This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/720f9f-f0b8-44d2-8367-f81fdf74e655/1/XundD1ATPkgExkAuZ9fhY2EBgJI.roa File: XundD1ATPkgExkAuZ9fhY2EBgJI.roa (raw, json) Hash identifier: +uqd1waFJ4ZIkhGQA2rPiPNb2R7bE9L91cSGBFAjyVM= Subject key identifier: 5E:E9:DD:0F:50:13:3E:48:04:C6:40:2E:67:D7:E1:63:61:01:80:92 Certificate issuer: /CN=aaf4969842de9c4c1e1a5759d98d1ed5c0d62ef8 Certificate serial: 019B77C666CA98BE8AEA9FDAEB582306D53B Authority key identifier: AA:F4:96:98:42:DE:9C:4C:1E:1A:57:59:D9:8D:1E:D5:C0:D6:2E:F8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qvSWmELenEweGldZ2Y0e1cDWLvg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/720f9f-f0b8-44d2-8367-f81fdf74e655/1/XundD1ATPkgExkAuZ9fhY2EBgJI.roa Signing time: Thu 01 Jan 2026 04:17:29 +0000 ROA not before: Thu 01 Jan 2026 04:17:29 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 213550 IP address blocks: 45.152.68.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1d/720f9f-f0b8-44d2-8367-f81fdf74e655/1/qvSWmELenEweGldZ2Y0e1cDWLvg.crl rsync://rpki.ripe.net/repository/DEFAULT/1d/720f9f-f0b8-44d2-8367-f81fdf74e655/1/qvSWmELenEweGldZ2Y0e1cDWLvg.mft rsync://rpki.ripe.net/repository/DEFAULT/qvSWmELenEweGldZ2Y0e1cDWLvg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:01:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c6:66:ca:98:be:8a:ea:9f:da:eb:58:23:06:d5:3b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=aaf4969842de9c4c1e1a5759d98d1ed5c0d62ef8 Validity Not Before: Jan 1 04:17:29 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5ee9dd0f50133e4804c6402e67d7e16361018092 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:5d:2f:34:9c:40:84:a5:a0:07:4c:73:b8:5f: c4:83:70:54:3f:9d:fc:4d:48:0b:9d:c6:bd:d0:74: 06:83:d0:65:36:95:76:2a:35:9f:6d:5f:92:ad:04: 26:39:6e:03:03:54:52:be:e4:74:d4:15:99:31:4a: f7:bc:f4:d4:56:95:20:34:44:a8:3d:9b:19:1c:f5: ac:50:c3:8b:e4:44:be:03:21:56:14:92:fa:e0:a4: fe:98:f4:d4:c5:a0:bc:92:e6:68:59:f9:c5:6c:eb: 0c:7a:ca:cf:ae:ca:e0:63:a8:09:7e:73:6b:a8:af: 78:e8:29:0e:85:d7:57:bf:0c:43:be:26:f2:95:ef: 1e:bb:4e:4b:ba:7c:68:8c:da:bc:c6:30:c4:53:9b: 7b:c9:b1:f1:39:7a:e0:b4:f9:82:f5:4e:5e:25:7c: db:8b:79:6d:2f:12:cd:d2:80:23:2c:d8:cd:9a:f4: 61:19:d5:36:84:67:93:68:d2:d9:f6:25:8b:25:36: c7:dd:02:c3:a8:97:21:e1:74:0b:6d:6e:f2:51:61: 2f:6b:02:ce:b0:bf:49:88:5b:e9:df:ea:66:ae:95: b8:a9:eb:86:bb:09:72:57:a8:99:33:d5:b0:f9:55: 41:be:27:9b:ba:d0:08:28:72:93:3d:f5:46:39:61: 78:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5E:E9:DD:0F:50:13:3E:48:04:C6:40:2E:67:D7:E1:63:61:01:80:92 X509v3 Authority Key Identifier: keyid:AA:F4:96:98:42:DE:9C:4C:1E:1A:57:59:D9:8D:1E:D5:C0:D6:2E:F8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qvSWmELenEweGldZ2Y0e1cDWLvg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/720f9f-f0b8-44d2-8367-f81fdf74e655/1/XundD1ATPkgExkAuZ9fhY2EBgJI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/720f9f-f0b8-44d2-8367-f81fdf74e655/1/qvSWmELenEweGldZ2Y0e1cDWLvg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.152.68.0/24 Signature Algorithm: sha256WithRSAEncryption 17:81:30:2d:84:fc:44:5a:5f:44:90:ff:4a:92:1f:12:34:6d: 50:01:94:53:11:ef:d7:2c:8b:68:c5:ae:a7:d1:44:da:c9:06: 4e:49:a3:82:0a:19:3f:86:8e:c3:75:89:be:9f:a3:b2:88:62: af:d5:e0:54:e1:b9:91:e1:cf:ac:88:3d:2b:9c:0b:eb:1c:85: 16:23:69:73:b7:c0:8e:65:7a:ef:9e:5f:76:87:49:d4:78:32: 2a:66:6f:49:52:8e:a1:fd:f3:ee:05:2b:ce:88:9f:1a:12:e5: c9:d4:89:16:97:4b:33:49:03:0f:88:22:d8:43:95:06:0f:5c: 8e:66:fa:22:be:8c:4e:6b:87:8b:32:43:b2:27:7c:2c:c0:a1: 25:23:e3:a4:10:16:e7:35:e6:95:32:a0:00:8b:aa:12:8c:30: 9c:2d:02:e3:15:10:38:ae:67:cb:86:96:d0:0c:81:29:93:a3: 6b:47:99:d3:ac:24:37:44:bd:6a:4f:42:e7:1b:1f:46:b3:11: 05:d1:a7:3f:92:c1:6f:74:59:71:3f:bf:c0:15:d1:de:c4:b5: 9e:3c:d8:ae:5a:ec:c4:04:69:44:98:71:b3:e1:27:b2:f1:9c: 7c:12:50:97:2a:dd:0b:d2:19:b7:0e:7e:30:ae:0c:48:59:87: d6:f0:94:4a -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt3xmbKmL6K6p/a61gjBtU7MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFhZjQ5Njk4NDJkZTljNGMxZTFhNTc1OWQ5OGQxZWQ1YzBk NjJlZjgwHhcNMjYwMTAxMDQxNzI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1ZWU5ZGQwZjUwMTMzZTQ4MDRjNjQwMmU2N2Q3ZTE2MzYxMDE4MDkyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvF0vNJxAhKWgB0xzuF/Eg3BUP538 TUgLnca90HQGg9BlNpV2KjWfbV+SrQQmOW4DA1RSvuR01BWZMUr3vPTUVpUgNESo PZsZHPWsUMOL5ES+AyFWFJL64KT+mPTUxaC8kuZoWfnFbOsMesrPrsrgY6gJfnNr qK946CkOhddXvwxDvibyle8eu05LunxojNq8xjDEU5t7ybHxOXrgtPmC9U5eJXzb i3ltLxLN0oAjLNjNmvRhGdU2hGeTaNLZ9iWLJTbH3QLDqJch4XQLbW7yUWEvawLO sL9JiFvp3+pmrpW4qeuGuwlyV6iZM9Ww+VVBviebutAIKHKTPfVGOWF4gQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFF7p3Q9QEz5IBMZALmfX4WNhAYCSMB8GA1UdIwQY MBaAFKr0lphC3pxMHhpXWdmNHtXA1i74MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcXZTV21FTGVuRXdlR2xkWjJZMGUxY0RXTHZnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC83MjBmOWYtZjBiOC00NGQyLTgzNjct ZjgxZmRmNzRlNjU1LzEvWHVuZEQxQVRQa2dFeGtBdVo5ZmhZMkVCZ0pJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xZC83MjBmOWYtZjBiOC00NGQyLTgzNjctZjgxZmRmNzRlNjU1 LzEvcXZTV21FTGVuRXdlR2xkWjJZMGUxY0RXTHZnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZhEMA0G CSqGSIb3DQEBCwUAA4IBAQAXgTAthPxEWl9EkP9Kkh8SNG1QAZRTEe/XLItoxa6n 0UTayQZOSaOCChk/ho7DdYm+n6OyiGKv1eBU4bmR4c+siD0rnAvrHIUWI2lzt8CO ZXrvnl92h0nUeDIqZm9JUo6h/fPuBSvOiJ8aEuXJ1IkWl0szSQMPiCLYQ5UGD1yO ZvoivoxOa4eLMkOyJ3wswKElI+OkEBbnNeaVMqAAi6oSjDCcLQLjFRA4rmfLhpbQ DIEpk6NrR5nTrCQ3RL1qT0LnGx9GsxEF0ac/ksFvdFlxP7/AFdHexLWePNiuWuzE BGlEmHGz4Sey8Zx8ElCXKt0L0hm3Dn4wrgxIWYfW8JRK -----END CERTIFICATE-----Generated at Sun Jan 25 20:58:56 2026 by rpki-client