This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/XOzgEvTt91cpWbasprGYWevCLc0.roa File: XOzgEvTt91cpWbasprGYWevCLc0.roa (raw, json) Hash identifier: NFDKy1mCbhtoaEA8m6wNO7jZRSjsd5cbleEYua5xOs8= Subject key identifier: 5C:EC:E0:12:F4:ED:F7:57:29:59:B6:AC:A6:B1:98:59:EB:C2:2D:CD Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926 Certificate serial: 019B7BA550C1FF1F04B10FE976C3B1141F05 Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/XOzgEvTt91cpWbasprGYWevCLc0.roa Signing time: Thu 01 Jan 2026 22:19:50 +0000 ROA not before: Thu 01 Jan 2026 22:19:50 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 50673 IP address blocks: 45.94.200.0/22 maxlen: 22 93.185.163.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.mft rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 12 Jan 2026 07:01:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a5:50:c1:ff:1f:04:b1:0f:e9:76:c3:b1:14:1f:05 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926 Validity Not Before: Jan 1 22:19:50 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5cece012f4edf7572959b6aca6b19859ebc22dcd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ea:05:63:8e:8f:96:cd:97:98:d4:e1:ab:d4:a2: d7:85:38:ea:b3:c2:19:8a:17:71:68:a2:2f:74:0b: 8a:87:da:98:52:b1:c6:97:69:97:a1:a7:ee:c0:0b: 7d:ba:63:3d:12:c1:c7:5b:5e:55:4a:8b:9d:d4:60: 54:f7:63:08:a3:38:1e:03:0c:d5:10:b9:3a:bb:4f: e9:f4:30:82:88:f3:44:50:db:c7:f0:2f:0c:34:fc: 1e:d4:83:eb:8d:7b:d0:1d:d3:13:03:77:89:e7:5d: d0:34:52:56:71:d6:2c:21:bf:19:eb:1d:13:9c:2d: ca:82:39:3c:54:54:81:ce:a2:da:e2:ce:75:10:a2: 57:ca:9f:70:4e:73:4e:e8:6f:2c:4e:3e:ff:0c:9b: 61:03:db:14:d0:b8:bc:74:38:88:a4:e8:8a:ad:5b: 72:05:a8:fb:d0:88:3b:73:bb:0e:0a:87:9b:d9:98: d4:9e:63:94:80:64:ef:01:0f:af:c6:bf:bf:20:8a: ea:15:16:61:a1:5a:91:18:2b:7b:61:2f:36:99:d4: 94:b9:96:99:18:4e:2c:f5:2f:dc:b7:32:f8:aa:0f: a7:0b:a4:f4:a3:39:30:db:b1:1e:94:8e:ee:d5:d0: c4:1b:45:61:43:eb:5c:86:1b:09:7f:1e:01:d9:71: 2b:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5C:EC:E0:12:F4:ED:F7:57:29:59:B6:AC:A6:B1:98:59:EB:C2:2D:CD X509v3 Authority Key Identifier: keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/XOzgEvTt91cpWbasprGYWevCLc0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.94.200.0/22 93.185.163.0/24 Signature Algorithm: sha256WithRSAEncryption 87:9c:e2:58:84:32:02:f8:1a:2e:f7:f1:a8:14:f4:3b:63:18: 40:3a:9c:46:1e:1e:1a:35:1e:8b:e9:89:b3:ae:26:4d:7c:97: 19:3c:5f:20:b2:6b:aa:91:12:43:f6:c3:73:55:bd:81:9d:42: 4d:fb:20:18:a9:3e:08:34:e6:1a:0b:8b:8c:f2:82:00:b4:18: 49:db:98:4d:58:31:a6:c2:ac:60:1c:58:64:81:7c:39:34:9f: 81:37:70:b1:bf:1d:5a:3d:71:18:8b:55:4b:14:a0:b2:3b:bf: bd:c2:e0:5c:12:16:02:6f:eb:24:c4:9e:44:b1:f9:17:95:6d: 26:1e:60:3b:ba:ee:18:e9:e1:b3:75:71:5a:dd:ff:2a:11:16: b6:ba:80:5f:ad:0f:c3:41:91:46:0c:4a:85:4b:ba:81:9e:74: 46:3e:7f:a0:36:e3:a7:02:a5:97:d4:5f:d5:53:9f:a9:dc:69: 38:59:32:5f:e5:9c:62:b7:ca:1f:54:55:2a:b8:fa:b6:b0:ea: ea:ef:4a:25:9a:80:60:95:f1:8d:57:82:79:cc:c9:15:cd:c4: 4e:19:d3:ca:2e:5b:8e:99:e2:8b:1c:4f:e6:62:61:a5:7c:2c: 6c:0a:e0:a5:7b:02:58:db:48:76:bf:14:5d:79:4b:fd:53:b6: bb:49:89:13 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt7pVDB/x8EsQ/pdsOxFB8FMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl MGI5MjYwHhcNMjYwMTAxMjIxOTUwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1Y2VjZTAxMmY0ZWRmNzU3Mjk1OWI2YWNhNmIxOTg1OWViYzIyZGNkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6gVjjo+WzZeY1OGr1KLXhTjqs8IZ ihdxaKIvdAuKh9qYUrHGl2mXoafuwAt9umM9EsHHW15VSoud1GBU92MIozgeAwzV ELk6u0/p9DCCiPNEUNvH8C8MNPwe1IPrjXvQHdMTA3eJ513QNFJWcdYsIb8Z6x0T nC3Kgjk8VFSBzqLa4s51EKJXyp9wTnNO6G8sTj7/DJthA9sU0Li8dDiIpOiKrVty Baj70Ig7c7sOCoeb2ZjUnmOUgGTvAQ+vxr+/IIrqFRZhoVqRGCt7YS82mdSUuZaZ GE4s9S/ctzL4qg+nC6T0ozkw27EelI7u1dDEG0VhQ+tchhsJfx4B2XErSQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFFzs4BL07fdXKVm2rKaxmFnrwi3NMB8GA1UdIwQY MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt NzM4NTZhZjQ5ZjNlLzEvWE96Z0V2VHQ5MWNwV2Jhc3ByR1lXZXZDTGMwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLV7IAwQA XbmjMA0GCSqGSIb3DQEBCwUAA4IBAQCHnOJYhDIC+Bou9/GoFPQ7YxhAOpxGHh4a NR6L6YmzriZNfJcZPF8gsmuqkRJD9sNzVb2BnUJN+yAYqT4INOYaC4uM8oIAtBhJ 25hNWDGmwqxgHFhkgXw5NJ+BN3Cxvx1aPXEYi1VLFKCyO7+9wuBcEhYCb+skxJ5E sfkXlW0mHmA7uu4Y6eGzdXFa3f8qERa2uoBfrQ/DQZFGDEqFS7qBnnRGPn+gNuOn AqWX1F/VU5+p3Gk4WTJf5Zxit8ofVFUquPq2sOrq70olmoBglfGNV4J5zMkVzcRO GdPKLluOmeKLHE/mYmGlfCxsCuClewJY20h2vxRdeUv9U7a7SYkT -----END CERTIFICATE-----Generated at Sun Jan 11 11:45:48 2026 by rpki-client