This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/ee09f1-7d0b-431f-aaee-bb8debc00388/1/XW6qbpTIlTwOQdneDWa6wjNdR74.roa File: XW6qbpTIlTwOQdneDWa6wjNdR74.roa (raw, json) Hash identifier: dcEokQUe6pj3bzQt6OXabzo/nAai4+pH/cycG3xngyE= Subject key identifier: 5D:6E:AA:6E:94:C8:95:3C:0E:41:D9:DE:0D:66:BA:C2:33:5D:47:BE Certificate issuer: /CN=c61850173c8d28d5afbf91091ca63e5da3c75ed4 Certificate serial: 019B7EA745E31C0FC66532AF7E42E1A8C24D Authority key identifier: C6:18:50:17:3C:8D:28:D5:AF:BF:91:09:1C:A6:3E:5D:A3:C7:5E:D4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhhQFzyNKNWvv5EJHKY-XaPHXtQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/ee09f1-7d0b-431f-aaee-bb8debc00388/1/XW6qbpTIlTwOQdneDWa6wjNdR74.roa Signing time: Fri 02 Jan 2026 12:20:50 +0000 ROA not before: Fri 02 Jan 2026 12:20:50 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 29684 IP address blocks: 2a05:5100::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e4/ee09f1-7d0b-431f-aaee-bb8debc00388/1/xhhQFzyNKNWvv5EJHKY-XaPHXtQ.crl rsync://rpki.ripe.net/repository/DEFAULT/e4/ee09f1-7d0b-431f-aaee-bb8debc00388/1/xhhQFzyNKNWvv5EJHKY-XaPHXtQ.mft rsync://rpki.ripe.net/repository/DEFAULT/xhhQFzyNKNWvv5EJHKY-XaPHXtQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 21 Jan 2026 03:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a7:45:e3:1c:0f:c6:65:32:af:7e:42:e1:a8:c2:4d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c61850173c8d28d5afbf91091ca63e5da3c75ed4 Validity Not Before: Jan 2 12:20:50 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5d6eaa6e94c8953c0e41d9de0d66bac2335d47be Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:d5:eb:6c:bf:41:68:53:30:65:71:68:c4:67: ed:a9:da:93:16:e9:c5:65:8e:d8:3f:aa:5a:e4:ab: 9c:e1:88:34:08:44:96:c8:5b:92:8f:b0:d5:47:95: 49:4c:b8:fd:bc:2b:62:2f:25:52:3e:22:42:fa:09: ee:05:7f:ce:80:53:12:03:3c:9c:39:01:07:d8:c0: ed:a0:01:e0:f3:60:8e:3c:ab:0b:0c:7a:74:96:aa: 6e:f3:01:14:40:64:f9:13:5d:2e:ed:4c:78:ee:c3: 6f:1e:7d:3d:d3:ab:2e:80:62:58:d6:a4:5c:92:06: 82:65:2b:02:aa:3e:d9:98:4c:64:02:c4:07:23:aa: 9e:e9:0d:a7:98:ab:fa:5f:2b:ba:dc:9e:2d:74:58: d2:97:fb:13:c6:82:27:53:5b:62:e3:b4:15:64:f9: 79:cd:14:06:f6:c2:d1:74:24:61:0e:c1:de:15:a4: bc:64:4a:fe:37:51:b7:2d:61:95:18:38:80:77:c7: 22:0f:c9:ed:28:75:8a:31:5c:35:ac:84:c3:c1:56: 60:3a:c1:cb:ef:e5:8a:2e:ab:00:dc:c3:d4:66:61: 75:45:e5:6e:80:89:e9:5e:71:82:4f:c1:88:d6:7e: 62:f3:75:5e:8c:0f:31:84:08:bc:a8:da:6e:29:17: b1:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:6E:AA:6E:94:C8:95:3C:0E:41:D9:DE:0D:66:BA:C2:33:5D:47:BE X509v3 Authority Key Identifier: keyid:C6:18:50:17:3C:8D:28:D5:AF:BF:91:09:1C:A6:3E:5D:A3:C7:5E:D4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhhQFzyNKNWvv5EJHKY-XaPHXtQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/ee09f1-7d0b-431f-aaee-bb8debc00388/1/XW6qbpTIlTwOQdneDWa6wjNdR74.