tue Feb 10 03:10:18 2026 by rpki-client