This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/b0d6e6-2ed7-4928-ad69-3469034fa441/1/XWoz44Lafn-1hFijUO_aObSbpjw.roa File: XWoz44Lafn-1hFijUO_aObSbpjw.roa (raw, json) Hash identifier: rjl0nqRCSMtFPNQNlRhD0nFxNFVKQtrG5CQqV0qlWww= Subject key identifier: 5D:6A:33:E3:82:DA:7E:7F:B5:84:58:A3:50:EF:DA:39:B4:9B:A6:3C Certificate issuer: /CN=d9fc0bec60d0bace1889677bd9bb90190cc4fd22 Certificate serial: 019B7F835609DABA4321A65965E9B1F61B47 Authority key identifier: D9:FC:0B:EC:60:D0:BA:CE:18:89:67:7B:D9:BB:90:19:0C:C4:FD:22 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2fwL7GDQus4YiWd72buQGQzE_SI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/b0d6e6-2ed7-4928-ad69-3469034fa441/1/XWoz44Lafn-1hFijUO_aObSbpjw.roa Signing time: Fri 02 Jan 2026 16:21:12 +0000 ROA not before: Fri 02 Jan 2026 16:21:12 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 25091 IP address blocks: 5.144.32.0/21 maxlen: 24 46.20.240.0/20 maxlen: 24 85.8.128.0/24 maxlen: 24 91.247.176.0/24 maxlen: 24 185.60.52.0/22 maxlen: 24 212.102.126.0/24 maxlen: 24 2a02:2528::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ea/b0d6e6-2ed7-4928-ad69-3469034fa441/1/2fwL7GDQus4YiWd72buQGQzE_SI.crl rsync://rpki.ripe.net/repository/DEFAULT/ea/b0d6e6-2ed7-4928-ad69-3469034fa441/1/2fwL7GDQus4YiWd72buQGQzE_SI.mft rsync://rpki.ripe.net/repository/DEFAULT/2fwL7GDQus4YiWd72buQGQzE_SI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 11 Jan 2026 13:01:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:83:56:09:da:ba:43:21:a6:59:65:e9:b1:f6:1b:47 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d9fc0bec60d0bace1889677bd9bb90190cc4fd22 Validity Not Before: Jan 2 16:21:12 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5d6a33e382da7e7fb58458a350efda39b49ba63c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:7a:f3:87:68:48:fe:7d:91:1f:82:a8:43:61: 35:43:35:1d:ba:95:00:66:58:7f:29:d4:cc:cf:6d: 0d:0e:51:45:19:4a:18:a7:80:ec:65:6d:94:dc:2d: 37:35:d3:b4:9b:71:e6:77:af:c0:e0:e3:16:a0:e7: bc:1f:89:81:3f:6e:16:ff:4f:4c:e2:c0:67:64:83: 48:89:62:c0:bf:01:a9:af:75:ff:07:13:ff:70:ec: e1:47:5e:94:c1:65:26:19:4f:ad:b2:5b:aa:46:83: ae:f7:e6:fe:ea:26:8a:be:28:ee:e7:b2:a4:9f:9d: 4f:41:79:87:1c:67:9d:92:4a:b2:5c:b2:21:80:78: 46:84:2e:a5:6e:86:c4:7f:88:af:9d:f3:69:58:60: 73:9d:e9:79:56:82:7c:fe:4a:df:58:12:cf:c2:23: 2a:63:5b:fb:ef:92:ff:b2:5b:40:43:a2:a1:54:81: 19:e5:42:36:95:b3:48:db:8b:ef:0c:a9:be:55:d4: 48:f3:cf:b7:c6:77:4a:cc:7e:39:26:40:f2:01:ac: 09:fb:b4:d3:c2:30:2e:4c:02:8b:20:a5:4d:1f:41: 5c:04:a9:0b:0b:f2:7c:88:d4:f7:86:dc:20:b0:4f: c9:b9:9b:75:91:d2:4a:7c:96:d9:0d:fa:44:4f:98: 4b:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:6A:33:E3:82:DA:7E:7F:B5:84:58:A3:50:EF:DA:39:B4:9B:A6:3C X509v3 Authority Key Identifier: keyid:D9:FC:0B:EC:60:D0:BA:CE:18:89:67:7B:D9:BB:90:19:0C:C4:FD:22 