This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/032d8b-4881-46fa-b674-7733bd888e28/1/xC0dGwS2hqJMFjJkASOl38eG4CQ.roa File: xC0dGwS2hqJMFjJkASOl38eG4CQ.roa (raw, json) Hash identifier: o1etJOQuElRRT8k2/A1UeIK9/USuVlD2nFRLc2q3+y4= Subject key identifier: C4:2D:1D:1B:04:B6:86:A2:4C:16:32:64:01:23:A5:DF:C7:86:E0:24 Certificate issuer: /CN=da0b33cddb799b7bcf5d3dce004fdba8c3e864ff Certificate serial: 019B79EC57667603C218C53234D3BA8FAA23 Authority key identifier: DA:0B:33:CD:DB:79:9B:7B:CF:5D:3D:CE:00:4F:DB:A8:C3:E8:64:FF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gszzdt5m3vPXT3OAE_bqMPoZP8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/032d8b-4881-46fa-b674-7733bd888e28/1/xC0dGwS2hqJMFjJkASOl38eG4CQ.roa Signing time: Thu 01 Jan 2026 14:18:10 +0000 ROA not before: Thu 01 Jan 2026 14:18:10 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 25176 IP address blocks: 80.88.96.0/19 maxlen: 19 81.8.128.0/17 maxlen: 17 81.8.142.0/24 maxlen: 24 81.8.143.0/24 maxlen: 24 81.8.204.0/24 maxlen: 24 81.8.226.0/24 maxlen: 24 85.194.128.0/18 maxlen: 18 2a01:4040::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/032d8b-4881-46fa-b674-7733bd888e28/1/2gszzdt5m3vPXT3OAE_bqMPoZP8.crl rsync://rpki.ripe.net/repository/DEFAULT/fe/032d8b-4881-46fa-b674-7733bd888e28/1/2gszzdt5m3vPXT3OAE_bqMPoZP8.mft rsync://rpki.ripe.net/repository/DEFAULT/2gszzdt5m3vPXT3OAE_bqMPoZP8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 14:00:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:ec:57:66:76:03:c2:18:c5:32:34:d3:ba:8f:aa:23 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=da0b33cddb799b7bcf5d3dce004fdba8c3e864ff Validity Not Before: Jan 1 14:18:10 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=c42d1d1b04b686a24c1632640123a5dfc786e024 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:9a:dd:37:a1:e9:7d:9e:4c:75:7d:8e:00:c5: c3:36:1d:63:d8:e4:1e:14:d4:39:dd:da:93:cc:84: 2f:a2:e4:bd:81:e1:ce:f2:6f:2b:61:80:68:b4:8d: 71:81:ec:0d:bc:50:cd:76:a0:5f:8d:30:ae:47:05: 71:79:73:ad:fc:3c:ab:5d:8f:2c:bd:4c:58:5f:70: ba:06:42:fb:9d:69:d6:ed:c8:ae:b1:37:52:c1:85: 24:24:50:93:15:fb:7f:e9:4a:3b:fc:2a:f0:d3:c1: 57:cc:04:22:a6:9c:c7:3f:35:0e:19:5e:ef:56:69: db:bc:e9:37:7d:1a:c4:8a:e1:03:0c:b1:23:4d:63: 69:1e:76:53:da:00:34:a3:99:40:9f:ca:0c:48:4e: 7c:dd:b4:cd:db:4f:39:93:34:33:c5:bd:24:37:cc: d7:e7:c7:ec:69:e8:b3:36:f3:58:50:f9:5f:5c:27: 16:32:fc:b3:cf:cd:00:be:01:55:c7:ab:04:21:de: b8:2a:4e:97:d7:8e:1f:53:aa:b7:4f:d9:e7:9e:e9: a1:aa:41:d0:f2:7f:a3:bf:87:10:e2:67:5b:3b:80: 3f:e3:dc:52:1b:e2:51:c7:fe:cf:d7:77:66:4a:0e: 25:08:70:9a:a4:04:58:ab:94:97:1c:74:e4:0e:fa: 92:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C4:2D:1D:1B:04:B6:86:A2:4C:16:32:64:01:23:A5:DF:C7:86:E0:24 X509v3 Authority Key Identifier: keyid:DA:0B:33:CD:DB:79:9B:7B:CF:5D:3D:CE:00:4F:DB:A8:C3:E8:64:FF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gszzdt5m3vPXT3OAE_bqMPoZP8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/032d8b-4881-46fa-b674-7733bd888e28/1/xC0dGwS2hqJMFjJkASOl38eG4CQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/032d8b-4881-46fa-b674-7733bd888e28/1/2gszzdt5m3vPXT3OAE_bqMPoZP8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 80.88.96.0/19 81.8.128.0/17 85.194.128.0/18 IPv6: 2a01:4040::/32 Signature Algorithm: sha256WithRSAEncryption 74:ec:50:f0:f2:45:ff:6f:34:75:35:eb:dc:e3:dc:9c:a7:09: 1e:06:10:7d:9d:fc:4f:fe:d2:3f:b1:ee:72:87:be:fa:91:00: 2d:32:f1:b6:07:60:d1:da:a6:f3:0d:54:c4:52:6d:d8:a5:35: 2d:ef:53:4b:af:64:d2:00:c9:24:0a:88:2e:38:66:ad:fd:90: 7d:27:a5:1e:94:b8:1e:d6:aa:f6:5c:07:8d:08:9d:a0:b9:11: 60:5e:d1:a0:ff:d5:80:5b:80:36:02:94:26:e2:40:9b:8c:15: 36:19:b7:b0:3e:64:cb:b4:64:de:9a:34:9b:b4:eb:4f:36:8b: 1b:cd:04:e5:de:54:17:26:ed:97:68:38:72:1b:a4:7d:5e:63: fa:30:2f:a0:b8:8b:56:97:42:00:85:15:6b:ab:ef:fa:94:ba: 87:93:95:60:fb:08:f2:e1:0f:80:6d:42:05:9f:d6:d9:3b:f7: 8b:01:5e:37:c0:29:8f:65:53:04:06:2d:58:33:10:46:30:08: 57:46:c1:f1:70:2c:83:d5:33:43:ca:0a:b1:4b:ce:73:75:5e: 20:33:5f:62:8a:13:59:d7:1f:c4:fb:f5:25:17:5e:f3:6e:40: ab:29:7b:5b:06:7c:d5:e6:30:95:23:3d:6e:7e:ec:4b:3c:b6: ea:65:02:87 -----BEGIN CERTIFICATE----- MIIFGDCCBACgAwIBAgISAZt57FdmdgPCGMUyNNO6j6ojMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRhMGIzM2NkZGI3OTliN2JjZjVkM2RjZTAwNGZkYmE4YzNl ODY0ZmYwHhcNMjYwMTAxMTQxODEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjNDJkMWQxYjA0YjY4NmEyNGMxNjMyNjQwMTIzYTVkZmM3ODZlMDI0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsJrdN6HpfZ5MdX2OAMXDNh1j2OQe FNQ53dqTzIQvouS9geHO8m8rYYBotI1xgewNvFDNdqBfjTCuRwVxeXOt/DyrXY8s vUxYX3C6BkL7nWnW7ciusTdSwYUkJFCTFft/6Uo7/Crw08FXzAQippzHPzUOGV7v VmnbvOk3fRrEiuEDDLEjTWNpHnZT2gA0o5lAn8oMSE583bTN2085kzQzxb0kN8zX 58fsaeizNvNYUPlfXCcWMvyzz80AvgFVx6sEId64Kk6X144fU6q3T9nnnumhqkHQ 8n+jv4cQ4mdbO4A/49xSG+JRx/7P13dmSg4lCHCapARYq5SXHHTkDvqSUwIDAQAB o4ICJDCCAiAwHQYDVR0OBBYEFMQtHRsEtoaiTBYyZAEjpd/HhuAkMB8GA1UdIwQY MBaAFNoLM83beZt7z109zgBP26jD6GT/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMmdzenpkdDVtM3ZQWFQzT0FFX2JxTVBvWlA4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8wMzJkOGItNDg4MS00NmZhLWI2NzQt NzczM2JkODg4ZTI4LzEveEMwZEd3UzJocUpNRmpKa0FTT2wzOGVHNENRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mZS8wMzJkOGItNDg4MS00NmZhLWI2NzQtNzczM2JkODg4ZTI4 LzEvMmdzenpkdDVtM3ZQWFQzT0FFX2JxTVBvWlA4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQFUFhgAwQH UQiAAwQGVcKAMA0EAgACMAcDBQAqAUBAMA0GCSqGSIb3DQEBCwUAA4IBAQB07FDw 8kX/bzR1Nevc49ycpwkeBhB9nfxP/tI/se5yh776kQAtMvG2B2DR2qbzDVTEUm3Y pTUt71NLr2TSAMkkCoguOGat/ZB9J6UelLge1qr2XAeNCJ2guRFgXtGg/9WAW4A2 ApQm4kCbjBU2GbewPmTLtGTemjSbtOtPNosbzQTl3lQXJu2XaDhyG6R9XmP6MC+g uItWl0IAhRVrq+/6lLqHk5Vg+wjy4Q+AbUIFn9bZO/eLAV43wCmPZVMEBi1YMxBG MAhXRsHxcCyD1TNDygqxS85zdV4gM19iihNZ1x/E+/UlF17zbkCrKXtbBnzV5jCV Iz1ufuxLPLbqZQKH -----END CERTIFICATE-----Generated at Mon Feb 9 23:45:09 2026 by rpki-client