This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/f8c018-b90f-4f89-a3f4-2ec871465599/1/XXIoAY-5Av7-gKbYLelSLr2VuAQ.roa File: XXIoAY-5Av7-gKbYLelSLr2VuAQ.roa (raw, json) Hash identifier: JJi5E5XJ/T8+/7RMzDeJIxZnJ0RujHszIcclzG1wW/0= Subject key identifier: 5D:72:28:01:8F:B9:02:FE:FE:80:A6:D8:2D:E9:52:2E:BD:95:B8:04 Certificate issuer: /CN=048dc3b923c7738f9a58ee80b49bcd0c5e7dcffa Certificate serial: 019B7910D1151E0730A67D8D6CFEC0D623B2 Authority key identifier: 04:8D:C3:B9:23:C7:73:8F:9A:58:EE:80:B4:9B:CD:0C:5E:7D:CF:FA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BI3DuSPHc4-aWO6AtJvNDF59z_o.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/f8c018-b90f-4f89-a3f4-2ec871465599/1/XXIoAY-5Av7-gKbYLelSLr2VuAQ.roa Signing time: Thu 01 Jan 2026 10:18:23 +0000 ROA not before: Thu 01 Jan 2026 10:18:23 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 209169 IP address blocks: 2.59.44.0/22 maxlen: 24 2a09:f0c0::/29 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/f8c018-b90f-4f89-a3f4-2ec871465599/1/BI3DuSPHc4-aWO6AtJvNDF59z_o.crl rsync://rpki.ripe.net/repository/DEFAULT/b4/f8c018-b90f-4f89-a3f4-2ec871465599/1/BI3DuSPHc4-aWO6AtJvNDF59z_o.mft rsync://rpki.ripe.net/repository/DEFAULT/BI3DuSPHc4-aWO6AtJvNDF59z_o.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 10:00:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:10:d1:15:1e:07:30:a6:7d:8d:6c:fe:c0:d6:23:b2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=048dc3b923c7738f9a58ee80b49bcd0c5e7dcffa Validity Not Before: Jan 1 10:18:23 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5d7228018fb902fefe80a6d82de9522ebd95b804 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:5a:d3:dd:e1:b3:50:d2:71:f7:af:d6:4e:7f: c9:d5:22:4f:4b:51:7e:9e:44:62:4b:e1:e5:c1:05: 6d:9a:86:fe:34:de:08:a5:b0:35:6f:02:3d:41:ce: 2f:e9:19:89:1e:1c:46:ad:bd:2a:a2:95:0f:d7:6e: dd:c2:ce:49:d8:5c:fc:ec:b3:3a:78:cb:10:ba:c2: 48:46:3c:26:6f:cb:0e:2e:44:03:ae:63:2d:68:11: 83:2e:5d:a3:6d:3f:17:92:da:d4:3c:00:a8:74:f6: bc:4c:49:ea:02:ea:4b:d0:a7:e6:af:43:ef:ff:2f: 9e:4d:2c:fb:5f:b6:9c:0a:d1:37:15:88:ac:72:01: 3a:25:81:0b:71:1b:03:21:26:27:6f:75:e8:e9:c9: 4f:ff:33:0e:d0:83:eb:06:57:e2:99:8b:5d:ca:94: 1d:61:fa:4e:4f:05:02:48:59:2f:64:f3:9b:68:0a: 14:ee:39:cf:b1:c9:be:02:da:49:8e:39:98:91:a3: 82:62:73:c2:2d:bc:3f:23:2e:72:b9:f4:89:6e:c5: 75:92:3c:e4:68:36:ca:aa:09:b5:2e:b0:99:9b:63: 46:58:5c:f6:27:60:64:a5:ab:4c:03:80:ea:3c:9d: 42:2b:14:84:4b:df:6c:7d:7c:69:8a:f7:2e:d8:23: b4:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:72:28:01:8F:B9:02:FE:FE:80:A6:D8:2D:E9:52:2E:BD:95:B8:04 X509v3 Authority Key Identifier: keyid:04:8D:C3:B9:23:C7:73:8F:9A:58:EE:80:B4:9B:CD:0C:5E:7D:CF:FA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BI3DuSPHc4-aWO6AtJvNDF59z_o.