This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/5b2d6e-8247-448f-a358-5473ee1daa9b/1/xvjr_8JqIZkbED7GUsRWo_s5EPY.roa File: xvjr_8JqIZkbED7GUsRWo_s5EPY.roa (raw, json) Hash identifier: FiH4mjXZzCr8o0pEvyEmejvpAQkDbsQib4uDB3k7p1g= Subject key identifier: C6:F8:EB:FF:C2:6A:21:99:1B:10:3E:C6:52:C4:56:A3:FB:39:10:F6 Certificate issuer: /CN=d82b2846f093bc9416041be68a2c783161eb04df Certificate serial: 019B7B3567E522E46175A716196DB2B88128 Authority key identifier: D8:2B:28:46:F0:93:BC:94:16:04:1B:E6:8A:2C:78:31:61:EB:04:DF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2CsoRvCTvJQWBBvmiix4MWHrBN8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/5b2d6e-8247-448f-a358-5473ee1daa9b/1/xvjr_8JqIZkbED7GUsRWo_s5EPY.roa Signing time: Thu 01 Jan 2026 20:17:36 +0000 ROA not before: Thu 01 Jan 2026 20:17:36 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 21111 IP address blocks: 158.66.0.0/16 maxlen: 16 158.66.1.0/24 maxlen: 24 158.66.2.0/24 maxlen: 24 158.66.3.0/24 maxlen: 24 158.66.4.0/24 maxlen: 24 158.66.5.0/24 maxlen: 24 158.66.6.0/24 maxlen: 24 158.66.7.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/5b2d6e-8247-448f-a358-5473ee1daa9b/1/2CsoRvCTvJQWBBvmiix4MWHrBN8.crl rsync://rpki.ripe.net/repository/DEFAULT/bc/5b2d6e-8247-448f-a358-5473ee1daa9b/1/2CsoRvCTvJQWBBvmiix4MWHrBN8.mft rsync://rpki.ripe.net/repository/DEFAULT/2CsoRvCTvJQWBBvmiix4MWHrBN8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 11:01:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:35:67:e5:22:e4:61:75:a7:16:19:6d:b2:b8:81:28 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d82b2846f093bc9416041be68a2c783161eb04df Validity Not Before: Jan 1 20:17:36 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=c6f8ebffc26a21991b103ec652c456a3fb3910f6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:6d:c1:5b:c6:7d:f9:e0:8f:7e:64:08:50:f9: b5:9a:2e:2a:0a:4b:03:6d:a0:f5:75:7f:73:6f:27: 44:c3:ef:73:32:12:d4:d8:49:28:6c:3a:2a:18:ff: 98:f9:eb:5d:a1:e5:83:02:eb:91:9a:e6:46:94:3a: db:bb:8c:d2:6e:e3:62:38:52:79:3f:d5:06:21:2b: a1:a3:b0:be:7e:4b:3a:2f:02:3f:a2:67:5b:04:b8: 11:80:fd:7e:de:95:5e:fa:21:a3:3f:55:7c:35:9e: 96:40:e9:ec:fe:65:ef:df:16:8d:da:d2:2f:0b:c7: 87:49:9d:55:d1:99:43:28:26:54:93:ae:45:58:f1: e9:6b:5d:28:50:a2:b7:1d:73:c7:09:dc:99:ce:47: 2e:8e:de:2d:e8:c3:c5:3a:18:bb:aa:d7:50:c6:df: b6:8a:d5:47:15:c2:56:7d:94:2c:e6:bc:90:3f:b2: 41:d7:cb:5a:23:ba:5e:77:35:42:8e:1c:bd:85:06: 8b:a0:a4:f4:76:79:3f:1d:07:01:1b:98:0c:85:dd: 91:6c:e6:09:e3:08:cf:2c:ad:7c:b1:3f:5b:f3:2c: 51:e5:94:07:17:6a:8f:5f:0f:af:89:06:27:aa:79: eb:34:a9:b1:26:8a:85:98:f2:74:5d:4b:94:3f:b6: c2:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C6:F8:EB:FF:C2:6A:21:99:1B:10:3E:C6:52:C4:56:A3:FB:39:10:F6 X509v3 Authority Key Identifier: keyid:D8:2B:28:46:F0:93:BC:94:16:04:1B:E6:8A:2C:78:31:61:EB:04:DF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2CsoRvCTvJQWBBvmiix4MWHrBN8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/5b2d6e-8247-448f-a358-5473ee1daa9b/1/xvjr_8JqIZkbED7GUsRWo_s5EPY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/5b2d6e-8247-448f-a358-5473ee1daa9b/1/2CsoRvCTvJQWBBvmiix4MWHrBN8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 158.66.0.0/16 Signature Algorithm: sha256WithRSAEncryption 50:52:96:15:57:94:b3:50:38:d4:40:49:b2:0c:c4:be:21:59: 72:1b:90:19:cc:01:d3:92:9f:e7:b8:cb:a5:e2:00:40:a4:ec: 95:2b:4b:07:86:e5:b6:f1:c9:da:56:7d:40:70:2f:b6:6d:6c: f0:cc:96:65:95:2e:40:75:cd:28:03:2b:a3:c4:7b:19:4b:35: 21:27:11:f3:74:7d:4d:d8:79:97:40:d2:9b:18:9e:93:ac:85: 04:62:b1:19:3e:90:d7:88:b1:96:90:37:a5:1f:ec:72:d9:09: 19:04:9c:2e:d0:cf:af:08:8e:5f:94:c1:68:7c:06:90:f9:ab: 20:94:9c:54:52:02:13:f4:f6:b2:8c:43:4a:c4:32:ff:c0:7f: 9b:36:ec:bc:32:c8:8c:e3:db:ac:10:bc:5a:f0:84:6a:7b:ec: be:4a:92:d9:4c:ee:83:21:06:fb:3a:74:14:c3:c9:f2:89:e0: 92:78:62:ef:52:00:e7:30:e2:b6:fd:3a:8e:34:f1:36:4c:ab: 3c:6e:ca:25:bb:c3:d6:c8:06:e0:46:32:fa:aa:90:9d:56:a3: af:11:a8:96:66:a0:08:3d:3c:7d:8c:59:13:26:62:ad:67:be: f0:65:ec:05:17:17:fc:4f:e5:59:6f:38:b5:a9:c0:75:c3:28: 4e:48:98:9b -----BEGIN CERTIFICATE----- MIIE/DCCA+SgAwIBAgISAZt7NWflIuRhdacWGW2yuIEoMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ4MmIyODQ2ZjA5M2JjOTQxNjA0MWJlNjhhMmM3ODMxNjFl YjA0ZGYwHhcNMjYwMTAxMjAxNzM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjNmY4ZWJmZmMyNmEyMTk5MWIxMDNlYzY1MmM0NTZhM2ZiMzkxMGY2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy23BW8Z9+eCPfmQIUPm1mi4qCksD baD1dX9zbydEw+9zMhLU2EkobDoqGP+Y+etdoeWDAuuRmuZGlDrbu4zSbuNiOFJ5 P9UGISuho7C+fks6LwI/omdbBLgRgP1+3pVe+iGjP1V8NZ6WQOns/mXv3xaN2tIv C8eHSZ1V0ZlDKCZUk65FWPHpa10oUKK3HXPHCdyZzkcujt4t6MPFOhi7qtdQxt+2 itVHFcJWfZQs5ryQP7JB18taI7pedzVCjhy9hQaLoKT0dnk/HQcBG5gMhd2RbOYJ 4wjPLK18sT9b8yxR5ZQHF2qPXw+viQYnqnnrNKmxJoqFmPJ0XUuUP7bC5wIDAQAB o4ICCDCCAgQwHQYDVR0OBBYEFMb46//CaiGZGxA+xlLEVqP7ORD2MB8GA1UdIwQY MBaAFNgrKEbwk7yUFgQb5ooseDFh6wTfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMkNzb1J2Q1R2SlFXQkJ2bWlpeDRNV0hyQk44LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy81YjJkNmUtODI0Ny00NDhmLWEzNTgt NTQ3M2VlMWRhYTliLzEveHZqcl84SnFJWmtiRUQ3R1VzUldvX3M1RVBZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYy81YjJkNmUtODI0Ny00NDhmLWEzNTgtNTQ3M2VlMWRhYTli LzEvMkNzb1J2Q1R2SlFXQkJ2bWlpeDRNV0hyQk44LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAnkIwDQYJ KoZIhvcNAQELBQADggEBAFBSlhVXlLNQONRASbIMxL4hWXIbkBnMAdOSn+e4y6Xi AECk7JUrSweG5bbxydpWfUBwL7ZtbPDMlmWVLkB1zSgDK6PEexlLNSEnEfN0fU3Y eZdA0psYnpOshQRisRk+kNeIsZaQN6Uf7HLZCRkEnC7Qz68Ijl+UwWh8BpD5qyCU nFRSAhP09rKMQ0rEMv/Af5s27LwyyIzj26wQvFrwhGp77L5KktlM7oMhBvs6dBTD yfKJ4JJ4Yu9SAOcw4rb9Oo408TZMqzxuyiW7w9bIBuBGMvqqkJ1Wo68RqJZmoAg9 PH2MWRMmYq1nvvBl7AUXF/xP5VlvOLWpwHXDKE5ImJs= -----END CERTIFICATE-----Generated at Mon Feb 9 18:30:16 2026 by rpki-client