This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/1dbd75-981d-46a3-b5c3-2592a1ea6138/1/XPXEvulv6BRs4b2afB3vj1ysfjA.roa File: XPXEvulv6BRs4b2afB3vj1ysfjA.roa (raw, json) Hash identifier: qNzZm+qCRmlx5vY5iWeolu3onIP1zfzskLuFaO1O8gA= Subject key identifier: 5C:F5:C4:BE:E9:6F:E8:14:6C:E1:BD:9A:7C:1D:EF:8F:5C:AC:7E:30 Certificate issuer: /CN=426b2d7440fb78844cf0135ec5182b3f6f783a86 Certificate serial: 019B7C7F1D2AA0A7C4DBA46133CD4E1F9D0E Authority key identifier: 42:6B:2D:74:40:FB:78:84:4C:F0:13:5E:C5:18:2B:3F:6F:78:3A:86 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QmstdED7eIRM8BNexRgrP294OoY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/1dbd75-981d-46a3-b5c3-2592a1ea6138/1/XPXEvulv6BRs4b2afB3vj1ysfjA.roa Signing time: Fri 02 Jan 2026 02:17:43 +0000 ROA not before: Fri 02 Jan 2026 02:17:43 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 202360 IP address blocks: 2a10:fe40::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ec/1dbd75-981d-46a3-b5c3-2592a1ea6138/1/QmstdED7eIRM8BNexRgrP294OoY.crl rsync://rpki.ripe.net/repository/DEFAULT/ec/1dbd75-981d-46a3-b5c3-2592a1ea6138/1/QmstdED7eIRM8BNexRgrP294OoY.mft rsync://rpki.ripe.net/repository/DEFAULT/QmstdED7eIRM8BNexRgrP294OoY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 11:00:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:7f:1d:2a:a0:a7:c4:db:a4:61:33:cd:4e:1f:9d:0e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=426b2d7440fb78844cf0135ec5182b3f6f783a86 Validity Not Before: Jan 2 02:17:43 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5cf5c4bee96fe8146ce1bd9a7c1def8f5cac7e30 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:aa:b1:ad:6f:4b:ff:82:4b:87:66:38:bc:70: 7b:1d:39:d2:16:70:95:e8:71:21:35:f9:ae:c2:ff: e5:48:b7:54:50:fc:57:bd:4e:b0:5d:2d:11:9a:37: dd:60:8b:ec:e2:14:96:2d:75:b1:e9:78:7b:d1:63: b0:c7:86:63:ed:ab:13:46:ec:60:47:58:bb:c6:c8: fb:84:0e:2c:a0:a3:4a:90:cc:35:57:53:c9:0c:ce: 26:6a:ed:64:24:ff:2f:f6:7a:86:a2:ad:ee:2f:e1: b2:9a:a4:10:26:5b:1f:bd:40:85:9f:69:6a:fd:ba: 6a:a0:dc:1f:7a:fc:5e:33:7f:f7:cf:fc:ab:b0:15: 39:0e:2d:a1:e6:80:6a:16:fb:d8:47:ea:cd:8d:c5: a9:98:b8:f0:f7:e8:ab:cc:a4:69:14:74:e4:ad:66: 4d:e4:7d:25:1e:b4:4d:40:f7:ac:d4:78:57:51:91: 55:29:50:db:2a:b0:af:0b:b7:e7:1d:97:ce:bc:03: 99:e6:0b:e2:e2:3d:ff:c7:61:a5:eb:6f:54:44:59: ca:1a:b2:e2:71:a6:22:ec:98:75:59:42:b6:5e:eb: e4:a3:65:1b:35:5a:be:8e:37:74:fe:72:31:17:7a: 3f:95:89:7c:36:3a:1a:54:27:9e:df:5d:3c:fd:58: 95:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5C:F5:C4:BE:E9:6F:E8:14:6C:E1:BD:9A:7C:1D:EF:8F:5C:AC:7E:30 X509v3 Authority Key Identifier: keyid:42:6B:2D:74:40:FB:78:84:4C:F0:13:5E:C5:18:2B:3F:6F:78:3A:86 