This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/5260d0-1855-4f30-b8ef-7c998079a6a9/1/a_XjHLHQF6uE4SSOtjsOa8f4-2Q.roa File: a_XjHLHQF6uE4SSOtjsOa8f4-2Q.roa (raw, json) Hash identifier: m3nX1Uyzi87lTewY/HPBoiE0m8iVkIMnK/iQX/3hwYc= Subject key identifier: 6B:F5:E3:1C:B1:D0:17:AB:84:E1:24:8E:B6:3B:0E:6B:C7:F8:FB:64 Certificate issuer: /CN=5cfe3881f3c44774f51cc75ee7e6f91c5565a606 Certificate serial: 019B7E38600E8CB89827E5E7628245EC8F58 Authority key identifier: 5C:FE:38:81:F3:C4:47:74:F5:1C:C7:5E:E7:E6:F9:1C:55:65:A6:06 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XP44gfPER3T1HMde5-b5HFVlpgY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/5260d0-1855-4f30-b8ef-7c998079a6a9/1/a_XjHLHQF6uE4SSOtjsOa8f4-2Q.roa Signing time: Fri 02 Jan 2026 10:19:42 +0000 ROA not before: Fri 02 Jan 2026 10:19:42 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 14618 IP address blocks: 185.133.68.0/22 maxlen: 24 185.153.56.0/22 maxlen: 24 193.104.32.0/24 maxlen: 24 2a05:2440::/29 maxlen: 48 2a07:8880::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/5260d0-1855-4f30-b8ef-7c998079a6a9/1/XP44gfPER3T1HMde5-b5HFVlpgY.crl rsync://rpki.ripe.net/repository/DEFAULT/d5/5260d0-1855-4f30-b8ef-7c998079a6a9/1/XP44gfPER3T1HMde5-b5HFVlpgY.mft rsync://rpki.ripe.net/repository/DEFAULT/XP44gfPER3T1HMde5-b5HFVlpgY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 10 Jan 2026 12:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:38:60:0e:8c:b8:98:27:e5:e7:62:82:45:ec:8f:58 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5cfe3881f3c44774f51cc75ee7e6f91c5565a606 Validity Not Before: Jan 2 10:19:42 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=6bf5e31cb1d017ab84e1248eb63b0e6bc7f8fb64 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:b4:25:69:67:d5:39:ac:cd:d0:3d:37:b4:af: ef:66:dd:38:84:82:2d:ff:8f:98:9f:17:9e:7d:17: fe:34:a0:18:f1:f1:41:9e:55:6e:93:a3:c6:4b:ce: 9f:da:d4:d1:c9:6f:fc:24:97:68:6f:ef:58:21:ba: eb:2a:ad:ed:c8:06:2e:40:33:60:fc:00:e0:4e:9b: 54:75:77:75:e6:9b:79:f7:d8:2d:44:21:80:b1:17: a5:b1:68:f3:16:be:ed:12:9c:04:e0:89:bc:4a:d8: d4:cf:6f:3d:05:38:f2:5b:21:96:77:dd:ce:29:fa: d0:3b:96:2d:c9:21:ec:28:4d:eb:e6:af:45:3c:bf: e4:2a:5e:9e:a3:c1:e9:35:70:d7:a1:83:f7:36:4e: 88:74:2c:66:fc:39:7a:8f:fa:7b:b8:d1:76:36:f8: 8a:9e:f5:7d:43:07:9d:75:1f:38:48:4d:a5:17:73: ac:25:10:67:08:57:02:f2:60:3f:9a:8d:4e:8b:54: 59:ab:21:8b:a1:e7:34:7a:93:99:c9:c1:80:b3:2c: 68:67:13:a4:07:9a:19:d6:3e:97:d5:76:e3:2a:5a: dd:81:d8:6d:d4:1b:f0:1b:90:f7:41:56:d8:47:dc: 38:ed:49:70:95:ac:7a:d3:47:cb:18:e1:64:d8:6a: 02:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6B:F5:E3:1C:B1:D0:17:AB:84:E1:24:8E:B6:3B:0E:6B:C7:F8:FB:64 X509v3 Authority Key Identifier: keyid:5C:FE:38:81:F3:C4:47:74:F5:1C:C7:5E:E7:E6:F9:1C:55:65:A6:06 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XP44gfPER3T1HMde5-b5HFVlpgY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/5260d0-1855-4f30-b8ef-7c998079a6a9/1/a_XjHLHQF6uE4SSOtjsOa8f4-2Q.