This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/XlqrEpEDd-V2ru844aeMRJ8GBMU.roa File: XlqrEpEDd-V2ru844aeMRJ8GBMU.roa (raw, json) Hash identifier: tY6CgCR4ry+bHbuY9qBQqqV0zI0v9xves6fUNIbqjc4= Subject key identifier: 5E:5A:AB:12:91:03:77:E5:76:AE:EF:38:E1:A7:8C:44:9F:06:04:C5 Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf Certificate serial: 019B7C13754E52A71D12DAF0FF7C837B073B Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/XlqrEpEDd-V2ru844aeMRJ8GBMU.roa Signing time: Fri 02 Jan 2026 00:20:08 +0000 ROA not before: Fri 02 Jan 2026 00:20:08 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 60458 IP address blocks: 185.248.200.0/22 maxlen: 22 185.254.159.0/24 maxlen: 24 193.17.181.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.mft rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 19:40:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:13:75:4e:52:a7:1d:12:da:f0:ff:7c:83:7b:07:3b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf Validity Not Before: Jan 2 00:20:08 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5e5aab12910377e576aeef38e1a78c449f0604c5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:3b:6b:01:e8:66:94:5f:ff:5b:7c:29:69:4f: fa:a5:d7:86:d9:77:24:ff:98:44:d5:c1:57:f9:e3: 61:32:c1:95:d5:33:b3:07:7f:17:6b:00:18:37:6c: 19:53:cc:33:a0:1f:aa:8b:df:cd:c8:ab:f3:7e:95: de:44:6b:b4:e6:5c:97:ad:8c:c6:aa:d0:f6:bb:e1: 46:f6:e8:5f:7e:42:2d:ae:d3:f4:4c:e5:b2:8e:e4: cf:34:23:9e:be:0d:93:b1:38:b6:45:59:59:d9:02: 63:e0:10:f0:5e:fb:2a:5c:cd:c0:db:46:b6:bb:f1: 4e:08:8f:81:cf:07:b8:ac:09:35:8d:e1:cb:f7:2e: ae:80:76:0e:5f:04:2f:2a:42:42:04:e2:11:20:8f: 64:6a:41:f8:41:f9:18:79:fc:8f:ac:db:5b:8b:2b: 8f:c4:56:46:ca:ff:e6:21:1f:fd:c6:ea:80:e7:25: 6c:e2:d4:21:02:28:ca:71:8b:c3:ec:d8:cf:ef:35: d0:b7:fb:a4:fa:3a:f2:f2:07:7e:f7:15:44:fc:d9: 04:ae:e0:ff:0e:2f:78:fc:a3:10:e5:2d:28:6e:7f: 30:fa:dd:55:1b:4b:07:d1:05:ff:5d:47:a9:7b:20: 4f:41:e5:28:0f:9e:48:cb:86:83:75:ab:1e:8e:26: 4a:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5E:5A:AB:12:91:03:77:E5:76:AE:EF:38:E1:A7:8C:44:9F:06:04:C5 X509v3 Authority Key Identifier: keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/XlqrEpEDd-V2ru844aeMRJ8GBMU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.248.200.0/22 185.254.159.0/24 193.17.181.0/24 Signature Algorithm: sha256WithRSAEncryption b9:1e:fa:cb:ba:54:f2:76:fe:d2:af:d7:85:2f:43:fe:3c:76: e5:e3:40:62:40:25:62:e4:46:8d:6b:61:0f:ae:ce:6d:44:d5: 20:6a:f3:43:3e:f4:ef:ba:db:ff:12:50:40:33:fb:9f:17:d7: 25:f5:ec:e3:76:65:80:91:5a:8f:f3:01:d9:24:4b:06:a5:b8: 6c:9a:e7:02:f8:34:52:ea:e1:ad:4e:f7:f0:ed:d7:11:e8:41: 6f:d2:d4:85:44:55:2d:45:82:1e:da:a6:05:8b:28:3c:d9:7f: cd:86:ab:61:50:1a:03:55:6a:16:13:a8:b0:37:1b:21:80:70: d5:5f:a1:69:43:65:ef:1e:a9:59:b0:36:67:5a:21:ee:22:34: 9b:ca:e9:56:ca:e3:82:36:8b:dc:07:51:8a:42:b0:63:64:4f: 74:4b:18:a8:21:16:47:a6:20:34:5e:a8:29:3e:16:3e:64:cd: d3:aa:6f:30:61:8f:55:7f:83:9b:7c:e3:ac:da:44:f1:04:7c: c1:17:4a:a9:58:5e:88:00:7f:4d:7c:8c:42:93:36:fe:88:be: ef:18:f3:d2:7f:6c:e5:b9:ad:bd:bb:da:9d:62:4c:b9:4c:dd: 77:4e:4e:04:e2:cc:d4:08:57:d6:28:9a:c3:1d:11:e9:44:ac: 20:56:93:26 -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt8E3VOUqcdEtrw/3yDewc7MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx MTRjYWYwHhcNMjYwMTAyMDAyMDA4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1ZTVhYWIxMjkxMDM3N2U1NzZhZWVmMzhlMWE3OGM0NDlmMDYwNGM1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqztrAehmlF//W3wpaU/6pdeG2Xck /5hE1cFX+eNhMsGV1TOzB38XawAYN2wZU8wzoB+qi9/NyKvzfpXeRGu05lyXrYzG qtD2u+FG9uhffkItrtP0TOWyjuTPNCOevg2TsTi2RVlZ2QJj4BDwXvsqXM3A20a2 u/FOCI+Bzwe4rAk1jeHL9y6ugHYOXwQvKkJCBOIRII9kakH4QfkYefyPrNtbiyuP xFZGyv/mIR/9xuqA5yVs4tQhAijKcYvD7NjP7zXQt/uk+jry8gd+9xVE/NkEruD/ Di94/KMQ5S0obn8w+t1VG0sH0QX/XUepeyBPQeUoD55Iy4aDdasejiZK3wIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFF5aqxKRA3fldq7vOOGnjESfBgTFMB8GA1UdIwQY MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt YjQzNDJiYTkxYWJjLzEvWGxxckVwRURkLVYycnU4NDRhZU1SSjhHQk1VLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCufjIAwQA uf6fAwQAwRG1MA0GCSqGSIb3DQEBCwUAA4IBAQC5HvrLulTydv7Sr9eFL0P+PHbl 40BiQCVi5EaNa2EPrs5tRNUgavNDPvTvutv/ElBAM/ufF9cl9ezjdmWAkVqP8wHZ JEsGpbhsmucC+DRS6uGtTvfw7dcR6EFv0tSFRFUtRYIe2qYFiyg82X/NhqthUBoD VWoWE6iwNxshgHDVX6FpQ2XvHqlZsDZnWiHuIjSbyulWyuOCNovcB1GKQrBjZE90 SxioIRZHpiA0XqgpPhY+ZM3Tqm8wYY9Vf4ObfOOs2kTxBHzBF0qpWF6IAH9NfIxC kzb+iL7vGPPSf2zlua29u9qdYky5TN13Tk4E4szUCFfWKJrDHRHpRKwgVpMm -----END CERTIFICATE-----Generated at Fri Jan 2 23:53:20 2026 by rpki-client