This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/bf1589-6adf-44b3-9746-81c4055148e0/1/XkEF2FpoYMDNdSJQTi_LayA4Ol4.roa File: XkEF2FpoYMDNdSJQTi_LayA4Ol4.roa (raw, json) Hash identifier: XlXxPv3rPuv4OjwQn/aSmAl+EcMC4mB71Uh0o84lUwM= Subject key identifier: 5E:41:05:D8:5A:68:60:C0:CD:75:22:50:4E:2F:CB:6B:20:38:3A:5E Certificate issuer: /CN=851d4e34d4e48539c170451d4e26138887f6e922 Certificate serial: 019B7F15A08D4A4D0388DB54B49E057A8BFF Authority key identifier: 85:1D:4E:34:D4:E4:85:39:C1:70:45:1D:4E:26:13:88:87:F6:E9:22 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hR1ONNTkhTnBcEUdTiYTiIf26SI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/bf1589-6adf-44b3-9746-81c4055148e0/1/XkEF2FpoYMDNdSJQTi_LayA4Ol4.roa Signing time: Fri 02 Jan 2026 14:21:22 +0000 ROA not before: Fri 02 Jan 2026 14:21:22 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 203172 IP address blocks: 45.129.144.0/22 maxlen: 24 185.249.41.0/24 maxlen: 24 185.249.42.0/24 maxlen: 24 2a0e:5b44::/30 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/bf1589-6adf-44b3-9746-81c4055148e0/1/hR1ONNTkhTnBcEUdTiYTiIf26SI.crl rsync://rpki.ripe.net/repository/DEFAULT/d9/bf1589-6adf-44b3-9746-81c4055148e0/1/hR1ONNTkhTnBcEUdTiYTiIf26SI.mft rsync://rpki.ripe.net/repository/DEFAULT/hR1ONNTkhTnBcEUdTiYTiIf26SI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 20:39:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:15:a0:8d:4a:4d:03:88:db:54:b4:9e:05:7a:8b:ff Signature Algorithm: sha256WithRSAEncryption Issuer: CN=851d4e34d4e48539c170451d4e26138887f6e922 Validity Not Before: Jan 2 14:21:22 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5e4105d85a6860c0cd7522504e2fcb6b20383a5e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:b8:c4:bd:bc:b6:96:6d:6c:9d:fc:35:7f:8f: 63:9d:9a:59:6a:d1:b0:e8:0b:c0:39:bd:77:c6:8e: 29:a0:60:2f:ff:cb:25:b6:39:e2:f0:f5:33:a3:f8: 32:a8:3f:d4:7f:8a:a7:05:76:1e:7e:5d:a9:09:0d: f7:ea:28:67:ec:13:30:12:6b:4d:5c:3f:85:61:20: 0b:a2:f0:e9:21:d7:f0:4c:79:45:f8:6c:cd:f3:fa: 99:f2:1c:1b:fc:b6:06:cc:e0:b6:a0:ff:28:cf:53: 3e:3e:18:a7:e1:c4:3a:c4:9b:a4:a3:16:64:8e:6a: 08:e4:a8:d3:42:00:bd:f4:a6:8d:56:a4:f9:1d:82: 69:a7:a3:20:82:e7:5d:c9:c5:50:60:fb:8b:73:1b: 3a:bb:4f:ed:6c:d4:17:de:e3:5c:b5:67:55:cd:bc: 3d:3b:91:04:ef:e1:84:0f:f9:2d:b7:be:2c:84:5b: 56:ab:6b:b4:fc:90:25:84:46:b3:8e:6e:1a:92:bf: 60:ef:c8:4c:ee:a3:07:b0:e6:3d:91:72:68:bd:c0: ca:3f:6c:26:1b:c4:a3:ba:c6:10:2b:0f:ab:1f:4e: 37:1a:af:24:7f:cc:92:fb:4d:f9:5c:44:ae:7e:be: 41:22:ea:f6:52:27:72:a5:ab:51:f0:29:9b:9f:6a: ad:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5E:41:05:D8:5A:68:60:C0:CD:75:22:50:4E:2F:CB:6B:20:38:3A:5E X509v3 Authority Key Identifier: keyid:85:1D:4E:34:D4:E4:85:39:C1:70:45:1D:4E:26:13:88:87:F6:E9:22 