This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/xwiyYxCKk4qfbPLrye0n_-kGVRM.roa File: xwiyYxCKk4qfbPLrye0n_-kGVRM.roa (raw, json) Hash identifier: fhc711GP8GNG3PvjpSe59HEnfZmkhiaDfE6hWODV+Vs= Subject key identifier: C7:08:B2:63:10:8A:93:8A:9F:6C:F2:EB:C9:ED:27:FF:E9:06:55:13 Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b Certificate serial: 019B7A5AD8BA2643A3C722323231701A15C7 Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/xwiyYxCKk4qfbPLrye0n_-kGVRM.roa Signing time: Thu 01 Jan 2026 16:18:52 +0000 ROA not before: Thu 01 Jan 2026 16:18:52 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 214466 IP address blocks: 109.176.253.0/24 maxlen: 24 213.218.251.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 25 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5a:d8:ba:26:43:a3:c7:22:32:32:31:70:1a:15:c7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b Validity Not Before: Jan 1 16:18:52 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=c708b263108a938a9f6cf2ebc9ed27ffe9065513 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:92:ab:6f:2c:e1:04:19:c5:51:7b:0e:a9:f0:bd: c8:86:9c:a5:82:60:86:84:0e:bb:7e:a0:3d:7f:20: a4:22:83:cf:9b:de:8c:57:a8:6c:5c:9b:a6:51:65: 94:fd:1e:77:2b:75:22:71:1c:58:b5:0a:71:32:a0: 23:d5:fb:49:ab:ef:de:11:25:47:f5:f2:71:30:8b: aa:25:d6:42:a8:d8:0f:48:12:66:87:f8:4f:26:73: 7b:39:70:c6:61:75:c0:bf:19:65:a3:31:40:c7:6a: f3:41:dc:95:fc:01:eb:43:6f:82:00:c6:ca:55:50: 44:f4:4e:80:1d:e3:56:51:6c:4d:08:30:63:16:9c: f1:86:75:0a:22:68:45:80:f8:5c:a8:45:de:ee:39: 40:d5:b4:0b:57:5f:cb:ed:3b:71:11:58:a7:d5:80: 4f:ef:99:58:f3:30:cf:2e:96:17:57:0d:5b:b8:42: 51:e7:da:a8:2b:44:bd:bb:01:b7:37:9e:61:63:ac: 78:1a:54:d4:5b:ad:65:22:52:37:5c:b8:09:18:a1: d0:4a:0a:8c:f0:9e:9e:30:3d:11:5c:ae:a4:b1:6d: 1f:67:4c:4b:48:a2:83:1d:b4:4c:f5:2c:e7:29:55: ba:99:33:27:cd:b8:01:2f:9b:f4:dd:b9:85:38:18: c5:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C7:08:B2:63:10:8A:93:8A:9F:6C:F2:EB:C9:ED:27:FF:E9:06:55:13 X509v3 Authority Key Identifier: keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/xwiyYxCKk4qfbPLrye0n_-kGVRM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 109.176.253.0/24 213.218.251.0/24 Signature Algorithm: sha256WithRSAEncryption 32:e1:7e:21:30:49:69:08:fe:85:82:67:59:53:41:1d:e5:17: 43:67:28:29:89:d9:5f:13:9b:4c:d2:17:aa:8c:fd:cc:05:12: 92:54:e9:25:f9:23:ae:76:5b:f7:ab:b5:e9:d8:23:6d:b4:09: 4f:9a:57:22:f0:cc:64:a7:b1:e3:a9:13:67:d6:3c:d7:2b:42: f8:37:70:96:fb:86:e7:e0:b6:c9:8c:2d:d3:d7:4e:b1:81:78: 6f:31:d5:c1:ab:38:f5:5c:1c:25:2e:71:00:2d:9c:3e:8f:6e: cb:cf:f5:b2:a0:5f:16:31:50:5c:41:ea:74:0b:bc:a8:ad:9e: 94:16:40:e9:a0:33:8a:6b:f1:ce:71:a0:e4:0d:64:61:48:bd: 4f:68:f7:14:06:f2:d2:76:6f:2b:a3:55:6a:ec:09:66:2e:ea: bf:d7:50:b6:5c:07:bb:57:5a:c9:75:7d:99:da:28:9e:f4:f1: b9:1b:4c:66:25:2d:e5:0e:46:d5:e6:90:da:14:28:4b:da:08: fd:73:b5:e1:20:50:66:6e:22:d4:b5:aa:60:1c:1e:32:0c:85: 15:49:bc:da:4a:bf:9b:56:22:93:1b:53:4f:bf:d0:fb:38:60: 8c:bb:d8:df:54:3a:19:20:1b:56:2f:2f:30:0b:44:55:bd:f2: 02:1c:fe:ce -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt6Wti6JkOjxyIyMjFwGhXHMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh NTNiOWIwHhcNMjYwMTAxMTYxODUyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjNzA4YjI2MzEwOGE5MzhhOWY2Y2YyZWJjOWVkMjdmZmU5MDY1NTEzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkqtvLOEEGcVRew6p8L3IhpylgmCG hA67fqA9fyCkIoPPm96MV6hsXJumUWWU/R53K3UicRxYtQpxMqAj1ftJq+/eESVH 9fJxMIuqJdZCqNgPSBJmh/hPJnN7OXDGYXXAvxllozFAx2rzQdyV/AHrQ2+CAMbK VVBE9E6AHeNWUWxNCDBjFpzxhnUKImhFgPhcqEXe7jlA1bQLV1/L7TtxEVin1YBP 75lY8zDPLpYXVw1buEJR59qoK0S9uwG3N55hY6x4GlTUW61lIlI3XLgJGKHQSgqM 8J6eMD0RXK6ksW0fZ0xLSKKDHbRM9SznKVW6mTMnzbgBL5v03bmFOBjFAwIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFMcIsmMQipOKn2zy68ntJ//pBlUTMB8GA1UdIwQY MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt NDEyMjhlMzlmZjdjLzEveHdpeVl4Q0trNHFmYlBMcnllMG5fLWtHVlJNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAbbD9AwQA 1dr7MA0GCSqGSIb3DQEBCwUAA4IBAQAy4X4hMElpCP6FgmdZU0Ed5RdDZygpidlf E5tM0heqjP3MBRKSVOkl+SOudlv3q7Xp2CNttAlPmlci8Mxkp7HjqRNn1jzXK0L4 N3CW+4bn4LbJjC3T106xgXhvMdXBqzj1XBwlLnEALZw+j27Lz/WyoF8WMVBcQep0 C7yorZ6UFkDpoDOKa/HOcaDkDWRhSL1PaPcUBvLSdm8ro1Vq7AlmLuq/11C2XAe7 V1rJdX2Z2iie9PG5G0xmJS3lDkbV5pDaFChL2gj9c7XhIFBmbiLUtapgHB4yDIUV SbzaSr+bViKTG1NPv9D7OGCMu9jfVDoZIBtWLy8wC0RVvfICHP7O -----END CERTIFICATE-----Generated at Sun Jan 25 07:15:49 2026 by rpki-client