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/5260d0-1855-4f30-b8ef-7c998079a6a9/1/XP44gfPER3T1HMde5-b5HFVlpgY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.133.68.0/22 185.153.56.0/22 193.104.32.0/24 IPv6: 2a05:2440::/29 2a07:8880::/29 Signature Algorithm: sha256WithRSAEncryption a3:9d:68:1f:4c:93:2d:c2:74:d0:4b:be:31:7e:77:59:c5:ef: 4b:9f:9a:1a:cf:c2:d2:3e:12:0b:1f:49:a3:2b:2d:09:a7:2a: 21:74:d5:74:78:bc:10:fa:8a:6c:8d:54:6f:73:15:2d:da:d5: fb:a3:17:7c:ff:e7:04:cf:0a:d5:c7:fb:72:46:b3:39:8b:ff: e6:d9:79:94:fd:d1:86:a0:cc:ae:51:6c:d9:25:db:73:c5:13: d6:6e:01:14:d8:75:e3:ff:ba:2f:1b:fa:bf:c6:df:e4:85:2d: 8b:89:08:ab:39:20:a9:64:a2:8e:3e:ae:19:a6:02:be:df:74: 45:fb:6f:38:63:7d:c9:05:0e:da:0f:ee:21:b9:07:7d:4c:4e: 00:ce:b9:23:98:cf:9f:3e:45:fe:3a:7a:41:4c:f8:7f:6d:ea: 54:0b:e3:8b:9f:8b:43:68:b4:ec:54:0d:e7:73:07:b9:80:ae: 02:9b:d7:d8:48:c6:88:cb:c5:e5:4c:46:18:f0:14:12:5d:0f: 21:65:56:1e:56:b2:09:5d:39:23:e5:5d:02:2d:49:1d:9c:fe: 21:e2:b2:fd:30:2e:72:30:a3:33:c2:4c:93:e4:f9:70:b2:37: 1c:16:7a:09:b5:a3:7b:e4:ad:59:94:22:60:8b:02:c7:9a:d1: 4e:38:0f:56 -----BEGIN CERTIFICATE----- MIIFHzCCBAegAwIBAgISAZt+OGAOjLiYJ+XnYoJF7I9YMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVjZmUzODgxZjNjNDQ3NzRmNTFjYzc1ZWU3ZTZmOTFjNTU2 NWE2MDYwHhcNMjYwMTAyMTAxOTQyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2YmY1ZTMxY2IxZDAxN2FiODRlMTI0OGViNjNiMGU2YmM3ZjhmYjY0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzrQlaWfVOazN0D03tK/vZt04hIIt /4+YnxeefRf+NKAY8fFBnlVuk6PGS86f2tTRyW/8JJdob+9YIbrrKq3tyAYuQDNg /ADgTptUdXd15pt599gtRCGAsRelsWjzFr7tEpwE4Im8StjUz289BTjyWyGWd93O KfrQO5YtySHsKE3r5q9FPL/kKl6eo8HpNXDXoYP3Nk6IdCxm/Dl6j/p7uNF2NviK nvV9QweddR84SE2lF3OsJRBnCFcC8mA/mo1Oi1RZqyGLoec0epOZycGAsyxoZxOk B5oZ1j6X1XbjKlrdgdht1BvwG5D3QVbYR9w47Ulwlax600fLGOFk2GoCawIDAQAB o4ICKzCCAicwHQYDVR0OBBYEFGv14xyx0BerhOEkjrY7DmvH+PtkMB8GA1UdIwQY MBaAFFz+OIHzxEd09RzHXufm+RxVZaYGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWFA0NGdmUEVSM1QxSE1kZTUtYjVIRlZscGdZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS81MjYwZDAtMTg1NS00ZjMwLWI4ZWYt N2M5OTgwNzlhNmE5LzEvYV9YakhMSFFGNnVFNFNTT3Rqc09hOGY0LTJRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kNS81MjYwZDAtMTg1NS00ZjMwLWI4ZWYtN2M5OTgwNzlhNmE5 LzEvWFA0NGdmUEVSM1QxSE1kZTUtYjVIRlZscGdZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQCuYVEAwQC uZk4AwQAwWggMBQEAgACMA4DBQMqBSRAAwUDKgeIgDANBgkqhkiG9w0BAQsFAAOC AQEAo51oH0yTLcJ00Eu+MX53WcXvS5+aGs/C0j4SCx9JoystCacqIXTVdHi8EPqK bI1Ub3MVLdrV+6MXfP/nBM8K1cf7ckazOYv/5tl5lP3RhqDMrlFs2SXbc8UT1m4B FNh14/+6Lxv6v8bf5IUti4kIqzkgqWSijj6uGaYCvt90RftvOGN9yQUO2g/uIbkH fUxOAM65I5jPnz5F/jp6QUz4f23qVAvji5+LQ2i07FQN53MHuYCuApvX2EjGiMvF 5UxGGPAUEl0PIWVWHlayCV05I+VdAi1JHZz+IeKy/TAucjCjM8JMk+T5cLI3HBZ6 CbWje+StWZQiYIsCx5rRTjgPVg== -----END CERTIFICATE-----Generated at Fri Jan 9 17:04:37 2026 by rpki-client