This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a67b78-58c8-4311-9e69-6baa3b548d23/1/XGnz7Ansag-6tn1Ax5AEIWjkH0k.roa File: XGnz7Ansag-6tn1Ax5AEIWjkH0k.roa (raw, json) Hash identifier: P+lUqqOncUwG4igPlcuG3jcNQkp5+vWR8T8xxSGsXtg= Subject key identifier: 5C:69:F3:EC:09:EC:6A:0F:BA:B6:7D:40:C7:90:04:21:68:E4:1F:49 Certificate issuer: /CN=ddbe6e0adae8bb478393aab175b638644c74ccb7 Certificate serial: 019B79ED326DC2FF4FA38983B56DFBB44224 Authority key identifier: DD:BE:6E:0A:DA:E8:BB:47:83:93:AA:B1:75:B6:38:64:4C:74:CC:B7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3b5uCtrou0eDk6qxdbY4ZEx0zLc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a67b78-58c8-4311-9e69-6baa3b548d23/1/XGnz7Ansag-6tn1Ax5AEIWjkH0k.roa Signing time: Thu 01 Jan 2026 14:19:06 +0000 ROA not before: Thu 01 Jan 2026 14:19:06 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 206273 IP address blocks: 31.130.244.0/22 maxlen: 22 31.130.246.0/23 maxlen: 23 91.218.154.0/23 maxlen: 23 185.198.60.0/23 maxlen: 23 185.198.62.0/23 maxlen: 23 2a0a:15c0::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/a67b78-58c8-4311-9e69-6baa3b548d23/1/3b5uCtrou0eDk6qxdbY4ZEx0zLc.crl rsync://rpki.ripe.net/repository/DEFAULT/36/a67b78-58c8-4311-9e69-6baa3b548d23/1/3b5uCtrou0eDk6qxdbY4ZEx0zLc.mft rsync://rpki.ripe.net/repository/DEFAULT/3b5uCtrou0eDk6qxdbY4ZEx0zLc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 05:00:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:ed:32:6d:c2:ff:4f:a3:89:83:b5:6d:fb:b4:42:24 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ddbe6e0adae8bb478393aab175b638644c74ccb7 Validity Not Before: Jan 1 14:19:06 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5c69f3ec09ec6a0fbab67d40c790042168e41f49 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f9:ca:fb:76:39:79:5b:fa:b3:55:a2:4e:9b:98: 7a:47:7b:0d:63:cd:38:71:9d:15:a7:db:ed:f4:bf: 0e:6c:43:7c:1c:b3:00:27:44:48:3c:f1:d0:0e:c5: 1f:89:37:f6:27:06:71:78:6f:43:c2:59:b2:f6:6e: 9d:86:c5:d1:e1:47:ef:e7:67:36:30:2d:13:4f:a6: c9:72:8b:1c:31:16:81:3a:d6:2b:86:74:3f:7c:e6: e4:07:62:a2:a0:e3:13:09:30:b1:c3:47:62:a8:44: 2a:87:62:f2:2a:98:06:a4:89:ad:85:b7:61:e1:48: b2:49:69:a3:1b:23:90:0f:e5:f8:bc:d3:95:4c:45: 37:dd:1a:a9:6f:fb:cb:c1:ef:10:23:cd:ea:04:82: 24:46:bb:71:41:ae:94:5c:b8:b9:d7:7c:71:38:d8: 61:d2:b2:c3:e8:1a:95:e6:b3:43:40:65:ae:ba:89: c8:93:27:bb:10:34:45:c9:10:a7:fa:30:e7:0b:ef: 84:01:5e:d9:58:b8:93:fb:1a:9e:01:1e:40:a3:93: af:1a:6d:4e:cc:98:52:3e:2a:df:62:f7:5f:db:58: 4a:80:75:17:f1:3d:9b:bf:7b:15:f5:1c:b4:fa:4d: 25:0d:a7:c7:59:e9:af:11:10:90:5c:e3:d5:bd:be: 46:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5C:69:F3:EC:09:EC:6A:0F:BA:B6:7D:40:C7:90:04:21:68:E4:1F:49 X509v3 Authority Key Identifier: keyid:DD:BE:6E:0A:DA:E8:BB:47:83:93:AA:B1:75:B6:38:64:4C:74:CC:B7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b5uCtrou0eDk6qxdbY4ZEx0zLc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a67b78-58c8-4311-9e69-6baa3b548d23/1/XGnz7Ansag-6tn1Ax5AEIWjkH0k.