This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/xuKShxycjh6IwZ4Z6GwhHdW0pM4.roa File: xuKShxycjh6IwZ4Z6GwhHdW0pM4.roa (raw, json) Hash identifier: Z5XbuKg+0uhhEpehxw9D2s3VbrNMgqlXVqyeusbY9oU= Subject key identifier: C6:E2:92:87:1C:9C:8E:1E:88:C1:9E:19:E8:6C:21:1D:D5:B4:A4:CE Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42 Certificate serial: 019B7F850EB85496273D4F716BD4B10DA33D Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/xuKShxycjh6IwZ4Z6GwhHdW0pM4.roa Signing time: Fri 02 Jan 2026 16:23:05 +0000 ROA not before: Fri 02 Jan 2026 16:23:05 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 211004 IP address blocks: 146.158.31.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.mft rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:85:0e:b8:54:96:27:3d:4f:71:6b:d4:b1:0d:a3:3d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42 Validity Not Before: Jan 2 16:23:05 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=c6e292871c9c8e1e88c19e19e86c211dd5b4a4ce Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:d7:58:10:9e:64:82:56:d3:5f:7c:6d:9c:3b: 62:3d:92:2a:53:06:49:2c:38:41:fb:72:df:8d:3e: 4c:c5:da:c8:0a:4f:34:09:76:fa:08:32:ee:86:2b: 37:86:8e:d9:ae:c0:10:e6:2e:58:5e:d0:0e:5b:55: 3c:3b:59:c3:b9:e0:e9:00:c3:fe:a2:cb:83:51:67: 98:23:55:99:20:59:43:55:f0:4f:db:62:7f:df:12: ba:75:92:a1:5b:8d:93:b9:fc:47:b8:2d:0e:62:6a: 96:f3:b4:81:64:88:55:8f:b0:8e:03:5c:eb:5f:99: 90:b9:0d:45:d4:7f:53:5a:c0:62:41:65:b1:a7:7b: 19:3c:34:bf:82:1e:b0:87:ba:87:54:8a:19:fc:b8: 74:82:c6:59:22:78:70:55:ec:40:1a:c0:7e:97:a1: b1:a4:16:11:e8:ac:15:e6:16:6a:72:05:3c:4b:84: eb:4a:c0:0d:ca:29:bf:0c:93:4f:1b:0b:05:97:ab: 85:83:fe:b2:2d:52:67:ce:6b:af:ca:83:ed:01:cf: 08:fd:6f:e3:61:86:db:5c:01:f4:e7:03:4a:8f:43: c2:54:c8:63:10:a6:69:c5:8b:aa:59:3b:0c:cf:aa: 95:bc:00:53:4b:ca:01:cc:33:5e:3b:24:82:52:0c: d5:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C6:E2:92:87:1C:9C:8E:1E:88:C1:9E:19:E8:6C:21:1D:D5:B4:A4:CE X509v3 Authority Key Identifier: keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/xuKShxycjh6IwZ4Z6GwhHdW0pM4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 146.158.31.0/24 Signature Algorithm: sha256WithRSAEncryption 7b:b8:b9:10:39:cb:81:d9:13:8f:6c:ec:b9:e1:d5:34:0c:b4: 16:b4:de:4c:5f:14:cc:0c:4a:52:6c:6d:58:70:97:0c:1d:4b: 87:37:5a:29:c1:da:00:7f:b0:d9:24:bf:6a:b5:d3:68:bf:4c: c5:a9:4b:a8:16:5b:29:8b:c8:fd:3d:fb:9f:0c:78:45:94:ce: 74:42:9c:8d:e6:3e:53:c7:af:44:30:54:3b:d7:6f:1b:8a:00: 7b:55:45:f6:c6:db:6c:d1:c3:9a:76:de:07:1b:1f:15:65:f7: b5:b9:d2:d1:42:25:b0:94:43:aa:d6:a2:3e:6b:42:49:77:c1: a0:4a:e3:5f:4c:07:1b:68:b6:a0:a9:12:09:35:83:76:6f:89: 94:fe:07:76:dc:5c:ad:32:28:56:58:f0:e6:33:7d:15:6e:78: 70:90:0c:fe:f3:29:1c:3f:35:38:41:4b:bf:ca:05:c5:11:2c: 5b:99:0c:14:23:53:bc:2c:2c:3e:98:97:1d:18:fc:5a:61:af: f0:0c:db:fd:1a:07:18:49:81:bc:7a:78:c7:ab:1a:b7:e9:e8: f5:eb:eb:5b:52:b8:02:ee:49:6b:f1:49:ec:38:5c:2b:95:ae: c7:16:b2:48:19:a8:2d:ee:8f:6c:4b:12:5a:7c:f5:0b:79:7d: 67:fc:11:02 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt/hQ64VJYnPU9xa9SxDaM9MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh YWVmNDIwHhcNMjYwMTAyMTYyMzA1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjNmUyOTI4NzFjOWM4ZTFlODhjMTllMTllODZjMjExZGQ1YjRhNGNlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtNdYEJ5kglbTX3xtnDtiPZIqUwZJ LDhB+3LfjT5MxdrICk80CXb6CDLuhis3ho7ZrsAQ5i5YXtAOW1U8O1nDueDpAMP+ osuDUWeYI1WZIFlDVfBP22J/3xK6dZKhW42TufxHuC0OYmqW87SBZIhVj7COA1zr X5mQuQ1F1H9TWsBiQWWxp3sZPDS/gh6wh7qHVIoZ/Lh0gsZZInhwVexAGsB+l6Gx pBYR6KwV5hZqcgU8S4TrSsANyim/DJNPGwsFl6uFg/6yLVJnzmuvyoPtAc8I/W/j YYbbXAH05wNKj0PCVMhjEKZpxYuqWTsMz6qVvABTS8oBzDNeOySCUgzVtwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFMbikoccnI4eiMGeGehsIR3VtKTOMB8GA1UdIwQY MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt MDYyYzY5MzNhYmVkLzEveHVLU2h4eWNqaDZJd1o0WjZHd2hIZFcwcE00LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkp4fMA0G CSqGSIb3DQEBCwUAA4IBAQB7uLkQOcuB2ROPbOy54dU0DLQWtN5MXxTMDEpSbG1Y cJcMHUuHN1opwdoAf7DZJL9qtdNov0zFqUuoFlspi8j9PfufDHhFlM50QpyN5j5T x69EMFQ7128bigB7VUX2xtts0cOadt4HGx8VZfe1udLRQiWwlEOq1qI+a0JJd8Gg SuNfTAcbaLagqRIJNYN2b4mU/gd23FytMihWWPDmM30VbnhwkAz+8ykcPzU4QUu/ ygXFESxbmQwUI1O8LCw+mJcdGPxaYa/wDNv9GgcYSYG8enjHqxq36ej16+tbUrgC 7klr8UnsOFwrla7HFrJIGagt7o9sSxJafPULeX1n/BEC -----END CERTIFICATE-----Generated at Sun Jan 25 16:27:45 2026 by rpki-client