This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/2b980a-1eb6-4808-8afa-3a5e18d00ddc/1/XCAs1bdvDVK0mf6fnpHwHSrCy_s.roa File: XCAs1bdvDVK0mf6fnpHwHSrCy_s.roa (raw, json) Hash identifier: vPe5QDgsOEWj+wwao+43Qg6PstZ+Q+ujB68nk8LOfvM= Subject key identifier: 5C:20:2C:D5:B7:6F:0D:52:B4:99:FE:9F:9E:91:F0:1D:2A:C2:CB:FB Certificate issuer: /CN=9568c6005b2840ab7bf8a3ad72a1751d0db29b9c Certificate serial: 019B7BA39344C4A6601F84242CE17CDDF7D2 Authority key identifier: 95:68:C6:00:5B:28:40:AB:7B:F8:A3:AD:72:A1:75:1D:0D:B2:9B:9C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lWjGAFsoQKt7-KOtcqF1HQ2ym5w.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/2b980a-1eb6-4808-8afa-3a5e18d00ddc/1/XCAs1bdvDVK0mf6fnpHwHSrCy_s.roa Signing time: Thu 01 Jan 2026 22:17:56 +0000 ROA not before: Thu 01 Jan 2026 22:17:56 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 210820 IP address blocks: 193.177.242.0/24 maxlen: 24 2a13:ef80::/48 maxlen: 48 2a13:ef80:2::/48 maxlen: 48 2a13:ef80:3::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3f/2b980a-1eb6-4808-8afa-3a5e18d00ddc/1/lWjGAFsoQKt7-KOtcqF1HQ2ym5w.crl rsync://rpki.ripe.net/repository/DEFAULT/3f/2b980a-1eb6-4808-8afa-3a5e18d00ddc/1/lWjGAFsoQKt7-KOtcqF1HQ2ym5w.mft rsync://rpki.ripe.net/repository/DEFAULT/lWjGAFsoQKt7-KOtcqF1HQ2ym5w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a3:93:44:c4:a6:60:1f:84:24:2c:e1:7c:dd:f7:d2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9568c6005b2840ab7bf8a3ad72a1751d0db29b9c Validity Not Before: Jan 1 22:17:56 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5c202cd5b76f0d52b499fe9f9e91f01d2ac2cbfb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f6:71:c7:c3:2d:ce:38:28:5d:38:e4:f0:73:eb: f4:31:63:b9:78:f2:b2:71:60:ce:54:50:a7:f3:64: a6:07:06:5d:dd:2e:be:31:d2:90:36:a8:27:38:2c: 34:e3:24:38:9b:e7:06:c3:39:9a:b3:c5:3e:1b:54: f0:b6:12:cd:24:c2:e6:47:2f:82:58:95:8a:53:14: 0b:41:ee:0e:7e:71:91:f4:c7:a5:23:dd:ed:89:f6: 19:39:6b:f8:07:e4:1c:ff:13:9d:7a:4a:87:83:80: 74:65:d1:b5:4e:89:92:00:88:a1:97:d4:78:87:7a: d2:7b:65:4c:eb:83:d1:35:a3:90:d0:77:8d:d4:32: e0:77:6c:00:7b:4f:44:29:04:48:43:7c:48:ce:21: 66:c2:5f:13:6f:e0:4a:61:43:bd:78:c2:41:7e:8f: 22:bb:e4:be:a7:f6:13:ac:fd:ff:ac:01:56:0a:ac: a9:fe:74:86:32:43:7f:f9:b1:56:6e:3c:4c:35:05: ee:68:8f:3f:8c:14:23:ff:09:81:60:6a:08:42:8c: d6:05:49:9a:d1:dc:34:aa:d3:b1:53:06:dc:da:b6: 91:46:88:34:a6:6b:7c:5e:73:b7:71:40:d1:6d:4a: f3:46:e7:22:12:11:4d:88:c5:3d:34:7f:81:58:6c: 9c:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5C:20:2C:D5:B7:6F:0D:52:B4:99:FE:9F:9E:91:F0:1D:2A:C2:CB:FB X509v3 Authority Key Identifier: keyid:95:68:C6:00:5B:28:40:AB:7B:F8:A3:AD:72:A1:75:1D:0D:B2:9B:9C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lWjGAFsoQKt7-KOtcqF1HQ2ym5w.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/2b980a-1eb6-4808-8afa-3a5e18d00ddc/1/XCAs1bdvDVK0mf6fnpHwHSrCy_s.