This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/458ec3-0451-4e41-9a34-736d12888ca8/1/szXceV_8JO0f_7ooL6S8iduW9xI.roa File: szXceV_8JO0f_7ooL6S8iduW9xI.roa (raw, json) Hash identifier: xeJBYCAXDOSNVRxdgWGAZ1ipDc3y7H3KXIsJs1D2FK4= Subject key identifier: B3:35:DC:79:5F:FC:24:ED:1F:FF:BA:28:2F:A4:BC:89:DB:96:F7:12 Certificate issuer: /CN=5cf31afc36cb6955007fe97ed4a5e3185d2271ba Certificate serial: 019B7B36ADEED1877D159BC5EF71C0B49423 Authority key identifier: 5C:F3:1A:FC:36:CB:69:55:00:7F:E9:7E:D4:A5:E3:18:5D:22:71:BA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XPMa_DbLaVUAf-l-1KXjGF0icbo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/458ec3-0451-4e41-9a34-736d12888ca8/1/szXceV_8JO0f_7ooL6S8iduW9xI.roa Signing time: Thu 01 Jan 2026 20:18:59 +0000 ROA not before: Thu 01 Jan 2026 20:18:59 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 212384 IP address blocks: 45.134.74.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/458ec3-0451-4e41-9a34-736d12888ca8/1/XPMa_DbLaVUAf-l-1KXjGF0icbo.crl rsync://rpki.ripe.net/repository/DEFAULT/a7/458ec3-0451-4e41-9a34-736d12888ca8/1/XPMa_DbLaVUAf-l-1KXjGF0icbo.mft rsync://rpki.ripe.net/repository/DEFAULT/XPMa_DbLaVUAf-l-1KXjGF0icbo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 05:01:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:36:ad:ee:d1:87:7d:15:9b:c5:ef:71:c0:b4:94:23 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5cf31afc36cb6955007fe97ed4a5e3185d2271ba Validity Not Before: Jan 1 20:18:59 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=b335dc795ffc24ed1fffba282fa4bc89db96f712 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:6b:a7:37:a3:cc:79:18:94:88:2f:7d:69:a3: 4d:9c:7a:d6:f9:fa:c3:10:e4:b9:17:a1:99:eb:cb: 67:4d:40:55:da:95:b9:4b:7e:e2:3a:22:6c:6f:e3: f2:d3:f2:e2:00:63:13:3b:53:bf:a2:4d:02:e0:d2: 28:24:59:f8:f2:bf:a0:7d:9a:aa:7e:a6:4b:d2:b8: dd:7d:41:b0:03:ae:36:4c:04:07:17:2a:67:25:51: b2:a3:5e:4a:f4:0e:f2:8a:ad:89:e3:f5:8a:63:49: 0f:b5:7f:a3:57:8d:dd:5b:1e:8c:d0:dc:8f:d5:d5: f8:63:52:27:48:b5:e8:f8:d8:91:3b:7b:de:ed:7c: 4a:a2:34:78:22:3a:ed:a6:87:0a:f3:77:35:a1:be: 78:37:61:96:6c:f6:6d:b8:e7:d9:13:c0:25:e0:8c: 36:40:ab:bc:08:a5:84:78:d2:60:25:9c:8d:00:f2: 96:dc:a3:29:2a:62:0e:ab:12:d7:67:e7:0a:ec:85: b6:dc:ac:c7:60:e1:6a:a0:e7:12:8b:33:0b:02:17: d3:ff:7e:c4:db:c2:31:47:5a:5e:3c:4f:f3:f4:c4: f8:0b:df:78:8d:bf:d4:af:22:3d:1e:7a:34:64:3c: 3e:cd:04:2b:08:af:2c:38:8d:e8:0f:2c:22:b9:12: d1:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B3:35:DC:79:5F:FC:24:ED:1F:FF:BA:28:2F:A4:BC:89:DB:96:F7:12 X509v3 Authority Key Identifier: keyid:5C:F3:1A:FC:36:CB:69:55:00:7F:E9:7E:D4:A5:E3:18:5D:22:71:BA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XPMa_DbLaVUAf-l-1KXjGF0icbo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/458ec3-0451-4e41-9a34-736d12888ca8/1/szXceV_8JO0f_7ooL6S8iduW9xI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/458ec3-0451-4e41-9a34-736d12888ca8/1/XPMa_DbLaVUAf-l-1KXjGF0icbo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.134.74.0/24 Signature Algorithm: sha256WithRSAEncryption 93:48:76:11:08:e5:72:8a:f4:2d:b9:e1:d4:f9:8b:f9:ec:77: 16:7f:9b:86:82:60:75:eb:04:d5:08:d5:96:5d:59:39:ec:9c: 9b:17:2e:27:54:66:a4:7e:e2:c1:3c:de:72:06:78:96:d8:ef: c6:48:26:7d:7c:58:60:78:07:0c:8e:87:85:96:80:0d:1b:30: 11:f0:2a:5b:37:9f:cc:b5:c6:5b:bc:20:b7:c5:f7:f6:b8:9d: 79:72:b2:aa:be:f1:35:40:a5:ff:c5:b5:ff:e8:51:5f:c8:82: 3f:94:5f:2e:b7:cf:28:f0:e6:d5:cc:96:b8:ee:ee:27:7d:f9: 64:f8:e4:c5:ca:57:13:a7:2f:ff:2b:0c:27:32:57:9a:74:a1: 58:e9:57:f8:4b:e5:4b:67:88:b0:9e:22:39:a2:99:ad:d5:e0: 8b:46:b7:25:35:0e:fa:a5:3b:9d:16:9c:75:18:45:7d:f5:35: 8f:bc:ea:71:84:60:97:bc:10:55:33:ba:3a:90:32:80:0e:67: 83:c5:b1:d9:cd:8d:32:da:f0:b5:93:f3:3e:03:10:2d:63:9b: 71:cd:09:ce:82:f0:43:8c:a3:67:e5:41:6b:be:45:6f:ac:45: 3e:73:f8:e1:5e:40:80:17:00:18:d9:cc:2b:cf:19:23:91:a6: 2b:ac:0d:d9 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt7Nq3u0Yd9FZvF73HAtJQjMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVjZjMxYWZjMzZjYjY5NTUwMDdmZTk3ZWQ0YTVlMzE4NWQy MjcxYmEwHhcNMjYwMTAxMjAxODU5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiMzM1ZGM3OTVmZmMyNGVkMWZmZmJhMjgyZmE0YmM4OWRiOTZmNzEyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArmunN6PMeRiUiC99aaNNnHrW+frD EOS5F6GZ68tnTUBV2pW5S37iOiJsb+Py0/LiAGMTO1O/ok0C4NIoJFn48r+gfZqq fqZL0rjdfUGwA642TAQHFypnJVGyo15K9A7yiq2J4/WKY0kPtX+jV43dWx6M0NyP 1dX4Y1InSLXo+NiRO3ve7XxKojR4IjrtpocK83c1ob54N2GWbPZtuOfZE8Al4Iw2 QKu8CKWEeNJgJZyNAPKW3KMpKmIOqxLXZ+cK7IW23KzHYOFqoOcSizMLAhfT/37E 28IxR1pePE/z9MT4C994jb/UryI9Hno0ZDw+zQQrCK8sOI3oDywiuRLRxQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFLM13Hlf/CTtH/+6KC+kvInblvcSMB8GA1UdIwQY MBaAFFzzGvw2y2lVAH/pftSl4xhdInG6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWFBNYV9EYkxhVlVBZi1sLTFLWGpHRjBpY2JvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy80NThlYzMtMDQ1MS00ZTQxLTlhMzQt NzM2ZDEyODg4Y2E4LzEvc3pYY2VWXzhKTzBmXzdvb0w2UzhpZHVXOXhJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hNy80NThlYzMtMDQ1MS00ZTQxLTlhMzQtNzM2ZDEyODg4Y2E4 LzEvWFBNYV9EYkxhVlVBZi1sLTFLWGpHRjBpY2JvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYZKMA0G CSqGSIb3DQEBCwUAA4IBAQCTSHYRCOVyivQtueHU+Yv57HcWf5uGgmB16wTVCNWW XVk57JybFy4nVGakfuLBPN5yBniW2O/GSCZ9fFhgeAcMjoeFloANGzAR8CpbN5/M tcZbvCC3xff2uJ15crKqvvE1QKX/xbX/6FFfyII/lF8ut88o8ObVzJa47u4nfflk +OTFylcTpy//KwwnMleadKFY6Vf4S+VLZ4iwniI5opmt1eCLRrclNQ76pTudFpx1 GEV99TWPvOpxhGCXvBBVM7o6kDKADmeDxbHZzY0y2vC1k/M+AxAtY5txzQnOgvBD jKNn5UFrvkVvrEU+c/jhXkCAFwAY2cwrzxkjkaYrrA3Z -----END CERTIFICATE-----Generated at Fri Jan 2 14:41:00 2026 by rpki-client