This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/c65aab-8a52-476f-9e32-10959aaa8b3e/1/x2-bHgYNNe9EO0e71Kbdkn4WCUs.roa File: x2-bHgYNNe9EO0e71Kbdkn4WCUs.roa (raw, json) Hash identifier: Dca0K3UX+EGLfg7iHsshpljIoglUEEQdeXIYfckXkFA= Subject key identifier: C7:6F:9B:1E:06:0D:35:EF:44:3B:47:BB:D4:A6:DD:92:7E:16:09:4B Certificate issuer: /CN=c4ff23b1c371352f39b73d39a4e07f8ca98ccd67 Certificate serial: 019B7AC7FF2DABCF4C9143E5285C2E5BD363 Authority key identifier: C4:FF:23:B1:C3:71:35:2F:39:B7:3D:39:A4:E0:7F:8C:A9:8C:CD:67 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xP8jscNxNS85tz05pOB_jKmMzWc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/c65aab-8a52-476f-9e32-10959aaa8b3e/1/x2-bHgYNNe9EO0e71Kbdkn4WCUs.roa Signing time: Thu 01 Jan 2026 18:18:05 +0000 ROA not before: Thu 01 Jan 2026 18:18:05 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 21110 IP address blocks: 31.222.55.0/24 maxlen: 24 31.222.56.0/24 maxlen: 24 31.222.57.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6f/c65aab-8a52-476f-9e32-10959aaa8b3e/1/xP8jscNxNS85tz05pOB_jKmMzWc.crl rsync://rpki.ripe.net/repository/DEFAULT/6f/c65aab-8a52-476f-9e32-10959aaa8b3e/1/xP8jscNxNS85tz05pOB_jKmMzWc.mft rsync://rpki.ripe.net/repository/DEFAULT/xP8jscNxNS85tz05pOB_jKmMzWc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 18:00:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:c7:ff:2d:ab:cf:4c:91:43:e5:28:5c:2e:5b:d3:63 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c4ff23b1c371352f39b73d39a4e07f8ca98ccd67 Validity Not Before: Jan 1 18:18:05 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=c76f9b1e060d35ef443b47bbd4a6dd927e16094b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:86:61:93:2a:c4:99:09:21:32:20:40:d2:b8: 10:f6:a4:21:56:38:33:5f:d3:d4:52:c1:68:38:e5: b4:c1:ea:a5:db:69:d4:e2:26:fb:74:39:08:d3:ca: 6d:a1:30:4c:97:9c:13:bb:bb:a6:b1:5d:68:24:22: 29:72:9b:a4:e8:cf:ee:5f:53:30:b1:df:39:2a:59: 01:dc:72:db:48:2c:95:45:0c:0a:70:cf:8e:c7:18: 36:59:8a:50:42:27:af:34:b9:f7:19:29:49:6f:4c: 9a:63:28:62:27:2e:f7:a7:72:a9:c0:01:76:a1:58: b4:2e:f7:19:ba:78:e4:5b:5b:37:45:b1:e4:a9:2a: d5:e4:e2:bb:ed:75:9b:cf:5b:4e:dd:d1:ca:f4:58: f9:86:ec:ae:42:9a:d0:70:62:0e:93:b4:66:d6:81: aa:63:e2:6c:a7:ea:69:3c:a6:28:de:3b:27:f2:7c: 24:b0:4f:5e:d2:53:70:13:d9:d1:2f:d9:4d:54:90: 16:6d:fc:3b:1d:63:a5:47:e2:8f:c2:f6:b0:8d:91: 15:f9:af:04:dc:32:d9:91:ed:6e:33:89:b1:97:47: fa:3d:cb:ac:99:17:6a:86:67:03:16:8e:d8:cd:bc: 37:3b:2b:60:7a:b1:c6:b3:79:6b:51:89:86:12:c0: a4:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C7:6F:9B:1E:06:0D:35:EF:44:3B:47:BB:D4:A6:DD:92:7E:16:09:4B X509v3 Authority Key Identifier: keyid:C4:FF:23:B1:C3:71:35:2F:39:B7:3D:39:A4:E0:7F:8C:A9:8C:CD:67 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xP8jscNxNS85tz05pOB_jKmMzWc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/c65aab-8a52-476f-9e32-10959aaa8b3e/1/x2-bHgYNNe9EO0e71Kbdkn4WCUs.