This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/00df29-5022-405e-895d-77ca89cf436a/1/xo56gz-sHNgNhs5F1QLj5VzEnGA.roa File: xo56gz-sHNgNhs5F1QLj5VzEnGA.roa (raw, json) Hash identifier: YHF2lJdgiYyyfdcc4I4hM7f5QuuqDFl1zASnR1Kz4/U= Subject key identifier: C6:8E:7A:83:3F:AC:1C:D8:0D:86:CE:45:D5:02:E3:E5:5C:C4:9C:60 Certificate issuer: /CN=bab5e5e601cbf5d19d10d4db476a923b3b36f827 Certificate serial: 019B7F156FF081A2A6AE71DF8C3E1204A1E4 Authority key identifier: BA:B5:E5:E6:01:CB:F5:D1:9D:10:D4:DB:47:6A:92:3B:3B:36:F8:27 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/urXl5gHL9dGdENTbR2qSOzs2-Cc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/00df29-5022-405e-895d-77ca89cf436a/1/xo56gz-sHNgNhs5F1QLj5VzEnGA.roa Signing time: Fri 02 Jan 2026 14:21:09 +0000 ROA not before: Fri 02 Jan 2026 14:21:09 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 24904 IP address blocks: 2.59.236.0/22 maxlen: 24 45.15.60.0/22 maxlen: 24 45.83.228.0/22 maxlen: 24 81.28.192.0/20 maxlen: 24 83.243.124.0/22 maxlen: 24 92.118.96.0/22 maxlen: 24 171.22.0.0/22 maxlen: 24 178.250.208.0/21 maxlen: 24 185.4.76.0/22 maxlen: 24 185.45.32.0/22 maxlen: 24 185.66.100.0/22 maxlen: 24 185.73.232.0/22 maxlen: 24 185.164.232.0/22 maxlen: 24 185.200.200.0/22 maxlen: 24 185.202.60.0/22 maxlen: 24 185.207.80.0/22 maxlen: 24 185.215.12.0/22 maxlen: 24 185.216.240.0/22 maxlen: 24 185.219.204.0/22 maxlen: 24 185.229.160.0/22 maxlen: 24 185.238.4.0/22 maxlen: 24 185.251.160.0/22 maxlen: 24 194.29.74.0/23 maxlen: 24 194.38.32.0/22 maxlen: 24 194.147.0.0/22 maxlen: 24 2a03:4980::/32 maxlen: 32 2a03:4980::/40 maxlen: 40 2a03:4980:100::/40 maxlen: 40 2a03:4980:200::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b7/00df29-5022-405e-895d-77ca89cf436a/1/urXl5gHL9dGdENTbR2qSOzs2-Cc.crl rsync://rpki.ripe.net/repository/DEFAULT/b7/00df29-5022-405e-895d-77ca89cf436a/1/urXl5gHL9dGdENTbR2qSOzs2-Cc.mft rsync://rpki.ripe.net/repository/DEFAULT/urXl5gHL9dGdENTbR2qSOzs2-Cc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:15:6f:f0:81:a2:a6:ae:71:df:8c:3e:12:04:a1:e4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=bab5e5e601cbf5d19d10d4db476a923b3b36f827 Validity Not Before: Jan 2 14:21:09 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=c68e7a833fac1cd80d86ce45d502e3e55cc49c60 