This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/3d8aac-d398-43ab-9c3e-650992f2a174/1/XsPBZYDmZQXk-P0aqcX7IcYNL6s.roa File: XsPBZYDmZQXk-P0aqcX7IcYNL6s.roa (raw, json) Hash identifier: orTb8e31BmqYC4t4GQUVMdSeajjCevLwDiZIoKJFTaw= Subject key identifier: 5E:C3:C1:65:80:E6:65:05:E4:F8:FD:1A:A9:C5:FB:21:C6:0D:2F:AB Certificate issuer: /CN=c65613d5999f3632985ed89a02efaabd1890ba09 Certificate serial: 019B79ECD1CB57F1A28529DF23884AACBF5D Authority key identifier: C6:56:13:D5:99:9F:36:32:98:5E:D8:9A:02:EF:AA:BD:18:90:BA:09 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xlYT1ZmfNjKYXtiaAu-qvRiQugk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/3d8aac-d398-43ab-9c3e-650992f2a174/1/XsPBZYDmZQXk-P0aqcX7IcYNL6s.roa Signing time: Thu 01 Jan 2026 14:18:41 +0000 ROA not before: Thu 01 Jan 2026 14:18:41 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 215492 IP address blocks: 2001:67c:df8::/48 maxlen: 48 2a14:8100:10::/44 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/3d8aac-d398-43ab-9c3e-650992f2a174/1/xlYT1ZmfNjKYXtiaAu-qvRiQugk.crl rsync://rpki.ripe.net/repository/DEFAULT/8e/3d8aac-d398-43ab-9c3e-650992f2a174/1/xlYT1ZmfNjKYXtiaAu-qvRiQugk.mft rsync://rpki.ripe.net/repository/DEFAULT/xlYT1ZmfNjKYXtiaAu-qvRiQugk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:ec:d1:cb:57:f1:a2:85:29:df:23:88:4a:ac:bf:5d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c65613d5999f3632985ed89a02efaabd1890ba09 Validity Not Before: Jan 1 14:18:41 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5ec3c16580e66505e4f8fd1aa9c5fb21c60d2fab Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:9b:1d:af:aa:8f:67:d8:79:36:e1:1f:06:3c: 3a:ea:88:55:7a:5a:5d:46:04:17:32:47:b3:1a:c8: 9a:c0:ae:dd:13:4b:1e:01:f4:58:1c:3a:8a:fb:43: b7:8c:33:46:c2:5d:d5:06:9f:85:3d:3f:8d:ec:05: 71:cf:b8:fa:29:4b:76:8c:80:3a:6c:d5:fb:84:c1: bc:66:a4:87:f7:9b:08:24:95:9a:5f:e4:9a:5b:aa: 5f:65:d0:f9:24:5b:61:be:5d:1b:b5:bc:68:e5:62: f8:21:0f:83:13:62:e2:0a:31:97:3b:d6:4a:a0:c2: 1f:f1:ad:a1:bf:98:31:ea:65:ea:dd:19:f5:6f:c5: b1:dc:27:88:c3:98:65:49:fc:a3:01:87:23:7e:ad: 4c:e0:88:99:f5:98:1e:b4:35:23:57:ce:09:68:0c: d3:38:6b:4d:85:9d:ee:a5:96:c4:c7:af:02:cd:e9: 35:84:45:92:7d:ed:73:f6:d6:16:ce:67:72:70:1f: 5b:69:3a:0a:33:9f:e1:bc:68:7d:be:7f:36:64:0e: d8:6e:ac:53:fe:85:b7:c7:03:31:19:72:cd:f9:a1: a0:8b:cc:15:e1:1a:66:de:54:38:ec:33:d0:ee:f0: 03:2f:a5:f3:78:3f:fa:be:8a:99:09:d7:80:a7:c5: 55:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5E:C3:C1:65:80:E6:65:05:E4:F8:FD:1A:A9:C5:FB:21:C6:0D:2F:AB X509v3 Authority Key Identifier: keyid:C6:56:13:D5:99:9F:36:32:98:5E:D8:9A:02:EF:AA:BD:18:90:BA:09 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xlYT1ZmfNjKYXtiaAu-qvRiQugk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/3d8aac-d398-43ab-9c3e-650992f2a174/1/XsPBZYDmZQXk-P0aqcX7IcYNL6s.