This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/XkCpQ4xWLE9dlV83IDE1saD3b2k.roa File: XkCpQ4xWLE9dlV83IDE1saD3b2k.roa (raw, json) Hash identifier: bDYpXnq431ghla3lAMtwBrRxAdHF9JaPOSyXTvPRRR4= Subject key identifier: 5E:40:A9:43:8C:56:2C:4F:5D:95:5F:37:20:31:35:B1:A0:F7:6F:69 Certificate issuer: /CN=27a39e4794c34612e7f22569b1a6a81710260ae5 Certificate serial: 019B76EB5141016B431BFF420428DFEDEB11 Authority key identifier: 27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/XkCpQ4xWLE9dlV83IDE1saD3b2k.roa Signing time: Thu 01 Jan 2026 00:18:11 +0000 ROA not before: Thu 01 Jan 2026 00:18:11 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 49666 IP address blocks: 2.176.0.0/17 maxlen: 17 2.176.128.0/17 maxlen: 17 2.177.0.0/16 maxlen: 16 2.182.0.0/16 maxlen: 24 2.185.0.0/16 maxlen: 16 2.188.0.0/16 maxlen: 24 2.188.0.0/24 maxlen: 24 2.188.1.0/24 maxlen: 24 2.188.7.0/24 maxlen: 24 2.188.9.0/24 maxlen: 24 2.188.12.0/22 maxlen: 22 2.188.17.0/24 maxlen: 24 2.188.22.0/24 maxlen: 24 2.188.23.0/24 maxlen: 24 2.188.28.0/24 maxlen: 24 2.188.30.0/24 maxlen: 24 2.188.64.0/21 maxlen: 21 2.188.76.0/24 maxlen: 24 2.188.179.0/24 maxlen: 24 2.188.181.0/24 maxlen: 24 2.188.184.0/24 maxlen: 24 2.188.185.0/24 maxlen: 24 2.188.186.0/24 maxlen: 24 2.188.187.0/24 maxlen: 24 2.189.0.0/16 maxlen: 24 2.189.1.0/24 maxlen: 24 2.189.3.0/24 maxlen: 24 2.189.42.0/24 maxlen: 24 2.189.44.0/24 maxlen: 24 2.189.59.0/24 maxlen: 24 2.189.63.0/24 maxlen: 24 2.189.72.0/24 maxlen: 24 2.189.186.0/24 maxlen: 24 78.38.0.0/16 maxlen: 24 78.38.243.0/24 maxlen: 24 78.38.245.0/24 maxlen: 24 78.38.246.0/24 maxlen: 24 78.38.248.0/24 maxlen: 24 78.38.250.0/24 maxlen: 24 78.38.251.0/24 maxlen: 24 78.38.253.0/24 maxlen: 24 78.38.254.0/24 maxlen: 24 78.39.0.0/16 maxlen: 24 78.39.40.0/24 maxlen: 24 78.39.43.0/24 maxlen: 24 78.39.46.0/24 maxlen: 24 78.39.47.0/24 maxlen: 24 78.39.48.0/24 maxlen: 24 78.39.49.0/24 maxlen: 24 78.39.50.0/24 maxlen: 24 78.39.51.0/24 maxlen: 24 78.39.53.0/24 maxlen: 24 78.39.54.0/24 maxlen: 24 78.39.55.0/24 maxlen: 24 78.39.56.0/24 maxlen: 24 78.39.57.0/24 maxlen: 24 78.39.58.0/24 maxlen: 24 78.39.59.0/24 maxlen: 24 78.39.62.0/23 maxlen: 24 78.39.153.0/24 maxlen: 25 78.39.155.0/24 maxlen: 24 78.39.156.0/24 maxlen: 24 80.191.0.0/16 maxlen: 24 85.185.0.0/16 maxlen: 24 195.146.63.0/24 maxlen: 24 217.218.0.0/16 maxlen: 24 217.218.67.0/24 maxlen: 24 217.219.0.0/16 maxlen: 24 2001:4188:2::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.crl rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.mft rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:76:eb:51:41:01:6b:43:1b:ff:42:04:28:df:ed:eb:11 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=27a39e4794c34612e7f22569b1a6a81710260ae5 Validity Not Before: Jan 1 00:18:11 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5e40a9438c562c4f5d955f37203135b1a0f76f69 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:b9:35:2f:52:e9:12:df:ab:b6:64:46:86:4a: 14:64:ed:be:22:01:fc:31:6f:a7:95:43:68:3a:66: 74:6e:83:92:f6:91:e4:e7:33:d5:c0:c5:87:37:a6: 39:61:f3:e2:87:9a:6f:bc:21:2a:d4:e1:84:c8:41: f6:95:5f:ad:c1:82:2f:e3:59:dc:c1:c4:a8:e9:a5: 68:1c:24:58:5a:d1:38:a0:d7:57:62:69:1f:f3:ab: 99:30:b6:f0:80:78:ba:2b:ec:f7:82:c7:cb:0a:ca: 8f:86:54:48:e1:1b:aa:8e:7b:f7:5c:b7:e6:69:1c: 