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/f8c018-b90f-4f89-a3f4-2ec871465599/1/XXIoAY-5Av7-gKbYLelSLr2VuAQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/f8c018-b90f-4f89-a3f4-2ec871465599/1/BI3DuSPHc4-aWO6AtJvNDF59z_o.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 2.59.44.0/22 IPv6: 2a09:f0c0::/29 Signature Algorithm: sha256WithRSAEncryption 0e:13:43:5b:17:47:fb:2e:c3:94:0c:a7:29:f5:7b:b2:eb:48: bd:3e:a8:80:c7:fe:86:e6:33:fb:9e:97:f7:01:3e:35:ae:6c: 55:31:7c:ee:27:8c:40:58:c5:c0:0d:15:04:cf:01:12:06:c9: 30:4a:ce:58:91:40:c0:1b:cb:63:91:27:29:11:6c:c7:c5:09: c2:6f:41:a3:a0:5a:15:3a:0e:30:23:c8:5f:3e:e4:60:f7:2c: 6d:a6:25:35:50:ab:a8:b4:30:be:ff:90:12:5e:40:13:2f:36: 6c:fb:6e:68:70:2c:96:b6:9b:c8:d5:40:f7:e7:43:91:54:b5: c4:fd:22:4e:76:3e:56:07:14:34:02:6d:fa:7c:79:52:82:c9: 11:4c:4e:a5:e1:1f:f4:b6:e1:1f:2b:c4:ef:3f:69:09:03:27: 7c:95:86:f4:fb:57:c4:8f:a1:cc:e3:a8:5f:dc:a2:4d:4e:69: 16:93:f5:e3:6d:a0:ff:89:95:c5:46:14:35:35:a6:d2:88:95: d8:2a:6a:06:9c:67:fd:bb:a0:f2:14:b0:be:49:b0:58:ed:fa: 07:66:f5:01:cb:84:38:d6:53:c7:e6:03:63:5f:bf:f4:5d:0e: 0a:b6:98:94:44:24:f2:88:55:d3:1c:42:6a:e8:5d:c0:74:64: c9:ec:52:61 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt5ENEVHgcwpn2NbP7A1iOyMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA0OGRjM2I5MjNjNzczOGY5YTU4ZWU4MGI0OWJjZDBjNWU3 ZGNmZmEwHhcNMjYwMTAxMTAxODIzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1ZDcyMjgwMThmYjkwMmZlZmU4MGE2ZDgyZGU5NTIyZWJkOTViODA0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxlrT3eGzUNJx96/WTn/J1SJPS1F+ nkRiS+HlwQVtmob+NN4IpbA1bwI9Qc4v6RmJHhxGrb0qopUP127dws5J2Fz87LM6 eMsQusJIRjwmb8sOLkQDrmMtaBGDLl2jbT8XktrUPACodPa8TEnqAupL0Kfmr0Pv /y+eTSz7X7acCtE3FYiscgE6JYELcRsDISYnb3Xo6clP/zMO0IPrBlfimYtdypQd YfpOTwUCSFkvZPObaAoU7jnPscm+AtpJjjmYkaOCYnPCLbw/Iy5yufSJbsV1kjzk aDbKqgm1LrCZm2NGWFz2J2BkpatMA4DqPJ1CKxSES99sfXxpivcu2CO0IQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFF1yKAGPuQL+/oCm2C3pUi69lbgEMB8GA1UdIwQY MBaAFASNw7kjx3OPmljugLSbzQxefc/6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQkkzRHVTUEhjNC1hV082QXRKdk5ERjU5el9vLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9mOGMwMTgtYjkwZi00Zjg5LWEzZjQt MmVjODcxNDY1NTk5LzEvWFhJb0FZLTVBdjctZ0tiWUxlbFNMcjJWdUFRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iNC9mOGMwMTgtYjkwZi00Zjg5LWEzZjQtMmVjODcxNDY1NTk5 LzEvQkkzRHVTUEhjNC1hV082QXRKdk5ERjU5el9vLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCAjssMA0E AgACMAcDBQMqCfDAMA0GCSqGSIb3DQEBCwUAA4IBAQAOE0NbF0f7LsOUDKcp9Xuy 60i9PqiAx/6G5jP7npf3AT41rmxVMXzuJ4xAWMXADRUEzwESBskwSs5YkUDAG8tj kScpEWzHxQnCb0GjoFoVOg4wI8hfPuRg9yxtpiU1UKuotDC+/5ASXkATLzZs+25o cCyWtpvI1UD350ORVLXE/SJOdj5WBxQ0Am36fHlSgskRTE6l4R/0tuEfK8TvP2kJ Ayd8lYb0+1fEj6HM46hf3KJNTmkWk/XjbaD/iZXFRhQ1NabSiJXYKmoGnGf9u6Dy FLC+SbBY7foHZvUBy4Q41lPH5gNjX7/0XQ4KtpiURCTyiFXTHEJq6F3AdGTJ7FJh -----END CERTIFICATE-----Generated at Mon Feb 9 19:40:11 2026 by rpki-client