This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/XQ7GOndqPwoipDVn5TCXgRxC7oY.roa File: XQ7GOndqPwoipDVn5TCXgRxC7oY.roa (raw, json) Hash identifier: Q+PMxKYyfZgC/fyW0VlmE7Xn9SJi8ne65oSjdGlSg4s= Subject key identifier: 5D:0E:C6:3A:77:6A:3F:0A:22:A4:35:67:E5:30:97:81:1C:42:EE:86 Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b Certificate serial: 019B78344AA448C19849A973535DAD3B7A70 Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/XQ7GOndqPwoipDVn5TCXgRxC7oY.roa Signing time: Thu 01 Jan 2026 06:17:31 +0000 ROA not before: Thu 01 Jan 2026 06:17:31 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 16509 IP address blocks: 192.36.247.0/24 maxlen: 24 192.71.84.0/24 maxlen: 24 192.71.254.0/23 maxlen: 24 192.176.43.0/24 maxlen: 24 193.182.113.0/24 maxlen: 24 193.234.120.0/22 maxlen: 24 194.103.8.0/24 maxlen: 24 2a01:280:6::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.mft rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 00:00:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:34:4a:a4:48:c1:98:49:a9:73:53:5d:ad:3b:7a:70 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b Validity Not Before: Jan 1 06:17:31 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5d0ec63a776a3f0a22a43567e53097811c42ee86 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:73:24:d3:3e:7d:ab:a9:bf:45:e8:6c:7d:0f: a5:18:d6:d3:95:5e:c2:4d:de:88:92:6d:83:60:ef: c4:dd:f4:bc:f1:68:cd:de:3b:7c:24:b6:02:07:8c: f4:eb:07:a6:05:6e:90:f6:af:e0:cc:80:da:11:a2: ae:90:55:3e:e9:04:99:05:b2:fb:f0:6c:fc:eb:0d: e0:39:9a:4f:8e:4a:ea:e7:c5:7c:97:fa:3f:5b:3a: f0:f3:f6:5f:28:78:4d:09:c5:c8:66:39:1c:46:f6: 3c:70:c9:a3:f3:f2:f4:64:60:f3:3d:c8:1b:54:dd: 3e:a4:a2:16:bb:98:87:a8:31:70:c5:7b:6b:78:56: ea:87:48:bc:63:3f:03:0a:95:ad:47:e1:dd:67:9a: 57:f2:87:b1:7c:3f:40:46:96:4f:af:fd:a2:41:b2: 7a:ed:47:b7:3e:ca:30:c4:5a:0b:1f:24:8c:f3:76: f2:46:dc:c4:2e:84:f0:db:37:c7:a7:0e:11:26:fe: 1d:70:ea:9a:b9:5b:8c:2e:55:0c:90:9a:6f:82:df: 5d:ae:0f:ca:1e:ee:ce:ab:a5:cd:50:b0:8a:18:49: 5c:a2:9f:e1:0a:0c:69:3d:c8:3b:86:13:24:35:8f: ac:ef:81:89:2f:a4:ef:34:48:3c:2d:0b:ed:57:a3: eb:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:0E:C6:3A:77:6A:3F:0A:22:A4:35:67:E5:30:97:81:1C:42:EE:86 X509v3 Authority Key Identifier: keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/XQ7GOndqPwoipDVn5TCXgRxC7oY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 192.36.247.0/24 192.71.84.0/24 192.71.254.0/23 