This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/7b127b-44ce-4cad-ad8f-089c1c3d4357/1/XnmFvaH8taj9-UQymlF1F-zbxKk.roa File: XnmFvaH8taj9-UQymlF1F-zbxKk.roa (raw, json) Hash identifier: iMSxnmP+UiVDMZfufDMB7BaA1JQlHS+89CnU1xCpzVk= Subject key identifier: 5E:79:85:BD:A1:FC:B5:A8:FD:F9:44:32:9A:51:75:17:EC:DB:C4:A9 Certificate issuer: /CN=2ac3ed794adafb91cb81a969eb8a9b2905fee2ec Certificate serial: 019B7CED0E80E50DC52E502A1DA2BDE0F577 Authority key identifier: 2A:C3:ED:79:4A:DA:FB:91:CB:81:A9:69:EB:8A:9B:29:05:FE:E2:EC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPteUra-5HLgalp64qbKQX-4uw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/7b127b-44ce-4cad-ad8f-089c1c3d4357/1/XnmFvaH8taj9-UQymlF1F-zbxKk.roa Signing time: Fri 02 Jan 2026 04:17:49 +0000 ROA not before: Fri 02 Jan 2026 04:17:49 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 9051 IP address blocks: 46.19.192.0/21 maxlen: 24 185.192.160.0/22 maxlen: 24 2a0a:2d40::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/7b127b-44ce-4cad-ad8f-089c1c3d4357/1/KsPteUra-5HLgalp64qbKQX-4uw.crl rsync://rpki.ripe.net/repository/DEFAULT/52/7b127b-44ce-4cad-ad8f-089c1c3d4357/1/KsPteUra-5HLgalp64qbKQX-4uw.mft rsync://rpki.ripe.net/repository/DEFAULT/KsPteUra-5HLgalp64qbKQX-4uw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:ed:0e:80:e5:0d:c5:2e:50:2a:1d:a2:bd:e0:f5:77 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2ac3ed794adafb91cb81a969eb8a9b2905fee2ec Validity Not Before: Jan 2 04:17:49 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5e7985bda1fcb5a8fdf944329a517517ecdbc4a9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:1b:08:c1:a0:13:86:99:12:c4:13:07:17:db: bb:04:5a:92:f4:77:79:99:f5:5b:0b:6c:f2:88:3c: 9e:f1:49:a7:bf:a7:3d:6b:52:7b:0a:ab:67:3a:7d: 55:f7:c4:ff:12:d0:bb:43:05:11:ce:1c:d5:5a:4b: 62:79:2a:c3:9e:de:fe:c9:b4:71:2b:cc:db:76:ef: d1:db:7e:a0:b3:fc:c1:39:f3:01:fc:bd:4c:05:35: 2b:7a:42:ca:9a:f4:46:00:a4:95:72:68:ad:f4:0b: 31:fa:3f:e7:bb:ff:b9:3f:8e:f2:e1:8f:b6:6c:a0: 7d:41:12:a2:25:86:df:1a:de:2f:04:fd:fc:10:95: 03:1b:ac:7f:15:d2:35:d0:d4:8b:2c:d7:69:4f:bb: 54:d7:96:83:37:6d:c9:54:c8:31:5b:d8:73:d3:50: 12:b9:e2:0e:c6:64:86:c3:5a:31:75:41:30:bb:b0: 80:76:fb:fc:e4:2a:49:c2:54:67:ec:fa:b4:c2:54: 44:86:06:5e:09:53:fe:48:4e:ef:31:38:2e:fe:2e: 45:75:d8:7d:d5:25:65:46:fc:d7:a0:6e:d8:ea:75: 06:4f:34:4d:53:a3:80:7b:1d:ff:fc:90:bb:21:1a: 51:c7:bb:af:08:7d:70:d2:bb:fe:87:f5:8f:89:5a: 5e:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5E:79:85:BD:A1:FC:B5:A8:FD:F9:44:32:9A:51:75:17:EC:DB:C4:A9 X509v3 Authority Key Identifier: keyid:2A:C3:ED:79:4A:DA:FB:91:CB:81:A9:69:EB:8A:9B:29:05:FE:E2:EC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPteUra-5HLgalp64qbKQX-4uw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/7b127b-44ce-4cad-ad8f-089c1c3d4357/1/XnmFvaH8taj9-UQymlF1F-zbxKk.