This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/XCau4ffd9wRsX7TYXIogzR2WqO4.roa File: XCau4ffd9wRsX7TYXIogzR2WqO4.roa (raw, json) Hash identifier: ftqkiMajJgdI8EjDHWxMovMT410S0p0no+51o9gTIa8= Subject key identifier: 5C:26:AE:E1:F7:DD:F7:04:6C:5F:B4:D8:5C:8A:20:CD:1D:96:A8:EE Certificate issuer: /CN=d82cb43ca3c0c57816cee360478d0cf882207fd2 Certificate serial: 019B78349CDBDE32A94BC4E81240C9B4596E Authority key identifier: D8:2C:B4:3C:A3:C0:C5:78:16:CE:E3:60:47:8D:0C:F8:82:20:7F:D2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2Cy0PKPAxXgWzuNgR40M-IIgf9I.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/XCau4ffd9wRsX7TYXIogzR2WqO4.roa Signing time: Thu 01 Jan 2026 06:17:52 +0000 ROA not before: Thu 01 Jan 2026 06:17:52 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 48950 IP address blocks: 104.160.3.0/24 maxlen: 24 104.160.4.0/24 maxlen: 24 104.160.10.0/24 maxlen: 24 158.222.3.0/24 maxlen: 24 158.222.5.0/24 maxlen: 24 158.222.7.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/2Cy0PKPAxXgWzuNgR40M-IIgf9I.crl rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/2Cy0PKPAxXgWzuNgR40M-IIgf9I.mft rsync://rpki.ripe.net/repository/DEFAULT/2Cy0PKPAxXgWzuNgR40M-IIgf9I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:34:9c:db:de:32:a9:4b:c4:e8:12:40:c9:b4:59:6e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d82cb43ca3c0c57816cee360478d0cf882207fd2 Validity Not Before: Jan 1 06:17:52 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5c26aee1f7ddf7046c5fb4d85c8a20cd1d96a8ee Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:56:0a:12:5e:d7:b3:6c:e0:d0:66:25:57:31: 65:82:da:7d:db:3a:4c:41:52:19:00:f9:4f:5e:66: 40:12:47:2e:04:97:b4:3d:79:78:f0:94:f2:82:46: eb:11:cf:46:d4:a2:c9:dc:68:ba:6c:3d:98:ac:02: 8a:3d:77:fc:ed:84:0d:e0:a0:e3:4a:30:91:6c:b7: cb:31:b1:e7:d6:f4:e0:39:40:54:50:42:88:63:4c: 31:7c:45:59:22:f5:82:b2:2b:25:03:34:81:45:8a: 59:52:c7:4c:e1:e1:4e:d4:08:4b:3d:08:62:bd:62: f8:64:53:08:f3:82:cf:cb:94:9e:d8:be:a8:cb:17: ca:6d:af:f0:b2:96:77:b8:ef:b9:8e:86:a2:6e:aa: 1f:7e:02:d6:eb:7d:7e:0f:f2:6b:2b:40:ea:7a:7e: 47:4e:bf:05:33:8c:67:45:56:af:27:59:87:f5:61: 73:ab:41:b3:88:69:e3:66:dc:37:f1:7e:79:fa:26: 3f:88:44:18:8d:48:1c:70:61:ff:e2:00:76:d6:25: 73:37:a6:b9:0f:59:54:50:a8:46:c8:f8:27:b2:7a: 7f:d8:65:97:d5:fe:1c:f4:13:02:87:c2:c9:3e:c8: e9:ce:16:cb:0d:90:21:f4:a6:9e:76:d8:03:e2:01: 02:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5C:26:AE:E1:F7:DD:F7:04:6C:5F:B4:D8:5C:8A:20:CD:1D:96:A8:EE X509v3 Authority Key Identifier: keyid:D8:2C:B4:3C:A3:C0:C5:78:16:CE:E3:60:47:8D:0C:F8:82:20:7F:D2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Cy0PKPAxXgWzuNgR40M-IIgf9I.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/XCau4ffd9wRsX7TYXIogzR2WqO4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/2Cy0PKPAxXgWzuNgR40M-IIgf9I.