This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/bc268d-61f0-471f-aab9-800eda2cfb36/1/XTs5NFI5GGPmdILyJoe1UZermoY.roa File: XTs5NFI5GGPmdILyJoe1UZermoY.roa (raw, json) Hash identifier: Y8Lo2YH8sWKxYhv5OE189NboWo9z7HM5q1eUAOyY79s= Subject key identifier: 5D:3B:39:34:52:39:18:63:E6:74:82:F2:26:87:B5:51:97:AB:9A:86 Certificate issuer: /CN=0a37d807d4f7cdd3e0afe4abc8ee5a880c6090f1 Certificate serial: 019B797EA4244CDE2253F01328E4FC1F0854 Authority key identifier: 0A:37:D8:07:D4:F7:CD:D3:E0:AF:E4:AB:C8:EE:5A:88:0C:60:90:F1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CjfYB9T3zdPgr-SryO5aiAxgkPE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/bc268d-61f0-471f-aab9-800eda2cfb36/1/XTs5NFI5GGPmdILyJoe1UZermoY.roa Signing time: Thu 01 Jan 2026 12:18:21 +0000 ROA not before: Thu 01 Jan 2026 12:18:21 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 207193 IP address blocks: 2a07:8145::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/88/bc268d-61f0-471f-aab9-800eda2cfb36/1/CjfYB9T3zdPgr-SryO5aiAxgkPE.crl rsync://rpki.ripe.net/repository/DEFAULT/88/bc268d-61f0-471f-aab9-800eda2cfb36/1/CjfYB9T3zdPgr-SryO5aiAxgkPE.mft rsync://rpki.ripe.net/repository/DEFAULT/CjfYB9T3zdPgr-SryO5aiAxgkPE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 06:01:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7e:a4:24:4c:de:22:53:f0:13:28:e4:fc:1f:08:54 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0a37d807d4f7cdd3e0afe4abc8ee5a880c6090f1 Validity Not Before: Jan 1 12:18:21 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5d3b393452391863e67482f22687b55197ab9a86 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8d:b3:7a:de:1b:a4:01:d6:f2:79:9f:b6:09:03: 24:06:10:22:e3:0a:73:11:5f:dc:60:78:82:7b:fd: 93:4d:07:29:0c:9c:0b:f2:5e:29:f9:ca:91:d3:89: a3:b2:3f:be:99:58:33:6b:a4:b5:ef:65:9a:10:37: d2:f3:fb:5b:d7:f4:8d:47:c7:49:a1:a2:52:dc:24: a7:b8:5d:4c:70:e0:bd:7f:f6:94:fd:7f:0e:e1:5c: 75:f3:4b:7a:1c:6b:03:9a:fd:77:83:b9:49:8d:6f: 53:0e:a9:8e:e1:eb:ca:a2:bb:09:7f:9d:d6:7c:c6: a0:0f:70:f0:2a:ea:ec:82:12:65:aa:5f:c9:40:7c: 8f:81:3b:48:f7:bd:6a:d8:6e:97:45:fc:d3:5d:08: e0:9c:e7:9f:28:64:e0:24:cd:99:91:ae:ee:39:de: bb:9d:03:d9:4a:25:7f:78:06:98:7a:0f:cd:a3:00: d9:fc:78:5a:9e:9f:64:7c:97:01:c6:83:df:f3:08: 25:fa:ec:ad:ea:56:0d:7d:66:a7:ed:83:ad:2a:ea: 9b:a9:c8:4e:23:77:2a:3b:c8:71:a3:e1:d0:d4:e2: 1f:26:9d:c6:cd:f9:cc:6a:38:d7:56:53:44:bf:5e: 22:5c:4a:ed:43:81:34:47:e9:ac:c1:0a:25:d0:17: e2:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:3B:39:34:52:39:18:63:E6:74:82:F2:26:87:B5:51:97:AB:9A:86 X509v3 Authority Key Identifier: