This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/xcfdLGMwx73rBrDSPhMoi1zff7E.roa File: xcfdLGMwx73rBrDSPhMoi1zff7E.roa (raw, json) Hash identifier: TfS9qHi0yMcUxCZA9A/YoEU+5Wx9ewWvK31z5A1/myQ= Subject key identifier: C5:C7:DD:2C:63:30:C7:BD:EB:06:B0:D2:3E:13:28:8B:5C:DF:7F:B1 Certificate issuer: /CN=7c3d022a240ce71e0a6e1e9aae0112da840cc34b Certificate serial: 019B7A5B044A8DC44FB38619C8926E8944FB Authority key identifier: 7C:3D:02:2A:24:0C:E7:1E:0A:6E:1E:9A:AE:01:12:DA:84:0C:C3:4B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/xcfdLGMwx73rBrDSPhMoi1zff7E.roa Signing time: Thu 01 Jan 2026 16:19:03 +0000 ROA not before: Thu 01 Jan 2026 16:19:03 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 35372 IP address blocks: 45.11.184.0/24 maxlen: 24 185.136.135.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.crl rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.mft rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 06 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5b:04:4a:8d:c4:4f:b3:86:19:c8:92:6e:89:44:fb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7c3d022a240ce71e0a6e1e9aae0112da840cc34b Validity Not Before: Jan 1 16:19:03 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=c5c7dd2c6330c7bdeb06b0d23e13288b5cdf7fb1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:d5:5a:76:3d:d0:64:fb:9c:bf:4e:1d:15:8b: 43:f9:dd:36:9c:27:28:44:6a:13:45:98:91:84:88: 7c:37:f3:c6:f2:27:03:15:cc:78:82:f4:d7:be:78: 75:bd:98:38:7e:8c:77:a1:10:39:a7:2a:f3:37:08: 23:29:c8:8c:00:97:7c:c8:a8:be:db:02:40:20:2f: f7:2e:f9:66:2a:e7:f6:cc:fb:3d:3d:e8:6d:9b:ef: a2:22:dd:f1:dc:2e:8a:69:f4:84:12:e4:1a:bc:04: 0f:6a:37:18:ef:ad:16:b2:b4:da:bf:df:c5:75:1e: 94:f8:07:fd:31:c3:15:bc:7e:4a:11:00:3d:50:cf: 52:83:46:6b:75:a3:df:2b:a0:10:2d:4e:c4:51:08: 3a:18:70:26:f4:93:f3:ef:d7:41:b7:3e:ad:6d:8a: e3:f7:31:67:a2:df:e7:74:bb:0c:8a:82:79:bc:de: 68:1e:33:e8:01:e5:a2:28:5b:8d:22:79:32:d4:00: 3b:e4:c1:78:22:16:ec:dc:d8:72:c8:b8:73:aa:79: b5:1b:51:0a:cd:93:b0:41:3f:2a:df:08:c4:38:9b: 74:83:86:45:58:37:0b:61:63:f1:09:0b:a0:85:c8: d2:0c:da:12:f0:94:dd:17:59:d9:fd:08:a5:dc:7e: 8b:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C5:C7:DD:2C:63:30:C7:BD:EB:06:B0:D2:3E:13:28:8B:5C:DF:7F:B1 X509v3 Authority Key Identifier: keyid:7C:3D:02:2A:24:0C:E7:1E:0A:6E:1E:9A:AE:01:12:DA:84:0C:C3:4B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/xcfdLGMwx73rBrDSPhMoi1zff7E.