This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/0917a7-9ebd-45b9-9de2-27473ca612de/1/XXCfSA5i6cR4GsHNYWAJo9hST8U.roa File: XXCfSA5i6cR4GsHNYWAJo9hST8U.roa (raw, json) Hash identifier: WC1z/2WX2c5pLdJ9psJam8Dm0HPb89b8Rv4EcBWL6sg= Subject key identifier: 5D:70:9F:48:0E:62:E9:C4:78:1A:C1:CD:61:60:09:A3:D8:52:4F:C5 Certificate issuer: /CN=b914961f67f22c61e84a66c8ad9c1a8ce51d099b Certificate serial: 019B7C808236FBA27EFD6B6DCFD5031EB665 Authority key identifier: B9:14:96:1F:67:F2:2C:61:E8:4A:66:C8:AD:9C:1A:8C:E5:1D:09:9B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uRSWH2fyLGHoSmbIrZwajOUdCZs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/0917a7-9ebd-45b9-9de2-27473ca612de/1/XXCfSA5i6cR4GsHNYWAJo9hST8U.roa Signing time: Fri 02 Jan 2026 02:19:15 +0000 ROA not before: Fri 02 Jan 2026 02:19:15 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 206833 IP address blocks: 195.5.68.0/22 maxlen: 24 195.5.72.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6b/0917a7-9ebd-45b9-9de2-27473ca612de/1/uRSWH2fyLGHoSmbIrZwajOUdCZs.crl rsync://rpki.ripe.net/repository/DEFAULT/6b/0917a7-9ebd-45b9-9de2-27473ca612de/1/uRSWH2fyLGHoSmbIrZwajOUdCZs.mft rsync://rpki.ripe.net/repository/DEFAULT/uRSWH2fyLGHoSmbIrZwajOUdCZs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:80:82:36:fb:a2:7e:fd:6b:6d:cf:d5:03:1e:b6:65 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b914961f67f22c61e84a66c8ad9c1a8ce51d099b Validity Not Before: Jan 2 02:19:15 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5d709f480e62e9c4781ac1cd616009a3d8524fc5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:76:47:14:d9:f2:1c:d9:5c:d1:ee:97:86:2b: cf:40:e4:2e:fa:ed:72:18:36:9a:d0:1e:fa:b9:0a: 0b:cb:44:11:42:7f:cb:75:dc:9d:e1:cb:cd:95:65: dd:85:8b:46:05:48:3d:25:4e:d5:98:04:a0:93:19: a2:9a:d9:50:82:0f:e5:01:bd:43:04:da:90:35:9e: 27:6b:2e:d3:8e:30:24:5d:f5:26:c7:b4:0b:e8:21: b6:96:61:c6:2b:91:6d:bd:8a:8e:08:8a:09:06:b2: 93:98:83:9f:f0:fe:8b:20:9f:21:38:04:32:5c:b8: 59:63:ca:19:9e:88:fa:36:66:66:b0:51:3c:35:89: 31:7a:27:58:e4:02:ef:0d:1d:c2:26:8d:58:9b:8f: 94:bd:cb:d2:4f:f8:2a:71:d4:73:83:19:28:5a:f9: 1e:43:9b:5b:af:5c:8a:5d:93:32:63:e8:84:e7:6a: 30:ed:b8:27:fa:0d:06:34:41:1f:4a:8b:ea:69:fe: 07:e3:77:67:2c:f8:bf:14:fc:d4:d1:9a:c5:10:f7: f3:70:60:f4:4d:b7:2e:19:1a:37:67:bd:1f:7f:6c: 58:7a:f6:d2:51:c8:e9:3a:1b:1b:41:0b:50:fa:a1: d6:3c:53:61:79:a2:15:aa:86:90:b3:79:15:2e:9a: da:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:70:9F:48:0E:62:E9:C4:78:1A:C1:CD:61:60:09:A3:D8:52:4F:C5 X509v3 Authority Key Identifier: keyid:B9:14:96:1F:67:F2:2C:61:E8:4A:66:C8:AD:9C:1A:8C:E5:1D:09:9B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uRSWH2fyLGHoSmbIrZwajOUdCZs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0917a7-9ebd-45b9-9de2-27473ca612de/1/XXCfSA5i6cR4GsHNYWAJo9hST8U.