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QmstdED7eIRM8BNexRgrP294OoY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/1dbd75-981d-46a3-b5c3-2592a1ea6138/1/XPXEvulv6BRs4b2afB3vj1ysfjA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/1dbd75-981d-46a3-b5c3-2592a1ea6138/1/QmstdED7eIRM8BNexRgrP294OoY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a10:fe40::/29 Signature Algorithm: sha256WithRSAEncryption 90:98:df:76:b2:23:32:c5:9a:9f:79:f9:4b:a3:c9:ff:13:d4: f6:be:9c:bd:68:f4:a7:38:69:a0:7d:64:03:7d:f4:19:dc:1a: e2:52:08:c5:52:95:aa:f8:21:e8:ea:97:66:1f:47:4a:41:29: 52:50:02:e4:8a:ab:6c:0a:92:6e:f3:25:d2:78:c3:b1:22:48: 75:78:3e:1f:bc:7e:93:59:86:46:6f:e4:ce:14:97:9f:c4:1e: a4:42:1a:46:e6:0c:4c:eb:b3:8f:e4:98:4c:b7:89:e4:11:00: 0a:79:23:a7:f2:05:e1:93:a9:03:f3:a2:0a:79:04:b3:71:d2: f9:bc:25:cd:14:cf:f3:c0:d6:d0:cb:ab:01:d1:2e:fc:b9:f1: 83:d0:6b:5c:ab:29:09:60:ab:f2:42:f9:9e:74:76:b2:52:e3: 55:e7:76:d8:1f:09:34:b9:7b:b1:8e:51:37:9d:d1:42:2a:93: dd:76:6c:7c:a9:89:5c:17:5e:03:25:bc:61:ec:62:06:ad:88: 66:33:01:95:0a:32:3f:7a:ed:fe:3e:3f:ee:d4:4e:b5:3d:e6: 84:56:56:d8:0f:ed:4c:97:8c:98:e0:c6:dc:06:d3:ad:81:16: 3f:63:9d:2c:f7:af:18:dc:15:eb:41:99:a2:f6:a0:43:ed:1c: ae:f8:56:20 -----BEGIN CERTIFICATE----- MIIE/jCCA+agAwIBAgISAZt8fx0qoKfE26RhM81OH50OMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQyNmIyZDc0NDBmYjc4ODQ0Y2YwMTM1ZWM1MTgyYjNmNmY3 ODNhODYwHhcNMjYwMTAyMDIxNzQzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1Y2Y1YzRiZWU5NmZlODE0NmNlMWJkOWE3YzFkZWY4ZjVjYWM3ZTMwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzKqxrW9L/4JLh2Y4vHB7HTnSFnCV 6HEhNfmuwv/lSLdUUPxXvU6wXS0RmjfdYIvs4hSWLXWx6Xh70WOwx4Zj7asTRuxg R1i7xsj7hA4soKNKkMw1V1PJDM4mau1kJP8v9nqGoq3uL+GymqQQJlsfvUCFn2lq /bpqoNwfevxeM3/3z/yrsBU5Di2h5oBqFvvYR+rNjcWpmLjw9+irzKRpFHTkrWZN 5H0lHrRNQPes1HhXUZFVKVDbKrCvC7fnHZfOvAOZ5gvi4j3/x2Gl629URFnKGrLi caYi7Jh1WUK2Xuvko2UbNVq+jjd0/nIxF3o/lYl8NjoaVCee3108/ViVawIDAQAB o4ICCjCCAgYwHQYDVR0OBBYEFFz1xL7pb+gUbOG9mnwd749crH4wMB8GA1UdIwQY MBaAFEJrLXRA+3iETPATXsUYKz9veDqGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUW1zdGRFRDdlSVJNOEJOZXhSZ3JQMjk0T29ZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy8xZGJkNzUtOTgxZC00NmEzLWI1YzMt MjU5MmExZWE2MTM4LzEvWFBYRXZ1bHY2QlJzNGIyYWZCM3ZqMXlzZmpBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lYy8xZGJkNzUtOTgxZC00NmEzLWI1YzMtMjU5MmExZWE2MTM4 LzEvUW1zdGRFRDdlSVJNOEJOZXhSZ3JQMjk0T29ZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhD+QDAN BgkqhkiG9w0BAQsFAAOCAQEAkJjfdrIjMsWan3n5S6PJ/xPU9r6cvWj0pzhpoH1k A330Gdwa4lIIxVKVqvgh6OqXZh9HSkEpUlAC5IqrbAqSbvMl0njDsSJIdXg+H7x+ k1mGRm/kzhSXn8QepEIaRuYMTOuzj+SYTLeJ5BEACnkjp/IF4ZOpA/OiCnkEs3HS +bwlzRTP88DW0MurAdEu/Lnxg9BrXKspCWCr8kL5nnR2slLjVed22B8JNLl7sY5R N53RQiqT3XZsfKmJXBdeAyW8YexiBq2IZjMBlQoyP3rt/j4/7tROtT3mhFZW2A/t TJeMmODG3AbTrYEWP2OdLPevGNwV60GZovagQ+0crvhWIA== -----END CERTIFICATE-----Generated at Mon Jan 26 22:06:44 2026 by rpki-client