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.11.184.0/24 185.136.135.0/24 Signature Algorithm: sha256WithRSAEncryption a3:9a:0c:40:59:b1:80:57:f5:c2:60:e9:95:5e:44:a2:53:1d: 43:d1:21:54:97:f1:b2:4a:92:b7:ea:95:0f:4e:55:46:35:12: 80:06:0a:3a:1f:e1:e8:da:ab:ab:3b:6e:83:33:ca:8a:d3:c1: f0:d7:c5:7a:0c:23:ea:49:8e:b1:01:3a:46:a1:f3:d1:97:71: 57:3a:18:6c:e8:34:f5:eb:58:de:d3:52:3f:bd:f7:70:67:bd: 52:78:2b:b4:17:53:ed:e6:1d:fc:3b:a6:59:3b:d0:b5:d6:6d: a7:86:6c:ac:0a:c9:2c:ee:47:f8:11:a6:8f:33:21:4a:91:68: 02:fa:91:26:7b:91:6a:fc:f1:1c:9b:b3:ed:74:37:a3:d5:84: 62:54:dd:cd:64:21:1c:6c:7d:be:a9:5b:6a:bd:fb:2e:fc:5e: 88:1d:e9:de:4d:4e:9a:f1:df:d0:c9:7a:95:33:aa:40:b4:36: 68:d9:c4:05:e5:27:93:41:e4:f7:17:57:11:ba:80:a5:29:16: ce:19:6d:e1:23:94:e2:b4:29:05:a3:be:9f:33:91:6e:9d:9f: a2:d0:b8:1f:3e:78:f6:68:c5:62:9d:52:d4:51:55:74:c7:d0: 63:74:36:8e:86:ce:ae:04:d0:92:f0:f9:3d:24:b6:61:54:54: bb:13:1c:37 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt6WwRKjcRPs4YZyJJuiUT7MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDdjM2QwMjJhMjQwY2U3MWUwYTZlMWU5YWFlMDExMmRhODQw Y2MzNGIwHhcNMjYwMTAxMTYxOTAzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjNWM3ZGQyYzYzMzBjN2JkZWIwNmIwZDIzZTEzMjg4YjVjZGY3ZmIxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1dVadj3QZPucv04dFYtD+d02nCco RGoTRZiRhIh8N/PG8icDFcx4gvTXvnh1vZg4fox3oRA5pyrzNwgjKciMAJd8yKi+ 2wJAIC/3LvlmKuf2zPs9Pehtm++iIt3x3C6KafSEEuQavAQPajcY760WsrTav9/F dR6U+Af9McMVvH5KEQA9UM9Sg0ZrdaPfK6AQLU7EUQg6GHAm9JPz79dBtz6tbYrj 9zFnot/ndLsMioJ5vN5oHjPoAeWiKFuNInky1AA75MF4Ihbs3NhyyLhzqnm1G1EK zZOwQT8q3wjEOJt0g4ZFWDcLYWPxCQughcjSDNoS8JTdF1nZ/Qil3H6LYQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFMXH3SxjMMe96waw0j4TKItc33+xMB8GA1UdIwQY MBaAFHw9AiokDOceCm4emq4BEtqEDMNLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZkQwQ0tpUU01eDRLYmg2YXJnRVMyb1FNdzBzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9mZDM2MmYtYWZjYi00Y2Y1LTk4YzYt MDk0ODk4OWU2ZDU1LzEveGNmZExHTXd4NzNyQnJEU1BoTW9pMXpmZjdFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jZi9mZDM2MmYtYWZjYi00Y2Y1LTk4YzYtMDk0ODk4OWU2ZDU1 LzEvZkQwQ0tpUU01eDRLYmg2YXJnRVMyb1FNdzBzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALQu4AwQA uYiHMA0GCSqGSIb3DQEBCwUAA4IBAQCjmgxAWbGAV/XCYOmVXkSiUx1D0SFUl/Gy SpK36pUPTlVGNRKABgo6H+Ho2qurO26DM8qK08Hw18V6DCPqSY6xATpGofPRl3FX Ohhs6DT161je01I/vfdwZ71SeCu0F1Pt5h38O6ZZO9C11m2nhmysCsks7kf4EaaP MyFKkWgC+pEme5Fq/PEcm7PtdDej1YRiVN3NZCEcbH2+qVtqvfsu/F6IHeneTU6a 8d/QyXqVM6pAtDZo2cQF5SeTQeT3F1cRuoClKRbOGW3hI5TitCkFo76fM5FunZ+i 0LgfPnj2aMVinVLUUVV0x9BjdDaOhs6uBNCS8Pk9JLZhVFS7Exw3 -----END CERTIFICATE-----Generated at Mon Jan 5 13:05:20 2026 by rpki-client