This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/a18960-2cfa-46b7-8e5a-2e2d93c4754b/1/XplGelg9MV7OQGXKZPX1d5s9klQ.roa File: XplGelg9MV7OQGXKZPX1d5s9klQ.roa (raw, json) Hash identifier: 2PgymyPPcp2BExgW0hYggo5eXzv0X6o56cydo+1LOvw= Subject key identifier: 5E:99:46:7A:58:3D:31:5E:CE:40:65:CA:64:F5:F5:77:9B:3D:92:54 Certificate issuer: /CN=4aebee8fe7549d1a9ae559e5da081642e9eac278 Certificate serial: 019B7D5B5E5FF53B4FF4050BED9A37B5AC2E Authority key identifier: 4A:EB:EE:8F:E7:54:9D:1A:9A:E5:59:E5:DA:08:16:42:E9:EA:C2:78 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Suvuj-dUnRqa5Vnl2ggWQunqwng.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/a18960-2cfa-46b7-8e5a-2e2d93c4754b/1/XplGelg9MV7OQGXKZPX1d5s9klQ.roa Signing time: Fri 02 Jan 2026 06:18:18 +0000 ROA not before: Fri 02 Jan 2026 06:18:18 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 51964 IP address blocks: 62.229.0.0/16 maxlen: 24 200.240.0.0/17 maxlen: 17 200.240.128.0/18 maxlen: 18 200.240.192.0/19 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9d/a18960-2cfa-46b7-8e5a-2e2d93c4754b/1/Suvuj-dUnRqa5Vnl2ggWQunqwng.crl rsync://rpki.ripe.net/repository/DEFAULT/9d/a18960-2cfa-46b7-8e5a-2e2d93c4754b/1/Suvuj-dUnRqa5Vnl2ggWQunqwng.mft rsync://rpki.ripe.net/repository/DEFAULT/Suvuj-dUnRqa5Vnl2ggWQunqwng.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 24 Jan 2026 06:00:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5b:5e:5f:f5:3b:4f:f4:05:0b:ed:9a:37:b5:ac:2e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4aebee8fe7549d1a9ae559e5da081642e9eac278 Validity Not Before: Jan 2 06:18:18 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5e99467a583d315ece4065ca64f5f5779b3d9254 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:99:e0:bc:1e:d1:5e:27:2c:69:c7:39:65:31: 09:cd:ad:34:df:22:1f:89:ff:a8:21:e2:85:26:c1: 5f:66:e9:25:1a:7b:d8:4e:11:09:8e:a7:78:e2:b1: f9:87:6d:6b:51:05:a9:f9:54:bf:4c:78:c1:22:95: 5a:b1:56:db:8b:ee:2e:2f:34:45:ac:47:8f:dc:6f: d5:fb:df:1f:54:58:58:5f:c4:86:ad:01:88:b5:44: 79:ee:32:22:b2:70:fd:34:48:24:e7:99:99:5a:a8: 99:72:b5:41:a4:54:db:e7:74:15:b6:b4:a0:8b:6a: 2a:3b:4e:9e:e9:11:b9:a9:21:41:b0:49:5a:93:ee: 32:5c:a2:a7:ba:b5:02:a3:49:c4:0a:75:3f:49:d9: 4b:b2:4f:48:3d:e6:ed:78:1a:54:f7:f1:2e:bf:50: 8c:2d:56:b8:6b:73:a3:96:98:e9:e9:3c:24:e7:63: f4:dc:00:a2:f6:f0:69:f4:a2:51:06:29:58:8f:f2: b6:2c:3a:17:31:99:6f:be:9c:e0:59:09:8f:3e:bd: 13:19:49:19:2e:63:25:69:27:3e:3b:2e:2f:54:10: 85:b3:ec:f3:46:0a:eb:d1:8d:18:19:0c:be:94:98: 4b:32:59:d3:1a:58:12:a1:e2:2f:81:9e:10:2a:33: 1d:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5E:99:46:7A:58:3D:31:5E:CE:40:65:CA:64:F5:F5:77:9B:3D:92:54 X509v3 Authority Key Identifier: keyid:4A:EB:EE:8F:E7:54:9D:1A:9A:E5:59:E5:DA:08:16:42:E9:EA:C2:78 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Suvuj-dUnRqa5Vnl2ggWQunqwng.