This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/f8a9eb-7f8d-4bf7-83d9-9096e1674e22/1/XiIbEnKjYE8MkI8g3bZKNddtCfQ.roa File: XiIbEnKjYE8MkI8g3bZKNddtCfQ.roa (raw, json) Hash identifier: 969ogNKjx9JV6jK/y8xnBqcJ9Cd0T2enS1wUqhtbhGY= Subject key identifier: 5E:22:1B:12:72:A3:60:4F:0C:90:8F:20:DD:B6:4A:35:D7:6D:09:F4 Certificate issuer: /CN=92e720465c5cd0da9c6a13b44fa0d86f649e5055 Certificate serial: 019B7C11EAFAE39279E1E6D675E02973AF38 Authority key identifier: 92:E7:20:46:5C:5C:D0:DA:9C:6A:13:B4:4F:A0:D8:6F:64:9E:50:55 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kucgRlxc0NqcahO0T6DYb2SeUFU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/f8a9eb-7f8d-4bf7-83d9-9096e1674e22/1/XiIbEnKjYE8MkI8g3bZKNddtCfQ.roa Signing time: Fri 02 Jan 2026 00:18:27 +0000 ROA not before: Fri 02 Jan 2026 00:18:27 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 44984 IP address blocks: 185.175.84.0/22 maxlen: 22 2a0b:df00::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/f8a9eb-7f8d-4bf7-83d9-9096e1674e22/1/kucgRlxc0NqcahO0T6DYb2SeUFU.crl rsync://rpki.ripe.net/repository/DEFAULT/b1/f8a9eb-7f8d-4bf7-83d9-9096e1674e22/1/kucgRlxc0NqcahO0T6DYb2SeUFU.mft rsync://rpki.ripe.net/repository/DEFAULT/kucgRlxc0NqcahO0T6DYb2SeUFU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 09:01:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:11:ea:fa:e3:92:79:e1:e6:d6:75:e0:29:73:af:38 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=92e720465c5cd0da9c6a13b44fa0d86f649e5055 Validity Not Before: Jan 2 00:18:27 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5e221b1272a3604f0c908f20ddb64a35d76d09f4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:3e:33:0a:ff:83:fc:3c:47:df:6c:fa:be:d9: 8f:41:7c:05:bc:81:27:81:40:75:3c:1c:46:83:28: ef:6b:a6:f5:f9:3a:c8:05:52:3b:59:c5:09:35:4f: cf:f4:1f:16:a4:b7:c3:37:1c:38:44:6f:06:2b:41: 45:90:5f:10:33:f0:72:72:e2:d8:1c:41:15:48:91: 40:f4:48:b6:2e:f3:0f:1f:e3:84:84:81:aa:50:1a: ab:af:ba:8e:e4:33:57:38:bf:28:15:8c:2a:20:1b: 34:98:db:f8:84:c5:ba:55:99:35:7d:b9:b8:70:86: 31:f3:be:e1:cf:da:1a:d5:fa:cb:f4:0b:0d:d8:a8: d4:0e:17:0d:57:2d:39:75:cb:4c:b8:2d:0a:85:3e: b5:f6:3f:e4:ea:f5:b0:59:4b:01:94:28:f5:8e:07: 60:b9:1b:dd:dd:3d:10:4c:e4:58:9e:d7:4f:4e:c1: 05:f3:f3:73:a6:2f:9d:1d:a5:27:0e:19:bf:29:bb: 11:00:d3:85:53:92:31:ef:2a:b0:42:ab:73:2d:7c: ed:b9:48:29:9b:3d:cc:37:9b:52:d3:af:1f:3e:0b: 96:60:0e:ae:12:d5:5a:38:83:ae:d8:55:c5:b8:a9: dc:7a:0f:27:91:ca:4e:16:5e:31:54:a7:c6:db:2f: f8:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5E:22:1B:12:72:A3:60:4F:0C:90:8F:20:DD:B6:4A:35:D7:6D:09:F4 X509v3 Authority Key Identifier: keyid:92:E7:20:46:5C:5C:D0:DA:9C:6A:13:B4:4F:A0:D8:6F:64:9E:50:55 