This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/3e9916-4f8a-4b08-89c9-b0c74b76e182/1/XEAUGZpMH4JdbEqAP-QziU_QJro.roa File: XEAUGZpMH4JdbEqAP-QziU_QJro.roa (raw, json) Hash identifier: MZsVBftbv0GE9cNTpB1NdtaxrhS+DGkJwB1gUClDAOs= Subject key identifier: 5C:40:14:19:9A:4C:1F:82:5D:6C:4A:80:3F:E4:33:89:4F:D0:26:BA Certificate issuer: /CN=3474210c28413e26284822abe83ad6d7c0f764fa Certificate serial: 019B76EAE003A5F41E5811975C9A7025A1C7 Authority key identifier: 34:74:21:0C:28:41:3E:26:28:48:22:AB:E8:3A:D6:D7:C0:F7:64:FA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NHQhDChBPiYoSCKr6DrW18D3ZPo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/3e9916-4f8a-4b08-89c9-b0c74b76e182/1/XEAUGZpMH4JdbEqAP-QziU_QJro.roa Signing time: Thu 01 Jan 2026 00:17:42 +0000 ROA not before: Thu 01 Jan 2026 00:17:42 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 34224 IP address blocks: 185.68.44.0/22 maxlen: 24 185.161.232.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/63/3e9916-4f8a-4b08-89c9-b0c74b76e182/1/NHQhDChBPiYoSCKr6DrW18D3ZPo.crl rsync://rpki.ripe.net/repository/DEFAULT/63/3e9916-4f8a-4b08-89c9-b0c74b76e182/1/NHQhDChBPiYoSCKr6DrW18D3ZPo.mft rsync://rpki.ripe.net/repository/DEFAULT/NHQhDChBPiYoSCKr6DrW18D3ZPo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:76:ea:e0:03:a5:f4:1e:58:11:97:5c:9a:70:25:a1:c7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3474210c28413e26284822abe83ad6d7c0f764fa Validity Not Before: Jan 1 00:17:42 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5c4014199a4c1f825d6c4a803fe433894fd026ba Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:78:23:3f:bf:ab:c1:c9:7c:02:65:0d:aa:bd: 70:43:de:6f:b7:81:c7:1c:d7:b8:23:c3:cf:3a:08: c5:fc:df:7d:ed:b4:4d:88:e0:5f:74:57:cb:e4:84: 29:fd:16:06:0f:22:85:96:09:2a:5e:6d:29:c4:2a: 71:21:60:3e:43:38:3f:a4:c8:dc:8e:d6:8a:a2:06: 7f:bd:a5:ac:26:05:65:3a:a9:49:bc:39:4a:31:fe: 4f:ed:02:02:67:e6:ac:20:c9:a7:2a:0b:fc:16:8f: e7:87:5b:a2:98:57:fd:f3:97:a5:7d:74:8d:62:19: 06:e5:95:2e:c4:0c:9b:35:fe:c4:c6:d9:0e:ad:e0: b9:d7:d2:29:08:5c:80:a1:f7:f9:8d:4d:c7:fe:69: 54:c6:c6:0f:8a:80:6e:5d:bf:e8:22:d6:9d:a7:ff: 9f:de:1f:55:de:fc:db:3e:9b:44:7f:a6:76:3a:5b: d9:7c:6c:b9:9f:4a:cd:82:ad:d0:77:0d:48:23:d1: 84:e5:01:34:3e:46:64:82:86:ad:a4:46:ff:1a:f1: 15:bb:d3:ef:27:7c:cb:0b:d6:9f:df:c1:34:fb:ea: 83:5b:a6:b3:bb:c8:e7:25:86:f1:16:16:73:79:e9: 8c:34:02:91:fb:81:2a:5b:48:e6:ac:c5:42:81:43: 51:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5C:40:14:19:9A:4C:1F:82:5D:6C:4A:80:3F:E4:33:89:4F:D0:26:BA X509v3 Authority Key Identifier: keyid:34:74:21:0C:28:41:3E:26:28:48:22:AB:E8:3A:D6:D7:C0:F7:64:FA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NHQhDChBPiYoSCKr6DrW18D3ZPo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/3e9916-4f8a-4b08-89c9-b0c74b76e182/1/XEAUGZpMH4JdbEqAP-QziU_QJro.