This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/f8ae47-0ed4-4681-9c12-fa1260850709/1/XcRX1RAJL4NGdzyun1ejeZqAF24.roa File: XcRX1RAJL4NGdzyun1ejeZqAF24.roa (raw, json) Hash identifier: YNAZegeHiWzquonxoxjxpFIiVyp3kn/I+1eygwpZVIc= Subject key identifier: 5D:C4:57:D5:10:09:2F:83:46:77:3C:AE:9F:57:A3:79:9A:80:17:6E Certificate issuer: /CN=5349c2d00ba46be9244b76194baa10f33ce3462c Certificate serial: 019B7834C1B499D2BB68A12FEFE955E94768 Authority key identifier: 53:49:C2:D0:0B:A4:6B:E9:24:4B:76:19:4B:AA:10:F3:3C:E3:46:2C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U0nC0Auka-kkS3YZS6oQ8zzjRiw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/f8ae47-0ed4-4681-9c12-fa1260850709/1/XcRX1RAJL4NGdzyun1ejeZqAF24.roa Signing time: Thu 01 Jan 2026 06:18:02 +0000 ROA not before: Thu 01 Jan 2026 06:18:02 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 20712 IP address blocks: 176.123.222.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/f8ae47-0ed4-4681-9c12-fa1260850709/1/U0nC0Auka-kkS3YZS6oQ8zzjRiw.crl rsync://rpki.ripe.net/repository/DEFAULT/55/f8ae47-0ed4-4681-9c12-fa1260850709/1/U0nC0Auka-kkS3YZS6oQ8zzjRiw.mft rsync://rpki.ripe.net/repository/DEFAULT/U0nC0Auka-kkS3YZS6oQ8zzjRiw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 06:01:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:34:c1:b4:99:d2:bb:68:a1:2f:ef:e9:55:e9:47:68 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5349c2d00ba46be9244b76194baa10f33ce3462c Validity Not Before: Jan 1 06:18:02 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5dc457d510092f8346773cae9f57a3799a80176e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:76:5a:67:6d:1b:2c:a2:93:c6:ac:f5:b7:cb: d1:86:12:55:08:bf:43:f5:06:87:ef:e0:0f:79:66: 1f:ef:a0:88:74:c7:10:bd:83:8b:14:7a:a5:b4:36: fc:4d:3b:9f:63:a1:fa:29:87:ab:81:60:8b:ce:cd: 14:b7:8a:3c:99:85:fe:44:c6:f4:2c:a3:b0:e6:15: 95:a1:7d:3a:31:b5:84:d6:89:9b:c2:fa:52:1e:2d: d6:e1:63:b7:8f:b9:c6:5c:43:c0:e2:19:16:04:a2: c0:22:e2:89:7d:24:79:5a:06:72:e4:5c:65:d1:f2: 88:63:43:42:18:c4:25:b6:01:95:88:fd:02:f7:91: 66:95:d2:b3:f6:68:a1:20:c8:79:2d:1f:64:29:3e: 62:b0:39:b5:26:b2:0d:a7:62:69:5b:6b:fd:3b:f9: 31:49:60:d8:0b:45:9d:f4:25:aa:47:c7:df:fe:38: 87:e6:00:eb:0b:6b:95:56:61:dc:08:62:d5:c1:ff: a3:2b:9e:2f:8e:b1:a9:94:75:89:62:33:67:8a:1b: e2:1c:f9:a9:3b:14:29:66:8e:b9:31:63:6b:80:48: 12:9f:e7:25:3e:af:8b:d2:0f:45:81:92:a8:db:85: 2f:7e:17:9b:8c:bb:1f:1d:2e:fc:0e:54:6c:58:03: db:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:C4:57:D5:10:09:2F:83:46:77:3C:AE:9F:57:A3:79:9A:80:17:6E X509v3 Authority Key Identifier: keyid:53:49:C2:D0:0B:A4:6B:E9:24:4B:76:19:4B:AA:10:F3:3C:E3:46:2C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U0nC0Auka-kkS3YZS6oQ8zzjRiw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/f8ae47-0ed4-4681-9c12-fa1260850709/1/XcRX1RAJL4NGdzyun1ejeZqAF24.