This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/XjK7K5pFc5s0i0Yj9WRzq3s6Q_s.roa File: XjK7K5pFc5s0i0Yj9WRzq3s6Q_s.roa (raw, json) Hash identifier: Aog9/K0L6bQI83BA2JvjqEnZuwWaCymXvS47tzQ05B0= Subject key identifier: 5E:32:BB:2B:9A:45:73:9B:34:8B:46:23:F5:64:73:AB:7B:3A:43:FB Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe Certificate serial: 019B78A2D3FE2925A87C30F086B6A9D77539 Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/XjK7K5pFc5s0i0Yj9WRzq3s6Q_s.roa Signing time: Thu 01 Jan 2026 08:18:15 +0000 ROA not before: Thu 01 Jan 2026 08:18:15 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 398465 IP address blocks: 81.22.138.0/24 maxlen: 24 89.185.0.0/24 maxlen: 24 109.72.123.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.mft rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 09 Jan 2026 00:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a2:d3:fe:29:25:a8:7c:30:f0:86:b6:a9:d7:75:39 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe Validity Not Before: Jan 1 08:18:15 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5e32bb2b9a45739b348b4623f56473ab7b3a43fb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:a7:3c:d7:f3:56:57:5c:19:99:6b:d7:94:db: f9:9a:e0:97:9d:fc:ff:d3:ec:9d:e6:4e:8f:2c:01: a2:7c:13:b2:70:51:0b:f1:96:0b:7f:76:1d:9e:ac: 77:d6:ee:e4:a0:c6:02:96:db:44:e7:e3:91:e4:ac: 5e:19:06:ff:07:b3:00:f5:17:93:ab:f0:30:3b:dc: 35:db:e5:5b:bb:83:7b:61:03:93:51:1a:d1:7d:e4: ea:85:87:ff:cf:98:eb:7c:2e:d3:84:67:9c:31:40: 56:d6:32:6d:c2:a4:01:7b:4f:ca:3b:0d:60:87:d4: 7d:65:3f:65:f0:b1:a2:e4:fa:9a:c5:1a:a3:45:d8: 01:85:8d:80:34:cb:56:cc:ab:f5:fd:da:4b:da:a3: 51:d3:22:da:e7:55:1c:cf:79:b6:20:58:0a:04:81: bd:92:6c:e1:a7:cc:78:d1:cd:50:8c:36:8b:dc:6b: 69:04:fc:fc:34:9a:27:96:e7:d7:64:d9:3e:dd:df: ab:62:c2:bf:cd:9e:43:89:0f:ae:85:8f:c8:03:d0: 64:e6:f9:cd:5b:0b:a8:5f:9e:29:0e:f0:70:6c:2d: 02:57:74:66:3e:51:83:8e:5f:ff:68:c5:ce:25:ea: 2e:45:ee:ea:cb:e4:2e:27:bb:db:11:ca:91:d5:3a: 86:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5E:32:BB:2B:9A:45:73:9B:34:8B:46:23:F5:64:73:AB:7B:3A:43:FB X509v3 Authority Key Identifier: keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/XjK7K5pFc5s0i0Yj9WRzq3s6Q_s.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 81.22.138.0/24 89.185.0.0/24 109.72.123.0/24 Signature Algorithm: sha256WithRSAEncryption 83:6b:cf:63:56:ec:86:16:16:fe:4a:1f:0e:8a:ac:b4:84:27: e7:02:6c:a4:13:a9:69:61:32:10:a0:ab:3c:c4:5a:61:d5:b9: 08:3a:d4:f6:66:0c:3f:3a:06:43:25:55:00:76:42:d8:86:0a: 0b:83:cc:28:b2:65:51:1b:89:41:01:cb:a1:b6:90:6f:19:fa: d7:28:a6:c7:c7:58:1a:ba:2a:41:b6:f4:e0:ca:54:1b:cf:67: 65:8b:40:c7:ac:60:b9:72:5d:9a:76:a6:90:85:6d:5e:60:05: 45:1b:9c:69:2a:27:9c:c5:ba:74:88:71:db:2b:68:f9:63:62: fd:1f:75:9a:fa:74:92:ac:90:b2:7a:bb:f9:04:1b:63:07:f0: 3b:26:a7:b9:a5:89:fa:e5:d3:51:2f:2d:47:0d:69:02:82:2e: 71:97:27:aa:51:9f:f1:99:46:df:65:fa:91:e0:61:32:71:a3: 2b:d2:f4:f9:8d:66:9c:b7:45:6b:43:1f:95:b2:83:b9:2c:43: c6:18:b6:d3:26:cd:38:da:97:53:d8:13:fc:c0:c4:b8:d7:be: de:9f:85:2b:80:3a:d1:d4:a7:6b:ed:db:7b:72:31:c6:e3:da: e5:82:71:79:ec:8d:dc:64:1c:4d:9a:4c:91:ac:ad:6e:07:9a: 07:08:4c:7f -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt4otP+KSWofDDwhrap13U5MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk OGRhYmUwHhcNMjYwMTAxMDgxODE1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1ZTMyYmIyYjlhNDU3MzliMzQ4YjQ2MjNmNTY0NzNhYjdiM2E0M2ZiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxqc81/NWV1wZmWvXlNv5muCXnfz/ 0+yd5k6PLAGifBOycFEL8ZYLf3Ydnqx31u7koMYClttE5+OR5KxeGQb/B7MA9ReT q/AwO9w12+Vbu4N7YQOTURrRfeTqhYf/z5jrfC7ThGecMUBW1jJtwqQBe0/KOw1g h9R9ZT9l8LGi5PqaxRqjRdgBhY2ANMtWzKv1/dpL2qNR0yLa51Ucz3m2IFgKBIG9 kmzhp8x40c1QjDaL3GtpBPz8NJonlufXZNk+3d+rYsK/zZ5DiQ+uhY/IA9Bk5vnN WwuoX54pDvBwbC0CV3RmPlGDjl//aMXOJeouRe7qy+QuJ7vbEcqR1TqGNwIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFF4yuyuaRXObNItGI/Vkc6t7OkP7MB8GA1UdIwQY MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt ODJhZDE0NTU1ZWFhLzEvWGpLN0s1cEZjNXMwaTBZajlXUnpxM3M2UV9zLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAURaKAwQA WbkAAwQAbUh7MA0GCSqGSIb3DQEBCwUAA4IBAQCDa89jVuyGFhb+Sh8Oiqy0hCfn AmykE6lpYTIQoKs8xFph1bkIOtT2Zgw/OgZDJVUAdkLYhgoLg8wosmVRG4lBAcuh tpBvGfrXKKbHx1gauipBtvTgylQbz2dli0DHrGC5cl2adqaQhW1eYAVFG5xpKiec xbp0iHHbK2j5Y2L9H3Wa+nSSrJCyerv5BBtjB/A7Jqe5pYn65dNRLy1HDWkCgi5x lyeqUZ/xmUbfZfqR4GEycaMr0vT5jWact0VrQx+VsoO5LEPGGLbTJs042pdT2BP8 wMS4177en4UrgDrR1Kdr7dt7cjHG49rlgnF57I3cZBxNmkyRrK1uB5oHCEx/ -----END CERTIFICATE-----Generated at Thu Jan 8 09:24:01 2026 by rpki-client