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/63/3e9916-4f8a-4b08-89c9-b0c74b76e182/1/NHQhDChBPiYoSCKr6DrW18D3ZPo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.68.44.0/22 185.161.232.0/22 Signature Algorithm: sha256WithRSAEncryption 6d:84:e1:7a:31:49:fa:19:81:92:83:47:9b:b7:01:d6:9c:f0: 51:f8:32:6f:33:fd:9f:45:7a:a2:b6:f1:a7:4a:0f:9d:9b:39: 01:cd:83:39:36:5e:ab:6b:69:aa:9a:2b:83:95:9d:6e:51:da: 2f:c4:41:5b:91:9c:19:ae:cc:ac:a0:c4:1e:98:d8:28:9c:d9: 2e:31:70:e1:eb:5a:99:c9:b5:01:d2:cb:40:08:65:74:6f:ad: 7d:c9:20:7f:6a:f7:4f:01:50:74:f3:97:e0:e0:10:60:5a:60: a3:e0:f8:b1:f9:12:c7:af:6b:8f:d8:69:c5:71:9d:cf:43:f3: 73:7f:6e:d0:a1:c0:09:50:43:df:42:bc:45:63:42:50:22:28: e6:5f:85:59:22:10:87:95:fb:78:d3:b3:32:04:4f:d6:b0:0b: 1e:51:3f:db:94:ea:95:52:e7:6f:35:a7:d9:fd:b3:f8:b5:2d: b1:c1:bc:99:2e:53:8b:fa:22:89:d1:3b:d9:42:f0:cb:44:ac: 5f:bb:91:01:b7:8a:c2:ec:a7:51:67:1d:83:26:10:ba:cf:ce: 4c:7e:fd:44:a3:75:a3:57:2e:3e:f8:3a:82:e1:9b:19:4f:f5: 24:be:b0:d0:49:8c:69:d4:49:c1:57:cf:a4:4d:f8:2f:02:83: 87:bd:b1:63 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt26uADpfQeWBGXXJpwJaHHMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM0NzQyMTBjMjg0MTNlMjYyODQ4MjJhYmU4M2FkNmQ3YzBm NzY0ZmEwHhcNMjYwMTAxMDAxNzQyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1YzQwMTQxOTlhNGMxZjgyNWQ2YzRhODAzZmU0MzM4OTRmZDAyNmJhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzXgjP7+rwcl8AmUNqr1wQ95vt4HH HNe4I8PPOgjF/N997bRNiOBfdFfL5IQp/RYGDyKFlgkqXm0pxCpxIWA+Qzg/pMjc jtaKogZ/vaWsJgVlOqlJvDlKMf5P7QICZ+asIMmnKgv8Fo/nh1uimFf985elfXSN YhkG5ZUuxAybNf7ExtkOreC519IpCFyAoff5jU3H/mlUxsYPioBuXb/oItadp/+f 3h9V3vzbPptEf6Z2OlvZfGy5n0rNgq3Qdw1II9GE5QE0PkZkgoatpEb/GvEVu9Pv J3zLC9af38E0++qDW6azu8jnJYbxFhZzeemMNAKR+4EqW0jmrMVCgUNR0QIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFFxAFBmaTB+CXWxKgD/kM4lP0Ca6MB8GA1UdIwQY MBaAFDR0IQwoQT4mKEgiq+g61tfA92T6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTkhRaERDaEJQaVlvU0NLcjZEclcxOEQzWlBvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My8zZTk5MTYtNGY4YS00YjA4LTg5Yzkt YjBjNzRiNzZlMTgyLzEvWEVBVUdacE1INEpkYkVxQVAtUXppVV9RSnJvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82My8zZTk5MTYtNGY4YS00YjA4LTg5YzktYjBjNzRiNzZlMTgy LzEvTkhRaERDaEJQaVlvU0NLcjZEclcxOEQzWlBvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuUQsAwQC uaHoMA0GCSqGSIb3DQEBCwUAA4IBAQBthOF6MUn6GYGSg0ebtwHWnPBR+DJvM/2f RXqitvGnSg+dmzkBzYM5Nl6ra2mqmiuDlZ1uUdovxEFbkZwZrsysoMQemNgonNku MXDh61qZybUB0stACGV0b619ySB/avdPAVB085fg4BBgWmCj4Pix+RLHr2uP2GnF cZ3PQ/Nzf27QocAJUEPfQrxFY0JQIijmX4VZIhCHlft407MyBE/WsAseUT/blOqV UudvNafZ/bP4tS2xwbyZLlOL+iKJ0TvZQvDLRKxfu5EBt4rC7KdRZx2DJhC6z85M fv1Eo3WjVy4++DqC4ZsZT/UkvrDQSYxp1EnBV8+kTfgvAoOHvbFj -----END CERTIFICATE-----Generated at Sun Jan 25 16:35:54 2026 by rpki-client