192.176.43.0/24 193.182.113.0/24 193.234.120.0/22 194.103.8.0/24 IPv6: 2a01:280:6::/48 Signature Algorithm: sha256WithRSAEncryption 6b:ff:f2:af:6a:de:fc:90:51:64:69:73:71:e4:80:2d:fe:c1: ed:04:ac:15:a1:54:44:59:1d:58:36:ec:a1:40:fc:0a:de:4f: 16:63:9d:34:1e:35:c0:b6:90:f0:d6:c5:39:00:20:c8:a7:14: ae:c2:c6:99:1d:e6:61:f2:9e:f7:25:cc:b4:3b:b2:21:ab:a4: 41:98:b4:c4:50:b8:73:08:22:fc:df:c7:8f:f8:42:df:36:2e: b9:a3:15:f8:cf:79:37:1c:b4:74:bf:89:09:6f:46:6b:57:ce: 7a:fa:44:5f:46:ce:4b:bb:d3:74:a1:fa:30:a4:2a:28:3d:10: 2e:21:88:b0:dd:e1:23:83:a2:60:10:3f:a9:0e:e5:52:bb:ef: 1e:7a:0e:85:92:4f:b5:78:b8:19:b6:e4:e0:6b:0d:0c:59:2d: f6:4f:db:1d:e7:6e:0c:bf:e5:ba:3b:bf:66:ef:d5:25:0c:77: 53:75:3c:0a:1b:b2:c2:1b:ff:1e:13:97:77:c1:d6:63:4d:f6: 6d:b9:01:78:01:f5:5a:b3:bd:1d:a3:0a:ef:d0:b9:ab:b3:a7: 71:b0:fb:27:68:0c:26:8b:30:2c:88:43:b1:a4:06:95:c3:34: 07:f0:de:05:15:f6:e7:3e:cf:a0:b3:5a:10:9b:40:fe:14:05: 75:ef:23:0f -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgISAZt4NEqkSMGYSalzU12tO3pwMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh ZGFmMWIwHhcNMjYwMTAxMDYxNzMxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1ZDBlYzYzYTc3NmEzZjBhMjJhNDM1NjdlNTMwOTc4MTFjNDJlZTg2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr3Mk0z59q6m/RehsfQ+lGNbTlV7C Td6Ikm2DYO/E3fS88WjN3jt8JLYCB4z06wemBW6Q9q/gzIDaEaKukFU+6QSZBbL7 8Gz86w3gOZpPjkrq58V8l/o/Wzrw8/ZfKHhNCcXIZjkcRvY8cMmj8/L0ZGDzPcgb VN0+pKIWu5iHqDFwxXtreFbqh0i8Yz8DCpWtR+HdZ5pX8oexfD9ARpZPr/2iQbJ6 7Ue3PsowxFoLHySM83byRtzELoTw2zfHpw4RJv4dcOqauVuMLlUMkJpvgt9drg/K Hu7Oq6XNULCKGElcop/hCgxpPcg7hhMkNY+s74GJL6TvNEg8LQvtV6Pr6QIDAQAB o4ICPjCCAjowHQYDVR0OBBYEFF0Oxjp3aj8KIqQ1Z+Uwl4EcQu6GMB8GA1UdIwQY MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt OTQzZDAzMzIxMzI2LzEvWFE3R09uZHFQd29pcERWbjVUQ1hnUnhDN29ZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2 LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAwBAIAATAqAwQAwCT3AwQA wEdUAwQBwEf+AwQAwLArAwQAwbZxAwQCwep4AwQAwmcIMA8EAgACMAkDBwAqAQKA AAYwDQYJKoZIhvcNAQELBQADggEBAGv/8q9q3vyQUWRpc3HkgC3+we0ErBWhVERZ HVg27KFA/AreTxZjnTQeNcC2kPDWxTkAIMinFK7Cxpkd5mHynvclzLQ7siGrpEGY tMRQuHMIIvzfx4/4Qt82LrmjFfjPeTcctHS/iQlvRmtXznr6RF9Gzku703Sh+jCk Kig9EC4hiLDd4SODomAQP6kO5VK77x56DoWST7V4uBm25OBrDQxZLfZP2x3nbgy/ 5bo7v2bv1SUMd1N1PAobssIb/x4Tl3fB1mNN9m25AXgB9VqzvR2jCu/Quauzp3Gw +ydoDCaLMCyIQ7GkBpXDNAfw3gUV9uc+z6CzWhCbQP4UBXXvIw8= -----END CERTIFICATE-----Generated at Fri Jan 2 09:27:08 2026 by rpki-client