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hR1ONNTkhTnBcEUdTiYTiIf26SI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/bf1589-6adf-44b3-9746-81c4055148e0/1/XkEF2FpoYMDNdSJQTi_LayA4Ol4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/bf1589-6adf-44b3-9746-81c4055148e0/1/hR1ONNTkhTnBcEUdTiYTiIf26SI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.129.144.0/22 185.249.41.0-185.249.42.255 IPv6: 2a0e:5b44::/30 Signature Algorithm: sha256WithRSAEncryption 72:97:51:4c:a6:cc:ec:fa:8e:c4:94:50:fe:8d:43:eb:0c:67: df:89:5a:31:4a:b5:98:9c:ee:98:b2:05:c8:9d:74:62:cb:0d: 37:b5:6d:2e:9f:54:fc:16:1a:b8:2d:a2:f2:f6:5f:a1:0a:25: b6:c4:2b:20:77:9b:bf:15:fa:e9:54:b1:27:63:b0:b4:bd:28: f3:73:91:1e:3d:e7:e9:13:02:08:94:5c:0e:f5:ce:3c:1c:9d: 13:e2:0b:57:f4:fc:dc:71:37:97:4f:c8:3f:a2:d5:68:cb:58: 84:b4:5b:19:38:90:1d:d8:64:2a:a7:22:af:ed:be:77:b4:45: 8a:ae:71:38:91:d2:58:6d:5b:38:31:46:62:8b:97:c8:fb:f7: 0c:ac:e4:e1:ec:44:65:71:e7:c5:11:34:ea:bf:0c:b4:5f:3c: 18:db:59:3f:ea:d5:8d:57:f1:e2:3a:a5:df:7e:0d:3f:e0:93: 0c:1c:fe:67:85:26:bf:5f:a8:dd:31:23:f3:50:31:35:be:f3: 7c:b3:7a:e4:c4:81:8c:e4:e9:51:9d:99:9e:3b:34:37:dc:3b: 8c:8b:63:52:9e:2f:2f:c7:f8:1f:19:b9:03:e2:5d:aa:10:81: 9a:fe:23:54:0f:33:4c:1e:2a:51:98:20:4f:88:13:58:1f:45: 8e:43:04:20 -----BEGIN CERTIFICATE----- MIIFGjCCBAKgAwIBAgISAZt/FaCNSk0DiNtUtJ4Feov/MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg1MWQ0ZTM0ZDRlNDg1MzljMTcwNDUxZDRlMjYxMzg4ODdm NmU5MjIwHhcNMjYwMTAyMTQyMTIyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1ZTQxMDVkODVhNjg2MGMwY2Q3NTIyNTA0ZTJmY2I2YjIwMzgzYTVlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAobjEvby2lm1snfw1f49jnZpZatGw 6AvAOb13xo4poGAv/8sltjni8PUzo/gyqD/Uf4qnBXYefl2pCQ336ihn7BMwEmtN XD+FYSALovDpIdfwTHlF+GzN8/qZ8hwb/LYGzOC2oP8oz1M+Phin4cQ6xJukoxZk jmoI5KjTQgC99KaNVqT5HYJpp6MgguddycVQYPuLcxs6u0/tbNQX3uNctWdVzbw9 O5EE7+GED/ktt74shFtWq2u0/JAlhEazjm4akr9g78hM7qMHsOY9kXJovcDKP2wm G8SjusYQKw+rH043Gq8kf8yS+035XESufr5BIur2UidypatR8Cmbn2qtpwIDAQAB o4ICJjCCAiIwHQYDVR0OBBYEFF5BBdhaaGDAzXUiUE4vy2sgODpeMB8GA1UdIwQY MBaAFIUdTjTU5IU5wXBFHU4mE4iH9ukiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaFIxT05OVGtoVG5CY0VVZFRpWVRpSWYyNlNJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS9iZjE1ODktNmFkZi00NGIzLTk3NDYt ODFjNDA1NTE0OGUwLzEvWGtFRjJGcG9ZTUROZFNKUVRpX0xheUE0T2w0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kOS9iZjE1ODktNmFkZi00NGIzLTk3NDYtODFjNDA1NTE0OGUw LzEvaFIxT05OVGtoVG5CY0VVZFRpWVRpSWYyNlNJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQCLYGQMAwD BAC5+SkDBAC5+SowDQQCAAIwBwMFAioOW0QwDQYJKoZIhvcNAQELBQADggEBAHKX UUymzOz6jsSUUP6NQ+sMZ9+JWjFKtZic7piyBciddGLLDTe1bS6fVPwWGrgtovL2 X6EKJbbEKyB3m78V+ulUsSdjsLS9KPNzkR495+kTAgiUXA71zjwcnRPiC1f0/Nxx N5dPyD+i1WjLWIS0Wxk4kB3YZCqnIq/tvne0RYqucTiR0lhtWzgxRmKLl8j79wys 5OHsRGVx58URNOq/DLRfPBjbWT/q1Y1X8eI6pd9+DT/gkwwc/meFJr9fqN0xI/NQ MTW+83yzeuTEgYzk6VGdmZ47NDfcO4yLY1KeLy/H+B8ZuQPiXaoQgZr+I1QPM0we KlGYIE+IE1gfRY5DBCA= -----END CERTIFICATE-----Generated at Tue Jan 27 03:05:40 2026 by rpki-client