This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/757fc5-8029-4828-8547-62e260313e4c/1/KxaC0ruOG2YD5n1zBRmLQRsn3WI.roa File: KxaC0ruOG2YD5n1zBRmLQRsn3WI.roa (raw, json) Hash identifier: TwtwT6AH74GOn9MuLfl6jj270NvdM2yc+udW6/G1LQc= Subject key identifier: 2B:16:82:D2:BB:8E:1B:66:03:E6:7D:73:05:19:8B:41:1B:27:DD:62 Certificate issuer: /CN=9b89b8cf47f7c485d628d0a359a16a815cd004ab Certificate serial: 019B76EB6609578159A58EE157F213DA12CE Authority key identifier: 9B:89:B8:CF:47:F7:C4:85:D6:28:D0:A3:59:A1:6A:81:5C:D0:04:AB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m4m4z0f3xIXWKNCjWaFqgVzQBKs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/757fc5-8029-4828-8547-62e260313e4c/1/KxaC0ruOG2YD5n1zBRmLQRsn3WI.roa Signing time: Thu 01 Jan 2026 00:18:17 +0000 ROA not before: Thu 01 Jan 2026 00:18:17 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 16509 IP address blocks: 5.180.188.0/22 maxlen: 24 185.185.77.0/24 maxlen: 24 185.185.78.0/24 maxlen: 24 2a0f:a0c0::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ae/757fc5-8029-4828-8547-62e260313e4c/1/m4m4z0f3xIXWKNCjWaFqgVzQBKs.crl rsync://rpki.ripe.net/repository/DEFAULT/ae/757fc5-8029-4828-8547-62e260313e4c/1/m4m4z0f3xIXWKNCjWaFqgVzQBKs.mft rsync://rpki.ripe.net/repository/DEFAULT/m4m4z0f3xIXWKNCjWaFqgVzQBKs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:76:eb:66:09:57:81:59:a5:8e:e1:57:f2:13:da:12:ce Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9b89b8cf47f7c485d628d0a359a16a815cd004ab Validity Not Before: Jan 1 00:18:17 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=2b1682d2bb8e1b6603e67d7305198b411b27dd62 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:c8:01:b3:7b:73:96:a0:e7:62:c1:91:44:47: 2b:17:c1:03:af:8b:a0:36:da:43:8c:f9:2e:07:2b: 21:bc:71:49:9f:e5:37:f8:99:7e:85:ff:7b:d7:67: 29:10:f6:bc:e8:a3:f6:42:54:eb:71:24:31:0e:47: 50:78:29:02:11:e1:93:17:56:6c:d1:35:57:30:9d: 1d:bf:3f:a7:43:3a:f0:5e:cd:d7:6a:f1:2a:06:fb: f1:32:09:57:e9:1b:58:c8:78:6b:a1:46:9b:56:b2: 5d:2c:06:64:95:2a:10:13:b2:a5:e1:71:92:48:24: 17:f2:4a:97:11:7b:f6:e6:52:69:44:3f:04:1f:a7: 49:20:7e:b1:14:9c:07:b6:49:99:98:40:10:38:27: 73:1e:8a:ea:07:c6:5d:f8:05:20:f4:c8:79:dd:3c: a0:27:12:02:cb:24:df:43:90:4b:92:19:55:a0:62: d8:65:d4:41:5f:1b:f8:d1:ea:94:21:ea:1e:91:a8: 89:29:18:81:ac:14:d9:d3:ce:1d:06:a0:b4:a4:67: 23:ad:19:8e:60:47:8c:a6:9c:35:12:48:35:93:c6: b2:fd:ad:ae:6b:96:f7:e3:c1:cb:fc:38:26:ba:42: 03:c3:ec:80:0c:e5:0e:d5:c0:1a:5c:f2:3b:6b:ea: be:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2B:16:82:D2:BB:8E:1B:66:03:E6:7D:73:05:19:8B:41:1B:27:DD:62 X509v3 Authority Key Identifier: keyid:9B:89:B8:CF:47:F7:C4:85:D6:28:D0:A3:59:A1:6A:81:5C:D0:04:AB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m4m4z0f3xIXWKNCjWaFqgVzQBKs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/757fc5-8029-4828-8547-62e260313e4c/1/KxaC0ruOG2YD5n1zBRmLQRsn3WI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/757fc5-8029-4828-8547-62e260313e4c/1/m4m4z0f3xIXWKNCjWaFqgVzQBKs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.180.188.0/22 