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/ee09f1-7d0b-431f-aaee-bb8debc00388/1/xhhQFzyNKNWvv5EJHKY-XaPHXtQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:5100::/48 Signature Algorithm: sha256WithRSAEncryption 3c:0e:3a:0e:22:93:a5:a4:3e:a4:ae:f0:4c:5d:34:50:a3:a9: 97:3d:23:73:0d:43:38:b0:a8:0f:58:04:28:ff:70:6f:d8:c4: 6a:f3:d8:58:a7:a6:71:19:34:60:11:b1:b3:8c:59:36:34:22: d6:07:a4:b5:8c:b1:5f:7c:48:31:36:b7:b5:1a:83:09:bc:08: 6b:f2:9b:c1:50:8a:04:6e:1b:46:fc:37:4e:4b:9f:f8:ae:d9: dd:56:df:c4:b7:14:b8:2b:06:2f:71:f3:21:7c:02:7c:1f:9e: ee:4f:e0:55:93:93:12:4e:1f:fc:fb:61:80:5a:82:65:b6:9c: 61:f3:d2:a0:af:3d:04:c7:76:12:bc:46:ed:63:6c:69:39:ca: 85:55:4a:8b:4b:f0:e4:9f:ce:9d:6d:28:05:a8:aa:30:0d:83: 75:73:d7:6a:a0:98:da:0f:46:ba:f9:49:e6:1a:7a:8e:da:06: 4a:39:7c:7b:4c:66:44:b8:70:6a:db:75:6c:93:63:18:63:88: e6:bf:2a:19:78:3a:62:45:84:72:00:79:a9:4e:0d:b6:8f:c5: 90:33:37:85:cf:87:3a:33:ce:1c:99:d6:9a:c7:32:24:48:ec: 41:e4:15:b3:41:ef:f0:cb:cb:43:88:b3:e6:6d:2e:40:96:0d: 0c:59:b2:f9 -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt+p0XjHA/GZTKvfkLhqMJNMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM2MTg1MDE3M2M4ZDI4ZDVhZmJmOTEwOTFjYTYzZTVkYTNj NzVlZDQwHhcNMjYwMTAyMTIyMDUwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1ZDZlYWE2ZTk0Yzg5NTNjMGU0MWQ5ZGUwZDY2YmFjMjMzNWQ0N2JlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmtXrbL9BaFMwZXFoxGftqdqTFunF ZY7YP6pa5Kuc4Yg0CESWyFuSj7DVR5VJTLj9vCtiLyVSPiJC+gnuBX/OgFMSAzyc OQEH2MDtoAHg82COPKsLDHp0lqpu8wEUQGT5E10u7Ux47sNvHn0906sugGJY1qRc kgaCZSsCqj7ZmExkAsQHI6qe6Q2nmKv6Xyu63J4tdFjSl/sTxoInU1ti47QVZPl5 zRQG9sLRdCRhDsHeFaS8ZEr+N1G3LWGVGDiAd8ciD8ntKHWKMVw1rITDwVZgOsHL 7+WKLqsA3MPUZmF1ReVugInpXnGCT8GI1n5i83VejA8xhAi8qNpuKRexAQIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFF1uqm6UyJU8DkHZ3g1musIzXUe+MB8GA1UdIwQY MBaAFMYYUBc8jSjVr7+RCRymPl2jx17UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveGhoUUZ6eU5LTld2djVFSkhLWS1YYVBIWHRRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC9lZTA5ZjEtN2QwYi00MzFmLWFhZWUt YmI4ZGViYzAwMzg4LzEvWFc2cWJwVElsVHdPUWRuZURXYTZ3ak5kUjc0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lNC9lZTA5ZjEtN2QwYi00MzFmLWFhZWUtYmI4ZGViYzAwMzg4 LzEveGhoUUZ6eU5LTld2djVFSkhLWS1YYVBIWHRRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgVRAAAA MA0GCSqGSIb3DQEBCwUAA4IBAQA8DjoOIpOlpD6krvBMXTRQo6mXPSNzDUM4sKgP WAQo/3Bv2MRq89hYp6ZxGTRgEbGzjFk2NCLWB6S1jLFffEgxNre1GoMJvAhr8pvB UIoEbhtG/DdOS5/4rtndVt/EtxS4KwYvcfMhfAJ8H57uT+BVk5MSTh/8+2GAWoJl tpxh89Kgrz0Ex3YSvEbtY2xpOcqFVUqLS/Dkn86dbSgFqKowDYN1c9dqoJjaD0a6 +UnmGnqO2gZKOXx7TGZEuHBq23Vsk2MYY4jmvyoZeDpiRYRyAHmpTg22j8WQMzeF z4c6M84cmdaaxzIkSOxB5BWzQe/wy8tDiLPmbS5Alg0MWbL5 -----END CERTIFICATE-----Generated at Tue Jan 20 07:46:27 2026 by rpki-client