This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/70bffe-b4f3-449e-81ed-549ee6d30fb6/1/xAs-bndcqPd0AUG3p2gqYtNCwKs.roa File: xAs-bndcqPd0AUG3p2gqYtNCwKs.roa (raw, json) Hash identifier: RlwLGxg+e7W2Q6yDLdFrjAGx+ZccxU5PdajeFC3InjA= Subject key identifier: C4:0B:3E:6E:77:5C:A8:F7:74:01:41:B7:A7:68:2A:62:D3:42:C0:AB Certificate issuer: /CN=b6f3db35659133315d2fcf93058dce350a4cb17a Certificate serial: 019B7E388E9B75010B8CBB1BAAED898DB493 Authority key identifier: B6:F3:DB:35:65:91:33:31:5D:2F:CF:93:05:8D:CE:35:0A:4C:B1:7A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tvPbNWWRMzFdL8-TBY3ONQpMsXo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/70bffe-b4f3-449e-81ed-549ee6d30fb6/1/xAs-bndcqPd0AUG3p2gqYtNCwKs.roa Signing time: Fri 02 Jan 2026 10:19:54 +0000 ROA not before: Fri 02 Jan 2026 10:19:54 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 12706 IP address blocks: 194.44.66.0/24 maxlen: 24 194.44.233.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1d/70bffe-b4f3-449e-81ed-549ee6d30fb6/1/tvPbNWWRMzFdL8-TBY3ONQpMsXo.crl rsync://rpki.ripe.net/repository/DEFAULT/1d/70bffe-b4f3-449e-81ed-549ee6d30fb6/1/tvPbNWWRMzFdL8-TBY3ONQpMsXo.mft rsync://rpki.ripe.net/repository/DEFAULT/tvPbNWWRMzFdL8-TBY3ONQpMsXo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:38:8e:9b:75:01:0b:8c:bb:1b:aa:ed:89:8d:b4:93 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b6f3db35659133315d2fcf93058dce350a4cb17a Validity Not Before: Jan 2 10:19:54 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=c40b3e6e775ca8f7740141b7a7682a62d342c0ab Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:0a:61:5f:50:16:a4:25:77:68:fc:0e:19:5c: c7:45:70:e8:27:06:c8:f4:da:ef:68:86:89:64:01: 25:d1:c3:cc:0b:14:00:77:51:8f:09:eb:41:ad:e8: 2e:61:37:24:97:a9:d1:ca:68:9f:a1:44:3d:5f:ba: a4:3c:e4:32:32:b4:6e:8f:49:b2:0b:41:5d:98:48: ca:c2:89:92:0b:2b:6b:53:c8:66:c9:7e:0b:33:d2: af:15:2f:36:10:b3:a0:b6:8f:3c:94:47:ad:32:d3: f9:a3:ee:34:db:cc:f4:98:88:c7:f5:b9:e7:95:9e: 01:49:73:35:e4:0e:60:7d:9d:e1:41:08:26:84:51: f7:26:02:c1:eb:df:63:ef:d3:33:23:91:90:04:16: a0:53:f7:88:c2:72:95:8c:5d:98:fd:f1:91:b1:c8: d7:24:ab:a8:1c:92:4d:0f:d3:67:1c:93:e3:61:22: fd:21:20:8b:3c:af:55:e5:f3:93:9b:a6:15:94:ce: 2e:5a:45:1f:dd:19:fa:f4:34:9e:6c:71:e0:75:e8: ce:30:c7:79:ac:8e:7e:50:be:1d:eb:a8:ae:9a:13: 6c:63:57:f6:76:3f:ae:24:b1:33:17:c2:0e:f1:16: 7c:5b:77:ae:1d:e3:e0:cb:c1:b0:22:27:a2:26:19: 35:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C4:0B:3E:6E:77:5C:A8:F7:74:01:41:B7:A7:68:2A:62:D3:42:C0:AB X509v3 Authority Key Identifier: keyid:B6:F3:DB:35:65:91:33:31:5D:2F:CF:93:05:8D:CE:35:0A:4C:B1:7A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tvPbNWWRMzFdL8-TBY3ONQpMsXo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/70bffe-b4f3-449e-81ed-549ee6d30fb6/1/xAs-bndcqPd0AUG3p2gqYtNCwKs.