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/52/7b127b-44ce-4cad-ad8f-089c1c3d4357/1/KsPteUra-5HLgalp64qbKQX-4uw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 46.19.192.0/21 185.192.160.0/22 IPv6: 2a0a:2d40::/29 Signature Algorithm: sha256WithRSAEncryption 9e:95:0f:c7:0b:69:01:cf:0a:6a:d1:20:a0:16:b8:25:f1:a0: 64:23:bf:f0:95:ce:b9:23:43:cf:ae:c9:f8:c3:5c:4e:64:91: ae:77:3d:d2:ef:5d:18:a6:9b:f1:7c:1c:4f:a2:ac:2d:70:20: d2:9a:a9:8e:53:c5:fa:37:c8:50:8d:0e:13:51:99:13:2d:bf: ad:45:67:22:8d:78:85:98:d7:d1:08:44:91:d1:2a:8f:64:b2: a4:76:59:25:4c:cd:ac:2c:c1:a4:70:51:27:bb:d6:74:76:d4: 5d:e3:5e:16:4e:0d:e5:78:73:a7:3a:24:c1:59:bb:d4:d2:95: 07:a5:ca:66:ee:1d:f2:df:1d:59:6c:94:80:05:61:0f:15:0e: 0f:cf:17:2a:2d:bc:8c:7b:7f:56:73:3f:5e:74:6a:b0:df:ae: 22:7e:d4:b0:c5:5f:41:7c:25:ac:22:df:6c:fd:71:7e:e8:66: e4:6d:54:d0:5e:c2:8e:a7:52:87:77:ec:41:75:1f:b8:b0:2d: 49:6a:1b:27:bf:b8:bf:e0:a6:f4:07:87:af:8f:fb:63:8e:b6: ec:f3:a6:e8:8e:de:bb:39:aa:4c:b8:a6:2b:87:81:75:47:ca: d3:a8:e3:e9:0e:33:0d:26:9e:64:fe:82:6c:f9:40:28:a6:3a: 3d:48:4e:e3 -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt87Q6A5Q3FLlAqHaK94PV3MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhYzNlZDc5NGFkYWZiOTFjYjgxYTk2OWViOGE5YjI5MDVm ZWUyZWMwHhcNMjYwMTAyMDQxNzQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1ZTc5ODViZGExZmNiNWE4ZmRmOTQ0MzI5YTUxNzUxN2VjZGJjNGE5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoRsIwaAThpkSxBMHF9u7BFqS9Hd5 mfVbC2zyiDye8Umnv6c9a1J7CqtnOn1V98T/EtC7QwURzhzVWktieSrDnt7+ybRx K8zbdu/R236gs/zBOfMB/L1MBTUrekLKmvRGAKSVcmit9Asx+j/nu/+5P47y4Y+2 bKB9QRKiJYbfGt4vBP38EJUDG6x/FdI10NSLLNdpT7tU15aDN23JVMgxW9hz01AS ueIOxmSGw1oxdUEwu7CAdvv85CpJwlRn7Pq0wlREhgZeCVP+SE7vMTgu/i5Fddh9 1SVlRvzXoG7Y6nUGTzRNU6OAex3//JC7IRpRx7uvCH1w0rv+h/WPiVpexwIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFF55hb2h/LWo/flEMppRdRfs28SpMB8GA1UdIwQY MBaAFCrD7XlK2vuRy4GpaeuKmykF/uLsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS3NQdGVVcmEtNUhMZ2FscDY0cWJLUVgtNHV3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi83YjEyN2ItNDRjZS00Y2FkLWFkOGYt MDg5YzFjM2Q0MzU3LzEvWG5tRnZhSDh0YWo5LVVReW1sRjFGLXpieEtrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Mi83YjEyN2ItNDRjZS00Y2FkLWFkOGYtMDg5YzFjM2Q0MzU3 LzEvS3NQdGVVcmEtNUhMZ2FscDY0cWJLUVgtNHV3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDLhPAAwQC ucCgMA0EAgACMAcDBQMqCi1AMA0GCSqGSIb3DQEBCwUAA4IBAQCelQ/HC2kBzwpq 0SCgFrgl8aBkI7/wlc65I0PPrsn4w1xOZJGudz3S710YppvxfBxPoqwtcCDSmqmO U8X6N8hQjQ4TUZkTLb+tRWcijXiFmNfRCESR0SqPZLKkdlklTM2sLMGkcFEnu9Z0 dtRd414WTg3leHOnOiTBWbvU0pUHpcpm7h3y3x1ZbJSABWEPFQ4PzxcqLbyMe39W cz9edGqw364iftSwxV9BfCWsIt9s/XF+6GbkbVTQXsKOp1KHd+xBdR+4sC1Jahsn v7i/4Kb0B4evj/tjjrbs86bojt67OapMuKYrh4F1R8rTqOPpDjMNJp5k/oJs+UAo pjo9SE7j -----END CERTIFICATE-----Generated at Sun Jan 25 22:30:48 2026 by rpki-client