This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/0894f7-e24d-4728-8cad-bd249b625797/1/X3CxDxdArCain-hHzMiYZG7wqTY.roa File: X3CxDxdArCain-hHzMiYZG7wqTY.roa (raw, json) Hash identifier: VGIBYhWyA0ZSidIn3eUOjZGeUibcoLiE0Nr0g0fgtac= Subject key identifier: 5F:70:B1:0F:17:40:AC:26:A2:9F:E8:47:CC:C8:98:64:6E:F0:A9:36 Certificate issuer: /CN=e5d6c6e8bced40bd032d17718c1b1e39ae841ae8 Certificate serial: 019B7E39072931E194D23E4CD2DD1DC7F023 Authority key identifier: E5:D6:C6:E8:BC:ED:40:BD:03:2D:17:71:8C:1B:1E:39:AE:84:1A:E8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5dbG6LztQL0DLRdxjBseOa6EGug.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/0894f7-e24d-4728-8cad-bd249b625797/1/X3CxDxdArCain-hHzMiYZG7wqTY.roa Signing time: Fri 02 Jan 2026 10:20:25 +0000 ROA not before: Fri 02 Jan 2026 10:20:25 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 49767 IP address blocks: 109.72.0.0/20 maxlen: 20 194.31.216.0/22 maxlen: 22 2a02:2930::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/0894f7-e24d-4728-8cad-bd249b625797/1/5dbG6LztQL0DLRdxjBseOa6EGug.crl rsync://rpki.ripe.net/repository/DEFAULT/30/0894f7-e24d-4728-8cad-bd249b625797/1/5dbG6LztQL0DLRdxjBseOa6EGug.mft rsync://rpki.ripe.net/repository/DEFAULT/5dbG6LztQL0DLRdxjBseOa6EGug.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:39:07:29:31:e1:94:d2:3e:4c:d2:dd:1d:c7:f0:23 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e5d6c6e8bced40bd032d17718c1b1e39ae841ae8 Validity Not Before: Jan 2 10:20:25 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5f70b10f1740ac26a29fe847ccc898646ef0a936 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:b5:8a:d4:e8:79:00:93:aa:b6:05:9b:76:5f: 2b:a6:76:f8:c2:51:9f:3d:c6:a1:01:71:69:84:d8: 9c:fc:2b:42:0b:67:1d:cf:88:65:f7:41:70:b1:37: 49:39:90:10:e6:c3:2f:9e:c6:86:b1:50:fb:56:95: 18:85:7b:00:1f:cb:0e:84:8d:99:c4:02:dd:00:e6: 3d:ed:3d:71:43:ed:1e:1c:b4:7a:2c:ba:d9:26:f9: 7a:60:c7:68:00:b2:ed:97:03:3b:46:e5:07:9d:2f: fa:49:31:f1:b6:09:b3:c9:55:ec:48:16:c5:44:42: c1:7a:07:2f:8d:df:ae:a7:a1:7a:00:8a:f1:80:09: 1c:d5:c5:c7:48:14:33:fe:4a:30:47:60:53:57:1e: a1:fa:3e:7d:5c:31:36:ca:0f:ce:1d:ca:87:64:c4: c9:93:e0:a7:9d:26:1d:b7:53:4f:3d:5c:65:1b:b3: 77:d8:f8:eb:bd:2c:6f:e9:8f:2e:89:2e:47:a6:9a: b1:67:57:4b:c8:a6:69:14:4c:13:08:48:2b:6c:61: 74:63:bb:e8:68:20:33:8d:09:06:6d:ca:25:d6:5c: f0:96:3d:1d:60:f1:2d:0b:6a:3a:14:bc:e8:10:05: c9:16:43:50:78:2c:04:3d:b9:50:3d:8c:37:09:cc: 11:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5F:70:B1:0F:17:40:AC:26:A2:9F:E8:47:CC:C8:98:64:6E:F0:A9:36 X509v3 Authority Key Identifier: keyid:E5:D6:C6:E8:BC:ED:40:BD:03:2D:17:71:8C:1B:1E:39:AE:84:1A:E8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5dbG6LztQL0DLRdxjBseOa6EGug.