This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/f66ca9-3bdc-4294-ad62-7bcefa9f59e8/1/XSXw8zz6wHnklahOljGNkkMK48Q.roa File: XSXw8zz6wHnklahOljGNkkMK48Q.roa (raw, json) Hash identifier: p4JyRpCAuLEOOG8JHAgwOmpcnmRpxW2S31rpM+z8Q1Y= Subject key identifier: 5D:25:F0:F3:3C:FA:C0:79:E4:95:A8:4E:96:31:8D:92:43:0A:E3:C4 Certificate issuer: /CN=5f0fd90d987297cb5dd4e07be840d280d1e2cc4a Certificate serial: 019B7C12D8A81738CDA0F1E1BF095ACA5322 Authority key identifier: 5F:0F:D9:0D:98:72:97:CB:5D:D4:E0:7B:E8:40:D2:80:D1:E2:CC:4A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xw_ZDZhyl8td1OB76EDSgNHizEo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/f66ca9-3bdc-4294-ad62-7bcefa9f59e8/1/XSXw8zz6wHnklahOljGNkkMK48Q.roa Signing time: Fri 02 Jan 2026 00:19:28 +0000 ROA not before: Fri 02 Jan 2026 00:19:28 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 60802 IP address blocks: 31.42.183.0/24 maxlen: 24 2001:67c:bcc::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/77/f66ca9-3bdc-4294-ad62-7bcefa9f59e8/1/Xw_ZDZhyl8td1OB76EDSgNHizEo.crl rsync://rpki.ripe.net/repository/DEFAULT/77/f66ca9-3bdc-4294-ad62-7bcefa9f59e8/1/Xw_ZDZhyl8td1OB76EDSgNHizEo.mft rsync://rpki.ripe.net/repository/DEFAULT/Xw_ZDZhyl8td1OB76EDSgNHizEo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:12:d8:a8:17:38:cd:a0:f1:e1:bf:09:5a:ca:53:22 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5f0fd90d987297cb5dd4e07be840d280d1e2cc4a Validity Not Before: Jan 2 00:19:28 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5d25f0f33cfac079e495a84e96318d92430ae3c4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:5b:5b:b5:3e:e6:8d:5c:ce:bd:42:07:79:04: 68:f3:a6:e2:50:77:5e:5e:4b:34:5d:bf:f8:dd:03: 37:0c:5d:9c:db:4b:c1:77:5b:a2:80:12:7a:69:35: 52:20:7d:30:bf:df:24:11:5d:c9:21:98:11:b8:c5: 03:3c:28:78:43:1a:0a:72:fc:57:9f:06:a6:ee:d9: e5:50:d2:d6:fb:ea:79:82:2e:59:dd:23:f0:53:16: a7:fa:d9:19:e3:2c:d4:8c:cc:0f:00:44:6b:2b:56: f4:29:23:36:cd:35:e9:5a:74:06:f5:2f:ae:48:4b: 81:c2:18:85:10:cd:33:cf:5a:ad:9f:73:49:8d:ef: ce:73:87:15:9e:24:26:00:44:c2:11:3a:40:c6:c7: 20:3c:b1:ba:45:8f:be:0c:e0:9a:5d:18:73:38:77: 71:65:56:6a:4c:e9:e7:30:f8:72:e8:48:d5:36:a6: 88:b3:2c:94:e2:95:01:01:6b:ac:3c:81:ee:96:9d: 33:e7:8f:05:e5:03:cb:34:1b:d8:cf:1f:84:a6:29: 17:ab:fd:5c:e4:1d:a3:6c:6b:42:39:15:33:0f:74: 14:43:f8:23:26:ba:46:f3:21:84:f1:ce:e8:2b:cb: ae:86:9b:d5:1d:e9:51:0e:7f:72:20:0d:26:52:a8: 0a:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:25:F0:F3:3C:FA:C0:79:E4:95:A8:4E:96:31:8D:92:43:0A:E3:C4 X509v3 Authority Key Identifier: keyid:5F:0F:D9:0D:98:72:97:CB:5D:D4:E0:7B:E8:40:D2:80:D1:E2:CC:4A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xw_ZDZhyl8td1OB76EDSgNHizEo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/f66ca9-3bdc-4294-ad62-7bcefa9f59e8/1/XSXw8zz6wHnklahOljGNkkMK48Q.