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/3d8aac-d398-43ab-9c3e-650992f2a174/1/xlYT1ZmfNjKYXtiaAu-qvRiQugk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:67c:df8::/48 2a14:8100:10::/44 Signature Algorithm: sha256WithRSAEncryption 07:d3:1a:2b:54:a3:c8:f6:05:49:41:da:19:6e:b1:72:38:44: d5:1b:d3:42:36:6b:4b:17:00:5b:cf:0b:c5:a5:c0:71:f3:c0: cd:29:c4:ae:f8:28:ae:74:20:72:b3:38:00:c6:a6:d7:c3:32: fc:22:29:14:33:c0:8b:b0:9e:e9:d6:b9:d0:0f:eb:2a:1d:60: 03:bb:4b:0c:b7:a5:af:84:ee:db:7d:5d:5c:4b:82:14:46:ad: 46:35:b0:e1:11:d5:36:7b:01:98:cb:c3:9f:3c:28:bb:89:cc: 1b:76:8b:63:03:74:b7:0e:b5:37:51:6c:34:4e:29:d4:3f:08: 09:0c:13:7d:aa:95:ee:1f:b8:a9:5a:30:75:01:f3:dd:3a:56: b6:6f:c0:3f:a9:73:74:bb:94:28:a5:79:e7:39:e6:c7:f7:28: 44:36:de:c6:db:d7:d5:2e:41:3d:c7:3a:42:2e:d1:44:e2:e2: ef:c9:85:c4:b0:48:c6:3f:8c:ef:ca:c7:e3:a8:87:ef:4d:9e: 52:93:84:6b:c5:0a:b9:c2:07:08:bb:06:8e:67:3c:f1:5f:91: 74:e9:ad:e5:72:c9:4a:40:2c:05:31:2f:08:38:56:5d:95:8b: 5b:e0:0b:fb:a6:6c:d7:1f:d1:14:d1:e4:22:61:5c:30:23:6d: af:00:72:50 -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt57NHLV/GihSnfI4hKrL9dMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM2NTYxM2Q1OTk5ZjM2MzI5ODVlZDg5YTAyZWZhYWJkMTg5 MGJhMDkwHhcNMjYwMTAxMTQxODQxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1ZWMzYzE2NTgwZTY2NTA1ZTRmOGZkMWFhOWM1ZmIyMWM2MGQyZmFiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuJsdr6qPZ9h5NuEfBjw66ohVelpd RgQXMkezGsiawK7dE0seAfRYHDqK+0O3jDNGwl3VBp+FPT+N7AVxz7j6KUt2jIA6 bNX7hMG8ZqSH95sIJJWaX+SaW6pfZdD5JFthvl0btbxo5WL4IQ+DE2LiCjGXO9ZK oMIf8a2hv5gx6mXq3Rn1b8Wx3CeIw5hlSfyjAYcjfq1M4IiZ9ZgetDUjV84JaAzT OGtNhZ3upZbEx68Czek1hEWSfe1z9tYWzmdycB9baToKM5/hvGh9vn82ZA7YbqxT /oW3xwMxGXLN+aGgi8wV4Rpm3lQ47DPQ7vADL6XzeD/6voqZCdeAp8VVBQIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFF7DwWWA5mUF5Pj9GqnF+yHGDS+rMB8GA1UdIwQY MBaAFMZWE9WZnzYymF7YmgLvqr0YkLoJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveGxZVDFabWZOaktZWHRpYUF1LXF2UmlRdWdrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8zZDhhYWMtZDM5OC00M2FiLTljM2Ut NjUwOTkyZjJhMTc0LzEvWHNQQlpZRG1aUVhrLVAwYXFjWDdJY1lOTDZzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84ZS8zZDhhYWMtZDM5OC00M2FiLTljM2UtNjUwOTkyZjJhMTc0 LzEveGxZVDFabWZOaktZWHRpYUF1LXF2UmlRdWdrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAIAEGfA34 AwcEKhSBAAAQMA0GCSqGSIb3DQEBCwUAA4IBAQAH0xorVKPI9gVJQdoZbrFyOETV G9NCNmtLFwBbzwvFpcBx88DNKcSu+CiudCByszgAxqbXwzL8IikUM8CLsJ7p1rnQ D+sqHWADu0sMt6WvhO7bfV1cS4IURq1GNbDhEdU2ewGYy8OfPCi7icwbdotjA3S3 DrU3UWw0TinUPwgJDBN9qpXuH7ipWjB1AfPdOla2b8A/qXN0u5QopXnnOebH9yhE Nt7G29fVLkE9xzpCLtFE4uLvyYXEsEjGP4zvysfjqIfvTZ5Sk4RrxQq5wgcIuwaO ZzzxX5F06a3lcslKQCwFMS8IOFZdlYtb4Av7pmzXH9EU0eQiYVwwI22vAHJQ -----END CERTIFICATE-----Generated at Sun Jan 25 19:16:08 2026 by rpki-client