This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/1d72ce-be4c-4498-a823-3aebc9f817ce/1/xzFbm4sk1g_z1hTqJzkSoYGfwII.roa File: xzFbm4sk1g_z1hTqJzkSoYGfwII.roa (raw, json) Hash identifier: vGpqbjJ2sbADDdZ1dTIQ9ghtcR849/Jhk0Pb4QG33k4= Subject key identifier: C7:31:5B:9B:8B:24:D6:0F:F3:D6:14:EA:27:39:12:A1:81:9F:C0:82 Certificate issuer: /CN=297a4229714f34e29d3d92b25f7b59c748f0dfc6 Certificate serial: 019B7CED4B88354242A529D3E371D7980423 Authority key identifier: 29:7A:42:29:71:4F:34:E2:9D:3D:92:B2:5F:7B:59:C7:48:F0:DF:C6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KXpCKXFPNOKdPZKyX3tZx0jw38Y.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/1d72ce-be4c-4498-a823-3aebc9f817ce/1/xzFbm4sk1g_z1hTqJzkSoYGfwII.roa Signing time: Fri 02 Jan 2026 04:18:04 +0000 ROA not before: Fri 02 Jan 2026 04:18:04 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 44430 IP address blocks: 46.16.120.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e4/1d72ce-be4c-4498-a823-3aebc9f817ce/1/KXpCKXFPNOKdPZKyX3tZx0jw38Y.crl rsync://rpki.ripe.net/repository/DEFAULT/e4/1d72ce-be4c-4498-a823-3aebc9f817ce/1/KXpCKXFPNOKdPZKyX3tZx0jw38Y.mft rsync://rpki.ripe.net/repository/DEFAULT/KXpCKXFPNOKdPZKyX3tZx0jw38Y.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 19:00:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:ed:4b:88:35:42:42:a5:29:d3:e3:71:d7:98:04:23 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=297a4229714f34e29d3d92b25f7b59c748f0dfc6 Validity Not Before: Jan 2 04:18:04 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=c7315b9b8b24d60ff3d614ea273912a1819fc082 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:19:0f:ac:cf:01:3f:b8:20:7f:44:e0:1a:dd: 60:20:cb:14:8e:b4:84:09:29:eb:26:e8:70:d5:22: 79:f2:65:d6:4b:be:65:6d:52:a1:ee:8e:51:dc:ef: 93:49:ba:93:f1:98:30:31:e1:42:96:7c:c0:81:c8: 44:ba:ce:65:b9:6a:af:fc:57:8f:e4:95:8a:ff:ff: 70:3f:11:70:68:3f:3f:ed:ec:f3:23:35:b2:62:0a: dd:c0:ce:d2:0f:03:96:5d:a9:83:cb:2a:0b:9e:25: 65:7a:15:fb:22:f0:ff:8a:2e:e1:6c:79:9c:3b:33: 80:f2:a2:21:c7:d8:b3:ad:8e:b5:fc:92:96:c3:42: 5f:7b:20:fa:c1:46:a4:49:ce:01:bc:c8:27:76:0a: 3a:91:8d:74:23:5b:eb:24:d9:7a:ab:ec:49:46:e1: 82:47:ae:dc:80:d6:d2:b1:35:74:f0:f2:fb:73:17: a9:92:3f:58:96:18:dc:c8:36:a3:82:2a:20:95:fd: 6d:6b:b2:1c:58:a3:5f:8f:39:24:bc:bc:f3:7d:a2: 5e:d4:db:24:cd:f6:12:f3:2a:00:2c:a7:a8:72:97: e9:a2:29:fa:56:76:89:dd:ec:15:81:f4:80:2b:77: 02:b2:8b:3c:2c:ac:35:81:9d:3a:78:b1:21:7f:17: 01:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C7:31:5B:9B:8B:24:D6:0F:F3:D6:14:EA:27:39:12:A1:81:9F:C0:82 X509v3 Authority Key Identifier: keyid:29:7A:42:29:71:4F:34:E2:9D:3D:92:B2:5F:7B:59:C7:48:F0:DF:C6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KXpCKXFPNOKdPZKyX3tZx0jw38Y.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/1d72ce-be4c-4498-a823-3aebc9f817ce/1/xzFbm4sk1g_z1hTqJzkSoYGfwII.