This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/a7ef4d-dc44-4faf-9513-e9c9132836ff/1/XhXwZGz_0ot-Yipy5gjWlGapqJg.roa File: XhXwZGz_0ot-Yipy5gjWlGapqJg.roa (raw, json) Hash identifier: osMFJv9ESYs8+a8oe5L8opFDI8cvKk+g8mqi6wPX570= Subject key identifier: 5E:15:F0:64:6C:FF:D2:8B:7E:62:2A:72:E6:08:D6:94:66:A9:A8:98 Certificate issuer: /CN=0dd441c3ffae829842249e944b03851081f4d9e0 Certificate serial: 019B79ECE28D7931803F9305DBED09E4BA98 Authority key identifier: 0D:D4:41:C3:FF:AE:82:98:42:24:9E:94:4B:03:85:10:81:F4:D9:E0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DdRBw_-ugphCJJ6USwOFEIH02eA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/a7ef4d-dc44-4faf-9513-e9c9132836ff/1/XhXwZGz_0ot-Yipy5gjWlGapqJg.roa Signing time: Thu 01 Jan 2026 14:18:46 +0000 ROA not before: Thu 01 Jan 2026 14:18:46 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 206092 IP address blocks: 37.140.254.0/24 maxlen: 24 185.82.72.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/a7ef4d-dc44-4faf-9513-e9c9132836ff/1/DdRBw_-ugphCJJ6USwOFEIH02eA.crl rsync://rpki.ripe.net/repository/DEFAULT/01/a7ef4d-dc44-4faf-9513-e9c9132836ff/1/DdRBw_-ugphCJJ6USwOFEIH02eA.mft rsync://rpki.ripe.net/repository/DEFAULT/DdRBw_-ugphCJJ6USwOFEIH02eA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 05:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:ec:e2:8d:79:31:80:3f:93:05:db:ed:09:e4:ba:98 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0dd441c3ffae829842249e944b03851081f4d9e0 Validity Not Before: Jan 1 14:18:46 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5e15f0646cffd28b7e622a72e608d69466a9a898 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:09:a7:2f:91:4c:4d:42:1e:ed:e9:60:73:ab: ee:4a:08:32:dd:17:dc:7c:2b:2a:c1:1f:a6:e9:2c: 3e:e9:46:06:44:55:a7:59:38:b2:f7:21:fe:f0:fd: 3f:ea:14:d4:fe:9e:1e:67:e9:35:a0:d3:d3:42:e3: 59:bb:8e:90:d0:47:1c:9a:d8:74:81:d4:7f:96:d6: 7b:df:52:79:59:43:84:4a:83:c9:75:68:c3:2c:39: 79:77:bc:11:0a:5f:9a:c5:b0:0f:7a:e5:a0:3e:af: 80:7c:1d:3a:d3:86:13:88:20:2d:8e:0a:c9:36:a4: 03:c0:15:c3:ea:eb:f3:a9:25:d6:5c:2f:e3:00:ce: a8:af:1b:15:d0:c7:86:34:63:9a:44:3e:bc:bb:e9: 16:61:4b:14:57:dc:e0:95:bb:57:93:90:fc:1d:02: 04:fc:3e:c9:8a:52:a6:41:70:84:81:8f:2c:38:89: 42:1c:42:b4:d6:a4:f6:88:45:5d:27:25:b5:9d:66: d7:79:e8:a4:1a:e5:b5:1f:7d:1a:63:a3:f3:41:82: f9:f7:27:57:31:1c:2d:1d:64:a0:dc:c5:5d:0b:76: 27:da:c7:95:ac:c7:12:3e:53:45:50:16:e0:98:d0: 12:ed:c0:5c:58:5a:d6:8a:da:03:86:84:7a:60:4e: 35:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5E:15:F0:64:6C:FF:D2:8B:7E:62:2A:72:E6:08:D6:94:66:A9:A8:98 X509v3 Authority Key Identifier: keyid:0D:D4:41:C3:FF:AE:82:98:42:24:9E:94:4B:03:85:10:81:F4:D9:E0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DdRBw_-ugphCJJ6USwOFEIH02eA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a7ef4d-dc44-4faf-9513-e9c9132836ff/1/XhXwZGz_0ot-Yipy5gjWlGapqJg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a7ef4d-dc44-4faf-9513-e9c9132836ff/1/DdRBw_-ugphCJJ6USwOFEIH02eA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 37.140.254.0/24 185.82.72.0/24 Signature Algorithm: sha256WithRSAEncryption be:0b:e2:a0:38:94:ba:90:86:2f:64:40:90:10:e7:8f:87:3a: c5:74:a5:58:94:f7:22:6e:51:9d:c6:6c:a5:dd:91:db:0b:83: fa:37:f8:c2:3f:ba:44:e0:57:c2:45:9a:35:97:f5:56:9e:b3: e0:fd:64:58:41:de:c4:af:87:cc:26:b3:c0:84:e0:4e:0d:e7: 4f:51:0a:65:9b:ba:59:3f:f9:b7:5d:c4:3a:b2:b4:c7:fa:8e: 2b:e0:a1:42:ec:83:a3:99:1f:de:c7:d9:d4:11:6a:20:56:9b: 0f:28:c1:46:ff:07:e2:3f:b2:7f:43:da:cf:ed:29:3f:59:dd: b5:38:2d:df:f6:de:13:4a:e2:0c:a7:02:ac:12:cb:28:45:f6: 39:65:3d:87:42:88:34:2c:e8:9b:5f:58:c4:f4:47:53:c8:85: c1:ba:96:91:27:32:66:58:ec:32:5f:33:ec:ea:8e:72:af:d1: 19:29:31:bc:42:e5:53:dc:22:cf:3b:bb:0e:07:bc:5c:07:2d: ba:bb:68:45:b5:6d:a6:63:75:9e:04:76:e1:e8:6e:cd:53:aa: 98:30:62:07:ae:3b:a6:36:45:e1:f2:d0:23:56:95:81:57:5a: a9:fe:32:4b:71:20:59:8b:0a:07:a1:6f:24:2d:d5:dd:d3:d3: 00:88:43:d2 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt57OKNeTGAP5MF2+0J5LqYMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBkZDQ0MWMzZmZhZTgyOTg0MjI0OWU5NDRiMDM4NTEwODFm NGQ5ZTAwHhcNMjYwMTAxMTQxODQ2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1ZTE1ZjA2NDZjZmZkMjhiN2U2MjJhNzJlNjA4ZDY5NDY2YTlhODk4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAywmnL5FMTUIe7elgc6vuSggy3Rfc fCsqwR+m6Sw+6UYGRFWnWTiy9yH+8P0/6hTU/p4eZ+k1oNPTQuNZu46Q0Eccmth0 gdR/ltZ731J5WUOESoPJdWjDLDl5d7wRCl+axbAPeuWgPq+AfB0604YTiCAtjgrJ NqQDwBXD6uvzqSXWXC/jAM6orxsV0MeGNGOaRD68u+kWYUsUV9zglbtXk5D8HQIE /D7JilKmQXCEgY8sOIlCHEK01qT2iEVdJyW1nWbXeeikGuW1H30aY6PzQYL59ydX MRwtHWSg3MVdC3Yn2seVrMcSPlNFUBbgmNAS7cBcWFrWitoDhoR6YE41UQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFF4V8GRs/9KLfmIqcuYI1pRmqaiYMB8GA1UdIwQY MBaAFA3UQcP/roKYQiSelEsDhRCB9NngMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRGRSQndfLXVncGhDSko2VVN3T0ZFSUgwMmVBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9hN2VmNGQtZGM0NC00ZmFmLTk1MTMt ZTljOTEzMjgzNmZmLzEvWGhYd1pHel8wb3QtWWlweTVnaldsR2FwcUpnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMS9hN2VmNGQtZGM0NC00ZmFmLTk1MTMtZTljOTEzMjgzNmZm LzEvRGRSQndfLXVncGhDSko2VVN3T0ZFSUgwMmVBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAJYz+AwQA uVJIMA0GCSqGSIb3DQEBCwUAA4IBAQC+C+KgOJS6kIYvZECQEOePhzrFdKVYlPci blGdxmyl3ZHbC4P6N/jCP7pE4FfCRZo1l/VWnrPg/WRYQd7Er4fMJrPAhOBODedP UQplm7pZP/m3XcQ6srTH+o4r4KFC7IOjmR/ex9nUEWogVpsPKMFG/wfiP7J/Q9rP 7Sk/Wd21OC3f9t4TSuIMpwKsEssoRfY5ZT2HQog0LOibX1jE9EdTyIXBupaRJzJm WOwyXzPs6o5yr9EZKTG8QuVT3CLPO7sOB7xcBy26u2hFtW2mY3WeBHbh6G7NU6qY MGIHrjumNkXh8tAjVpWBV1qp/jJLcSBZiwoHoW8kLdXd09MAiEPS -----END CERTIFICATE-----Generated at Sun Jan 25 15:15:03 2026 by rpki-client