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/55/f8ae47-0ed4-4681-9c12-fa1260850709/1/U0nC0Auka-kkS3YZS6oQ8zzjRiw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 176.123.222.0/24 Signature Algorithm: sha256WithRSAEncryption 4e:42:5d:2a:9b:7b:5d:da:a5:cf:bc:18:5b:8c:c5:45:f1:3a: 9c:c1:f4:02:b5:08:63:c6:07:06:98:e3:7b:10:89:1b:53:5e: 58:80:fb:39:44:69:3a:5a:7d:47:c5:66:74:78:d7:18:4b:7a: 0c:3d:a7:fb:c9:84:01:4e:d3:aa:70:88:27:96:27:ac:61:bb: 06:e3:10:bb:8f:15:ce:1f:ba:49:20:14:6b:3f:64:1a:26:43: 07:d0:2b:70:e8:5f:28:1a:ed:64:af:e2:f1:4b:ba:14:10:28: 34:c7:16:55:22:e2:f9:97:e7:7c:94:da:91:9b:16:48:3f:fc: b3:e1:94:c1:e9:e1:67:46:9f:86:4b:db:25:92:d5:86:09:fe: 88:33:fe:30:0d:e2:70:36:fe:2d:58:98:7e:5c:03:76:24:6b: 53:19:6b:bf:a4:5f:59:de:2e:f8:fd:14:4d:71:e1:1b:60:f7: 8f:5a:42:15:d5:ed:c1:3d:be:98:c3:17:9a:7f:05:26:36:5b: 9e:e2:6a:4e:13:e4:5e:b1:a5:53:91:fe:e6:f1:0a:04:fa:c6: 39:5f:95:15:c6:8f:1b:d5:2f:b7:d7:8c:93:e1:b4:e6:4d:33: 6c:3f:c4:d3:b2:bd:24:cf:5e:02:92:5b:86:7e:a8:0b:63:2f: 1b:5f:60:b1 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt4NMG0mdK7aKEv7+lV6UdoMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDUzNDljMmQwMGJhNDZiZTkyNDRiNzYxOTRiYWExMGYzM2Nl MzQ2MmMwHhcNMjYwMTAxMDYxODAyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1ZGM0NTdkNTEwMDkyZjgzNDY3NzNjYWU5ZjU3YTM3OTlhODAxNzZlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3XZaZ20bLKKTxqz1t8vRhhJVCL9D 9QaH7+APeWYf76CIdMcQvYOLFHqltDb8TTufY6H6KYergWCLzs0Ut4o8mYX+RMb0 LKOw5hWVoX06MbWE1ombwvpSHi3W4WO3j7nGXEPA4hkWBKLAIuKJfSR5WgZy5Fxl 0fKIY0NCGMQltgGViP0C95FmldKz9mihIMh5LR9kKT5isDm1JrINp2JpW2v9O/kx SWDYC0Wd9CWqR8ff/jiH5gDrC2uVVmHcCGLVwf+jK54vjrGplHWJYjNnihviHPmp OxQpZo65MWNrgEgSn+clPq+L0g9FgZKo24UvfhebjLsfHS78DlRsWAPbRwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFF3EV9UQCS+DRnc8rp9Xo3magBduMB8GA1UdIwQY MBaAFFNJwtALpGvpJEt2GUuqEPM840YsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVTBuQzBBdWthLWtrUzNZWlM2b1E4enpqUml3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9mOGFlNDctMGVkNC00NjgxLTljMTIt ZmExMjYwODUwNzA5LzEvWGNSWDFSQUpMNE5HZHp5dW4xZWplWnFBRjI0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81NS9mOGFlNDctMGVkNC00NjgxLTljMTItZmExMjYwODUwNzA5 LzEvVTBuQzBBdWthLWtrUzNZWlM2b1E4enpqUml3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsHveMA0G CSqGSIb3DQEBCwUAA4IBAQBOQl0qm3td2qXPvBhbjMVF8TqcwfQCtQhjxgcGmON7 EIkbU15YgPs5RGk6Wn1HxWZ0eNcYS3oMPaf7yYQBTtOqcIgnliesYbsG4xC7jxXO H7pJIBRrP2QaJkMH0Ctw6F8oGu1kr+LxS7oUECg0xxZVIuL5l+d8lNqRmxZIP/yz 4ZTB6eFnRp+GS9slktWGCf6IM/4wDeJwNv4tWJh+XAN2JGtTGWu/pF9Z3i74/RRN ceEbYPePWkIV1e3BPb6YwxeafwUmNlue4mpOE+ResaVTkf7m8QoE+sY5X5UVxo8b 1S+314yT4bTmTTNsP8TTsr0kz14CkluGfqgLYy8bX2Cx -----END CERTIFICATE-----Generated at Sun Jan 25 16:14:52 2026 by rpki-client