This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/0bb33b-68f7-4748-84ac-004fe433c7c8/1/X5rHphgjA2Ovs-Yct52WJKfW_k8.roa File: X5rHphgjA2Ovs-Yct52WJKfW_k8.roa (raw, json) Hash identifier: fS9NXooFPX4VLQ4SoiMsokXMu0rmiVlmUkYsHNO+cLI= Subject key identifier: 5F:9A:C7:A6:18:23:03:63:AF:B3:E6:1C:B7:9D:96:24:A7:D6:FE:4F Certificate issuer: /CN=0e43a0df059a5251a400b5a1f1321ba00d3120d2 Certificate serial: 019B7FF1F34C5EA5F419CA0E8AB1F962E7E9 Authority key identifier: 0E:43:A0:DF:05:9A:52:51:A4:00:B5:A1:F1:32:1B:A0:0D:31:20:D2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DkOg3wWaUlGkALWh8TIboA0xINI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/0bb33b-68f7-4748-84ac-004fe433c7c8/1/X5rHphgjA2Ovs-Yct52WJKfW_k8.roa Signing time: Fri 02 Jan 2026 18:22:01 +0000 ROA not before: Fri 02 Jan 2026 18:22:01 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 200356 IP address blocks: 185.159.106.0/23 maxlen: 23 2a07:b880:80::/41 maxlen: 41 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/0bb33b-68f7-4748-84ac-004fe433c7c8/1/DkOg3wWaUlGkALWh8TIboA0xINI.crl rsync://rpki.ripe.net/repository/DEFAULT/51/0bb33b-68f7-4748-84ac-004fe433c7c8/1/DkOg3wWaUlGkALWh8TIboA0xINI.mft rsync://rpki.ripe.net/repository/DEFAULT/DkOg3wWaUlGkALWh8TIboA0xINI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 09:01:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:f1:f3:4c:5e:a5:f4:19:ca:0e:8a:b1:f9:62:e7:e9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0e43a0df059a5251a400b5a1f1321ba00d3120d2 Validity Not Before: Jan 2 18:22:01 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5f9ac7a618230363afb3e61cb79d9624a7d6fe4f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:1b:bf:db:91:22:47:84:1b:3d:40:b0:34:ad: b5:35:d9:84:ba:50:31:85:e2:1e:6c:3d:4a:5e:8c: d1:cf:d8:3b:51:cb:e6:11:a1:c7:48:5b:ac:9b:c2: d4:0d:38:d9:03:16:13:6c:0d:d9:8d:16:77:9a:e8: a4:9a:dc:4f:fc:40:e5:44:e9:00:79:7f:23:90:95: e6:0d:ca:7e:fa:34:73:df:3e:63:ef:14:f3:63:3e: d8:36:f3:75:16:d5:ad:d3:5f:4e:20:9d:fe:63:a4: 89:85:13:91:e4:92:97:c9:b7:9c:c2:e3:df:d2:a3: 66:de:f9:30:01:53:70:ff:15:cb:f8:dc:da:fd:5b: 29:91:ae:ec:99:f7:ce:9d:fd:56:8a:b1:65:c8:1b: 81:9b:59:6c:26:b6:46:a0:af:2a:ba:43:68:dd:91: f9:81:75:2e:7b:1b:7f:07:57:15:58:28:8b:b0:fb: e3:f1:b0:1e:9d:a6:4b:18:66:48:a2:42:1f:e3:82: ce:84:b3:1e:27:43:f4:91:3f:32:4a:1b:6c:26:65: 63:00:2d:9a:c7:c3:19:fd:81:03:41:a6:6c:40:de: c1:3b:20:6e:1d:96:da:eb:b0:8a:b3:a6:a5:44:de: ee:bd:ba:77:c5:5e:e7:60:85:94:8a:c7:91:0f:26: ea:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5F:9A:C7:A6:18:23:03:63:AF:B3:E6:1C:B7:9D:96:24:A7:D6:FE:4F X509v3 Authority Key Identifier: keyid:0E:43:A0:DF:05:9A:52:51:A4:00:B5:A1:F1:32:1B:A0:0D:31:20:D2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DkOg3wWaUlGkALWh8TIboA0xINI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/0bb33b-68f7-4748-84ac-004fe433c7c8/1/X5rHphgjA2Ovs-Yct52WJKfW_k8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/51/0bb33b-68f7-4748-84ac-004fe433c7c8/1/DkOg3wWaUlGkALWh8TIboA0xINI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.159.106.0/23 IPv6: 2a07:b880:80::/41 Signature Algorithm: sha256WithRSAEncryption 5b:31:e2:f4:bc:ea:b5:a2:f0:4c:ad:bc:a0:a9:e5:79:06:c9: 7e:29:ee:24:4c:bb:f0:be:9d:15:60:ed:a9:f0:42:d8:04:d1: d7:73:32:81:75:16:03:5b:9d:1d:2e:1c:88:86:f7:cd:4f:d7: a3:de:1a:55:20:a2:83:45:b1:44:b2:1c:39:d5:a4:c7:57:59: d3:61:91:05:02:c9:8e:bf:50:a2:58:02:db:e5:87:c0:46:79: 60:da:70:ba:f0:64:a3:bc:e6:59:f2:19:0a:c5:76:8a:60:76: fd:8b:49:9b:62:38:e1:d7:23:a6:06:93:c8:fe:8b:9b:ec:71: 48:1a:36:ca:96:1d:8d:a7:a8:2f:03:1e:0a:13:0f:d8:ae:66: fc:10:9b:48:cf:92:b4:04:18:97:4e:3d:bf:19:16:f1:df:ac: 69:60:a4:86:0e:33:95:e5:fc:19:29:c8:c4:e0:53:c6:dc:e5: a2:f5:98:d4:ca:36:96:9e:71:66:ce:23:0f:42:ee:1d:90:a0: 2b:a0:5c:aa:97:e9:ff:4b:00:6f:b9:65:ca:84:5a:ac:c1:3c: 5f:fd:aa:ed:1e:d3:1c:d2:8a:f5:34:b2:cd:14:46:84:78:f7: 25:59:95:99:40:98:58:57:d1:38:6a:74:9e:43:e7:3e:79:84: 43:dc:47:a3 -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgISAZt/8fNMXqX0GcoOirH5YufpMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBlNDNhMGRmMDU5YTUyNTFhNDAwYjVhMWYxMzIxYmEwMGQz MTIwZDIwHhcNMjYwMTAyMTgyMjAxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1ZjlhYzdhNjE4MjMwMzYzYWZiM2U2MWNiNzlkOTYyNGE3ZDZmZTRmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Ru/25EiR4QbPUCwNK21NdmEulAx heIebD1KXozRz9g7UcvmEaHHSFusm8LUDTjZAxYTbA3ZjRZ3muikmtxP/EDlROkA eX8jkJXmDcp++jRz3z5j7xTzYz7YNvN1FtWt019OIJ3+Y6SJhROR5JKXybecwuPf 0qNm3vkwAVNw/xXL+Nza/Vspka7smffOnf1WirFlyBuBm1lsJrZGoK8qukNo3ZH5 gXUuext/B1cVWCiLsPvj8bAenaZLGGZIokIf44LOhLMeJ0P0kT8yShtsJmVjAC2a x8MZ/YEDQaZsQN7BOyBuHZba67CKs6alRN7uvbp3xV7nYIWUiseRDybqVQIDAQAB o4ICGjCCAhYwHQYDVR0OBBYEFF+ax6YYIwNjr7PmHLedliSn1v5PMB8GA1UdIwQY MBaAFA5DoN8FmlJRpAC1ofEyG6ANMSDSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRGtPZzN3V2FVbEdrQUxXaDhUSWJvQTB4SU5JLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8wYmIzM2ItNjhmNy00NzQ4LTg0YWMt MDA0ZmU0MzNjN2M4LzEvWDVySHBoZ2pBMk92cy1ZY3Q1MldKS2ZXX2s4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81MS8wYmIzM2ItNjhmNy00NzQ4LTg0YWMtMDA0ZmU0MzNjN2M4 LzEvRGtPZzN3V2FVbEdrQUxXaDhUSWJvQTB4SU5JLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBuZ9qMA8E AgACMAkDBwcqB7iAAIAwDQYJKoZIhvcNAQELBQADggEBAFsx4vS86rWi8EytvKCp 5XkGyX4p7iRMu/C+nRVg7anwQtgE0ddzMoF1FgNbnR0uHIiG981P16PeGlUgooNF sUSyHDnVpMdXWdNhkQUCyY6/UKJYAtvlh8BGeWDacLrwZKO85lnyGQrFdopgdv2L SZtiOOHXI6YGk8j+i5vscUgaNsqWHY2nqC8DHgoTD9iuZvwQm0jPkrQEGJdOPb8Z FvHfrGlgpIYOM5Xl/BkpyMTgU8bc5aL1mNTKNpaecWbOIw9C7h2QoCugXKqX6f9L AG+5ZcqEWqzBPF/9qu0e0xzSivU0ss0URoR49yVZlZlAmFhX0ThqdJ5D5z55hEPc R6M= -----END CERTIFICATE-----Generated at Mon Jan 26 12:18:07 2026 by rpki-client