This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/f6fee6-c0a2-4a03-a981-f5fda0ea300d/1/xQLXNMGtJIEmbmsa0yimk8gh264.roa File: xQLXNMGtJIEmbmsa0yimk8gh264.roa (raw, json) Hash identifier: 681EcZV9/rvtEn+cL3EpnhUhg/0vWlpEsupf9xZzDx8= Subject key identifier: C5:02:D7:34:C1:AD:24:81:26:6E:6B:1A:D3:28:A6:93:C8:21:DB:AE Certificate issuer: /CN=80ab4c0945b738edda0583a274b63c1b8673a630 Certificate serial: 019B7C7FDA3E8D641F2BEDF0B3ADA509E7B0 Authority key identifier: 80:AB:4C:09:45:B7:38:ED:DA:05:83:A2:74:B6:3C:1B:86:73:A6:30 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gKtMCUW3OO3aBYOidLY8G4ZzpjA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/f6fee6-c0a2-4a03-a981-f5fda0ea300d/1/xQLXNMGtJIEmbmsa0yimk8gh264.roa Signing time: Fri 02 Jan 2026 02:18:32 +0000 ROA not before: Fri 02 Jan 2026 02:18:32 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 43065 IP address blocks: 185.140.116.0/22 maxlen: 22 2001:67c:2448::/48 maxlen: 48 2a07:1c80::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/89/f6fee6-c0a2-4a03-a981-f5fda0ea300d/1/gKtMCUW3OO3aBYOidLY8G4ZzpjA.crl rsync://rpki.ripe.net/repository/DEFAULT/89/f6fee6-c0a2-4a03-a981-f5fda0ea300d/1/gKtMCUW3OO3aBYOidLY8G4ZzpjA.mft rsync://rpki.ripe.net/repository/DEFAULT/gKtMCUW3OO3aBYOidLY8G4ZzpjA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:7f:da:3e:8d:64:1f:2b:ed:f0:b3:ad:a5:09:e7:b0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=80ab4c0945b738edda0583a274b63c1b8673a630 Validity Not Before: Jan 2 02:18:32 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=c502d734c1ad2481266e6b1ad328a693c821dbae Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:ed:6e:b0:c3:a1:0f:58:31:bd:60:d1:6c:ea: 15:23:cc:1d:47:0d:09:5f:e2:3d:b6:55:d1:5a:9e: 6d:25:9e:83:5b:59:08:d4:b8:85:e3:6d:64:bf:48: 99:2a:8c:aa:28:44:f5:7b:ad:71:9e:db:e7:6d:c0: 86:4d:39:25:b9:3f:1c:0c:89:ed:ba:52:e1:0e:f2: f3:b7:fb:c1:4e:5e:1b:98:ec:13:ae:56:18:20:fc: 7e:65:5e:ce:60:02:f0:7d:de:c5:f1:41:dc:99:06: 2c:f5:4d:a0:dc:fa:e9:3d:83:56:16:cf:a2:c2:97: 16:e4:01:eb:58:75:98:c0:cc:33:e3:a5:f0:e2:96: 87:80:a8:ae:4b:26:df:48:1d:84:66:3e:bd:f6:79: a7:30:3c:9b:1c:5c:f0:58:18:f0:25:94:28:e1:8b: 4e:8c:a3:9b:6f:1b:b1:c5:a5:5c:4e:51:31:13:a4: 7a:fd:16:66:85:5d:b3:8d:f6:38:1a:d3:60:9e:26: 98:44:45:d3:5b:40:12:22:87:2f:80:8e:cb:79:c9: d7:5e:a0:0f:4a:4b:97:16:ea:9c:05:ea:f1:d0:26: 5a:3c:d8:ef:d1:c5:76:d4:a2:d2:63:82:00:6a:d8: 6c:3a:74:1b:6b:a1:e9:59:f3:90:ee:6a:43:2b:0c: 98:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C5:02:D7:34:C1:AD:24:81:26:6E:6B:1A:D3:28:A6:93:C8:21:DB:AE X509v3 Authority Key Identifier: keyid:80:AB:4C:09:45:B7:38:ED:DA:05:83:A2:74:B6:3C:1B:86:73:A6:30 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gKtMCUW3OO3aBYOidLY8G4ZzpjA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/f6fee6-c0a2-4a03-a981-f5fda0ea300d/1/xQLXNMGtJIEmbmsa0yimk8gh264.