11:20:d8:e7:d7:f1:61:4b:08:37:08:42:d2:fe:4d: c2:0c:45:15:0d:53:df:a4:21:86:18:8e:fb:65:e3: 92:ef:28:f1:8d:87:f1:23:27:2b:0b:fb:e0:16:d2: 57:1f:be:18:5f:a1:68:3d:27:83:e6:68:b6:46:1d: 40:80:34:cd:bc:d5:1d:ca:e6:92:ef:e5:cd:b1:dc: 81:f3:6a:4a:bb:45:6c:2b:ea:c8:c2:45:1f:32:89: eb:0c:36:13:63:e6:1d:43:51:ea:2f:35:80:da:c8: 48:97:3c:07:0f:ba:b2:72:56:ed:b6:db:0c:17:49: c2:4a:c4:98:2e:9b:e7:ed:5c:70:a3:7d:88:5f:5b: 09:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5E:40:A9:43:8C:56:2C:4F:5D:95:5F:37:20:31:35:B1:A0:F7:6F:69 X509v3 Authority Key Identifier: keyid:27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/XkCpQ4xWLE9dlV83IDE1saD3b2k.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 2.176.0.0/15 2.182.0.0/16 2.185.0.0/16 2.188.0.0/15 78.38.0.0/15 80.191.0.0/16 85.185.0.0/16 195.146.63.0/24 217.218.0.0/15 IPv6: 2001:4188:2::/48 Signature Algorithm: sha256WithRSAEncryption 04:b1:94:ab:95:e9:92:b9:52:79:a8:96:95:fc:2e:c3:1b:c4: 10:a4:1b:6c:78:81:d9:09:38:da:1e:28:8e:4d:ef:d7:70:8b: e9:22:8f:e0:c5:5e:25:15:c0:16:f2:45:e9:26:68:73:4a:a4: b4:9c:01:48:b7:24:17:5e:89:ea:74:f7:81:5a:0a:39:36:0a: 74:1f:a6:66:19:d6:5b:03:e2:0b:e6:dc:a1:26:61:18:eb:82: f0:60:91:ba:ba:16:b8:4f:c1:0c:71:4f:52:8d:1a:9b:a0:db: 7b:d3:a0:84:65:d7:4f:64:61:de:c1:70:75:86:3c:db:ee:d7: 04:77:d2:4b:1b:bf:66:23:82:ac:cd:7e:c9:0d:80:22:ff:c6: 33:f1:a6:49:4a:ac:5d:18:5b:78:03:ab:b1:9e:f8:59:f5:29: 83:1d:53:88:f0:be:38:08:fe:87:c8:79:db:f8:c5:15:17:aa: 58:07:7a:3c:af:0d:a3:5e:ef:25:8a:e4:df:c5:c6:56:29:9d: dd:3a:6b:ef:3e:9b:94:4e:21:1b:78:2c:35:11:f1:6f:15:dc: 26:d7:17:9a:30:e3:7e:14:dd:7e:81:47:76:3e:21:69:55:ce: b0:1c:78:a2:e3:de:b6:ef:a3:92:16:94:72:63:dd:e5:f4:89: 0d:3a:d7:bb -----BEGIN CERTIFICATE----- MIIFNjCCBB6gAwIBAgISAZt261FBAWtDG/9CBCjf7esRMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI3YTM5ZTQ3OTRjMzQ2MTJlN2YyMjU2OWIxYTZhODE3MTAy NjBhZTUwHhcNMjYwMTAxMDAxODExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1ZTQwYTk0MzhjNTYyYzRmNWQ5NTVmMzcyMDMxMzViMWEwZjc2ZjY5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsrk1L1LpEt+rtmRGhkoUZO2+IgH8 MW+nlUNoOmZ0boOS9pHk5zPVwMWHN6Y5YfPih5pvvCEq1OGEyEH2lV+twYIv41nc wcSo6aVoHCRYWtE4oNdXYmkf86uZMLbwgHi6K+z3gsfLCsqPhlRI4Ruqjnv3XLfm aRwRINjn1/FhSwg3CELS/k3CDEUVDVPfpCGGGI77ZeOS7yjxjYfxIycrC/vgFtJX H74YX6FoPSeD5mi2Rh1AgDTNvNUdyuaS7+XNsdyB82pKu0VsK+rIwkUfMonrDDYT Y+YdQ1HqLzWA2shIlzwHD7qyclbtttsMF0nCSsSYLpvn7Vxwo32IX1sJNQIDAQAB o4ICQjCCAj4wHQYDVR0OBBYEFF5AqUOMVixPXZVfNyAxNbGg929pMB8GA1UdIwQY MBaAFCejnkeUw0YS5/IlabGmqBcQJgrlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMt Zjc0ZDk1MTg1NzZjLzEvWGtDcFE0eFdMRTlkbFY4M0lERTFzYUQzYjJrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMtZjc0ZDk1MTg1NzZj LzEvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA0BAIAATAuAwMBArADAwAC tgMDAAK5AwMBArwDAwFOJgMDAFC/AwMAVbkDBADDkj8DAwHZ2jAPBAIAAjAJAwcA IAFBiAACMA0GCSqGSIb3DQEBCwUAA4IBAQAEsZSrlemSuVJ5qJaV/C7DG8QQpBts eIHZCTjaHiiOTe/XcIvpIo/gxV4lFcAW8kXpJmhzSqS0nAFItyQXXonqdPeBWgo5 Ngp0H6ZmGdZbA+IL5tyhJmEY64LwYJG6uha4T8EMcU9SjRqboNt706CEZddPZGHe wXB1hjzb7tcEd9JLG79mI4KszX7JDYAi/8Yz8aZJSqxdGFt4A6uxnvhZ9SmDHVOI 8L44CP6HyHnb+MUVF6pYB3o8rw2jXu8liuTfxcZWKZ3dOmvvPpuUTiEbeCw1EfFv Fdwm1xeaMON+FN1+gUd2PiFpVc6wHHii496276OSFpRyY93l9IkNOte7 -----END CERTIFICATE-----Generated at Sun Jan 25 20:29:35 2026 by rpki-client