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/77/f66ca9-3bdc-4294-ad62-7bcefa9f59e8/1/Xw_ZDZhyl8td1OB76EDSgNHizEo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.42.183.0/24 IPv6: 2001:67c:bcc::/48 Signature Algorithm: sha256WithRSAEncryption 65:30:5a:6c:37:63:7c:1e:67:0b:68:1e:45:da:7d:f7:7f:c7: ce:7f:8f:89:be:d6:bf:33:57:2e:c7:90:81:30:db:e4:9c:07: 8f:f1:17:1d:ae:f4:a0:73:52:33:a8:e1:7a:c5:8c:29:7a:1d: 02:dd:ed:aa:f9:58:76:0a:3e:b4:6e:3f:36:c7:f3:41:aa:21: 82:d0:53:19:74:24:31:f8:a9:d8:a6:42:52:7f:f3:8b:6d:81: da:59:56:76:4c:33:a9:bb:0e:8d:f6:29:25:8b:32:8a:bb:18: 51:c6:51:26:8b:ee:59:a1:b4:6c:61:87:c7:d8:07:b0:4b:92: 60:e8:be:bd:18:2e:bc:66:51:dd:10:12:0f:cf:a8:15:64:d6: 83:f8:76:de:4c:9e:84:b1:b5:4b:67:a2:e7:6c:bc:c1:f9:ba: 0d:ac:c5:10:e8:ac:30:16:ba:2e:46:e4:75:49:07:61:f6:cd: 01:68:0a:77:61:50:c7:81:ed:cd:71:09:79:96:58:08:35:0a: 60:64:64:1c:36:99:5d:90:2c:5c:c3:5c:ca:6f:9b:07:92:5f: 46:a7:1e:e4:51:38:5e:0b:37:a1:f0:c1:c7:5f:4b:26:6b:da: 58:c2:18:55:d8:cc:d6:89:65:15:ff:a1:66:da:81:07:53:87: 69:f3:d3:77 -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgISAZt8EtioFzjNoPHhvwlaylMiMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVmMGZkOTBkOTg3Mjk3Y2I1ZGQ0ZTA3YmU4NDBkMjgwZDFl MmNjNGEwHhcNMjYwMTAyMDAxOTI4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1ZDI1ZjBmMzNjZmFjMDc5ZTQ5NWE4NGU5NjMxOGQ5MjQzMGFlM2M0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnVtbtT7mjVzOvUIHeQRo86biUHde Xks0Xb/43QM3DF2c20vBd1uigBJ6aTVSIH0wv98kEV3JIZgRuMUDPCh4QxoKcvxX nwam7tnlUNLW++p5gi5Z3SPwUxan+tkZ4yzUjMwPAERrK1b0KSM2zTXpWnQG9S+u SEuBwhiFEM0zz1qtn3NJje/Oc4cVniQmAETCETpAxscgPLG6RY++DOCaXRhzOHdx ZVZqTOnnMPhy6EjVNqaIsyyU4pUBAWusPIHulp0z548F5QPLNBvYzx+EpikXq/1c 5B2jbGtCORUzD3QUQ/gjJrpG8yGE8c7oK8uuhpvVHelRDn9yIA0mUqgKMwIDAQAB o4ICGjCCAhYwHQYDVR0OBBYEFF0l8PM8+sB55JWoTpYxjZJDCuPEMB8GA1UdIwQY MBaAFF8P2Q2YcpfLXdTge+hA0oDR4sxKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWHdfWkRaaHlsOHRkMU9CNzZFRFNnTkhpekVvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny9mNjZjYTktM2JkYy00Mjk0LWFkNjIt N2JjZWZhOWY1OWU4LzEvWFNYdzh6ejZ3SG5rbGFoT2xqR05ra01LNDhRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83Ny9mNjZjYTktM2JkYy00Mjk0LWFkNjItN2JjZWZhOWY1OWU4 LzEvWHdfWkRaaHlsOHRkMU9CNzZFRFNnTkhpekVvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAHyq3MA8E AgACMAkDBwAgAQZ8C8wwDQYJKoZIhvcNAQELBQADggEBAGUwWmw3Y3weZwtoHkXa ffd/x85/j4m+1r8zVy7HkIEw2+ScB4/xFx2u9KBzUjOo4XrFjCl6HQLd7ar5WHYK PrRuPzbH80GqIYLQUxl0JDH4qdimQlJ/84ttgdpZVnZMM6m7Do32KSWLMoq7GFHG USaL7lmhtGxhh8fYB7BLkmDovr0YLrxmUd0QEg/PqBVk1oP4dt5MnoSxtUtnouds vMH5ug2sxRDorDAWui5G5HVJB2H2zQFoCndhUMeB7c1xCXmWWAg1CmBkZBw2mV2Q LFzDXMpvmweSX0anHuRROF4LN6HwwcdfSyZr2ljCGFXYzNaJZRX/oWbagQdTh2nz 03c= -----END CERTIFICATE-----Generated at Mon Jan 26 06:33:28 2026 by rpki-client