This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/5f5a60-9026-4b66-baaa-de640d012065/1/xXThYeFskZa8CsEFNdXzq9WOPuU.roa File: xXThYeFskZa8CsEFNdXzq9WOPuU.roa (raw, json) Hash identifier: cncRVt5HZa39EbyA1UHTjl7763HCDtgzdQM7tatOGC8= Subject key identifier: C5:74:E1:61:E1:6C:91:96:BC:0A:C1:05:35:D5:F3:AB:D5:8E:3E:E5 Certificate issuer: /CN=a71cc0d58b16adbbf7fa5c2fdbc3659f9c73c7ba Certificate serial: 019B77C6DDF6A126C2E4771534B3E24AA7F3 Authority key identifier: A7:1C:C0:D5:8B:16:AD:BB:F7:FA:5C:2F:DB:C3:65:9F:9C:73:C7:BA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pxzA1YsWrbv3-lwv28Nln5xzx7o.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/5f5a60-9026-4b66-baaa-de640d012065/1/xXThYeFskZa8CsEFNdXzq9WOPuU.roa Signing time: Thu 01 Jan 2026 04:18:00 +0000 ROA not before: Thu 01 Jan 2026 04:18:00 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 5483 IP address blocks: 5.56.33.0/24 maxlen: 24 5.56.37.0/24 maxlen: 24 5.56.38.0/24 maxlen: 24 2a01:47c0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/5f5a60-9026-4b66-baaa-de640d012065/1/pxzA1YsWrbv3-lwv28Nln5xzx7o.crl rsync://rpki.ripe.net/repository/DEFAULT/15/5f5a60-9026-4b66-baaa-de640d012065/1/pxzA1YsWrbv3-lwv28Nln5xzx7o.mft rsync://rpki.ripe.net/repository/DEFAULT/pxzA1YsWrbv3-lwv28Nln5xzx7o.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c6:dd:f6:a1:26:c2:e4:77:15:34:b3:e2:4a:a7:f3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a71cc0d58b16adbbf7fa5c2fdbc3659f9c73c7ba Validity Not Before: Jan 1 04:18:00 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=c574e161e16c9196bc0ac10535d5f3abd58e3ee5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:63:41:ca:ac:05:f3:5e:31:59:33:6c:55:13: 5f:e2:87:8a:92:5a:27:64:a0:fc:22:9f:7b:d3:7d: b5:f3:aa:26:0c:0c:ef:6b:05:9e:e5:3a:94:99:9a: b3:83:00:1b:45:59:67:6b:f6:c8:12:60:ac:65:ba: 7d:97:75:51:19:a7:71:60:36:25:22:09:ec:88:51: 5f:b4:de:e0:3c:b5:38:72:3c:46:9d:9d:1c:07:8e: 95:25:18:13:0e:ae:1f:ca:cf:aa:7e:04:cd:4c:cd: 88:40:4f:53:56:9f:03:64:ab:33:49:e9:dc:c9:35: e6:08:79:fe:9b:88:98:5e:8d:12:7b:c5:85:6d:d8: 3c:1e:87:69:8a:64:58:35:a1:39:46:ab:74:4f:4d: a0:df:71:20:61:7f:2c:29:ca:cf:eb:5b:ed:00:29: fb:75:c8:f3:93:ef:59:64:4b:b7:a6:64:75:b2:84: 48:2c:31:cf:e0:00:aa:17:13:97:47:64:b4:73:a1: 0f:8c:4b:fe:48:77:2f:f7:3c:c2:13:02:d3:13:d7: ac:63:54:57:8e:16:9c:85:8a:cf:8b:c2:b7:30:63: f2:8a:47:60:fc:4b:7c:a8:3e:7e:70:25:87:ba:fe: e2:63:99:d9:b4:12:3d:2e:9b:ce:7c:ab:8d:36:68: 80:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C5:74:E1:61:E1:6C:91:96:BC:0A:C1:05:35:D5:F3:AB:D5:8E:3E:E5 X509v3 Authority Key Identifier: keyid:A7:1C:C0:D5:8B:16:AD:BB:F7:FA:5C:2F:DB:C3:65:9F:9C:73:C7:BA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pxzA1YsWrbv3-lwv28Nln5xzx7o.