This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/da66c0-b9f8-4094-a935-580d876885a1/1/Xip4xkGmyDCpD1V1TAhyG7oBSoo.roa File: Xip4xkGmyDCpD1V1TAhyG7oBSoo.roa (raw, json) Hash identifier: JS7Y9TGnxDiomHGfAPVHy5QyfD9ZOLvpsEHgj2zFlNg= Subject key identifier: 5E:2A:78:C6:41:A6:C8:30:A9:0F:55:75:4C:08:72:1B:BA:01:4A:8A Certificate issuer: /CN=7ca598322a69905a5c6e0295a0ca1fb55666c14b Certificate serial: 019B7759200D030F7F8E8470A2C7EBA53112 Authority key identifier: 7C:A5:98:32:2A:69:90:5A:5C:6E:02:95:A0:CA:1F:B5:56:66:C1:4B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fKWYMippkFpcbgKVoMoftVZmwUs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/da66c0-b9f8-4094-a935-580d876885a1/1/Xip4xkGmyDCpD1V1TAhyG7oBSoo.roa Signing time: Thu 01 Jan 2026 02:18:08 +0000 ROA not before: Thu 01 Jan 2026 02:18:08 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 215946 IP address blocks: 185.204.154.0/24 maxlen: 24 2a14:7100::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/da66c0-b9f8-4094-a935-580d876885a1/1/fKWYMippkFpcbgKVoMoftVZmwUs.crl rsync://rpki.ripe.net/repository/DEFAULT/b2/da66c0-b9f8-4094-a935-580d876885a1/1/fKWYMippkFpcbgKVoMoftVZmwUs.mft rsync://rpki.ripe.net/repository/DEFAULT/fKWYMippkFpcbgKVoMoftVZmwUs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:59:20:0d:03:0f:7f:8e:84:70:a2:c7:eb:a5:31:12 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7ca598322a69905a5c6e0295a0ca1fb55666c14b Validity Not Before: Jan 1 02:18:08 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5e2a78c641a6c830a90f55754c08721bba014a8a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:fa:3a:10:9e:f3:58:30:80:a0:2c:3f:67:8e: bd:77:47:f8:70:27:c5:79:b9:86:c2:e3:7f:9d:c0: 5c:a9:e7:c2:f4:f4:9c:a2:ed:49:c1:23:52:96:3e: 1f:50:d9:5d:10:69:2b:fa:a7:1f:db:ca:dd:7a:b2: e5:93:ae:d3:5e:fa:bd:a8:a5:8f:f0:9c:8c:69:01: a1:72:b8:34:62:de:47:dd:ba:94:01:02:64:e8:46: 3e:24:47:0f:08:08:8d:6a:ae:69:a5:de:a6:0f:8f: f9:8f:49:fc:b5:3b:d2:dc:eb:02:d6:9f:60:d3:35: dd:18:d0:13:9c:d8:05:98:2a:4d:bd:6c:3c:1c:b9: 5b:d2:ae:32:5d:ae:0f:7a:b3:c3:6d:53:33:0f:90: 62:58:d3:0c:74:2c:fe:43:8a:b7:8d:17:69:24:a9: fc:22:e9:43:6e:2b:14:c2:6a:ad:de:cb:22:6c:ac: 30:0f:67:87:aa:0b:1e:8b:0a:d7:2c:36:b7:78:5b: 29:f6:5d:d1:a9:4e:b8:08:b0:7f:7a:d7:5a:d1:30: 51:95:c7:0c:c8:fd:6b:c7:f8:bb:5f:74:51:d2:9b: 7e:a5:20:f0:27:88:3e:16:06:4b:90:66:cd:bc:54: 34:95:a2:6c:1f:05:5a:db:33:1f:13:fe:de:3e:bc: 36:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5E:2A:78:C6:41:A6:C8:30:A9:0F:55:75:4C:08:72:1B:BA:01:4A:8A X509v3 Authority Key Identifier: keyid:7C:A5:98:32:2A:69:90:5A:5C:6E:02:95:A0:CA:1F:B5:56:66:C1:4B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fKWYMippkFpcbgKVoMoftVZmwUs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/da66c0-b9f8-4094-a935-580d876885a1/1/Xip4xkGmyDCpD1V1TAhyG7oBSoo.