This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/xIOC3VBcNkaYbwTvKdiQIDZCC-E.roa File: xIOC3VBcNkaYbwTvKdiQIDZCC-E.roa (raw, json) Hash identifier: Aq6WzdNa5Rp6JDX1lh3pj2VNERsuDSUsj+9vXWfoI2o= Subject key identifier: C4:83:82:DD:50:5C:36:46:98:6F:04:EF:29:D8:90:20:36:42:0B:E1 Certificate issuer: /CN=131881732a3e245a959bc679e0458c39f893e46b Certificate serial: 019B79106D8AC366A4866662C1D3878B9FF5 Authority key identifier: 13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/xIOC3VBcNkaYbwTvKdiQIDZCC-E.roa Signing time: Thu 01 Jan 2026 10:17:58 +0000 ROA not before: Thu 01 Jan 2026 10:17:58 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 30938 IP address blocks: 5.39.248.0/24 maxlen: 24 5.144.176.0/21 maxlen: 24 5.178.97.0/24 maxlen: 24 31.192.240.0/21 maxlen: 24 45.12.216.0/22 maxlen: 24 45.12.216.0/24 maxlen: 24 103.136.68.0/22 maxlen: 24 185.5.36.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.crl rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.mft rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 08:00:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:10:6d:8a:c3:66:a4:86:66:62:c1:d3:87:8b:9f:f5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=131881732a3e245a959bc679e0458c39f893e46b Validity Not Before: Jan 1 10:17:58 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=c48382dd505c3646986f04ef29d8902036420be1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:83:8e:4b:62:8f:ae:a7:0f:e3:88:ef:9b:39: 6c:bb:16:25:46:f8:60:d8:e3:57:89:79:de:76:1e: 2a:86:68:d7:d3:92:16:d9:3c:1f:8c:0b:78:29:09: 39:3c:d1:eb:d4:d7:3c:8c:84:87:c4:c5:db:ad:bf: 91:cb:70:45:6f:83:d4:7e:02:6a:b2:e1:50:c3:2d: e9:a4:23:b4:1a:2e:17:ab:73:b1:26:13:49:87:5b: ab:ae:e1:74:5e:f4:fa:5a:07:b2:6e:bd:b7:35:30: b2:4b:88:b5:35:a8:b8:ea:1a:b0:ac:62:df:3e:61: f2:48:10:88:a1:2a:2e:5f:ce:65:3f:4a:78:3b:b6: fc:66:20:6e:b0:9e:e6:22:c4:f3:41:9c:b0:4f:ac: 3f:d5:96:74:87:d0:c3:1a:85:4e:ae:f8:74:58:75: 7e:db:21:cb:67:dc:b5:c7:14:a4:3d:47:70:10:53: 7c:2a:41:f0:86:89:b7:f8:db:c3:8b:47:67:c8:37: 0f:4d:4b:9c:b1:c2:23:ab:7a:75:68:19:a8:ff:d9: 0e:8f:3c:05:6c:df:4d:4d:9f:56:d6:43:31:33:b1: f4:a7:dc:f0:e3:86:49:c8:fb:53:69:1c:90:5c:3b: 94:2d:a7:d5:3e:5d:2f:8f:95:86:6e:12:fc:1c:cc: 37:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C4:83:82:DD:50:5C:36:46:98:6F:04:EF:29:D8:90:20:36:42:0B:E1 X509v3 Authority Key Identifier: keyid:13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/xIOC3VBcNkaYbwTvKdiQIDZCC-E.