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a67b78-58c8-4311-9e69-6baa3b548d23/1/3b5uCtrou0eDk6qxdbY4ZEx0zLc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.130.244.0/22 91.218.154.0/23 185.198.60.0/22 IPv6: 2a0a:15c0::/29 Signature Algorithm: sha256WithRSAEncryption ac:3c:5c:e7:4b:c7:52:ee:c5:4f:40:46:bf:24:32:7b:45:bd: d3:4d:5e:d0:1e:1c:73:5f:fa:e2:a5:f6:db:9d:f9:f2:dc:f6: c7:36:23:5f:26:a9:06:67:04:07:10:27:f8:59:8f:81:8d:a7: e1:b4:92:e1:4c:6a:e4:f6:fc:fb:e7:c3:ef:d4:77:fa:5b:70: b9:ad:87:a4:2c:c9:27:61:49:62:b1:79:65:97:99:f6:0f:84: 83:aa:d4:40:1a:7f:6b:a4:fe:9b:b9:98:59:61:29:06:b4:03: b8:c2:a7:02:40:7e:68:91:89:ba:9c:57:0b:35:df:f8:0c:3b: c0:8a:b0:02:64:f9:61:95:c8:ed:41:0f:33:09:55:d5:f3:a1: 9a:91:7b:84:2e:13:92:c7:1b:7d:54:d8:2d:d8:8f:db:61:ef: 80:d4:d5:0b:1f:33:62:58:aa:7a:83:88:b6:5a:63:81:af:16: b2:93:ec:5e:0b:c9:4b:3a:5e:95:f3:9e:1e:cd:86:a3:04:a1: 7c:9d:61:c8:a8:dc:d5:60:61:ed:f5:8d:73:0b:24:6d:1d:63: 06:de:91:6a:ce:69:5f:07:c8:5e:35:43:23:b2:e1:c1:af:38: cb:f1:e8:50:62:41:db:ce:9a:f9:f2:ba:72:2f:ee:c9:0b:13: 76:b6:31:d7 -----BEGIN CERTIFICATE----- MIIFGDCCBACgAwIBAgISAZt57TJtwv9Po4mDtW37tEIkMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRkYmU2ZTBhZGFlOGJiNDc4MzkzYWFiMTc1YjYzODY0NGM3 NGNjYjcwHhcNMjYwMTAxMTQxOTA2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1YzY5ZjNlYzA5ZWM2YTBmYmFiNjdkNDBjNzkwMDQyMTY4ZTQxZjQ5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+cr7djl5W/qzVaJOm5h6R3sNY804 cZ0Vp9vt9L8ObEN8HLMAJ0RIPPHQDsUfiTf2JwZxeG9Dwlmy9m6dhsXR4Ufv52c2 MC0TT6bJcoscMRaBOtYrhnQ/fObkB2KioOMTCTCxw0diqEQqh2LyKpgGpImthbdh 4UiySWmjGyOQD+X4vNOVTEU33Rqpb/vLwe8QI83qBIIkRrtxQa6UXLi513xxONhh 0rLD6BqV5rNDQGWuuonIkye7EDRFyRCn+jDnC++EAV7ZWLiT+xqeAR5Ao5OvGm1O zJhSPirfYvdf21hKgHUX8T2bv3sV9Ry0+k0lDafHWemvERCQXOPVvb5GiQIDAQAB o4ICJDCCAiAwHQYDVR0OBBYEFFxp8+wJ7GoPurZ9QMeQBCFo5B9JMB8GA1UdIwQY MBaAFN2+bgra6LtHg5OqsXW2OGRMdMy3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM2I1dUN0cm91MGVEazZxeGRiWTRaRXgwekxjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNjdiNzgtNThjOC00MzExLTllNjkt NmJhYTNiNTQ4ZDIzLzEvWEduejdBbnNhZy02dG4xQXg1QUVJV2prSDBrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNi9hNjdiNzgtNThjOC00MzExLTllNjktNmJhYTNiNTQ4ZDIz LzEvM2I1dUN0cm91MGVEazZxeGRiWTRaRXgwekxjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCH4L0AwQB W9qaAwQCucY8MA0EAgACMAcDBQMqChXAMA0GCSqGSIb3DQEBCwUAA4IBAQCsPFzn S8dS7sVPQEa/JDJ7Rb3TTV7QHhxzX/ripfbbnfny3PbHNiNfJqkGZwQHECf4WY+B jafhtJLhTGrk9vz758Pv1Hf6W3C5rYekLMknYUlisXlll5n2D4SDqtRAGn9rpP6b uZhZYSkGtAO4wqcCQH5okYm6nFcLNd/4DDvAirACZPlhlcjtQQ8zCVXV86GakXuE LhOSxxt9VNgt2I/bYe+A1NULHzNiWKp6g4i2WmOBrxayk+xeC8lLOl6V854ezYaj BKF8nWHIqNzVYGHt9Y1zCyRtHWMG3pFqzmlfB8heNUMjsuHBrzjL8ehQYkHbzpr5 8rpyL+7JCxN2tjHX -----END CERTIFICATE-----Generated at Sun Jan 25 13:01:19 2026 by rpki-client