keyid:0A:37:D8:07:D4:F7:CD:D3:E0:AF:E4:AB:C8:EE:5A:88:0C:60:90:F1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CjfYB9T3zdPgr-SryO5aiAxgkPE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/bc268d-61f0-471f-aab9-800eda2cfb36/1/XTs5NFI5GGPmdILyJoe1UZermoY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/88/bc268d-61f0-471f-aab9-800eda2cfb36/1/CjfYB9T3zdPgr-SryO5aiAxgkPE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a07:8145::/36 Signature Algorithm: sha256WithRSAEncryption 7a:f7:10:0b:3a:95:01:63:05:69:1a:c0:11:4e:e2:35:2d:1c: bf:7b:e2:38:cd:d6:66:6d:cf:6e:60:e4:20:02:32:95:51:14: 07:8d:0b:81:b4:41:62:d6:bc:70:a9:8f:b6:6d:a6:f0:02:90: f0:f2:6e:51:6e:8d:eb:5d:ef:72:b2:ad:4f:03:50:63:62:39: 5a:c5:8c:bc:ba:86:a7:f0:94:72:4e:ad:1d:6f:dd:af:13:f6: fe:7e:30:20:88:63:47:cb:f8:39:7f:fd:ab:68:ef:11:22:05: f0:b7:3e:b9:28:14:c6:40:7c:a5:a7:17:cd:ce:b4:99:59:c6: 60:44:4d:2f:98:a1:93:89:25:42:49:27:c5:d5:4f:88:c3:e1: a3:29:5d:8f:7d:ab:8a:75:17:96:00:69:ed:9d:f1:ab:94:57: b7:04:41:d0:91:55:08:6b:a9:ee:63:51:a6:fd:96:75:cd:8f: cc:16:15:46:72:cd:6a:aa:42:e8:7d:96:e7:37:0c:85:43:cb: 54:59:95:96:9b:fb:ee:8b:a0:ee:7b:1c:10:27:7f:20:6d:4c: 8d:51:13:ea:17:83:ec:fb:78:0e:64:ff:bf:0a:35:64:31:a5: 5c:51:61:a6:4e:f3:a2:62:c5:16:64:ef:9d:c6:8b:38:fb:8b: 03:20:77:46 -----BEGIN CERTIFICATE----- MIIE/zCCA+egAwIBAgISAZt5fqQkTN4iU/ATKOT8HwhUMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBhMzdkODA3ZDRmN2NkZDNlMGFmZTRhYmM4ZWU1YTg4MGM2 MDkwZjEwHhcNMjYwMTAxMTIxODIxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1ZDNiMzkzNDUyMzkxODYzZTY3NDgyZjIyNjg3YjU1MTk3YWI5YTg2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjbN63hukAdbyeZ+2CQMkBhAi4wpz EV/cYHiCe/2TTQcpDJwL8l4p+cqR04mjsj++mVgza6S172WaEDfS8/tb1/SNR8dJ oaJS3CSnuF1McOC9f/aU/X8O4Vx180t6HGsDmv13g7lJjW9TDqmO4evKorsJf53W fMagD3DwKursghJlql/JQHyPgTtI971q2G6XRfzTXQjgnOefKGTgJM2Zka7uOd67 nQPZSiV/eAaYeg/NowDZ/Hhanp9kfJcBxoPf8wgl+uyt6lYNfWan7YOtKuqbqchO I3cqO8hxo+HQ1OIfJp3GzfnMajjXVlNEv14iXErtQ4E0R+mswQol0BfiswIDAQAB o4ICCzCCAgcwHQYDVR0OBBYEFF07OTRSORhj5nSC8iaHtVGXq5qGMB8GA1UdIwQY MBaAFAo32AfU983T4K/kq8juWogMYJDxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQ2pmWUI5VDN6ZFBnci1TcnlPNWFpQXhna1BFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC9iYzI2OGQtNjFmMC00NzFmLWFhYjkt ODAwZWRhMmNmYjM2LzEvWFRzNU5GSTVHR1BtZElMeUpvZTFVWmVybW9ZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84OC9iYzI2OGQtNjFmMC00NzFmLWFhYjktODAwZWRhMmNmYjM2 LzEvQ2pmWUI5VDN6ZFBnci1TcnlPNWFpQXhna1BFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYEKgeBRQAw DQYJKoZIhvcNAQELBQADggEBAHr3EAs6lQFjBWkawBFO4jUtHL974jjN1mZtz25g 5CACMpVRFAeNC4G0QWLWvHCpj7ZtpvACkPDyblFujetd73KyrU8DUGNiOVrFjLy6 hqfwlHJOrR1v3a8T9v5+MCCIY0fL+Dl//ato7xEiBfC3PrkoFMZAfKWnF83OtJlZ xmBETS+YoZOJJUJJJ8XVT4jD4aMpXY99q4p1F5YAae2d8auUV7cEQdCRVQhrqe5j Uab9lnXNj8wWFUZyzWqqQuh9luc3DIVDy1RZlZab++6LoO57HBAnfyBtTI1RE+oX g+z7eA5k/78KNWQxpVxRYaZO86JixRZk753Gizj7iwMgd0Y= -----END CERTIFICATE-----Generated at Mon Jan 26 13:45:08 2026 by rpki-client