This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/a3c0a4-3191-4e51-8d80-478c2c8cb2a0/1/XwluJi7gd_3bLnOhsXiaCK78UGQ.roa File: XwluJi7gd_3bLnOhsXiaCK78UGQ.roa (raw, json) Hash identifier: Vg2POX67iN2CB7gqcNW3j2zG6gzZxQs5uZV1T7iRkdU= Subject key identifier: 5F:09:6E:26:2E:E0:77:FD:DB:2E:73:A1:B1:78:9A:08:AE:FC:50:64 Certificate issuer: /CN=affa13f1ae053916280ec68ee1b0976f9ebd3ea8 Certificate serial: 019B7EA69B8833165509034AFD55E7948048 Authority key identifier: AF:FA:13:F1:AE:05:39:16:28:0E:C6:8E:E1:B0:97:6F:9E:BD:3E:A8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r_oT8a4FORYoDsaO4bCXb569Pqg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/a3c0a4-3191-4e51-8d80-478c2c8cb2a0/1/XwluJi7gd_3bLnOhsXiaCK78UGQ.roa Signing time: Fri 02 Jan 2026 12:20:06 +0000 ROA not before: Fri 02 Jan 2026 12:20:06 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 207713 IP address blocks: 77.73.133.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/99/a3c0a4-3191-4e51-8d80-478c2c8cb2a0/1/r_oT8a4FORYoDsaO4bCXb569Pqg.crl rsync://rpki.ripe.net/repository/DEFAULT/99/a3c0a4-3191-4e51-8d80-478c2c8cb2a0/1/r_oT8a4FORYoDsaO4bCXb569Pqg.mft rsync://rpki.ripe.net/repository/DEFAULT/r_oT8a4FORYoDsaO4bCXb569Pqg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 10 Jan 2026 21:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a6:9b:88:33:16:55:09:03:4a:fd:55:e7:94:80:48 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=affa13f1ae053916280ec68ee1b0976f9ebd3ea8 Validity Not Before: Jan 2 12:20:06 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5f096e262ee077fddb2e73a1b1789a08aefc5064 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ef:51:4a:6e:5e:51:9f:cd:fc:db:d9:66:9c:49: 74:09:78:c2:cb:a9:79:ee:0f:39:ff:a4:29:f0:82: ec:00:79:ac:3d:08:a4:66:fc:81:d3:f9:77:06:bd: e3:8a:d5:7f:49:58:7a:40:93:6f:80:4c:27:73:05: 75:1a:46:ff:77:22:0c:83:bb:0b:d7:a2:77:ba:47: b3:b8:47:78:01:f5:3d:1b:99:c4:cb:af:42:96:bf: 78:71:4c:0f:a8:4f:c4:0e:cc:49:29:8a:82:d0:d7: 87:bd:db:4b:8b:16:13:22:31:29:6c:90:45:3a:dd: 71:00:ee:0e:c0:15:3d:fc:91:08:e2:82:99:40:d7: e4:a0:9e:51:ac:d1:1d:b5:a7:8c:48:39:80:70:b5: 81:cc:7e:8d:40:7d:f6:a9:83:10:e2:d0:d6:8c:50: 06:55:eb:fb:4c:59:56:07:fb:6c:02:96:d9:4d:52: a0:9b:fd:5d:97:7d:f1:64:9e:69:07:e6:24:aa:3a: 48:c5:48:f7:ce:37:30:ac:52:aa:7b:49:02:08:93: 90:6e:81:ff:e1:60:18:ba:4e:33:d0:d3:5e:5a:51: be:da:f9:a5:65:7c:2c:00:27:38:f6:04:12:0e:c9: 2f:c8:2d:50:39:f6:00:6c:09:3f:08:0e:90:e0:ae: 64:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5F:09:6E:26:2E:E0:77:FD:DB:2E:73:A1:B1:78:9A:08:AE:FC:50:64 X509v3 Authority Key Identifier: keyid:AF:FA:13:F1:AE:05:39:16:28:0E:C6:8E:E1:B0:97:6F:9E:BD:3E:A8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r_oT8a4FORYoDsaO4bCXb569Pqg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/a3c0a4-3191-4e51-8d80-478c2c8cb2a0/1/XwluJi7gd_3bLnOhsXiaCK78UGQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/99/a3c0a4-3191-4e51-8d80-478c2c8cb2a0/1/r_oT8a4FORYoDsaO4bCXb569Pqg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 77.73.133.0/24 Signature Algorithm: sha256WithRSAEncryption 1e:87:4d:ac:be:cb:de:70:df:a4:60:43:77:e8:cf:08:48:55: 42:fa:f6:a2:84:3b:24:fd:fb:3b:aa:de:e1:5c:d5:b1:17:2d: b0:98:79:d4:e8:87:91:aa:a0:22:96:e3:4f:a4:38:7c:a4:b8: 91:6f:22:98:b6:57:22:2d:ef:ba:f7:2a:11:1b:91:a9:0a:b8: 98:bb:89:7f:d3:48:f1:b5:05:d0:59:7f:e2:db:5b:36:a9:e5: 60:73:b8:a2:47:69:10:1d:4c:b6:4b:19:c7:b4:e6:19:48:78: 2b:e2:a4:bc:0d:9a:33:9d:75:e6:32:20:ba:26:96:21:d1:bc: 81:f0:6f:95:91:b3:35:b6:31:41:05:db:ba:9c:a0:2d:7b:8a: ed:ad:b9:61:aa:42:52:fb:03:74:c8:2b:b2:54:32:31:7f:13: 78:b5:cf:6d:7e:85:13:c2:40:44:a9:c9:8d:3d:52:2e:46:77: f9:2b:3b:49:4b:80:62:26:5f:c9:40:74:48:c0:f7:4f:39:17: 0d:63:91:66:41:3a:07:62:e2:d8:64:83:e4:fd:89:42:11:bf: 0e:ef:47:b6:aa:39:6b:16:39:65:57:f6:e6:95:b8:f1:43:3c: 3e:0a:a8:f8:2b:81:f4:00:7e:22:d2:f6:ed:bd:0c:01:90:1e: 19:8e:3c:14 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt+ppuIMxZVCQNK/VXnlIBIMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFmZmExM2YxYWUwNTM5MTYyODBlYzY4ZWUxYjA5NzZmOWVi ZDNlYTgwHhcNMjYwMTAyMTIyMDA2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1ZjA5NmUyNjJlZTA3N2ZkZGIyZTczYTFiMTc4OWEwOGFlZmM1MDY0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA71FKbl5Rn83829lmnEl0CXjCy6l5 7g85/6Qp8ILsAHmsPQikZvyB0/l3Br3jitV/SVh6QJNvgEwncwV1Gkb/dyIMg7sL 16J3ukezuEd4AfU9G5nEy69Clr94cUwPqE/EDsxJKYqC0NeHvdtLixYTIjEpbJBF Ot1xAO4OwBU9/JEI4oKZQNfkoJ5RrNEdtaeMSDmAcLWBzH6NQH32qYMQ4tDWjFAG Vev7TFlWB/tsApbZTVKgm/1dl33xZJ5pB+YkqjpIxUj3zjcwrFKqe0kCCJOQboH/ 4WAYuk4z0NNeWlG+2vmlZXwsACc49gQSDskvyC1QOfYAbAk/CA6Q4K5kbQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFF8JbiYu4Hf92y5zobF4mgiu/FBkMB8GA1UdIwQY MBaAFK/6E/GuBTkWKA7GjuGwl2+evT6oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcl9vVDhhNEZPUllvRHNhTzRiQ1hiNTY5UHFnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9hM2MwYTQtMzE5MS00ZTUxLThkODAt NDc4YzJjOGNiMmEwLzEvWHdsdUppN2dkXzNiTG5PaHNYaWFDSzc4VUdRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85OS9hM2MwYTQtMzE5MS00ZTUxLThkODAtNDc4YzJjOGNiMmEw LzEvcl9vVDhhNEZPUllvRHNhTzRiQ1hiNTY5UHFnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATUmFMA0G CSqGSIb3DQEBCwUAA4IBAQAeh02svsvecN+kYEN36M8ISFVC+vaihDsk/fs7qt7h XNWxFy2wmHnU6IeRqqAiluNPpDh8pLiRbyKYtlciLe+69yoRG5GpCriYu4l/00jx tQXQWX/i21s2qeVgc7iiR2kQHUy2SxnHtOYZSHgr4qS8DZoznXXmMiC6JpYh0byB 8G+VkbM1tjFBBdu6nKAte4rtrblhqkJS+wN0yCuyVDIxfxN4tc9tfoUTwkBEqcmN PVIuRnf5KztJS4BiJl/JQHRIwPdPORcNY5FmQToHYuLYZIPk/YlCEb8O70e2qjlr FjllV/bmlbjxQzw+Cqj4K4H0AH4i0vbtvQwBkB4ZjjwU -----END CERTIFICATE-----Generated at Sat Jan 10 03:15:12 2026 by rpki-client