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2fwL7GDQus4YiWd72buQGQzE_SI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/b0d6e6-2ed7-4928-ad69-3469034fa441/1/XWoz44Lafn-1hFijUO_aObSbpjw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/b0d6e6-2ed7-4928-ad69-3469034fa441/1/2fwL7GDQus4YiWd72buQGQzE_SI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.144.32.0/21 46.20.240.0/20 85.8.128.0/24 91.247.176.0/24 185.60.52.0/22 212.102.126.0/24 IPv6: 2a02:2528::/29 Signature Algorithm: sha256WithRSAEncryption 17:db:b6:ea:41:ac:f1:21:5a:40:c4:fb:31:e4:05:aa:fd:43: be:12:53:3b:db:de:16:f8:0c:73:71:9f:2a:09:08:a2:b7:7d: 18:4b:36:0d:78:d0:9b:ba:d1:1e:88:7f:a3:60:6b:fb:59:dc: 29:a6:63:6b:96:bc:c3:9e:d0:f3:40:a8:ba:8b:7a:8c:3a:ed: 1b:e9:46:39:df:b8:31:a3:39:60:84:5e:0d:0c:8b:22:36:00: e2:ae:83:0f:5b:4b:e2:3a:fb:ce:4e:c7:c1:25:3c:61:58:63: b9:a2:d6:3f:f5:20:21:4e:fa:56:b6:90:74:67:95:4a:7e:a2: 59:5b:95:3b:00:d8:be:38:80:cb:55:ad:26:27:af:e2:f1:9b: d2:80:88:ca:57:2b:d2:06:1b:ef:49:91:bf:4f:68:0f:87:02: 01:62:c3:50:23:a6:ba:56:f1:44:88:fc:9a:69:80:66:74:0b: 46:cf:a3:13:83:7c:65:6a:42:65:ae:51:33:cf:e3:b7:69:10: 44:14:ef:e9:a1:6a:cd:fb:71:16:ab:36:9d:70:25:56:5f:b3: de:1c:97:2c:b2:dd:6c:18:db:39:4f:8d:83:c3:b9:2a:da:d1: a9:a0:69:28:5f:62:12:06:77:f2:5e:32:47:a1:8f:06:d4:e2: b2:20:fa:84 -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgISAZt/g1YJ2rpDIaZZZemx9htHMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ5ZmMwYmVjNjBkMGJhY2UxODg5Njc3YmQ5YmI5MDE5MGNj NGZkMjIwHhcNMjYwMTAyMTYyMTEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1ZDZhMzNlMzgyZGE3ZTdmYjU4NDU4YTM1MGVmZGEzOWI0OWJhNjNjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuXrzh2hI/n2RH4KoQ2E1QzUdupUA Zlh/KdTMz20NDlFFGUoYp4DsZW2U3C03NdO0m3Hmd6/A4OMWoOe8H4mBP24W/09M 4sBnZINIiWLAvwGpr3X/BxP/cOzhR16UwWUmGU+tsluqRoOu9+b+6iaKviju57Kk n51PQXmHHGedkkqyXLIhgHhGhC6lbobEf4ivnfNpWGBznel5VoJ8/krfWBLPwiMq Y1v775L/sltAQ6KhVIEZ5UI2lbNI24vvDKm+VdRI88+3xndKzH45JkDyAawJ+7TT wjAuTAKLIKVNH0FcBKkLC/J8iNT3htwgsE/JuZt1kdJKfJbZDfpET5hLgwIDAQAB o4ICNjCCAjIwHQYDVR0OBBYEFF1qM+OC2n5/tYRYo1Dv2jm0m6Y8MB8GA1UdIwQY MBaAFNn8C+xg0LrOGIlne9m7kBkMxP0iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMmZ3TDdHRFF1czRZaVdkNzJidVFHUXpFX1NJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9iMGQ2ZTYtMmVkNy00OTI4LWFkNjkt MzQ2OTAzNGZhNDQxLzEvWFdvejQ0TGFmbi0xaEZpalVPX2FPYlNicGp3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lYS9iMGQ2ZTYtMmVkNy00OTI4LWFkNjktMzQ2OTAzNGZhNDQx LzEvMmZ3TDdHRFF1czRZaVdkNzJidVFHUXpFX1NJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQDBZAgAwQE LhTwAwQAVQiAAwQAW/ewAwQCuTw0AwQA1GZ+MA0EAgACMAcDBQMqAiUoMA0GCSqG SIb3DQEBCwUAA4IBAQAX27bqQazxIVpAxPsx5AWq/UO+ElM7294W+AxzcZ8qCQii t30YSzYNeNCbutEeiH+jYGv7WdwppmNrlrzDntDzQKi6i3qMOu0b6UY537gxozlg hF4NDIsiNgDiroMPW0viOvvOTsfBJTxhWGO5otY/9SAhTvpWtpB0Z5VKfqJZW5U7 ANi+OIDLVa0mJ6/i8ZvSgIjKVyvSBhvvSZG/T2gPhwIBYsNQI6a6VvFEiPyaaYBm dAtGz6MTg3xlakJlrlEzz+O3aRBEFO/poWrN+3EWqzadcCVWX7PeHJcsst1sGNs5 T42Dw7kq2tGpoGkoX2ISBnfyXjJHoY8G1OKyIPqE -----END CERTIFICATE-----Generated at Sat Jan 10 22:32:56 2026 by rpki-client