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/70bffe-b4f3-449e-81ed-549ee6d30fb6/1/tvPbNWWRMzFdL8-TBY3ONQpMsXo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 194.44.66.0/24 194.44.233.0/24 Signature Algorithm: sha256WithRSAEncryption 29:4a:18:25:b4:97:52:4f:42:45:65:47:f7:c6:df:93:d6:f1: 79:d9:14:91:8d:88:a9:34:e0:c4:e2:a4:f1:59:ec:5e:c4:42: 8e:18:95:c1:2a:15:7b:ac:7c:f7:86:99:09:bd:63:dc:2a:40: bf:d1:b2:14:c8:39:9b:14:ef:0d:e8:85:01:2a:04:45:0e:80: 0e:d9:e6:7d:93:8f:07:ab:19:0c:0c:84:b8:98:e7:5c:a4:a0: 71:34:59:88:ca:66:3e:a0:ce:95:a3:44:39:d6:7b:a2:ee:cd: af:b5:36:d3:46:ce:70:a4:51:e9:4e:64:2b:7f:73:e7:5a:1d: 8a:01:1b:75:2e:3c:03:7b:c0:df:90:e4:f2:d3:83:65:1b:9c: 61:f3:85:31:c4:a8:e7:64:38:46:bb:0f:6c:5a:0b:a0:64:22: b3:75:cc:8e:d6:2c:0d:20:c7:28:51:3d:ec:2e:e1:13:2e:2c: a4:14:36:7b:50:c5:7d:30:91:40:7b:9f:44:d5:74:9c:09:63: f4:be:ac:cd:28:f1:53:13:52:d4:04:c7:c6:4b:a2:eb:7a:0b: a8:b3:86:97:aa:a1:e9:eb:5d:2e:97:66:e8:8a:e2:51:b3:c2: 19:5f:15:5d:73:bf:2a:8d:17:58:65:68:dc:92:13:5e:b8:34: a5:5f:aa:e9 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt+OI6bdQELjLsbqu2JjbSTMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI2ZjNkYjM1NjU5MTMzMzE1ZDJmY2Y5MzA1OGRjZTM1MGE0 Y2IxN2EwHhcNMjYwMTAyMTAxOTU0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjNDBiM2U2ZTc3NWNhOGY3NzQwMTQxYjdhNzY4MmE2MmQzNDJjMGFiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoAphX1AWpCV3aPwOGVzHRXDoJwbI 9NrvaIaJZAEl0cPMCxQAd1GPCetBreguYTckl6nRymifoUQ9X7qkPOQyMrRuj0my C0FdmEjKwomSCytrU8hmyX4LM9KvFS82ELOgto88lEetMtP5o+4028z0mIjH9bnn lZ4BSXM15A5gfZ3hQQgmhFH3JgLB699j79MzI5GQBBagU/eIwnKVjF2Y/fGRscjX JKuoHJJND9NnHJPjYSL9ISCLPK9V5fOTm6YVlM4uWkUf3Rn69DSebHHgdejOMMd5 rI5+UL4d66iumhNsY1f2dj+uJLEzF8IO8RZ8W3euHePgy8GwIieiJhk1iwIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFMQLPm53XKj3dAFBt6doKmLTQsCrMB8GA1UdIwQY MBaAFLbz2zVlkTMxXS/PkwWNzjUKTLF6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdHZQYk5XV1JNekZkTDgtVEJZM09OUXBNc1hvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC83MGJmZmUtYjRmMy00NDllLTgxZWQt NTQ5ZWU2ZDMwZmI2LzEveEFzLWJuZGNxUGQwQVVHM3AyZ3FZdE5Dd0tzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xZC83MGJmZmUtYjRmMy00NDllLTgxZWQtNTQ5ZWU2ZDMwZmI2 LzEvdHZQYk5XV1JNekZkTDgtVEJZM09OUXBNc1hvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwixCAwQA wizpMA0GCSqGSIb3DQEBCwUAA4IBAQApShgltJdST0JFZUf3xt+T1vF52RSRjYip NODE4qTxWexexEKOGJXBKhV7rHz3hpkJvWPcKkC/0bIUyDmbFO8N6IUBKgRFDoAO 2eZ9k48HqxkMDIS4mOdcpKBxNFmIymY+oM6Vo0Q51nui7s2vtTbTRs5wpFHpTmQr f3PnWh2KARt1LjwDe8DfkOTy04NlG5xh84UxxKjnZDhGuw9sWgugZCKzdcyO1iwN IMcoUT3sLuETLiykFDZ7UMV9MJFAe59E1XScCWP0vqzNKPFTE1LUBMfGS6Lreguo s4aXqqHp610ul2boiuJRs8IZXxVdc78qjRdYZWjckhNeuDSlX6rp -----END CERTIFICATE-----Generated at Sun Jan 25 20:30:11 2026 by rpki-client