This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/224155-3ca4-4ff7-a964-fc0dd9252c9a/1/XWKWcGwWuxK442AqUwQOJoI0Riw.roa File: XWKWcGwWuxK442AqUwQOJoI0Riw.roa (raw, json) Hash identifier: lPCDTJoNAlTYjYOQxRc8IFp9k2/Nouu3lyu3633P8Ys= Subject key identifier: 5D:62:96:70:6C:16:BB:12:B8:E3:60:2A:53:04:0E:26:82:34:46:2C Certificate issuer: /CN=5bea81aa9b2197d9127b442525100ffaa36e0d52 Certificate serial: 019B797EA89F6C488291D046DB9A2DECD710 Authority key identifier: 5B:EA:81:AA:9B:21:97:D9:12:7B:44:25:25:10:0F:FA:A3:6E:0D:52 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W-qBqpshl9kSe0QlJRAP-qNuDVI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/224155-3ca4-4ff7-a964-fc0dd9252c9a/1/XWKWcGwWuxK442AqUwQOJoI0Riw.roa Signing time: Thu 01 Jan 2026 12:18:22 +0000 ROA not before: Thu 01 Jan 2026 12:18:22 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 34373 IP address blocks: 45.128.64.0/22 maxlen: 24 45.132.40.0/22 maxlen: 24 77.74.124.0/22 maxlen: 24 86.48.68.0/22 maxlen: 24 91.219.76.0/22 maxlen: 24 185.56.52.0/22 maxlen: 24 185.63.56.0/22 maxlen: 24 185.69.204.0/22 maxlen: 24 185.96.44.0/22 maxlen: 24 185.97.228.0/22 maxlen: 24 185.116.40.0/22 maxlen: 24 185.165.68.0/22 maxlen: 24 185.210.128.0/22 maxlen: 24 193.105.233.0/24 maxlen: 24 195.253.200.0/21 maxlen: 24 217.61.253.0/24 maxlen: 24 2a00:4140::/29 maxlen: 48 2a06:900::/29 maxlen: 48 2a06:7bc0::/29 maxlen: 48 2a0b:57c0::/29 maxlen: 48 2a0b:ec00::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/224155-3ca4-4ff7-a964-fc0dd9252c9a/1/W-qBqpshl9kSe0QlJRAP-qNuDVI.crl rsync://rpki.ripe.net/repository/DEFAULT/0b/224155-3ca4-4ff7-a964-fc0dd9252c9a/1/W-qBqpshl9kSe0QlJRAP-qNuDVI.mft rsync://rpki.ripe.net/repository/DEFAULT/W-qBqpshl9kSe0QlJRAP-qNuDVI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7e:a8:9f:6c:48:82:91:d0:46:db:9a:2d:ec:d7:10 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5bea81aa9b2197d9127b442525100ffaa36e0d52 Validity Not Before: Jan 1 12:18:22 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5d6296706c16bb12b8e3602a53040e268234462c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8f:46:9f:61:c0:a7:81:45:98:e2:a0:bf:10:bd: 10:2f:99:41:64:01:64:98:d2:f0:4a:53:e9:dc:0c: d5:e9:76:20:4e:3c:34:23:a2:19:7f:61:b9:1d:0e: b0:6c:3d:29:5d:dd:b7:80:50:59:86:c1:5a:82:55: 34:ca:be:74:bb:ac:f1:75:34:d1:e7:03:b7:eb:c4: 99:e7:f7:c0:02:79:4b:fc:cc:df:42:14:d4:5b:55: 28:9b:54:d2:cd:77:26:93:19:2c:a6:42:d2:45:11: d0:59:74:fe:8b:09:02:18:50:9f:fe:b4:b4:cc:f8: b6:f7:00:9a:ba:9e:f3:76:65:de:90:dd:2f:b1:71: 93:c0:d5:f5:ab:ce:71:05:05:37:dd:6a:f3:b6:30: 8e:d4:e7:df:a2:ef:01:46:21:0c:34:f9:59:6a:d2: bc:67:e5:12:d2:4b:ca:63:d8:2d:52:42:10:b5:2c: 15:b1:bd:9c:9c:e4:98:cb:a9:b8:ba:d8:df:b1:a5: cb:35:9f:27:0b:f4:f2:f3:7e:e0:a8:3c:83:97:a2: 71:a3:37:d2:55:37:cd:5e:9d:83:53:29:f6:88:53: ec:c9:e9:8a:63:0a:cd:5b:37:e0:a0:2d:73:9a:3c: 18:54:39:06:60:41:0b:e2:1e:5a:07:93:a1:73:ff: cf:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:62:96:70:6C:16:BB:12:B8:E3:60:2A:53:04:0E:26:82:34:46:2C X509v3 Authority Key Identifier: keyid:5B:EA:81:AA:9B:21:97:D9:12:7B:44:25:25:10:0F:FA:A3:6E:0D:52 