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 104.160.3.0-104.160.4.255 104.160.10.0/24 158.222.3.0/24 158.222.5.0/24 158.222.7.0/24 Signature Algorithm: sha256WithRSAEncryption 5a:7a:9f:c3:14:5c:65:d3:7c:e1:7c:c2:de:f5:24:1c:d7:4b: 6f:a2:f2:af:51:1e:45:88:5b:0f:d8:a1:09:f8:92:4f:8d:92: 74:60:be:c0:fd:14:97:eb:b4:b0:bd:cb:34:48:c7:f1:2e:e4: bf:29:b8:fc:b8:8f:ba:0c:b6:a5:c9:0f:fd:c3:c3:ec:4b:70: 8c:25:98:17:0a:bd:77:80:88:68:98:2f:92:a2:2c:c9:cb:c9: 41:28:e6:c5:02:83:b2:0d:f5:3b:f1:4e:20:2f:d0:b8:b1:7d: 0f:3f:55:53:07:82:d4:c8:30:7e:c7:e9:78:d0:ce:51:47:f0: c9:08:0e:d1:85:b0:84:f7:6c:08:d6:07:a6:36:de:6b:c1:96: 2b:eb:38:7f:45:c3:3a:61:37:3f:b2:fb:a4:8d:6a:40:fd:11: 2c:47:f6:da:9d:5a:f1:46:30:36:00:da:3f:7b:79:19:dd:b4: ab:e9:22:9f:de:9d:05:c0:bc:fd:89:8f:e5:b2:7b:83:d7:39: 09:78:64:43:c7:a3:db:b7:4d:17:7a:54:b0:d6:00:b9:82:fc: cb:8c:2b:75:6b:30:3c:74:62:e4:f7:9f:62:6d:5a:27:52:03: 21:ee:38:c6:da:ac:b9:c6:fd:a0:dd:f6:51:3d:d1:45:82:89: fe:55:b1:52 -----BEGIN CERTIFICATE----- MIIFHTCCBAWgAwIBAgISAZt4NJzb3jKpS8ToEkDJtFluMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ4MmNiNDNjYTNjMGM1NzgxNmNlZTM2MDQ3OGQwY2Y4ODIy MDdmZDIwHhcNMjYwMTAxMDYxNzUyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1YzI2YWVlMWY3ZGRmNzA0NmM1ZmI0ZDg1YzhhMjBjZDFkOTZhOGVlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsFYKEl7Xs2zg0GYlVzFlgtp92zpM QVIZAPlPXmZAEkcuBJe0PXl48JTygkbrEc9G1KLJ3Gi6bD2YrAKKPXf87YQN4KDj SjCRbLfLMbHn1vTgOUBUUEKIY0wxfEVZIvWCsislAzSBRYpZUsdM4eFO1AhLPQhi vWL4ZFMI84LPy5Se2L6oyxfKba/wspZ3uO+5joaibqoffgLW631+D/JrK0Dqen5H Tr8FM4xnRVavJ1mH9WFzq0GziGnjZtw38X55+iY/iEQYjUgccGH/4gB21iVzN6a5 D1lUUKhGyPgnsnp/2GWX1f4c9BMCh8LJPsjpzhbLDZAh9KaedtgD4gEC0QIDAQAB o4ICKTCCAiUwHQYDVR0OBBYEFFwmruH33fcEbF+02FyKIM0dlqjuMB8GA1UdIwQY MBaAFNgstDyjwMV4Fs7jYEeNDPiCIH/SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMkN5MFBLUEF4WGdXenVOZ1I0ME0tSUlnZjlJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8zYjUxYjgtMTBjNi00MzhiLWExMjAt MTVmMTNlM2Y3ZDg1LzEvWENhdTRmZmQ5d1JzWDdUWVhJb2d6UjJXcU80LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Ny8zYjUxYjgtMTBjNi00MzhiLWExMjAtMTVmMTNlM2Y3ZDg1 LzEvMkN5MFBLUEF4WGdXenVOZ1I0ME0tSUlnZjlJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmMAwDBABooAMD BABooAQDBABooAoDBACe3gMDBACe3gUDBACe3gcwDQYJKoZIhvcNAQELBQADggEB AFp6n8MUXGXTfOF8wt71JBzXS2+i8q9RHkWIWw/YoQn4kk+NknRgvsD9FJfrtLC9 yzRIx/Eu5L8puPy4j7oMtqXJD/3Dw+xLcIwlmBcKvXeAiGiYL5KiLMnLyUEo5sUC g7IN9TvxTiAv0LixfQ8/VVMHgtTIMH7H6XjQzlFH8MkIDtGFsIT3bAjWB6Y23mvB livrOH9FwzphNz+y+6SNakD9ESxH9tqdWvFGMDYA2j97eRndtKvpIp/enQXAvP2J j+Wye4PXOQl4ZEPHo9u3TRd6VLDWALmC/MuMK3VrMDx0YuT3n2JtWidSAyHuOMba rLnG/aDd9lE90UWCif5VsVI= -----END CERTIFICATE-----Generated at Sun Jan 25 17:45:52 2026 by rpki-client