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/a18960-2cfa-46b7-8e5a-2e2d93c4754b/1/XplGelg9MV7OQGXKZPX1d5s9klQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/a18960-2cfa-46b7-8e5a-2e2d93c4754b/1/Suvuj-dUnRqa5Vnl2ggWQunqwng.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 62.229.0.0/16 200.240.0.0-200.240.223.255 Signature Algorithm: sha256WithRSAEncryption 22:95:27:1b:b2:24:c3:f0:d9:80:95:8a:cd:af:8f:49:ed:fb: d9:51:2f:1c:d1:ad:ca:f5:e7:26:de:d7:15:87:a4:7f:54:27: 1b:d1:e4:39:16:76:38:fd:34:aa:1d:eb:cf:66:d0:33:90:a6: 87:4f:e0:9c:af:55:c5:7b:cc:e3:a7:b2:5c:b5:49:a6:6e:c0: ff:6e:86:96:35:a8:1c:e8:41:28:be:5d:15:be:dc:84:0c:c3: 38:5f:df:aa:2b:32:e4:c8:e5:68:04:56:cb:0a:db:74:9c:f4: c2:91:67:b5:05:fa:ba:45:6e:fb:48:85:8f:d7:8a:36:81:30: 31:e4:8c:8a:71:5b:c0:11:ee:6e:58:b8:d1:5f:08:47:2c:68: 52:3c:66:8e:c8:20:31:9f:97:71:fc:b3:ae:fb:af:14:f1:5d: 9c:62:36:ec:ac:63:b0:68:de:dd:a7:d3:ba:db:36:49:1f:b5: 97:27:de:38:68:29:c1:af:5a:cb:cb:27:71:13:22:b1:9f:b4: af:57:87:a6:52:1b:97:bd:43:1d:de:f2:94:a8:86:4a:6e:e6: 22:05:74:a1:cf:d1:34:26:95:14:ab:85:e7:4c:0b:88:3f:38: 25:d8:da:44:21:36:12:52:f4:50:96:3d:83:5a:d3:32:3e:9c: 54:92:bf:1f -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt9W15f9TtP9AUL7Zo3tawuMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRhZWJlZThmZTc1NDlkMWE5YWU1NTllNWRhMDgxNjQyZTll YWMyNzgwHhcNMjYwMTAyMDYxODE4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1ZTk5NDY3YTU4M2QzMTVlY2U0MDY1Y2E2NGY1ZjU3NzliM2Q5MjU0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAspngvB7RXicsacc5ZTEJza003yIf if+oIeKFJsFfZuklGnvYThEJjqd44rH5h21rUQWp+VS/THjBIpVasVbbi+4uLzRF rEeP3G/V+98fVFhYX8SGrQGItUR57jIisnD9NEgk55mZWqiZcrVBpFTb53QVtrSg i2oqO06e6RG5qSFBsElak+4yXKKnurUCo0nECnU/SdlLsk9IPebteBpU9/Euv1CM LVa4a3Ojlpjp6Twk52P03ACi9vBp9KJRBilYj/K2LDoXMZlvvpzgWQmPPr0TGUkZ LmMlaSc+Oy4vVBCFs+zzRgrr0Y0YGQy+lJhLMlnTGlgSoeIvgZ4QKjMd4QIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFF6ZRnpYPTFezkBlymT19XebPZJUMB8GA1UdIwQY MBaAFErr7o/nVJ0amuVZ5doIFkLp6sJ4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvU3V2dWotZFVuUnFhNVZubDJnZ1dRdW5xd25nLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC9hMTg5NjAtMmNmYS00NmI3LThlNWEt MmUyZDkzYzQ3NTRiLzEvWHBsR2VsZzlNVjdPUUdYS1pQWDFkNXM5a2xRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85ZC9hMTg5NjAtMmNmYS00NmI3LThlNWEtMmUyZDkzYzQ3NTRi LzEvU3V2dWotZFVuUnFhNVZubDJnZ1dRdW5xd25nLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwMAPuUwCwMD BMjwAwQFyPDAMA0GCSqGSIb3DQEBCwUAA4IBAQAilScbsiTD8NmAlYrNr49J7fvZ US8c0a3K9ecm3tcVh6R/VCcb0eQ5FnY4/TSqHevPZtAzkKaHT+Ccr1XFe8zjp7Jc tUmmbsD/boaWNagc6EEovl0VvtyEDMM4X9+qKzLkyOVoBFbLCtt0nPTCkWe1Bfq6 RW77SIWP14o2gTAx5IyKcVvAEe5uWLjRXwhHLGhSPGaOyCAxn5dx/LOu+68U8V2c YjbsrGOwaN7dp9O62zZJH7WXJ944aCnBr1rLyydxEyKxn7SvV4emUhuXvUMd3vKU qIZKbuYiBXShz9E0JpUUq4XnTAuIPzgl2NpEITYSUvRQlj2DWtMyPpxUkr8f -----END CERTIFICATE-----Generated at Fri Jan 23 15:08:09 2026 by rpki-client