This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/XK4xjo1ROyFyoYCyWJ9VEytbc3Q.roa File: XK4xjo1ROyFyoYCyWJ9VEytbc3Q.roa (raw, json) Hash identifier: Fb/JtIzVLy3Pl8mc5ouJEJI4i5g3D7WN3YQNU4XsdtE= Subject key identifier: 5C:AE:31:8E:8D:51:3B:21:72:A1:80:B2:58:9F:55:13:2B:5B:73:74 Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0 Certificate serial: 019B7DCBAA27DA73C540FC5210B2570AECBD Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/XK4xjo1ROyFyoYCyWJ9VEytbc3Q.roa Signing time: Fri 02 Jan 2026 08:20:57 +0000 ROA not before: Fri 02 Jan 2026 08:20:57 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 393942 IP address blocks: 151.242.89.0/24 maxlen: 24 151.244.199.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 18 Jan 2026 21:00:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:cb:aa:27:da:73:c5:40:fc:52:10:b2:57:0a:ec:bd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0 Validity Not Before: Jan 2 08:20:57 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5cae318e8d513b2172a180b2589f55132b5b7374 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:3f:c4:a5:4e:d9:3f:79:c2:a9:84:ff:76:01: c1:ac:6c:15:31:d2:a8:f6:7d:da:21:c3:22:04:8d: a9:0c:6f:3e:3f:dd:0f:68:64:76:bd:b9:5a:8d:d5: 93:e4:f3:77:00:ef:03:66:5a:47:bd:ce:43:12:59: d0:ae:e1:99:46:b8:d7:70:67:aa:2e:d4:40:bc:d2: 89:ac:31:20:aa:89:60:bd:62:1a:50:2b:f7:bb:f7: ec:54:44:c7:85:8e:bc:77:fb:fd:d8:1f:5b:8b:e2: 96:7e:c3:9a:bd:de:79:8f:f3:67:18:6e:ae:e2:36: e3:af:75:24:6a:0e:dc:37:f7:55:d5:07:d5:3b:e2: 33:d8:7f:e4:72:a2:49:29:58:00:8a:98:69:b9:13: 80:d5:97:58:c1:e0:be:0a:4a:b7:a6:4a:23:cb:c7: 44:36:2a:cf:81:fb:15:01:5c:69:7f:3d:92:76:1c: 6a:7a:b4:a7:72:bc:4c:3e:33:ff:a8:18:94:26:29: f9:5a:52:78:93:70:8d:a9:be:dd:1a:94:a4:57:59: f3:4e:f3:4a:60:14:8c:6f:fb:8d:bf:46:a6:65:bf: b5:ce:d3:df:78:e7:59:6f:a9:4a:5a:73:b8:b6:1c: f9:df:06:cd:d3:bd:af:c4:6c:1a:a2:55:24:b0:bf: 2c:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5C:AE:31:8E:8D:51:3B:21:72:A1:80:B2:58:9F:55:13:2B:5B:73:74 X509v3 Authority Key Identifier: keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/XK4xjo1ROyFyoYCyWJ9VEytbc3Q.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 151.242.89.0/24 151.244.199.0/24 Signature Algorithm: sha256WithRSAEncryption 19:87:8d:50:54:b1:ba:d3:49:25:f7:45:4b:f2:f7:ee:74:fa: fe:ff:ad:ba:cc:2b:81:a3:01:a3:b0:08:e8:64:c4:09:d5:e1: 3f:bb:f4:de:39:7f:da:9a:85:0f:c5:e2:05:4c:0a:69:64:b0: 99:13:ad:2e:7d:14:f1:86:63:c7:4b:5f:73:85:13:9f:18:5d: b5:8a:c6:90:6c:f5:85:6c:8c:e8:46:57:76:79:e1:f7:bc:0e: 79:3a:f1:a6:6d:57:16:36:33:e5:b6:d6:20:fa:e1:45:39:36: b1:ce:72:61:50:38:7d:e9:c8:61:a6:db:be:69:8e:76:90:27: 06:19:6b:79:eb:82:d4:ad:c7:ce:d0:f3:ab:f9:02:b8:dc:2b: 10:7a:95:31:72:fb:3b:54:10:07:9b:84:3e:df:37:72:92:43: ce:a5:ef:6e:29:5a:ea:69:9f:1e:da:4b:bd:2f:18:47:ec:75: a2:18:17:a2:a9:fb:8b:95:f5:9d:d5:7e:f6:a6:14:5d:14:8b: 56:79:75:39:b0:86:fb:c3:ed:aa:a0:f5:3b:be:15:24:62:ea: b5:77:26:57:79:17:a4:05:af:70:41:39:fc:bc:be:7a:10:42: 1d:d2:14:75:08:e7:62:52:07:f6:ba:4a:55:50:da:78:23:97: 2f:33:41:40 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt9y6on2nPFQPxSELJXCuy9MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh NWE0YzAwHhcNMjYwMTAyMDgyMDU3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1Y2FlMzE4ZThkNTEzYjIxNzJhMTgwYjI1ODlmNTUxMzJiNWI3Mzc0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvT/EpU7ZP3nCqYT/dgHBrGwVMdKo 9n3aIcMiBI2pDG8+P90PaGR2vblajdWT5PN3AO8DZlpHvc5DElnQruGZRrjXcGeq LtRAvNKJrDEgqolgvWIaUCv3u/fsVETHhY68d/v92B9bi+KWfsOavd55j/NnGG6u 4jbjr3Ukag7cN/dV1QfVO+Iz2H/kcqJJKVgAiphpuROA1ZdYweC+Ckq3pkojy8dE NirPgfsVAVxpfz2SdhxqerSncrxMPjP/qBiUJin5WlJ4k3CNqb7dGpSkV1nzTvNK YBSMb/uNv0amZb+1ztPfeOdZb6lKWnO4thz53wbN072vxGwaolUksL8sAQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFFyuMY6NUTshcqGAslifVRMrW3N0MB8GA1UdIwQY MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt MTdiOWRlMTQxMjUyLzEvWEs0eGpvMVJPeUZ5b1lDeVdKOVZFeXRiYzNRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAl/JZAwQA l/THMA0GCSqGSIb3DQEBCwUAA4IBAQAZh41QVLG600kl90VL8vfudPr+/626zCuB owGjsAjoZMQJ1eE/u/TeOX/amoUPxeIFTAppZLCZE60ufRTxhmPHS19zhROfGF21 isaQbPWFbIzoRld2eeH3vA55OvGmbVcWNjPlttYg+uFFOTaxznJhUDh96chhptu+ aY52kCcGGWt564LUrcfO0POr+QK43CsQepUxcvs7VBAHm4Q+3zdykkPOpe9uKVrq aZ8e2ku9LxhH7HWiGBeiqfuLlfWd1X72phRdFItWeXU5sIb7w+2qoPU7vhUkYuq1 dyZXeRekBa9wQTn8vL56EEId0hR1COdiUgf2ukpVUNp4I5cvM0FA -----END CERTIFICATE-----Generated at Sun Jan 18 06:27:19 2026 by rpki-client