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/c65aab-8a52-476f-9e32-10959aaa8b3e/1/xP8jscNxNS85tz05pOB_jKmMzWc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.222.55.0-31.222.57.255 Signature Algorithm: sha256WithRSAEncryption 13:f3:86:64:16:06:fe:81:f2:62:00:5b:c1:0c:a1:2b:81:33: 35:85:2e:76:d1:59:fb:a9:c2:b0:64:e7:7d:01:c1:9b:82:5a: 00:17:4e:d2:11:55:ed:79:82:69:09:01:a5:4c:26:b7:d6:ea: db:8b:cb:39:f5:c8:b0:1b:b9:96:88:58:e0:ca:92:5d:b2:b1: 7c:87:4e:96:73:85:cc:d8:b1:d2:13:38:91:8d:ef:f1:e4:cb: 59:7d:72:d5:d7:64:db:23:d1:ea:76:85:aa:9d:c2:15:a9:ce: da:dc:80:4e:c9:13:e1:13:83:f7:19:7d:c7:d8:88:97:92:77: 37:b7:68:a2:e9:d3:7e:a1:43:0e:3d:b2:d6:c6:86:92:79:44: 31:b3:96:9b:e9:74:05:05:9a:60:5f:aa:c9:84:e2:f8:a9:6e: a1:58:99:15:ca:39:18:69:13:e0:86:70:a0:37:45:86:44:2a: ca:8b:ae:1b:be:7d:f4:11:f6:6b:43:72:0a:20:95:a3:9a:03: 61:59:eb:27:af:66:ba:78:2b:19:5a:de:b4:46:07:01:b1:95: 07:18:5d:d2:eb:45:45:9c:43:0b:5a:2d:f1:d2:67:0d:5a:8f: 6f:1f:d0:2e:89:14:0e:37:ee:20:32:d5:f5:8f:84:74:b3:b1: 90:df:ee:e0 -----BEGIN CERTIFICATE----- MIIFBTCCA+2gAwIBAgISAZt6x/8tq89MkUPlKFwuW9NjMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM0ZmYyM2IxYzM3MTM1MmYzOWI3M2QzOWE0ZTA3ZjhjYTk4 Y2NkNjcwHhcNMjYwMTAxMTgxODA1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjNzZmOWIxZTA2MGQzNWVmNDQzYjQ3YmJkNGE2ZGQ5MjdlMTYwOTRiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz4ZhkyrEmQkhMiBA0rgQ9qQhVjgz X9PUUsFoOOW0weql22nU4ib7dDkI08ptoTBMl5wTu7umsV1oJCIpcpuk6M/uX1Mw sd85KlkB3HLbSCyVRQwKcM+Oxxg2WYpQQievNLn3GSlJb0yaYyhiJy73p3KpwAF2 oVi0LvcZunjkW1s3RbHkqSrV5OK77XWbz1tO3dHK9Fj5huyuQprQcGIOk7Rm1oGq Y+Jsp+ppPKYo3jsn8nwksE9e0lNwE9nRL9lNVJAWbfw7HWOlR+KPwvawjZEV+a8E 3DLZke1uM4mxl0f6PcusmRdqhmcDFo7Yzbw3OytgerHGs3lrUYmGEsCk3QIDAQAB o4ICETCCAg0wHQYDVR0OBBYEFMdvmx4GDTXvRDtHu9Sm3ZJ+FglLMB8GA1UdIwQY MBaAFMT/I7HDcTUvObc9OaTgf4ypjM1nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveFA4anNjTnhOUzg1dHowNXBPQl9qS21NeldjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9jNjVhYWItOGE1Mi00NzZmLTllMzIt MTA5NTlhYWE4YjNlLzEveDItYkhnWU5OZTlFTzBlNzFLYmRrbjRXQ1VzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Zi9jNjVhYWItOGE1Mi00NzZmLTllMzItMTA5NTlhYWE4YjNl LzEveFA4anNjTnhOUzg1dHowNXBPQl9qS21NeldjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAAf3jcD BAEf3jgwDQYJKoZIhvcNAQELBQADggEBABPzhmQWBv6B8mIAW8EMoSuBMzWFLnbR WfupwrBk530BwZuCWgAXTtIRVe15gmkJAaVMJrfW6tuLyzn1yLAbuZaIWODKkl2y sXyHTpZzhczYsdITOJGN7/Hky1l9ctXXZNsj0ep2haqdwhWpztrcgE7JE+ETg/cZ fcfYiJeSdze3aKLp036hQw49stbGhpJ5RDGzlpvpdAUFmmBfqsmE4vipbqFYmRXK ORhpE+CGcKA3RYZEKsqLrhu+ffQR9mtDcgoglaOaA2FZ6yevZrp4Kxla3rRGBwGx lQcYXdLrRUWcQwtaLfHSZw1aj28f0C6JFA437iAy1fWPhHSzsZDf7uA= -----END CERTIFICATE-----Generated at Mon Jan 26 03:40:34 2026 by rpki-client