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/89/f6fee6-c0a2-4a03-a981-f5fda0ea300d/1/gKtMCUW3OO3aBYOidLY8G4ZzpjA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.140.116.0/22 IPv6: 2001:67c:2448::/48 2a07:1c80::/29 Signature Algorithm: sha256WithRSAEncryption ac:e9:fe:93:96:2e:d0:c5:22:65:97:bf:04:4e:49:43:67:3d: 40:fa:a7:65:03:eb:e0:30:17:ed:0b:7c:f7:77:8a:c1:c2:4e: 09:a1:49:28:da:16:9c:10:6b:c5:d6:15:60:84:d6:9a:8c:07: a2:22:9e:b8:02:c6:db:9b:d3:5c:3b:fe:37:54:c6:32:21:5f: 64:66:a9:c5:92:98:8b:9d:2f:9c:03:ca:b8:b9:4d:d5:63:b5: fa:db:b2:cd:61:93:f5:2c:fe:76:92:46:35:d9:7f:04:e1:b5: e3:60:49:44:5b:69:6b:dd:19:2e:ba:da:2f:fc:72:91:44:dd: 2a:3f:2c:f7:63:b7:0c:7c:6c:82:6d:70:1a:be:92:f2:f0:9c: a5:99:77:e5:76:87:4d:7e:00:4e:0b:fc:ec:2d:d3:42:48:c4: c6:c2:ec:de:d7:ef:f7:79:f0:2b:d0:ee:27:ca:3a:0e:dc:dc: 92:d9:42:ac:3a:c3:7a:22:52:37:4a:a1:d7:9a:cc:96:95:b9: 69:ff:03:1a:4d:34:0b:4c:27:35:41:b2:b8:54:37:ab:52:ec: 82:9d:19:0e:f8:bd:15:62:f5:74:2a:33:3f:bd:f6:72:ac:87: 54:dc:66:90:f0:67:0e:9d:b0:5e:42:6e:06:b7:10:90:e2:cc: 34:a7:e3:10 -----BEGIN CERTIFICATE----- MIIFFTCCA/2gAwIBAgISAZt8f9o+jWQfK+3ws62lCeewMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDgwYWI0YzA5NDViNzM4ZWRkYTA1ODNhMjc0YjYzYzFiODY3 M2E2MzAwHhcNMjYwMTAyMDIxODMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjNTAyZDczNGMxYWQyNDgxMjY2ZTZiMWFkMzI4YTY5M2M4MjFkYmFlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtO1usMOhD1gxvWDRbOoVI8wdRw0J X+I9tlXRWp5tJZ6DW1kI1LiF421kv0iZKoyqKET1e61xntvnbcCGTTkluT8cDInt ulLhDvLzt/vBTl4bmOwTrlYYIPx+ZV7OYALwfd7F8UHcmQYs9U2g3PrpPYNWFs+i wpcW5AHrWHWYwMwz46Xw4paHgKiuSybfSB2EZj699nmnMDybHFzwWBjwJZQo4YtO jKObbxuxxaVcTlExE6R6/RZmhV2zjfY4GtNgniaYREXTW0ASIocvgI7LecnXXqAP SkuXFuqcBerx0CZaPNjv0cV21KLSY4IAathsOnQba6HpWfOQ7mpDKwyYHwIDAQAB o4ICITCCAh0wHQYDVR0OBBYEFMUC1zTBrSSBJm5rGtMoppPIIduuMB8GA1UdIwQY MBaAFICrTAlFtzjt2gWDonS2PBuGc6YwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZ0t0TUNVVzNPTzNhQllPaWRMWThHNFp6cGpBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS9mNmZlZTYtYzBhMi00YTAzLWE5ODEt ZjVmZGEwZWEzMDBkLzEveFFMWE5NR3RKSUVtYm1zYTB5aW1rOGdoMjY0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84OS9mNmZlZTYtYzBhMi00YTAzLWE5ODEtZjVmZGEwZWEzMDBk LzEvZ0t0TUNVVzNPTzNhQllPaWRMWThHNFp6cGpBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAMBAIAATAGAwQCuYx0MBYE AgACMBADBwAgAQZ8JEgDBQMqBxyAMA0GCSqGSIb3DQEBCwUAA4IBAQCs6f6Tli7Q xSJll78ETklDZz1A+qdlA+vgMBftC3z3d4rBwk4JoUko2hacEGvF1hVghNaajAei Ip64Asbbm9NcO/43VMYyIV9kZqnFkpiLnS+cA8q4uU3VY7X627LNYZP1LP52kkY1 2X8E4bXjYElEW2lr3Rkuutov/HKRRN0qPyz3Y7cMfGyCbXAavpLy8JylmXfldodN fgBOC/zsLdNCSMTGwuze1+/3efAr0O4nyjoO3NyS2UKsOsN6IlI3SqHXmsyWlblp /wMaTTQLTCc1QbK4VDerUuyCnRkO+L0VYvV0KjM/vfZyrIdU3GaQ8GcOnbBeQm4G txCQ4sw0p+MQ -----END CERTIFICATE-----Generated at Sun Jan 25 16:37:25 2026 by rpki-client