This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/decde3-277a-4956-bf92-f0a8123e70f9/1/X2IqazocGBh2TzPpbjgU543EV3k.roa File: X2IqazocGBh2TzPpbjgU543EV3k.roa (raw, json) Hash identifier: bpCuK7CG9CoRNnFqOKdhYMABq2l/U8E9Zuo+llQrjU0= Subject key identifier: 5F:62:2A:6B:3A:1C:18:18:76:4F:33:E9:6E:38:14:E7:8D:C4:57:79 Certificate issuer: /CN=60bf373620146e6f298ae82d2c8a8371cacb7b1b Certificate serial: 019B7F81247767D927A10E3218446C302B79 Authority key identifier: 60:BF:37:36:20:14:6E:6F:29:8A:E8:2D:2C:8A:83:71:CA:CB:7B:1B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YL83NiAUbm8piugtLIqDccrLexs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/decde3-277a-4956-bf92-f0a8123e70f9/1/X2IqazocGBh2TzPpbjgU543EV3k.roa Signing time: Fri 02 Jan 2026 16:18:48 +0000 ROA not before: Fri 02 Jan 2026 16:18:48 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 48522 IP address blocks: 185.70.232.0/22 maxlen: 24 193.36.229.0/24 maxlen: 24 194.13.238.0/23 maxlen: 23 2a03:3620::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/decde3-277a-4956-bf92-f0a8123e70f9/1/YL83NiAUbm8piugtLIqDccrLexs.crl rsync://rpki.ripe.net/repository/DEFAULT/5b/decde3-277a-4956-bf92-f0a8123e70f9/1/YL83NiAUbm8piugtLIqDccrLexs.mft rsync://rpki.ripe.net/repository/DEFAULT/YL83NiAUbm8piugtLIqDccrLexs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 01:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:81:24:77:67:d9:27:a1:0e:32:18:44:6c:30:2b:79 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=60bf373620146e6f298ae82d2c8a8371cacb7b1b Validity Not Before: Jan 2 16:18:48 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5f622a6b3a1c1818764f33e96e3814e78dc45779 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:fd:15:12:75:fc:9e:c4:9f:7d:5a:10:ba:1c:92: 4d:09:cc:82:3f:26:f4:c0:6f:a4:f5:3c:0b:46:8d: 94:b3:7d:e2:15:40:6f:77:21:2b:5f:13:54:b5:13: eb:68:0a:26:ea:39:c8:e0:26:88:04:24:d2:70:ca: 96:64:fa:d7:f8:60:a2:fa:fe:fd:b2:6b:0e:6c:fb: 75:b3:28:3a:86:23:92:3e:0f:ae:b7:ee:bc:f0:c5: 05:2d:4b:ed:26:71:e9:bc:59:6b:ac:20:4c:33:fa: 5d:80:c1:89:4f:6f:db:51:e5:67:d8:b0:cf:6b:3d: 98:2d:1f:6a:17:47:31:2b:17:8c:d2:7e:ef:d4:cf: 49:18:c9:55:88:94:58:7c:6c:ff:17:d6:6c:e3:c2: ad:81:02:3e:3f:df:75:1b:8c:ad:23:13:eb:81:4c: c1:a3:7c:01:7d:94:7b:76:52:be:9f:32:fc:a1:e1: f2:e4:04:0f:4b:ff:96:67:5a:de:b7:51:37:98:cb: ee:53:24:ca:b9:4a:07:80:99:5e:2e:1e:cc:e1:e2: ff:94:ba:89:de:22:8c:91:a4:9c:0b:8f:1c:53:4e: 00:c7:c7:e5:b9:62:96:96:d3:da:55:75:93:78:01: d7:39:18:1c:cd:5c:3e:bb:0a:9d:69:19:2d:35:2c: be:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5F:62:2A:6B:3A:1C:18:18:76:4F:33:E9:6E:38:14:E7:8D:C4:57:79 X509v3 Authority Key Identifier: keyid:60:BF:37:36:20:14:6E:6F:29:8A:E8:2D:2C:8A:83:71:CA:CB:7B:1B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YL83NiAUbm8piugtLIqDccrLexs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/decde3-277a-4956-bf92-f0a8123e70f9/1/X2IqazocGBh2TzPpbjgU543EV3k.