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:5b:2d:e1:03:38:ea:27:a7:18:85:0b:c3:ac: 01:c4:1e:88:8f:96:c5:a0:c8:be:3e:9c:22:a6:f3: bb:22:1b:05:5f:7a:93:9a:71:53:dc:85:1e:fb:f9: 07:05:34:c5:da:27:2f:b0:e2:51:66:02:4c:49:9c: 36:d4:9e:b4:f2:ac:ad:f8:80:d7:cc:93:0d:e2:f2: d1:1a:5a:f4:f0:d7:09:04:b2:90:60:d6:59:9a:77: 3e:bf:06:40:31:69:4b:b4:c8:7b:8a:7c:a7:eb:f2: 1e:3c:f1:15:b3:92:69:93:bc:53:db:61:a8:19:9d: 2c:23:f6:2a:cd:01:23:70:a4:e4:4a:30:5a:80:81: 92:e2:9a:39:db:01:6e:c1:04:fe:14:ea:1b:47:3f: 94:1e:d4:b4:74:df:c8:f2:7a:07:d8:87:47:dd:63: 40:a4:76:20:cc:83:4c:a2:19:66:49:8a:23:a4:f5: 22:aa:38:62:dc:20:4f:20:05:be:f4:c7:b6:d8:68: c3:9c:47:12:1c:7d:e4:4f:a1:45:85:be:ff:bc:c8: 75:ce:44:d8:cf:00:96:91:13:04:c2:4f:74:52:63: 6f:f7:70:55:b2:bb:e6:20:f1:b1:18:99:9d:22:fd: 10:75:74:54:81:fc:78:84:72:46:75:19:bb:34:24: 63:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C6:8E:7A:83:3F:AC:1C:D8:0D:86:CE:45:D5:02:E3:E5:5C:C4:9C:60 X509v3 Authority Key Identifier: keyid:BA:B5:E5:E6:01:CB:F5:D1:9D:10:D4:DB:47:6A:92:3B:3B:36:F8:27 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/urXl5gHL9dGdENTbR2qSOzs2-Cc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/00df29-5022-405e-895d-77ca89cf436a/1/xo56gz-sHNgNhs5F1QLj5VzEnGA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/00df29-5022-405e-895d-77ca89cf436a/1/urXl5gHL9dGdENTbR2qSOzs2-Cc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 2.59.236.0/22 45.15.60.0/22 45.83.228.0/22 81.28.192.0/20 83.243.124.0/22 92.118.96.0/22 171.22.0.0/22 178.250.208.0/21 185.4.76.0/22 185.45.32.0/22 185.66.100.0/22 185.73.232.0/22 185.164.232.0/22 185.200.200.0/22 185.202.60.0/22 185.207.80.0/22 185.215.12.0/22 185.216.240.0/22 185.219.204.0/22 185.229.160.0/22 185.238.4.0/22 185.251.160.0/22 194.29.74.0/23 194.38.32.0/22 194.147.0.0/22 IPv6: 2a03:4980::/32 Signature Algorithm: sha256WithRSAEncryption 96:4f:ac:f4:82:d5:37:a7:d3:fb:76:ce:4a:f4:43:c3:ce:14: e7:c7:76:e9:50:da:01:f8:cd:26:23:cb:e8:da:e0:a0:d1:f0: dc:2b:d1:eb:33:28:e5:96:fa:e3:91:a7:75:7d:d5:d3:bc:97: f3:62:2a:fd:a1:9e:82:3b:b8:bb:48:6f:b0:23:60:72:5b:de: 23:d5:70:9b:80:0f:86:95:3c:de:3a:54:ff:0a:6b:4c:ab:94: d5:98:0d:b6:5a:0e:8a:59:e3:3f:a9:9b:72:43:be:d1:c5:93: b1:86:bb:c0:db:18:c3:52:4a:d2:b0:9d:08:8a:f8:14:02:63: 2b:f2:2e:12:9e:a2:90:52:0c:a5:aa:30:07:43:d1:78:2e:af: e5:cc:49:1b:fd:a9:74:57:d5:62:bc:4d:eb:b6:2d:16:ef:92: 00:cc:88:97:84:d8:de:f7:c8:a0:f5:74:b7:98:31:28:e3:65: ec:b5:fc:e1:2f:7f:83:2f:01:25:8b:0a:2f:59:2c:a7:c4:5b: d5:d9:54:ba:82:a5:3d:1c:3e:bc:09:e2:8b:56:53:8e:05:a3: 6d:da:e4:08:e9:9a:db:90:d1:ee:79:e8:d6:eb:c0:8c:cd:8a: 53:43:68:2e:0e:f0:c8:e9:b6:c3:46:93:44:db:11:32:05:e4: 57:a5:26:4b -----BEGIN CERTIFICATE----- MIIFoTCCBImgAwIBAgISAZt/FW/wgaKmrnHfjD4SBKHkMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGJhYjVlNWU2MDFjYmY1ZDE5ZDEwZDRkYjQ3NmE5MjNiM2Iz NmY4MjcwHhcNMjYwMTAyMTQyMTA5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjNjhlN2E4MzNmYWMxY2Q4MGQ4NmNlNDVkNTAyZTNlNTVjYzQ5YzYwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoFst4QM46ienGIULw6wBxB6Ij5bF oMi+PpwipvO7IhsFX3qTmnFT3IUe+/kHBTTF2icvsOJRZgJMSZw21J608qyt+IDX zJMN4vLRGlr08NcJBLKQYNZZmnc+vwZAMWlLtMh7inyn6/IePPEVs5Jpk7xT22Go GZ0sI/YqzQEjcKTkSjBagIGS4po52wFuwQT+FOobRz+UHtS0dN/I8noH2IdH3WNA pHYgzINMohlmSYojpPUiqjhi3CBPIAW+9Me22GjDnEcSHH3kT6FFhb7/vMh1zkTY zwCWkRMEwk90UmNv93BVsrvmIPGxGJmdIv0QdXRUgfx4hHJGdRm7NCRjQQIDAQAB o4ICrTCCAqkwHQYDVR0OBBYEFMaOeoM/rBzYDYbORdUC4+VcxJxgMB8GA1UdIwQY MBaAFLq15eYBy/XRnRDU20dqkjs7NvgnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdXJYbDVnSEw5ZEdkRU5UYlIycVNPenMyLUNjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy8wMGRmMjktNTAyMi00MDVlLTg5NWQt NzdjYTg5Y2Y0MzZhLzEveG81Nmd6LXNITmdOaHM1RjFRTGo1VnpFbkdBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iNy8wMGRmMjktNTAyMi00MDVlLTg5NWQtNzdjYTg5Y2Y0MzZh LzEvdXJYbDVnSEw5ZEdkRU5UYlIycVNPenMyLUNjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIHCBggrBgEFBQcBBwEB/wSBsjCBrzCBnQQCAAEwgZYDBAIC O+wDBAItDzwDBAItU+QDBARRHMADBAJT83wDBAJcdmADBAKrFgADBAOy+tADBAK5 BEwDBAK5LSADBAK5QmQDBAK5SegDBAK5pOgDBAK5yMgDBAK5yjwDBAK5z1ADBAK5 1wwDBAK52PADBAK528wDBAK55aADBAK57gQDBAK5+6ADBAHCHUoDBALCJiADBALC kwAwDQQCAAIwBwMFACoDSYAwDQYJKoZIhvcNAQELBQADggEBAJZPrPSC1Ten0/t2 zkr0Q8POFOfHdulQ2gH4zSYjy+ja4KDR8Nwr0eszKOWW+uORp3V91dO8l/NiKv2h noI7uLtIb7AjYHJb3iPVcJuAD4aVPN46VP8Ka0yrlNWYDbZaDopZ4z+pm3JDvtHF k7GGu8DbGMNSStKwnQiK+BQCYyvyLhKeopBSDKWqMAdD0Xgur+XMSRv9qXRX1WK8 Teu2LRbvkgDMiJeE2N73yKD1dLeYMSjjZey1/OEvf4MvASWLCi9ZLKfEW9XZVLqC pT0cPrwJ4otWU44Fo23a5AjpmtuQ0e556NbrwIzNilNDaC4O8MjptsNGk0TbETIF 5FelJks= -----END CERTIFICATE-----Generated at Mon Feb 9 22:35:15 2026 by rpki-client