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/1d72ce-be4c-4498-a823-3aebc9f817ce/1/KXpCKXFPNOKdPZKyX3tZx0jw38Y.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 46.16.120.0/21 Signature Algorithm: sha256WithRSAEncryption b1:81:b1:38:fa:bc:e6:6d:70:66:6b:f1:06:22:56:2d:2f:c9: 1b:ea:83:89:e3:80:c4:35:d9:25:a2:9c:f9:6c:17:0f:42:e3: fc:d8:b1:ba:4d:ee:7f:52:71:20:1b:aa:a3:fd:6b:f2:00:6a: d0:17:b0:9e:b7:26:f1:34:d9:dc:f4:df:ec:5f:be:e2:65:0e: e3:48:ff:9f:d9:8c:00:3b:3d:33:04:95:aa:b4:72:5c:ad:7b: bf:c8:1e:21:53:a4:37:de:12:53:95:36:a8:52:bf:18:01:92: 0b:34:63:91:a4:9f:4e:20:54:25:b5:9b:24:b2:17:01:ac:de: 18:fa:98:a8:e5:14:5b:a0:7c:c8:a5:38:7e:a0:da:a3:da:d6: 94:28:54:bd:39:0c:2b:9b:d8:7d:27:e8:48:dc:96:6d:a0:54: f5:65:38:40:e4:ff:c9:4c:1e:d8:78:c8:0c:70:a8:08:d7:b8: 03:3f:25:76:af:c9:2d:bc:7e:5d:f8:3c:45:ba:b6:af:29:76: 13:56:34:d0:e8:b8:24:78:6e:2d:3f:d0:79:52:37:a0:38:88: c5:7c:32:d1:bd:9d:45:22:89:ac:08:18:98:a9:48:f4:53:19: 54:0a:da:2d:0b:60:4b:28:2f:e6:25:22:e6:d5:f0:be:20:cc: 79:5c:98:2d -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt87UuINUJCpSnT43HXmAQjMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI5N2E0MjI5NzE0ZjM0ZTI5ZDNkOTJiMjVmN2I1OWM3NDhm MGRmYzYwHhcNMjYwMTAyMDQxODA0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjNzMxNWI5YjhiMjRkNjBmZjNkNjE0ZWEyNzM5MTJhMTgxOWZjMDgyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsBkPrM8BP7ggf0TgGt1gIMsUjrSE CSnrJuhw1SJ58mXWS75lbVKh7o5R3O+TSbqT8ZgwMeFClnzAgchEus5luWqv/FeP 5JWK//9wPxFwaD8/7ezzIzWyYgrdwM7SDwOWXamDyyoLniVlehX7IvD/ii7hbHmc OzOA8qIhx9izrY61/JKWw0JfeyD6wUakSc4BvMgndgo6kY10I1vrJNl6q+xJRuGC R67cgNbSsTV08PL7cxepkj9YlhjcyDajgioglf1ta7IcWKNfjzkkvLzzfaJe1Nsk zfYS8yoALKeocpfpoin6VnaJ3ewVgfSAK3cCsos8LKw1gZ06eLEhfxcB0wIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFMcxW5uLJNYP89YU6ic5EqGBn8CCMB8GA1UdIwQY MBaAFCl6QilxTzTinT2Ssl97WcdI8N/GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS1hwQ0tYRlBOT0tkUFpLeVgzdFp4MGp3MzhZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC8xZDcyY2UtYmU0Yy00NDk4LWE4MjMt M2FlYmM5ZjgxN2NlLzEveHpGYm00c2sxZ196MWhUcUp6a1NvWUdmd0lJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lNC8xZDcyY2UtYmU0Yy00NDk4LWE4MjMtM2FlYmM5ZjgxN2Nl LzEvS1hwQ0tYRlBOT0tkUFpLeVgzdFp4MGp3MzhZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDLhB4MA0G CSqGSIb3DQEBCwUAA4IBAQCxgbE4+rzmbXBma/EGIlYtL8kb6oOJ44DENdklopz5 bBcPQuP82LG6Te5/UnEgG6qj/WvyAGrQF7CetybxNNnc9N/sX77iZQ7jSP+f2YwA Oz0zBJWqtHJcrXu/yB4hU6Q33hJTlTaoUr8YAZILNGORpJ9OIFQltZskshcBrN4Y +pio5RRboHzIpTh+oNqj2taUKFS9OQwrm9h9J+hI3JZtoFT1ZThA5P/JTB7YeMgM cKgI17gDPyV2r8ktvH5d+DxFuravKXYTVjTQ6LgkeG4tP9B5UjegOIjFfDLRvZ1F IomsCBiYqUj0UxlUCtotC2BLKC/mJSLm1fC+IMx5XJgt -----END CERTIFICATE-----Generated at Tue Feb 10 02:23:18 2026 by rpki-client