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/decde3-277a-4956-bf92-f0a8123e70f9/1/YL83NiAUbm8piugtLIqDccrLexs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.70.232.0/22 193.36.229.0/24 194.13.238.0/23 IPv6: 2a03:3620::/32 Signature Algorithm: sha256WithRSAEncryption 8f:66:24:d6:90:0f:9e:c4:8f:92:c1:88:3d:76:ff:a9:8b:4e: d1:49:46:b9:b8:60:73:80:59:29:ae:55:20:4d:d0:d1:c5:65: 5b:33:aa:3c:a0:56:05:4b:44:50:40:5c:8c:65:33:84:f9:59: a2:c4:1b:aa:6d:8c:d6:61:90:79:9f:83:79:7d:e2:dd:ea:d6: de:fb:64:36:e2:d6:50:22:21:28:64:10:56:6c:9c:19:c4:f6: c2:43:2e:4f:e0:bd:29:7e:a3:c1:19:fb:64:dc:05:a0:7c:15: 41:3b:d9:8c:89:46:ee:d5:25:da:f6:6e:1d:b2:06:f9:e2:6c: dc:a9:59:c7:3d:94:e2:9b:0e:d0:e8:94:40:e8:3d:c9:ac:f6: 29:07:67:f6:03:e8:87:94:dc:d0:2b:09:fc:7a:7f:b6:d3:81: ee:80:2e:85:83:f7:9f:6c:3e:37:f8:0c:f2:4f:00:0f:1e:64: 0a:31:31:8a:ce:46:2b:60:fb:ed:f2:ba:5f:9e:8f:9b:4a:22: b6:31:47:3c:e0:59:77:57:a8:f1:a6:8e:a3:95:16:e4:2d:f3: 50:34:a3:02:4c:ab:08:08:ff:42:4e:6b:5e:5d:f3:13:23:6a: 12:88:c2:a4:46:d6:21:17:44:c0:79:3c:f9:bc:36:40:0d:70: 9f:cb:80:03 -----BEGIN CERTIFICATE----- MIIFGDCCBACgAwIBAgISAZt/gSR3Z9knoQ4yGERsMCt5MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYwYmYzNzM2MjAxNDZlNmYyOThhZTgyZDJjOGE4MzcxY2Fj YjdiMWIwHhcNMjYwMTAyMTYxODQ4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1ZjYyMmE2YjNhMWMxODE4NzY0ZjMzZTk2ZTM4MTRlNzhkYzQ1Nzc5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/RUSdfyexJ99WhC6HJJNCcyCPyb0 wG+k9TwLRo2Us33iFUBvdyErXxNUtRPraAom6jnI4CaIBCTScMqWZPrX+GCi+v79 smsObPt1syg6hiOSPg+ut+688MUFLUvtJnHpvFlrrCBMM/pdgMGJT2/bUeVn2LDP az2YLR9qF0cxKxeM0n7v1M9JGMlViJRYfGz/F9Zs48KtgQI+P991G4ytIxPrgUzB o3wBfZR7dlK+nzL8oeHy5AQPS/+WZ1ret1E3mMvuUyTKuUoHgJleLh7M4eL/lLqJ 3iKMkaScC48cU04Ax8fluWKWltPaVXWTeAHXORgczVw+uwqdaRktNSy+RwIDAQAB o4ICJDCCAiAwHQYDVR0OBBYEFF9iKms6HBgYdk8z6W44FOeNxFd5MB8GA1UdIwQY MBaAFGC/NzYgFG5vKYroLSyKg3HKy3sbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWUw4M05pQVVibThwaXVndExJcURjY3JMZXhzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi9kZWNkZTMtMjc3YS00OTU2LWJmOTIt ZjBhODEyM2U3MGY5LzEvWDJJcWF6b2NHQmgyVHpQcGJqZ1U1NDNFVjNrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Yi9kZWNkZTMtMjc3YS00OTU2LWJmOTItZjBhODEyM2U3MGY5 LzEvWUw4M05pQVVibThwaXVndExJcURjY3JMZXhzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuUboAwQA wSTlAwQBwg3uMA0EAgACMAcDBQAqAzYgMA0GCSqGSIb3DQEBCwUAA4IBAQCPZiTW kA+exI+SwYg9dv+pi07RSUa5uGBzgFkprlUgTdDRxWVbM6o8oFYFS0RQQFyMZTOE +VmixBuqbYzWYZB5n4N5feLd6tbe+2Q24tZQIiEoZBBWbJwZxPbCQy5P4L0pfqPB Gftk3AWgfBVBO9mMiUbu1SXa9m4dsgb54mzcqVnHPZTimw7Q6JRA6D3JrPYpB2f2 A+iHlNzQKwn8en+204HugC6Fg/efbD43+AzyTwAPHmQKMTGKzkYrYPvt8rpfno+b SiK2MUc84Fl3V6jxpo6jlRbkLfNQNKMCTKsICP9CTmteXfMTI2oSiMKkRtYhF0TA eTz5vDZADXCfy4AD -----END CERTIFICATE-----Generated at Mon Jan 26 11:07:28 2026 by rpki-client