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0894f7-e24d-4728-8cad-bd249b625797/1/X3CxDxdArCain-hHzMiYZG7wqTY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0894f7-e24d-4728-8cad-bd249b625797/1/5dbG6LztQL0DLRdxjBseOa6EGug.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 109.72.0.0/20 194.31.216.0/22 IPv6: 2a02:2930::/32 Signature Algorithm: sha256WithRSAEncryption 0d:f4:cc:e3:8c:89:f6:d5:8b:31:1f:50:63:84:06:45:bd:c0: d2:84:c1:a0:d1:52:36:54:6f:f6:91:fe:d4:73:3d:cf:5f:a5: b4:5d:b4:04:97:a2:b3:d7:33:67:69:7a:f9:00:ba:e6:dd:04: cb:da:c2:bb:a7:52:85:95:39:6d:4e:f7:02:48:29:03:90:11: 92:9d:c9:85:ae:88:d8:ba:4d:93:05:4d:a2:94:f1:93:82:37: d2:89:24:b2:fc:03:59:f4:8b:d1:e9:29:83:2c:fa:f7:37:8b: e8:d4:32:19:79:95:a3:1d:8e:32:43:f5:6e:ce:40:c1:59:ba: dd:f4:b6:5d:82:8f:a4:59:bb:a9:a5:b7:9d:be:60:c3:18:6e: 80:70:0c:e9:49:7e:a4:ff:14:61:4c:d2:21:5f:1f:ac:5f:13: 87:cc:cc:46:72:b8:73:2c:a0:86:42:f6:18:39:f1:55:f8:61: 7e:b4:15:fe:85:41:a4:a1:a2:05:79:22:92:9e:9e:72:63:d9: fb:76:27:66:83:fa:40:84:6c:83:12:55:40:f3:87:95:b5:a7: be:59:aa:52:b9:0a:b2:5e:c4:35:19:d0:b3:7a:5e:14:32:39: 74:7c:6c:38:59:c9:fc:56:b2:0b:e1:ef:85:1c:28:c0:5b:fd: 7b:0e:53:c5 -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt+OQcpMeGU0j5M0t0dx/AjMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGU1ZDZjNmU4YmNlZDQwYmQwMzJkMTc3MThjMWIxZTM5YWU4 NDFhZTgwHhcNMjYwMTAyMTAyMDI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1ZjcwYjEwZjE3NDBhYzI2YTI5ZmU4NDdjY2M4OTg2NDZlZjBhOTM2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvrWK1Oh5AJOqtgWbdl8rpnb4wlGf PcahAXFphNic/CtCC2cdz4hl90FwsTdJOZAQ5sMvnsaGsVD7VpUYhXsAH8sOhI2Z xALdAOY97T1xQ+0eHLR6LLrZJvl6YMdoALLtlwM7RuUHnS/6STHxtgmzyVXsSBbF RELBegcvjd+up6F6AIrxgAkc1cXHSBQz/kowR2BTVx6h+j59XDE2yg/OHcqHZMTJ k+CnnSYdt1NPPVxlG7N32PjrvSxv6Y8uiS5HppqxZ1dLyKZpFEwTCEgrbGF0Y7vo aCAzjQkGbcol1lzwlj0dYPEtC2o6FLzoEAXJFkNQeCwEPblQPYw3CcwR/wIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFF9wsQ8XQKwmop/oR8zImGRu8Kk2MB8GA1UdIwQY MBaAFOXWxui87UC9Ay0XcYwbHjmuhBroMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNWRiRzZMenRRTDBETFJkeGpCc2VPYTZFR3VnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8wODk0ZjctZTI0ZC00NzI4LThjYWQt YmQyNDliNjI1Nzk3LzEvWDNDeER4ZEFyQ2Fpbi1oSHpNaVlaRzd3cVRZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zMC8wODk0ZjctZTI0ZC00NzI4LThjYWQtYmQyNDliNjI1Nzk3 LzEvNWRiRzZMenRRTDBETFJkeGpCc2VPYTZFR3VnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEbUgAAwQC wh/YMA0EAgACMAcDBQAqAikwMA0GCSqGSIb3DQEBCwUAA4IBAQAN9MzjjIn21Ysx H1BjhAZFvcDShMGg0VI2VG/2kf7Ucz3PX6W0XbQEl6Kz1zNnaXr5ALrm3QTL2sK7 p1KFlTltTvcCSCkDkBGSncmFrojYuk2TBU2ilPGTgjfSiSSy/ANZ9IvR6SmDLPr3 N4vo1DIZeZWjHY4yQ/VuzkDBWbrd9LZdgo+kWbuppbedvmDDGG6AcAzpSX6k/xRh TNIhXx+sXxOHzMxGcrhzLKCGQvYYOfFV+GF+tBX+hUGkoaIFeSKSnp5yY9n7didm g/pAhGyDElVA84eVtae+WapSuQqyXsQ1GdCzel4UMjl0fGw4Wcn8VrIL4e+FHCjA W/17DlPF -----END CERTIFICATE-----Generated at Sun Jan 25 20:47:56 2026 by rpki-client