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/da66c0-b9f8-4094-a935-580d876885a1/1/fKWYMippkFpcbgKVoMoftVZmwUs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.204.154.0/24 IPv6: 2a14:7100::/29 Signature Algorithm: sha256WithRSAEncryption 57:9f:e8:26:5e:8a:70:25:d6:46:06:31:fe:1c:69:5b:21:e2: 81:2d:17:24:4f:fd:2d:48:22:84:82:3b:74:75:94:6f:2c:43: da:c0:d7:11:a1:36:0b:f0:65:b3:39:33:85:fd:e7:2d:7e:0b: 43:75:80:70:91:28:6f:0a:b7:f4:79:49:5c:c9:5b:51:ce:e2: 30:64:e1:22:81:45:63:c4:3d:c6:a2:95:9f:5f:63:b0:b7:04: fa:4c:cd:d8:1b:b0:5b:8b:b1:90:41:fb:79:7c:cd:ed:ec:1b: ff:5e:2a:4f:ad:4f:15:f1:05:52:79:4d:41:a1:e9:da:97:a9: 10:aa:9f:f1:28:0e:08:5c:ea:b4:66:17:fd:1e:08:59:ed:b9: d1:3b:7e:0f:39:36:4e:35:48:92:ce:fa:5a:b0:a2:2a:08:7f: f8:15:f3:0a:b6:ad:fa:df:27:65:ac:ed:ea:d3:cd:8c:d8:fa: 8c:d1:a4:03:d7:25:2e:3e:ec:e4:4b:39:fa:3c:21:97:af:4e: d9:a9:2d:ce:86:1a:98:20:a9:48:7a:74:62:1c:9c:94:4b:38: b1:ba:e6:3b:db:54:05:40:6e:b3:35:f0:6d:28:02:28:09:7a: 67:55:9f:6c:72:1e:2e:71:6e:e2:8a:0d:50:e5:88:4d:4f:5b: f6:e2:3a:d6 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt3WSANAw9/joRwosfrpTESMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDdjYTU5ODMyMmE2OTkwNWE1YzZlMDI5NWEwY2ExZmI1NTY2 NmMxNGIwHhcNMjYwMTAxMDIxODA4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1ZTJhNzhjNjQxYTZjODMwYTkwZjU1NzU0YzA4NzIxYmJhMDE0YThhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1/o6EJ7zWDCAoCw/Z469d0f4cCfF ebmGwuN/ncBcqefC9PScou1JwSNSlj4fUNldEGkr+qcf28rderLlk67TXvq9qKWP 8JyMaQGhcrg0Yt5H3bqUAQJk6EY+JEcPCAiNaq5ppd6mD4/5j0n8tTvS3OsC1p9g 0zXdGNATnNgFmCpNvWw8HLlb0q4yXa4PerPDbVMzD5BiWNMMdCz+Q4q3jRdpJKn8 IulDbisUwmqt3ssibKwwD2eHqgseiwrXLDa3eFsp9l3RqU64CLB/etda0TBRlccM yP1rx/i7X3RR0pt+pSDwJ4g+FgZLkGbNvFQ0laJsHwVa2zMfE/7ePrw21wIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFF4qeMZBpsgwqQ9VdUwIchu6AUqKMB8GA1UdIwQY MBaAFHylmDIqaZBaXG4ClaDKH7VWZsFLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZktXWU1pcHBrRnBjYmdLVm9Nb2Z0Vlptd1VzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi9kYTY2YzAtYjlmOC00MDk0LWE5MzUt NTgwZDg3Njg4NWExLzEvWGlwNHhrR215RENwRDFWMVRBaHlHN29CU29vLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMi9kYTY2YzAtYjlmOC00MDk0LWE5MzUtNTgwZDg3Njg4NWEx LzEvZktXWU1pcHBrRnBjYmdLVm9Nb2Z0Vlptd1VzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAucyaMA0E AgACMAcDBQMqFHEAMA0GCSqGSIb3DQEBCwUAA4IBAQBXn+gmXopwJdZGBjH+HGlb IeKBLRckT/0tSCKEgjt0dZRvLEPawNcRoTYL8GWzOTOF/ectfgtDdYBwkShvCrf0 eUlcyVtRzuIwZOEigUVjxD3GopWfX2OwtwT6TM3YG7Bbi7GQQft5fM3t7Bv/XipP rU8V8QVSeU1Boenal6kQqp/xKA4IXOq0Zhf9HghZ7bnRO34POTZONUiSzvpasKIq CH/4FfMKtq363ydlrO3q082M2PqM0aQD1yUuPuzkSzn6PCGXr07ZqS3OhhqYIKlI enRiHJyUSzixuuY721QFQG6zNfBtKAIoCXpnVZ9sch4ucW7iig1Q5YhNT1v24jrW -----END CERTIFICATE-----Generated at Mon Feb 9 22:57:31 2026 by rpki-client