This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/8eda9a-d13c-4430-8cf4-57ec12e8641e/1/xoRDajz4eJy11O_J5fLAv4U4v9E.roa File: xoRDajz4eJy11O_J5fLAv4U4v9E.roa (raw, json) Hash identifier: CkGw0sLJe5mjxRbSsZKMcGEgfVdDoPyOYU+L3J4izT4= Subject key identifier: C6:84:43:6A:3C:F8:78:9C:B5:D4:EF:C9:E5:F2:C0:BF:85:38:BF:D1 Certificate issuer: /CN=a499903dab85f6a59772b3edfd4bf0e491af57c4 Certificate serial: 019B7AC869A7F4A12FC9EF574DAA50DC4B99 Authority key identifier: A4:99:90:3D:AB:85:F6:A5:97:72:B3:ED:FD:4B:F0:E4:91:AF:57:C4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pJmQPauF9qWXcrPt_Uvw5JGvV8Q.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/8eda9a-d13c-4430-8cf4-57ec12e8641e/1/xoRDajz4eJy11O_J5fLAv4U4v9E.roa Signing time: Thu 01 Jan 2026 18:18:33 +0000 ROA not before: Thu 01 Jan 2026 18:18:33 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 211286 IP address blocks: 141.39.220.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/8eda9a-d13c-4430-8cf4-57ec12e8641e/1/pJmQPauF9qWXcrPt_Uvw5JGvV8Q.crl rsync://rpki.ripe.net/repository/DEFAULT/2d/8eda9a-d13c-4430-8cf4-57ec12e8641e/1/pJmQPauF9qWXcrPt_Uvw5JGvV8Q.mft rsync://rpki.ripe.net/repository/DEFAULT/pJmQPauF9qWXcrPt_Uvw5JGvV8Q.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 03:00:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:c8:69:a7:f4:a1:2f:c9:ef:57:4d:aa:50:dc:4b:99 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a499903dab85f6a59772b3edfd4bf0e491af57c4 Validity Not Before: Jan 1 18:18:33 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=c684436a3cf8789cb5d4efc9e5f2c0bf8538bfd1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:2a:07:35:f1:a3:92:f4:88:bf:ff:3d:47:b5: 7d:9d:bf:af:50:61:56:34:eb:14:ce:e2:a2:71:da: da:c2:31:ca:c0:b4:a2:9e:11:9f:2e:ef:30:6e:78: 32:1b:0d:b5:35:2e:43:50:1a:ec:c9:95:39:54:1b: 82:64:be:91:27:ca:67:70:73:cc:20:e1:30:6e:38: 30:3e:a3:c4:12:50:22:b3:1f:09:9c:a1:10:1b:11: 47:dd:8b:f1:bf:2c:92:7c:86:45:a5:e0:43:85:69: 57:4a:d6:d4:c1:8a:05:91:40:f8:3e:4d:48:61:2f: 1b:c6:58:df:5a:d8:4e:46:15:88:45:56:58:fd:83: 30:af:b8:76:2b:aa:43:11:f9:88:72:ae:22:42:ca: 45:6b:f6:86:ad:62:d0:8f:75:85:46:54:80:e4:31: 8d:46:5c:ac:f8:12:13:49:25:ea:25:5e:3c:d7:7c: 3f:61:c1:6e:4f:98:cd:a6:30:4c:08:53:1a:6d:c2: 87:2b:95:d3:b5:04:66:78:b2:f4:7f:e1:96:e0:cf: 12:da:db:98:69:f2:3d:4f:ef:9c:ff:43:a6:1a:6e: ee:81:e7:dd:96:f9:53:ff:ae:4c:ae:ac:68:9c:3f: 2c:e6:9e:e0:b2:28:b7:86:cb:09:a4:0b:4d:eb:6a: 05:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C6:84:43:6A:3C:F8:78:9C:B5:D4:EF:C9:E5:F2:C0:BF:85:38:BF:D1 X509v3 Authority Key Identifier: keyid:A4:99:90:3D:AB:85:F6:A5:97:72:B3:ED:FD:4B:F0:E4:91:AF:57:C4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pJmQPauF9qWXcrPt_Uvw5JGvV8Q.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/8eda9a-d13c-4430-8cf4-57ec12e8641e/1/xoRDajz4eJy11O_J5fLAv4U4v9E.