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0917a7-9ebd-45b9-9de2-27473ca612de/1/uRSWH2fyLGHoSmbIrZwajOUdCZs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 195.5.68.0-195.5.75.255 Signature Algorithm: sha256WithRSAEncryption 05:6d:63:0a:93:ba:f1:99:bb:ce:dd:8f:db:03:87:9a:9c:ab: 45:68:05:32:26:62:f1:b1:bb:8c:5b:02:d6:28:17:35:1f:e5: b7:13:e9:06:8a:48:56:af:92:c9:a2:fa:12:8d:72:a7:83:9c: ae:21:71:0d:67:8d:70:ee:91:43:98:3b:f7:8e:35:fa:88:3b: ab:6a:8a:c3:c0:3a:52:6a:bf:fb:e5:1d:1c:95:dc:2c:54:83: c3:76:2c:89:2b:4e:5d:d8:e1:e5:64:ac:ac:26:02:0f:91:c4: 63:29:6f:40:99:44:6d:bd:ad:0e:40:f4:89:df:3d:a7:c1:6b: 5c:d2:60:49:b5:3e:33:bd:71:bd:43:ad:79:c0:4e:e0:55:99: 59:40:9e:98:b1:8e:42:77:2b:f5:39:73:ef:99:47:bb:6b:96: c1:a7:31:56:91:84:84:48:d6:a8:1b:40:1f:45:d0:14:33:b5: 8a:ae:49:41:6f:37:47:dc:9f:5b:22:9c:1b:45:b2:5f:9a:43: ed:88:14:4e:60:72:b9:de:2d:c1:a0:13:8c:7a:62:79:48:eb: 15:3e:db:5f:d2:d0:0f:cf:0e:a8:b5:0f:84:1e:c8:59:d2:e0: 9f:e3:e7:18:17:c2:4e:10:3b:04:d9:ca:67:6c:7b:cb:94:76: 4c:93:b5:e7 -----BEGIN CERTIFICATE----- MIIFBTCCA+2gAwIBAgISAZt8gII2+6J+/Wttz9UDHrZlMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI5MTQ5NjFmNjdmMjJjNjFlODRhNjZjOGFkOWMxYThjZTUx ZDA5OWIwHhcNMjYwMTAyMDIxOTE1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1ZDcwOWY0ODBlNjJlOWM0NzgxYWMxY2Q2MTYwMDlhM2Q4NTI0ZmM1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyHZHFNnyHNlc0e6XhivPQOQu+u1y GDaa0B76uQoLy0QRQn/Lddyd4cvNlWXdhYtGBUg9JU7VmASgkxmimtlQgg/lAb1D BNqQNZ4nay7TjjAkXfUmx7QL6CG2lmHGK5FtvYqOCIoJBrKTmIOf8P6LIJ8hOAQy XLhZY8oZnoj6NmZmsFE8NYkxeidY5ALvDR3CJo1Ym4+UvcvST/gqcdRzgxkoWvke Q5tbr1yKXZMyY+iE52ow7bgn+g0GNEEfSovqaf4H43dnLPi/FPzU0ZrFEPfzcGD0 TbcuGRo3Z70ff2xYevbSUcjpOhsbQQtQ+qHWPFNheaIVqoaQs3kVLpraMQIDAQAB o4ICETCCAg0wHQYDVR0OBBYEFF1wn0gOYunEeBrBzWFgCaPYUk/FMB8GA1UdIwQY MBaAFLkUlh9n8ixh6EpmyK2cGozlHQmbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdVJTV0gyZnlMR0hvU21iSXJad2FqT1VkQ1pzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8wOTE3YTctOWViZC00NWI5LTlkZTIt Mjc0NzNjYTYxMmRlLzEvWFhDZlNBNWk2Y1I0R3NITllXQUpvOWhTVDhVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Yi8wOTE3YTctOWViZC00NWI5LTlkZTItMjc0NzNjYTYxMmRl LzEvdVJTV0gyZnlMR0hvU21iSXJad2FqT1VkQ1pzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBALDBUQD BALDBUgwDQYJKoZIhvcNAQELBQADggEBAAVtYwqTuvGZu87dj9sDh5qcq0VoBTIm YvGxu4xbAtYoFzUf5bcT6QaKSFavksmi+hKNcqeDnK4hcQ1njXDukUOYO/eONfqI O6tqisPAOlJqv/vlHRyV3CxUg8N2LIkrTl3Y4eVkrKwmAg+RxGMpb0CZRG29rQ5A 9InfPafBa1zSYEm1PjO9cb1DrXnATuBVmVlAnpixjkJ3K/U5c++ZR7trlsGnMVaR hIRI1qgbQB9F0BQztYquSUFvN0fcn1sinBtFsl+aQ+2IFE5gcrneLcGgE4x6YnlI 6xU+21/S0A/PDqi1D4QeyFnS4J/j5xgXwk4QOwTZymdse8uUdkyTtec= -----END CERTIFICATE-----Generated at Sun Jan 25 16:17:36 2026 by rpki-client