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/2b980a-1eb6-4808-8afa-3a5e18d00ddc/1/lWjGAFsoQKt7-KOtcqF1HQ2ym5w.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 193.177.242.0/24 IPv6: 2a13:ef80::/48 2a13:ef80:2::/47 Signature Algorithm: sha256WithRSAEncryption af:b7:be:08:7b:b2:f9:67:7e:78:15:9f:58:86:9b:7b:10:2d: 78:95:34:f2:d0:48:d0:5e:02:0a:c3:0b:0e:20:65:6d:c1:64: 43:e4:ba:bf:2d:bb:f6:a5:8a:3f:42:90:d0:f1:56:0d:ef:2d: 6b:a7:e8:b2:5e:62:65:9f:98:57:5e:6c:50:d0:9a:68:6b:9d: 3b:d3:08:a3:da:39:59:be:08:6a:74:99:d3:36:73:c2:c1:22: ff:16:d1:a5:8e:8d:0d:63:6a:ad:a1:6f:7b:c3:7d:b3:2f:a1: 8d:e1:cb:6b:55:d9:f5:f3:0b:ca:a6:2d:88:14:5b:44:cf:72: 08:a6:a1:5f:63:aa:ba:89:9c:38:ff:96:7a:c2:dc:f1:dd:89: 14:64:8a:84:0f:31:63:31:19:5d:e2:7c:bb:41:36:4e:ee:fa: 5f:87:16:8a:4c:55:5c:35:4c:46:fa:03:61:20:42:1c:51:42: c6:76:a7:22:37:8e:ea:71:5a:87:0a:db:54:7f:e3:13:4c:c3: b3:f5:60:7f:61:e3:9a:fd:eb:52:3f:ff:56:8a:b7:81:cb:aa: a0:fa:cb:27:e2:40:fc:96:6f:d1:21:54:0e:51:4f:71:2b:6d: 7f:1e:b7:06:f5:b1:2e:b2:56:8d:9f:7b:ca:ba:5a:96:1f:63: 3e:46:2f:b9 -----BEGIN CERTIFICATE----- MIIFFzCCA/+gAwIBAgISAZt7o5NExKZgH4QkLOF83ffSMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk1NjhjNjAwNWIyODQwYWI3YmY4YTNhZDcyYTE3NTFkMGRi MjliOWMwHhcNMjYwMTAxMjIxNzU2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1YzIwMmNkNWI3NmYwZDUyYjQ5OWZlOWY5ZTkxZjAxZDJhYzJjYmZiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9nHHwy3OOChdOOTwc+v0MWO5ePKy cWDOVFCn82SmBwZd3S6+MdKQNqgnOCw04yQ4m+cGwzmas8U+G1TwthLNJMLmRy+C WJWKUxQLQe4OfnGR9MelI93tifYZOWv4B+Qc/xOdekqHg4B0ZdG1TomSAIihl9R4 h3rSe2VM64PRNaOQ0HeN1DLgd2wAe09EKQRIQ3xIziFmwl8Tb+BKYUO9eMJBfo8i u+S+p/YTrP3/rAFWCqyp/nSGMkN/+bFWbjxMNQXuaI8/jBQj/wmBYGoIQozWBUma 0dw0qtOxUwbc2raRRog0pmt8XnO3cUDRbUrzRuciEhFNiMU9NH+BWGycFQIDAQAB o4ICIzCCAh8wHQYDVR0OBBYEFFwgLNW3bw1StJn+n56R8B0qwsv7MB8GA1UdIwQY MBaAFJVoxgBbKECre/ijrXKhdR0NspucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbFdqR0FGc29RS3Q3LUtPdGNxRjFIUTJ5bTV3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi8yYjk4MGEtMWViNi00ODA4LThhZmEt M2E1ZTE4ZDAwZGRjLzEvWENBczFiZHZEVkswbWY2Zm5wSHdIU3JDeV9zLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zZi8yYjk4MGEtMWViNi00ODA4LThhZmEtM2E1ZTE4ZDAwZGRj LzEvbFdqR0FGc29RS3Q3LUtPdGNxRjFIUTJ5bTV3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQAwbHyMBgE AgACMBIDBwAqE++AAAADBwEqE++AAAIwDQYJKoZIhvcNAQELBQADggEBAK+3vgh7 svlnfngVn1iGm3sQLXiVNPLQSNBeAgrDCw4gZW3BZEPkur8tu/alij9CkNDxVg3v LWun6LJeYmWfmFdebFDQmmhrnTvTCKPaOVm+CGp0mdM2c8LBIv8W0aWOjQ1jaq2h b3vDfbMvoY3hy2tV2fXzC8qmLYgUW0TPcgimoV9jqrqJnDj/lnrC3PHdiRRkioQP MWMxGV3ifLtBNk7u+l+HFopMVVw1TEb6A2EgQhxRQsZ2pyI3jupxWocK21R/4xNM w7P1YH9h45r961I//1aKt4HLqqD6yyfiQPyWb9EhVA5RT3ErbX8etwb1sS6yVo2f e8q6WpYfYz5GL7k= -----END CERTIFICATE-----Generated at Mon Jan 26 03:06:11 2026 by rpki-client