This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/ab5500-f623-4a54-9ae2-ffe21ef98674/1/xH257Ita99JSrD30t-FgGckL_c0.roa File: xH257Ita99JSrD30t-FgGckL_c0.roa (raw, json) Hash identifier: kAypEhDEhvCkWwiznIgU1OvSjM0MFH33T7oLBUENq4Q= Subject key identifier: C4:7D:B9:EC:8B:5A:F7:D2:52:AC:3D:F4:B7:E1:60:19:C9:0B:FD:CD Certificate issuer: /CN=eb23a5f47ec67e925a92491ab99b24ba371183f1 Certificate serial: 019B7E3773FC9885606BAEA84562B2600F42 Authority key identifier: EB:23:A5:F4:7E:C6:7E:92:5A:92:49:1A:B9:9B:24:BA:37:11:83:F1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6yOl9H7GfpJakkkauZskujcRg_E.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/ab5500-f623-4a54-9ae2-ffe21ef98674/1/xH257Ita99JSrD30t-FgGckL_c0.roa Signing time: Fri 02 Jan 2026 10:18:41 +0000 ROA not before: Fri 02 Jan 2026 10:18:41 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 210872 IP address blocks: 193.168.8.0/23 maxlen: 24 193.168.8.0/24 maxlen: 24 193.168.9.0/24 maxlen: 24 2a14:e480::/48 maxlen: 48 2a14:e480:1::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/ab5500-f623-4a54-9ae2-ffe21ef98674/1/6yOl9H7GfpJakkkauZskujcRg_E.crl rsync://rpki.ripe.net/repository/DEFAULT/90/ab5500-f623-4a54-9ae2-ffe21ef98674/1/6yOl9H7GfpJakkkauZskujcRg_E.mft rsync://rpki.ripe.net/repository/DEFAULT/6yOl9H7GfpJakkkauZskujcRg_E.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 30 Jan 2026 01:01:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:37:73:fc:98:85:60:6b:ae:a8:45:62:b2:60:0f:42 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=eb23a5f47ec67e925a92491ab99b24ba371183f1 Validity Not Before: Jan 2 10:18:41 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=c47db9ec8b5af7d252ac3df4b7e16019c90bfdcd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:dd:38:00:99:c7:6d:b1:d7:49:fe:6e:7f:d8: 27:02:ae:fd:ef:94:ea:30:b0:c2:65:7b:0b:49:b6: 01:51:42:fa:59:a9:a2:bb:b8:81:39:70:ef:8b:44: 77:7c:0e:b7:55:c3:41:cb:27:c1:14:65:06:42:c9: 19:c0:f1:16:28:83:51:3d:2a:a7:b5:57:da:d8:ec: fb:c5:98:10:13:f6:51:a2:b9:f9:b1:31:f8:e9:d2: 2e:c3:ed:67:31:70:38:46:02:87:aa:64:fd:70:a2: 1a:43:e8:09:1f:32:90:50:f8:09:7e:b2:c8:82:b6: 09:df:49:f6:fe:e9:a5:30:df:82:74:7b:79:45:da: df:b9:90:46:ff:56:5c:5a:17:c0:22:67:f9:ba:18: a6:6c:45:a2:66:d9:9b:af:be:84:71:a3:0b:31:96: f2:21:1d:02:a9:90:6a:9b:0a:ef:a1:5c:73:e7:17: 5c:f8:fc:3e:a4:75:f8:19:fd:4f:95:32:a6:5d:db: 7c:49:80:69:12:66:81:1a:cb:b6:4a:c6:71:9e:f5: b9:81:67:ea:54:16:61:63:a0:df:61:1c:98:67:f4: 3f:aa:b2:ab:bc:9a:bb:17:78:f3:ce:b9:13:e0:46: 94:8f:45:74:bc:fe:5e:d5:a1:8c:b0:89:5e:89:8d: dd:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C4:7D:B9:EC:8B:5A:F7:D2:52:AC:3D:F4:B7:E1:60:19:C9:0B:FD:CD X509v3 Authority Key Identifier: keyid:EB:23:A5:F4:7E:C6:7E:92:5A:92:49:1A:B9:9B:24:BA:37:11:83:F1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6yOl9H7GfpJakkkauZskujcRg_E.