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/5f5a60-9026-4b66-baaa-de640d012065/1/xXThYeFskZa8CsEFNdXzq9WOPuU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/15/5f5a60-9026-4b66-baaa-de640d012065/1/pxzA1YsWrbv3-lwv28Nln5xzx7o.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.56.33.0/24 5.56.37.0-5.56.38.255 IPv6: 2a01:47c0::/32 Signature Algorithm: sha256WithRSAEncryption 07:e6:1f:c4:a2:9d:dd:b4:fa:70:bc:55:76:84:27:7c:33:76: 12:5b:24:6a:e7:6e:df:ff:c5:f1:9c:08:c5:fc:a7:f9:05:9f: 1c:a1:d1:e8:3f:5b:f8:09:af:bc:bb:d0:21:f0:ed:48:79:e3: f1:c2:a5:52:f4:fa:fe:87:8b:ff:6a:20:e7:cf:65:01:6b:d9: 82:92:ed:49:22:a3:fa:29:a1:33:00:fb:b6:c5:b5:7c:f1:db: 87:b4:e6:50:94:c8:11:fd:83:1e:a3:86:a9:43:4f:b1:ee:18: ee:65:1d:28:ad:5c:61:83:ae:96:81:7f:56:8e:12:2a:09:64: 1d:41:7a:b6:60:51:f5:56:c4:36:dc:4d:29:68:af:a6:22:4e: 12:af:75:6b:b6:0b:4a:29:2c:03:76:09:ea:ac:eb:ee:b5:cf: 83:ad:91:5f:17:77:26:60:8c:e5:20:3a:96:14:48:e6:a9:bd: ba:d1:0c:c8:7c:62:1a:6d:ba:b1:65:37:a4:7d:5b:e2:49:59: 7d:65:aa:cd:ea:3e:c8:24:fe:07:75:f7:05:8e:fb:54:65:cf: dc:45:6f:a1:69:30:5f:c8:0b:d6:06:9f:64:80:c9:b7:69:0b: 2e:e3:44:5e:0b:1d:ee:ef:a4:a7:fc:18:e4:86:2d:ee:d3:fc: a6:18:fd:36 -----BEGIN CERTIFICATE----- MIIFGjCCBAKgAwIBAgISAZt3xt32oSbC5HcVNLPiSqfzMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE3MWNjMGQ1OGIxNmFkYmJmN2ZhNWMyZmRiYzM2NTlmOWM3 M2M3YmEwHhcNMjYwMTAxMDQxODAwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjNTc0ZTE2MWUxNmM5MTk2YmMwYWMxMDUzNWQ1ZjNhYmQ1OGUzZWU1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAumNByqwF814xWTNsVRNf4oeKklon ZKD8Ip97032186omDAzvawWe5TqUmZqzgwAbRVlna/bIEmCsZbp9l3VRGadxYDYl IgnsiFFftN7gPLU4cjxGnZ0cB46VJRgTDq4fys+qfgTNTM2IQE9TVp8DZKszSenc yTXmCHn+m4iYXo0Se8WFbdg8HodpimRYNaE5Rqt0T02g33EgYX8sKcrP61vtACn7 dcjzk+9ZZEu3pmR1soRILDHP4ACqFxOXR2S0c6EPjEv+SHcv9zzCEwLTE9esY1RX jhachYrPi8K3MGPyikdg/Et8qD5+cCWHuv7iY5nZtBI9LpvOfKuNNmiApQIDAQAB o4ICJjCCAiIwHQYDVR0OBBYEFMV04WHhbJGWvArBBTXV86vVjj7lMB8GA1UdIwQY MBaAFKccwNWLFq279/pcL9vDZZ+cc8e6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcHh6QTFZc1dyYnYzLWx3djI4TmxuNXh6eDdvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS81ZjVhNjAtOTAyNi00YjY2LWJhYWEt ZGU2NDBkMDEyMDY1LzEveFhUaFllRnNrWmE4Q3NFRk5kWHpxOVdPUHVVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNS81ZjVhNjAtOTAyNi00YjY2LWJhYWEtZGU2NDBkMDEyMDY1 LzEvcHh6QTFZc1dyYnYzLWx3djI4TmxuNXh6eDdvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQABTghMAwD BAAFOCUDBAAFOCYwDQQCAAIwBwMFACoBR8AwDQYJKoZIhvcNAQELBQADggEBAAfm H8Sind20+nC8VXaEJ3wzdhJbJGrnbt//xfGcCMX8p/kFnxyh0eg/W/gJr7y70CHw 7Uh54/HCpVL0+v6Hi/9qIOfPZQFr2YKS7Ukio/opoTMA+7bFtXzx24e05lCUyBH9 gx6jhqlDT7HuGO5lHSitXGGDrpaBf1aOEioJZB1BerZgUfVWxDbcTSlor6YiThKv dWu2C0opLAN2Ceqs6+61z4OtkV8XdyZgjOUgOpYUSOapvbrRDMh8YhpturFlN6R9 W+JJWX1lqs3qPsgk/gd19wWO+1Rlz9xFb6FpMF/IC9YGn2SAybdpCy7jRF4LHe7v pKf8GOSGLe7T/KYY/TY= -----END CERTIFICATE-----Generated at Mon Jan 26 05:56:14 2026 by rpki-client