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/8eda9a-d13c-4430-8cf4-57ec12e8641e/1/pJmQPauF9qWXcrPt_Uvw5JGvV8Q.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 141.39.220.0/22 Signature Algorithm: sha256WithRSAEncryption 99:9b:3a:4d:1e:8f:7b:3f:6a:9f:9d:95:37:86:bd:77:a3:65: fd:47:88:fb:b6:da:33:91:30:84:92:e2:6c:8a:3b:a7:9d:74: 09:f4:af:9c:14:2a:f3:fa:fc:08:bf:f0:b1:e1:ff:0b:9d:a4: 6c:26:05:7c:19:c2:d2:2b:24:a5:5f:e4:a9:0d:5a:bc:6b:f6: 08:ef:76:84:52:31:c9:5d:3f:1e:87:2c:40:5e:32:6b:91:2f: ee:0d:a8:33:82:56:24:09:1b:54:98:78:f4:cd:ba:4f:2d:c3: bc:60:a0:80:f5:d8:f8:33:20:12:45:2f:08:81:35:b3:f5:9c: 3a:ec:7b:45:e1:f3:46:4b:41:67:8a:5c:3d:2d:86:44:b0:90: 9d:6b:ef:cb:33:d6:58:63:24:1a:b8:0e:e9:63:b3:cb:06:c1: 54:2e:47:bf:ce:16:1d:5a:ed:c8:a0:37:5f:fd:ee:16:5d:ff: b1:e8:47:79:fa:cd:a9:46:94:a5:11:74:78:23:34:fc:3b:44: 4e:1f:2e:c5:2d:6b:9d:54:12:a0:66:64:f9:92:79:1c:12:d5: ee:4d:8e:d4:8c:ec:7a:50:e2:d1:b9:b0:2a:9f:b0:34:be:cb: b2:d2:90:2d:f1:00:e0:6f:d4:94:af:0c:2f:24:9b:86:d2:47: 9d:8a:4f:63 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt6yGmn9KEvye9XTapQ3EuZMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE0OTk5MDNkYWI4NWY2YTU5NzcyYjNlZGZkNGJmMGU0OTFh ZjU3YzQwHhcNMjYwMTAxMTgxODMzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjNjg0NDM2YTNjZjg3ODljYjVkNGVmYzllNWYyYzBiZjg1MzhiZmQxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsSoHNfGjkvSIv/89R7V9nb+vUGFW NOsUzuKicdrawjHKwLSinhGfLu8wbngyGw21NS5DUBrsyZU5VBuCZL6RJ8pncHPM IOEwbjgwPqPEElAisx8JnKEQGxFH3YvxvyySfIZFpeBDhWlXStbUwYoFkUD4Pk1I YS8bxljfWthORhWIRVZY/YMwr7h2K6pDEfmIcq4iQspFa/aGrWLQj3WFRlSA5DGN Rlys+BITSSXqJV4813w/YcFuT5jNpjBMCFMabcKHK5XTtQRmeLL0f+GW4M8S2tuY afI9T++c/0OmGm7ugefdlvlT/65MrqxonD8s5p7gsii3hssJpAtN62oFzwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFMaEQ2o8+HictdTvyeXywL+FOL/RMB8GA1UdIwQY MBaAFKSZkD2rhfall3Kz7f1L8OSRr1fEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcEptUVBhdUY5cVdYY3JQdF9Vdnc1Skd2VjhRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC84ZWRhOWEtZDEzYy00NDMwLThjZjQt NTdlYzEyZTg2NDFlLzEveG9SRGFqejRlSnkxMU9fSjVmTEF2NFU0djlFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yZC84ZWRhOWEtZDEzYy00NDMwLThjZjQtNTdlYzEyZTg2NDFl LzEvcEptUVBhdUY5cVdYY3JQdF9Vdnc1Skd2VjhRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCjSfcMA0G CSqGSIb3DQEBCwUAA4IBAQCZmzpNHo97P2qfnZU3hr13o2X9R4j7ttozkTCEkuJs ijunnXQJ9K+cFCrz+vwIv/Cx4f8LnaRsJgV8GcLSKySlX+SpDVq8a/YI73aEUjHJ XT8ehyxAXjJrkS/uDagzglYkCRtUmHj0zbpPLcO8YKCA9dj4MyASRS8IgTWz9Zw6 7HtF4fNGS0Fnilw9LYZEsJCda+/LM9ZYYyQauA7pY7PLBsFULke/zhYdWu3IoDdf /e4WXf+x6Ed5+s2pRpSlEXR4IzT8O0ROHy7FLWudVBKgZmT5knkcEtXuTY7UjOx6 UOLRubAqn7A0vsuy0pAt8QDgb9SUrwwvJJuG0kedik9j -----END CERTIFICATE-----Generated at Mon Jan 26 13:10:47 2026 by rpki-client