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W-qBqpshl9kSe0QlJRAP-qNuDVI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/224155-3ca4-4ff7-a964-fc0dd9252c9a/1/XWKWcGwWuxK442AqUwQOJoI0Riw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/224155-3ca4-4ff7-a964-fc0dd9252c9a/1/W-qBqpshl9kSe0QlJRAP-qNuDVI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.128.64.0/22 45.132.40.0/22 77.74.124.0/22 86.48.68.0/22 91.219.76.0/22 185.56.52.0/22 185.63.56.0/22 185.69.204.0/22 185.96.44.0/22 185.97.228.0/22 185.116.40.0/22 185.165.68.0/22 185.210.128.0/22 193.105.233.0/24 195.253.200.0/21 217.61.253.0/24 IPv6: 2a00:4140::/29 2a06:900::/29 2a06:7bc0::/29 2a0b:57c0::/29 2a0b:ec00::/29 Signature Algorithm: sha256WithRSAEncryption a1:09:71:6c:76:93:de:cf:45:ca:88:4b:6a:2e:4c:9d:b3:ad: e7:5f:26:29:d5:8f:5f:b5:29:a9:58:2c:df:5f:4f:07:5b:04: 50:89:5b:2f:64:a3:c6:5f:9d:ae:64:54:79:11:3b:99:10:bd: 22:0c:cd:4b:9b:e3:0a:31:a0:5c:98:ce:10:56:3a:cc:56:a9: 24:f3:66:b2:0d:ce:9d:dc:82:3c:8c:37:99:b3:24:12:cf:a5: 89:64:d3:55:6e:62:22:48:c1:62:53:cb:0d:d7:75:84:bc:88: fc:d4:e8:47:0a:a1:67:8d:9f:49:dc:54:80:9a:ec:b0:0a:c7: 38:4f:48:f2:cc:59:02:3b:60:22:44:12:d4:09:8b:e6:a5:f9: 80:f7:0c:80:67:df:1a:ec:11:dc:89:38:44:59:65:d9:bc:5b: f3:a5:fa:dd:32:0c:63:fd:fd:43:21:1b:8e:cc:f0:b6:0d:0c: d9:b2:cd:7f:f4:6c:be:e3:3a:e0:e0:4f:47:5d:11:72:00:b7: 2a:1d:bf:f5:60:e1:3c:80:0c:f2:b5:5b:c2:98:f7:6a:1e:e4: e0:78:f9:f9:ca:22:b7:0e:0a:c1:89:34:49:d5:0d:5e:0c:c1: 4a:4f:18:f3:c7:98:c5:5e:63:e5:3e:4e:b8:e9:4e:55:7a:57: 15:c7:35:4a -----BEGIN CERTIFICATE----- MIIFhTCCBG2gAwIBAgISAZt5fqifbEiCkdBG25ot7NcQMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDViZWE4MWFhOWIyMTk3ZDkxMjdiNDQyNTI1MTAwZmZhYTM2 ZTBkNTIwHhcNMjYwMTAxMTIxODIyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1ZDYyOTY3MDZjMTZiYjEyYjhlMzYwMmE1MzA0MGUyNjgyMzQ0NjJjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj0afYcCngUWY4qC/EL0QL5lBZAFk mNLwSlPp3AzV6XYgTjw0I6IZf2G5HQ6wbD0pXd23gFBZhsFaglU0yr50u6zxdTTR 5wO368SZ5/fAAnlL/MzfQhTUW1Uom1TSzXcmkxkspkLSRRHQWXT+iwkCGFCf/rS0 zPi29wCaup7zdmXekN0vsXGTwNX1q85xBQU33WrztjCO1Offou8BRiEMNPlZatK8 Z+US0kvKY9gtUkIQtSwVsb2cnOSYy6m4utjfsaXLNZ8nC/Ty837gqDyDl6JxozfS VTfNXp2DUyn2iFPsyemKYwrNWzfgoC1zmjwYVDkGYEEL4h5aB5Ohc//PDwIDAQAB o4ICkTCCAo0wHQYDVR0OBBYEFF1ilnBsFrsSuONgKlMEDiaCNEYsMB8GA1UdIwQY MBaAFFvqgaqbIZfZEntEJSUQD/qjbg1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVy1xQnFwc2hsOWtTZTBRbEpSQVAtcU51RFZJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8yMjQxNTUtM2NhNC00ZmY3LWE5NjQt ZmMwZGQ5MjUyYzlhLzEvWFdLV2NHd1d1eEs0NDJBcVV3UU9Kb0kwUml3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wYi8yMjQxNTUtM2NhNC00ZmY3LWE5NjQtZmMwZGQ5MjUyYzlh LzEvVy1xQnFwc2hsOWtTZTBRbEpSQVAtcU51RFZJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIGmBggrBgEFBQcBBwEB/wSBljCBkzBmBAIAATBgAwQCLYBA AwQCLYQoAwQCTUp8AwQCVjBEAwQCW9tMAwQCuTg0AwQCuT84AwQCuUXMAwQCuWAs AwQCuWHkAwQCuXQoAwQCuaVEAwQCudKAAwQAwWnpAwQDw/3IAwQA2T39MCkEAgAC MCMDBQMqAEFAAwUDKgYJAAMFAyoGe8ADBQMqC1fAAwUDKgvsADANBgkqhkiG9w0B AQsFAAOCAQEAoQlxbHaT3s9FyohLai5MnbOt518mKdWPX7UpqVgs319PB1sEUIlb L2Sjxl+drmRUeRE7mRC9IgzNS5vjCjGgXJjOEFY6zFapJPNmsg3OndyCPIw3mbMk Es+liWTTVW5iIkjBYlPLDdd1hLyI/NToRwqhZ42fSdxUgJrssArHOE9I8sxZAjtg IkQS1AmL5qX5gPcMgGffGuwR3Ik4RFll2bxb86X63TIMY/39QyEbjszwtg0M2bLN f/RsvuM64OBPR10RcgC3Kh2/9WDhPIAM8rVbwpj3ah7k4Hj5+coitw4KwYk0SdUN XgzBSk8Y88eYxV5j5T5OuOlOVXpXFcc1Sg== -----END CERTIFICATE-----Generated at Sun Jan 25 17:22:08 2026 by rpki-client