This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/47a54a-637c-4486-b12c-7db9dfbc4ae9/1/XKi2BlHneg8Maj6fOXu_OR3e41k.roa File: XKi2BlHneg8Maj6fOXu_OR3e41k.roa (raw, json) Hash identifier: WCQe6/yJBNE4CdbDW2e1jgFjAOf+lrnuYR4ptmdnrnU= Subject key identifier: 5C:A8:B6:06:51:E7:7A:0F:0C:6A:3E:9F:39:7B:BF:39:1D:DE:E3:59 Certificate issuer: /CN=d9ee5a4c9f30498680e4d7b59ddb08f82bc6f4c7 Certificate serial: 019B7AC923EF76F6237A3B4AEA8FC3F5BC27 Authority key identifier: D9:EE:5A:4C:9F:30:49:86:80:E4:D7:B5:9D:DB:08:F8:2B:C6:F4:C7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2e5aTJ8wSYaA5Ne1ndsI-CvG9Mc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/47a54a-637c-4486-b12c-7db9dfbc4ae9/1/XKi2BlHneg8Maj6fOXu_OR3e41k.roa Signing time: Thu 01 Jan 2026 18:19:20 +0000 ROA not before: Thu 01 Jan 2026 18:19:20 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 209216 IP address blocks: 2.56.76.0/22 maxlen: 22 2a09:d0c0::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/47a54a-637c-4486-b12c-7db9dfbc4ae9/1/2e5aTJ8wSYaA5Ne1ndsI-CvG9Mc.crl rsync://rpki.ripe.net/repository/DEFAULT/bf/47a54a-637c-4486-b12c-7db9dfbc4ae9/1/2e5aTJ8wSYaA5Ne1ndsI-CvG9Mc.mft rsync://rpki.ripe.net/repository/DEFAULT/2e5aTJ8wSYaA5Ne1ndsI-CvG9Mc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 18:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:c9:23:ef:76:f6:23:7a:3b:4a:ea:8f:c3:f5:bc:27 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d9ee5a4c9f30498680e4d7b59ddb08f82bc6f4c7 Validity Not Before: Jan 1 18:19:20 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5ca8b60651e77a0f0c6a3e9f397bbf391ddee359 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:45:0e:38:62:41:d9:d7:9a:de:a0:bc:64:0f: a0:2a:8d:0b:dd:ba:67:38:52:58:79:6b:38:cf:ef: 61:cf:e6:9a:4c:d5:3c:5d:72:82:50:b2:4a:3c:e8: fc:ab:e1:42:d0:51:1c:c9:19:bd:bd:ce:4e:02:45: 61:e0:1f:e3:7c:7c:f4:4c:c7:68:9d:fe:68:61:f4: a8:72:8c:2c:4d:e5:ac:3c:c1:4d:37:d8:57:8c:66: 85:a1:08:97:f7:ae:eb:b1:87:a7:92:c9:bc:ed:20: b0:ba:b7:37:89:66:1b:8b:e5:3b:9d:6c:c8:74:22: 47:71:dd:59:a5:9f:d4:41:c9:85:38:72:a9:d0:d2: e6:c1:99:a3:1c:c0:2a:36:e6:7a:28:fc:04:eb:23: 44:80:a1:48:a7:0b:30:ad:e7:b9:81:a9:6f:59:82: 57:0d:8f:d9:c9:a0:1b:0e:1e:20:4a:7c:95:2e:cd: b0:f0:be:62:e2:ef:f6:05:f9:23:51:62:fc:cc:f7: f3:95:cf:e1:02:e4:ff:9e:d5:dc:0d:2c:68:e3:ad: 25:8b:54:ed:58:0c:60:2f:85:82:9f:4f:36:9a:0c: ad:45:63:14:56:46:a2:e6:e5:84:80:aa:3b:e2:89: 1d:6e:f7:5a:06:61:f8:7c:12:fa:3e:c9:24:79:c2: 28:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5C:A8:B6:06:51:E7:7A:0F:0C:6A:3E:9F:39:7B:BF:39:1D:DE:E3:59 X509v3 Authority Key Identifier: keyid:D9:EE:5A:4C:9F:30:49:86:80:E4:D7:B5:9D:DB:08:F8:2B:C6:F4:C7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e5aTJ8wSYaA5Ne1ndsI-CvG9Mc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/47a54a-637c-4486-b12c-7db9dfbc4ae9/1/XKi2BlHneg8Maj6fOXu_OR3e41k.