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/ab5500-f623-4a54-9ae2-ffe21ef98674/1/xH257Ita99JSrD30t-FgGckL_c0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/90/ab5500-f623-4a54-9ae2-ffe21ef98674/1/6yOl9H7GfpJakkkauZskujcRg_E.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 193.168.8.0/23 IPv6: 2a14:e480::/47 Signature Algorithm: sha256WithRSAEncryption 82:a5:78:95:7d:40:c8:f0:9b:1e:5f:a2:ed:96:e7:9f:88:3a: 4b:7d:ce:20:14:7d:7c:c1:5f:b4:cc:d0:47:73:a4:56:cc:80: b1:ea:22:11:a2:24:0f:d0:b5:3c:50:26:e8:6f:62:93:35:bb: 8e:44:ad:44:82:be:fc:62:26:b5:01:08:c3:4f:b2:8b:d6:60: c6:aa:97:66:6a:c4:2e:0a:8c:68:58:b8:5b:47:2e:17:ad:96: 0e:d9:5a:d3:94:0a:be:88:86:a8:ff:a0:a5:73:e2:5a:12:68: bf:08:33:c1:11:26:ed:04:be:4c:df:27:5b:f5:dd:c8:cc:03: 23:70:71:da:9d:58:43:18:e8:07:6d:2b:5b:c3:78:0a:a9:c2: b2:6d:45:e0:6f:69:ed:2c:d7:0c:88:cc:97:f3:ac:05:42:f8: 61:57:be:73:8f:f3:58:03:12:93:3c:73:4a:67:06:3a:f3:17: 3a:ca:0d:b0:93:33:06:06:df:7f:61:79:af:25:71:6d:80:2b: a8:58:0a:53:b3:1f:d6:32:e9:4b:eb:3b:ba:08:04:91:c9:e3: 97:89:b6:5e:e0:ca:b8:fb:d6:c6:c1:07:7d:70:8f:3a:43:bd: 1c:c6:a9:88:54:02:3c:43:0f:bf:04:2d:bc:ea:03:17:74:2d: f7:91:e9:d9 -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgISAZt+N3P8mIVga66oRWKyYA9CMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGViMjNhNWY0N2VjNjdlOTI1YTkyNDkxYWI5OWIyNGJhMzcx MTgzZjEwHhcNMjYwMTAyMTAxODQxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjNDdkYjllYzhiNWFmN2QyNTJhYzNkZjRiN2UxNjAxOWM5MGJmZGNkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp904AJnHbbHXSf5uf9gnAq7975Tq MLDCZXsLSbYBUUL6Wamiu7iBOXDvi0R3fA63VcNByyfBFGUGQskZwPEWKINRPSqn tVfa2Oz7xZgQE/ZRorn5sTH46dIuw+1nMXA4RgKHqmT9cKIaQ+gJHzKQUPgJfrLI grYJ30n2/umlMN+CdHt5RdrfuZBG/1ZcWhfAImf5uhimbEWiZtmbr76EcaMLMZby IR0CqZBqmwrvoVxz5xdc+Pw+pHX4Gf1PlTKmXdt8SYBpEmaBGsu2SsZxnvW5gWfq VBZhY6DfYRyYZ/Q/qrKrvJq7F3jzzrkT4EaUj0V0vP5e1aGMsIleiY3dwQIDAQAB o4ICGjCCAhYwHQYDVR0OBBYEFMR9ueyLWvfSUqw99LfhYBnJC/3NMB8GA1UdIwQY MBaAFOsjpfR+xn6SWpJJGrmbJLo3EYPxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNnlPbDlIN0dmcEpha2trYXVac2t1amNSZ19FLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC9hYjU1MDAtZjYyMy00YTU0LTlhZTIt ZmZlMjFlZjk4Njc0LzEveEgyNTdJdGE5OUpTckQzMHQtRmdHY2tMX2MwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85MC9hYjU1MDAtZjYyMy00YTU0LTlhZTItZmZlMjFlZjk4Njc0 LzEvNnlPbDlIN0dmcEpha2trYXVac2t1amNSZ19FLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBwagIMA8E AgACMAkDBwEqFOSAAAAwDQYJKoZIhvcNAQELBQADggEBAIKleJV9QMjwmx5fou2W 55+IOkt9ziAUfXzBX7TM0EdzpFbMgLHqIhGiJA/QtTxQJuhvYpM1u45ErUSCvvxi JrUBCMNPsovWYMaql2ZqxC4KjGhYuFtHLhetlg7ZWtOUCr6Ihqj/oKVz4loSaL8I M8ERJu0EvkzfJ1v13cjMAyNwcdqdWEMY6AdtK1vDeAqpwrJtReBvae0s1wyIzJfz rAVC+GFXvnOP81gDEpM8c0pnBjrzFzrKDbCTMwYG339hea8lcW2AK6hYClOzH9Yy 6UvrO7oIBJHJ45eJtl7gyrj71sbBB31wjzpDvRzGqYhUAjxDD78ELbzqAxd0LfeR 6dk= -----END CERTIFICATE-----Generated at Thu Jan 29 11:27:39 2026 by rpki-client