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kucgRlxc0NqcahO0T6DYb2SeUFU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/f8a9eb-7f8d-4bf7-83d9-9096e1674e22/1/XiIbEnKjYE8MkI8g3bZKNddtCfQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/f8a9eb-7f8d-4bf7-83d9-9096e1674e22/1/kucgRlxc0NqcahO0T6DYb2SeUFU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.175.84.0/22 IPv6: 2a0b:df00::/32 Signature Algorithm: sha256WithRSAEncryption 19:b6:32:93:b7:6b:9c:12:e1:69:0b:e9:02:ae:59:6f:18:8b: 4b:58:fa:3f:81:73:35:dd:77:ab:04:7f:25:87:4a:b8:dc:f3: 34:6b:a9:06:62:2c:ea:78:a7:cf:22:7b:40:08:c0:a6:c8:5e: 83:39:af:7c:5f:fa:1f:e3:d1:a3:0b:43:59:6b:23:5d:d1:ff: a9:54:f5:f5:81:73:eb:d8:0e:44:c0:57:c8:f5:b2:ef:ef:0a: 15:d7:c2:aa:69:38:40:7d:76:8e:a4:e9:fb:73:50:e8:9c:9b: e1:40:6c:62:90:07:a6:34:d3:c1:38:63:e9:f2:75:9b:0e:f9: 2e:28:91:61:4c:13:79:bc:63:81:30:2a:07:2a:6d:64:29:47: 1b:dc:43:4a:64:9c:b6:ce:23:f0:7e:f8:53:6a:59:50:28:82: 46:99:78:b0:7a:05:c0:9e:e1:f3:08:30:bf:a8:64:4a:f6:84: 67:bb:73:0b:9a:ff:49:a3:0c:1f:45:9d:bf:34:d2:6b:9f:8d: 88:b6:83:95:09:03:1e:1a:5f:11:47:00:c0:07:73:25:08:63: 8c:19:67:b7:33:a9:73:5a:be:65:c5:70:7c:e7:62:dd:32:b2: f5:bf:00:67:4d:14:88:cd:58:d5:69:e4:9a:c6:8a:b9:29:a6: 5f:6f:96:64 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt8Eer645J54ebWdeApc684MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkyZTcyMDQ2NWM1Y2QwZGE5YzZhMTNiNDRmYTBkODZmNjQ5 ZTUwNTUwHhcNMjYwMTAyMDAxODI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1ZTIyMWIxMjcyYTM2MDRmMGM5MDhmMjBkZGI2NGEzNWQ3NmQwOWY0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuT4zCv+D/DxH32z6vtmPQXwFvIEn gUB1PBxGgyjva6b1+TrIBVI7WcUJNU/P9B8WpLfDNxw4RG8GK0FFkF8QM/BycuLY HEEVSJFA9Ei2LvMPH+OEhIGqUBqrr7qO5DNXOL8oFYwqIBs0mNv4hMW6VZk1fbm4 cIYx877hz9oa1frL9AsN2KjUDhcNVy05dctMuC0KhT619j/k6vWwWUsBlCj1jgdg uRvd3T0QTORYntdPTsEF8/Nzpi+dHaUnDhm/KbsRANOFU5Ix7yqwQqtzLXztuUgp mz3MN5tS068fPguWYA6uEtVaOIOu2FXFuKnceg8nkcpOFl4xVKfG2y/4WQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFF4iGxJyo2BPDJCPIN22SjXXbQn0MB8GA1UdIwQY MBaAFJLnIEZcXNDanGoTtE+g2G9knlBVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva3VjZ1JseGMwTnFjYWhPMFQ2RFliMlNlVUZVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9mOGE5ZWItN2Y4ZC00YmY3LTgzZDkt OTA5NmUxNjc0ZTIyLzEvWGlJYkVuS2pZRThNa0k4ZzNiWktOZGR0Q2ZRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMS9mOGE5ZWItN2Y4ZC00YmY3LTgzZDktOTA5NmUxNjc0ZTIy LzEva3VjZ1JseGMwTnFjYWhPMFQ2RFliMlNlVUZVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCua9UMA0E AgACMAcDBQAqC98AMA0GCSqGSIb3DQEBCwUAA4IBAQAZtjKTt2ucEuFpC+kCrllv GItLWPo/gXM13XerBH8lh0q43PM0a6kGYizqeKfPIntACMCmyF6DOa98X/of49Gj C0NZayNd0f+pVPX1gXPr2A5EwFfI9bLv7woV18KqaThAfXaOpOn7c1DonJvhQGxi kAemNNPBOGPp8nWbDvkuKJFhTBN5vGOBMCoHKm1kKUcb3ENKZJy2ziPwfvhTallQ KIJGmXiwegXAnuHzCDC/qGRK9oRnu3MLmv9JowwfRZ2/NNJrn42ItoOVCQMeGl8R RwDAB3MlCGOMGWe3M6lzWr5lxXB852LdMrL1vwBnTRSIzVjVaeSaxoq5KaZfb5Zk -----END CERTIFICATE-----Generated at Fri Jan 2 18:03:48 2026 by rpki-client