185.185.77.0-185.185.78.255 IPv6: 2a0f:a0c0::/29 Signature Algorithm: sha256WithRSAEncryption 54:b1:67:bc:d2:e5:1c:b2:27:51:aa:8d:d4:73:0a:29:09:8d: ac:02:8c:7d:1b:10:b3:f3:7a:6d:32:4f:2c:88:3c:4b:59:31: dd:9d:c9:48:e9:37:82:6a:49:b1:78:f3:89:e9:df:02:3c:a9: ff:60:73:1e:3f:c3:95:cd:ac:0c:cd:eb:19:54:5c:e9:5a:1f: 8a:4b:4a:65:db:c5:89:7f:2c:03:24:68:6d:7e:64:7d:fa:15: ac:86:82:bc:e7:69:c8:b8:f8:1f:00:06:e8:f8:16:90:21:b7: 06:ae:19:1d:6f:f5:c6:7e:5d:16:62:f7:85:64:22:48:e5:88: c6:a5:9c:c3:19:4a:6e:82:c3:ad:f1:cc:30:ba:01:6a:12:36: 8c:aa:c9:80:24:64:ec:67:b3:d8:5f:a1:4d:2b:bd:2e:11:da: 62:3a:90:1a:e5:c2:29:6a:87:82:eb:55:4d:8e:4f:f8:3d:54: eb:f5:7e:8d:06:43:0e:92:20:ff:13:df:0f:12:81:73:11:8c: fa:34:2b:11:41:13:fa:6d:7c:8c:4d:ec:ed:8e:38:26:01:bc: e6:e8:6f:88:ae:07:aa:d5:43:86:1f:7e:4c:5c:96:a2:e9:07: d7:ef:37:e1:13:75:32:3c:41:80:7b:69:71:cf:39:ca:00:3e: fc:1e:ab:60 -----BEGIN CERTIFICATE----- MIIFGjCCBAKgAwIBAgISAZt262YJV4FZpY7hV/IT2hLOMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDliODliOGNmNDdmN2M0ODVkNjI4ZDBhMzU5YTE2YTgxNWNk MDA0YWIwHhcNMjYwMTAxMDAxODE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyYjE2ODJkMmJiOGUxYjY2MDNlNjdkNzMwNTE5OGI0MTFiMjdkZDYyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp8gBs3tzlqDnYsGRREcrF8EDr4ug NtpDjPkuByshvHFJn+U3+Jl+hf9712cpEPa86KP2QlTrcSQxDkdQeCkCEeGTF1Zs 0TVXMJ0dvz+nQzrwXs3XavEqBvvxMglX6RtYyHhroUabVrJdLAZklSoQE7Kl4XGS SCQX8kqXEXv25lJpRD8EH6dJIH6xFJwHtkmZmEAQOCdzHorqB8Zd+AUg9Mh53Tyg JxICyyTfQ5BLkhlVoGLYZdRBXxv40eqUIeoekaiJKRiBrBTZ084dBqC0pGcjrRmO YEeMppw1Ekg1k8ay/a2ua5b348HL/DgmukIDw+yADOUO1cAaXPI7a+q+fwIDAQAB o4ICJjCCAiIwHQYDVR0OBBYEFCsWgtK7jhtmA+Z9cwUZi0EbJ91iMB8GA1UdIwQY MBaAFJuJuM9H98SF1ijQo1mhaoFc0ASrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbTRtNHowZjN4SVhXS05DaldhRnFnVnpRQktzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS83NTdmYzUtODAyOS00ODI4LTg1NDct NjJlMjYwMzEzZTRjLzEvS3hhQzBydU9HMllENW4xekJSbUxRUnNuM1dJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hZS83NTdmYzUtODAyOS00ODI4LTg1NDctNjJlMjYwMzEzZTRj LzEvbTRtNHowZjN4SVhXS05DaldhRnFnVnpRQktzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQCBbS8MAwD BAC5uU0DBAC5uU4wDQQCAAIwBwMFAyoPoMAwDQYJKoZIhvcNAQELBQADggEBAFSx Z7zS5RyyJ1GqjdRzCikJjawCjH0bELPzem0yTyyIPEtZMd2dyUjpN4JqSbF484np 3wI8qf9gcx4/w5XNrAzN6xlUXOlaH4pLSmXbxYl/LAMkaG1+ZH36FayGgrznaci4 +B8ABuj4FpAhtwauGR1v9cZ+XRZi94VkIkjliMalnMMZSm6Cw63xzDC6AWoSNoyq yYAkZOxns9hfoU0rvS4R2mI6kBrlwilqh4LrVU2OT/g9VOv1fo0GQw6SIP8T3w8S gXMRjPo0KxFBE/ptfIxN7O2OOCYBvObob4iuB6rVQ4YffkxclqLpB9fvN+ETdTI8 QYB7aXHPOcoAPvweq2A= -----END CERTIFICATE-----Generated at Fri Jan 2 11:04:02 2026 by rpki-client