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.39.248.0/24 5.144.176.0/21 5.178.97.0/24 31.192.240.0/21 45.12.216.0/22 103.136.68.0/22 185.5.36.0/22 Signature Algorithm: sha256WithRSAEncryption 3f:2f:3f:a1:a4:6d:c5:54:83:d7:73:a2:95:7f:65:87:87:70: c7:f8:a5:c4:2c:21:b8:76:09:9b:5e:8c:09:58:76:2d:0b:bc: ab:07:64:79:91:3b:a3:d7:4e:7d:7b:9e:30:71:2d:15:29:b1: b5:4b:29:9c:3b:85:80:38:34:b3:25:a4:ff:6c:14:d6:10:32: 60:89:a3:59:fe:32:64:87:1f:3f:2e:9d:73:d6:e1:fa:8d:77: ee:87:31:d1:03:29:02:e4:51:f6:71:2e:44:5d:28:a1:8e:50: 2d:28:61:0d:55:a9:8f:ea:d0:12:0f:00:e7:1c:e7:27:19:c5: 01:c4:67:0f:b2:2d:cb:ac:7b:dd:19:a0:e5:fc:b9:0e:13:06: 08:7d:20:56:a0:39:6a:79:a0:3c:0d:c9:92:40:e8:15:48:f7: 7d:24:50:6e:5c:d3:e8:22:90:01:2a:4d:3d:7e:8d:53:ba:15: 1f:d9:bf:3d:1a:ac:f9:a5:74:dc:ef:2d:02:ab:b3:f1:d9:ce: d0:c9:db:97:c5:85:1f:1f:3c:5e:79:4b:4b:99:54:7a:fb:53: 3e:bd:eb:7d:f9:f9:f1:72:9c:3c:dc:bd:48:80:0a:51:85:d6: 2a:b5:09:cf:9c:79:4c:f9:f5:9a:ca:c7:9a:cf:fc:b9:9e:27: 96:5d:6d:4e -----BEGIN CERTIFICATE----- MIIFITCCBAmgAwIBAgISAZt5EG2Kw2akhmZiwdOHi5/1MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDEzMTg4MTczMmEzZTI0NWE5NTliYzY3OWUwNDU4YzM5Zjg5 M2U0NmIwHhcNMjYwMTAxMTAxNzU4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjNDgzODJkZDUwNWMzNjQ2OTg2ZjA0ZWYyOWQ4OTAyMDM2NDIwYmUxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2oOOS2KPrqcP44jvmzlsuxYlRvhg 2ONXiXnedh4qhmjX05IW2TwfjAt4KQk5PNHr1Nc8jISHxMXbrb+Ry3BFb4PUfgJq suFQwy3ppCO0Gi4Xq3OxJhNJh1urruF0XvT6Wgeybr23NTCyS4i1Nai46hqwrGLf PmHySBCIoSouX85lP0p4O7b8ZiBusJ7mIsTzQZywT6w/1ZZ0h9DDGoVOrvh0WHV+ 2yHLZ9y1xxSkPUdwEFN8KkHwhom3+NvDi0dnyDcPTUucscIjq3p1aBmo/9kOjzwF bN9NTZ9W1kMxM7H0p9zw44ZJyPtTaRyQXDuULafVPl0vj5WGbhL8HMw37wIDAQAB o4ICLTCCAikwHQYDVR0OBBYEFMSDgt1QXDZGmG8E7ynYkCA2QgvhMB8GA1UdIwQY MBaAFBMYgXMqPiRalZvGeeBFjDn4k+RrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUt Y2Q2MTUyMjYxYzZmLzEveElPQzNWQmNOa2FZYndUdktkaVFJRFpDQy1FLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUtY2Q2MTUyMjYxYzZm LzEvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQABSf4AwQD BZCwAwQABbJhAwQDH8DwAwQCLQzYAwQCZ4hEAwQCuQUkMA0GCSqGSIb3DQEBCwUA A4IBAQA/Lz+hpG3FVIPXc6KVf2WHh3DH+KXELCG4dgmbXowJWHYtC7yrB2R5kTuj 1059e54wcS0VKbG1SymcO4WAODSzJaT/bBTWEDJgiaNZ/jJkhx8/Lp1z1uH6jXfu hzHRAykC5FH2cS5EXSihjlAtKGENVamP6tASDwDnHOcnGcUBxGcPsi3LrHvdGaDl /LkOEwYIfSBWoDlqeaA8DcmSQOgVSPd9JFBuXNPoIpABKk09fo1TuhUf2b89Gqz5 pXTc7y0Cq7Px2c7QyduXxYUfHzxeeUtLmVR6+1M+vet9+fnxcpw83L1IgApRhdYq tQnPnHlM+fWayseaz/y5nieWXW1O -----END CERTIFICATE-----Generated at Sun Jan 25 18:06:34 2026 by rpki-client