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/47a54a-637c-4486-b12c-7db9dfbc4ae9/1/2e5aTJ8wSYaA5Ne1ndsI-CvG9Mc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 2.56.76.0/22 IPv6: 2a09:d0c0::/29 Signature Algorithm: sha256WithRSAEncryption 29:f6:cd:67:1b:5b:f3:7d:0f:db:a0:af:68:ab:ab:a3:60:c4: 7e:49:32:fe:1b:c6:15:5b:46:d6:b0:27:b1:22:df:e4:a8:cb: 19:64:49:81:d9:fb:95:f6:65:f6:c9:4c:c9:7c:09:cf:8c:8a: 7d:6a:96:02:f2:4e:88:e3:8e:ba:77:16:37:db:c8:4e:05:e8: ab:0a:1e:9b:9f:3b:c7:97:4c:b6:01:d3:7b:a8:25:6a:69:66: 76:0b:cf:fd:86:a3:63:2d:e5:d4:08:ec:00:22:76:2c:57:a9: e4:11:13:57:c7:46:3f:4b:bc:44:7f:a9:fc:5b:87:6d:3e:43: f0:04:68:d6:b2:dd:92:49:db:71:56:cb:d5:53:1b:f3:b4:20: 5d:c2:2a:23:96:f1:65:1d:56:09:87:97:07:11:52:d8:2c:73: 9d:2c:90:93:36:aa:b7:8e:9c:9c:b0:ec:cd:3c:05:9b:29:c6: c0:8b:c3:93:7c:cf:87:3f:ec:f1:01:fb:60:10:7c:7f:b8:0e: bc:d9:3e:89:06:df:97:f7:36:4b:8e:d0:04:01:5f:84:be:4f: 33:43:d9:6f:22:e6:f6:a7:f2:e6:10:95:52:c1:72:3f:15:fe: 60:5f:ed:8b:e4:ee:7d:70:99:1e:81:95:c7:c9:17:10:a0:c8: 9c:19:7b:fa -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt6ySPvdvYjejtK6o/D9bwnMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ5ZWU1YTRjOWYzMDQ5ODY4MGU0ZDdiNTlkZGIwOGY4MmJj NmY0YzcwHhcNMjYwMTAxMTgxOTIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1Y2E4YjYwNjUxZTc3YTBmMGM2YTNlOWYzOTdiYmYzOTFkZGVlMzU5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5kUOOGJB2dea3qC8ZA+gKo0L3bpn OFJYeWs4z+9hz+aaTNU8XXKCULJKPOj8q+FC0FEcyRm9vc5OAkVh4B/jfHz0TMdo nf5oYfSocowsTeWsPMFNN9hXjGaFoQiX967rsYenksm87SCwurc3iWYbi+U7nWzI dCJHcd1ZpZ/UQcmFOHKp0NLmwZmjHMAqNuZ6KPwE6yNEgKFIpwswree5galvWYJX DY/ZyaAbDh4gSnyVLs2w8L5i4u/2BfkjUWL8zPfzlc/hAuT/ntXcDSxo460li1Tt WAxgL4WCn082mgytRWMUVkai5uWEgKo74okdbvdaBmH4fBL6PskkecIoqQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFFyotgZR53oPDGo+nzl7vzkd3uNZMB8GA1UdIwQY MBaAFNnuWkyfMEmGgOTXtZ3bCPgrxvTHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMmU1YVRKOHdTWWFBNU5lMW5kc0ktQ3ZHOU1jLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi80N2E1NGEtNjM3Yy00NDg2LWIxMmMt N2RiOWRmYmM0YWU5LzEvWEtpMkJsSG5lZzhNYWo2Zk9YdV9PUjNlNDFrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iZi80N2E1NGEtNjM3Yy00NDg2LWIxMmMtN2RiOWRmYmM0YWU5 LzEvMmU1YVRKOHdTWWFBNU5lMW5kc0ktQ3ZHOU1jLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCAjhMMA0E AgACMAcDBQMqCdDAMA0GCSqGSIb3DQEBCwUAA4IBAQAp9s1nG1vzfQ/boK9oq6uj YMR+STL+G8YVW0bWsCexIt/kqMsZZEmB2fuV9mX2yUzJfAnPjIp9apYC8k6I4466 dxY328hOBeirCh6bnzvHl0y2AdN7qCVqaWZ2C8/9hqNjLeXUCOwAInYsV6nkERNX x0Y/S7xEf6n8W4dtPkPwBGjWst2SSdtxVsvVUxvztCBdwiojlvFlHVYJh5cHEVLY LHOdLJCTNqq3jpycsOzNPAWbKcbAi8OTfM+HP+zxAftgEHx/uA682T6JBt+X9zZL jtAEAV+Evk8zQ9lvIub2p/LmEJVSwXI/Ff5gX+2L5O59cJkegZXHyRcQoMicGXv6 -----END CERTIFICATE-----Generated at Mon Jan 19 23:21:43 2026 by rpki-client