This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/f4a80d-f5f7-4522-b9b5-f772a0139016/1/XcluKI5GK94xvt-2VsfsH9YAxas.roa File: XcluKI5GK94xvt-2VsfsH9YAxas.roa (raw, json) Hash identifier: aMUQPT04n27GjqpL1CyIzBfeTJro8TREHvy5Fo/qxZs= Subject key identifier: 5D:C9:6E:28:8E:46:2B:DE:31:BE:DF:B6:56:C7:EC:1F:D6:00:C5:AB Certificate issuer: /CN=23d8448c5cb90398e4c285cec9c0f4766ac931df Certificate serial: 019B7D5C6459D565BB45202CF3C0BC544DA6 Authority key identifier: 23:D8:44:8C:5C:B9:03:98:E4:C2:85:CE:C9:C0:F4:76:6A:C9:31:DF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I9hEjFy5A5jkwoXOycD0dmrJMd8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/f4a80d-f5f7-4522-b9b5-f772a0139016/1/XcluKI5GK94xvt-2VsfsH9YAxas.roa Signing time: Fri 02 Jan 2026 06:19:25 +0000 ROA not before: Fri 02 Jan 2026 06:19:25 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 35052 IP address blocks: 2001:67c:133c::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/99/f4a80d-f5f7-4522-b9b5-f772a0139016/1/I9hEjFy5A5jkwoXOycD0dmrJMd8.crl rsync://rpki.ripe.net/repository/DEFAULT/99/f4a80d-f5f7-4522-b9b5-f772a0139016/1/I9hEjFy5A5jkwoXOycD0dmrJMd8.mft rsync://rpki.ripe.net/repository/DEFAULT/I9hEjFy5A5jkwoXOycD0dmrJMd8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 28 Jan 2026 00:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5c:64:59:d5:65:bb:45:20:2c:f3:c0:bc:54:4d:a6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=23d8448c5cb90398e4c285cec9c0f4766ac931df Validity Not Before: Jan 2 06:19:25 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5dc96e288e462bde31bedfb656c7ec1fd600c5ab Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:bf:c1:44:76:93:46:71:7c:46:ce:37:28:ba: f4:7a:ad:3d:5a:10:cb:33:60:a9:62:ab:64:8b:28: 73:a5:b8:a4:68:c9:f1:e6:7c:e4:ae:f1:48:13:e2: 8f:9a:ab:97:72:4b:51:7d:e9:d4:22:19:0b:90:d2: da:bb:7c:1f:ea:84:ea:75:37:f1:f1:cd:67:8e:9f: 64:f4:a2:6e:e1:14:55:14:04:eb:9e:dd:cf:5d:93: 41:62:97:26:11:6d:60:85:3f:74:cb:4d:d7:df:13: ff:09:72:d5:8c:a7:c3:95:07:b9:a0:0f:dc:4d:24: 6e:c1:17:10:03:0a:23:9a:3d:8f:5b:b7:81:bf:b8: 4e:5d:69:82:da:0e:38:40:db:11:48:bc:2e:41:6d: 7e:b4:ba:31:90:f7:99:3e:c1:de:66:70:19:3f:13: 06:b0:4d:59:6c:7e:a6:07:4c:5c:cd:83:12:ca:b5: b2:d7:d6:26:fe:87:25:fb:9f:46:5d:64:f7:d3:54: f2:89:b2:33:c3:03:c2:b6:39:06:4c:d6:6b:6c:2f: 87:96:74:d3:71:a1:0c:3a:a3:1c:74:0f:c7:ba:69: a0:35:7a:f6:8d:06:e8:91:3d:69:0c:cc:6d:c4:f7: 46:39:31:96:4e:d3:a9:51:40:b5:28:e3:a7:ed:a0: 22:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:C9:6E:28:8E:46:2B:DE:31:BE:DF:B6:56:C7:EC:1F:D6:00:C5:AB X509v3 Authority Key Identifier: keyid:23:D8:44:8C:5C:B9:03:98:E4:C2:85:CE:C9:C0:F4:76:6A:C9:31:DF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I9hEjFy5A5jkwoXOycD0dmrJMd8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/f4a80d-f5f7-4522-b9b5-f772a0139016/1/XcluKI5GK94xvt-2VsfsH9YAxas.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/99/f4a80d-f5f7-4522-b9b5-f772a0139016/1/I9hEjFy5A5jkwoXOycD0dmrJMd8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:67c:133c::/48 Signature Algorithm: sha256WithRSAEncryption 5e:ee:b3:ff:d9:b1:51:3d:72:eb:1b:b6:d3:5d:fa:4e:43:c9: 2a:fe:12:4f:2d:25:06:eb:ed:d3:cf:3e:b7:7d:48:f6:66:a3: da:e5:d2:35:2c:5a:5c:28:8c:91:58:2c:b7:e1:ef:f3:28:13: 58:e1:13:3d:e3:a0:85:e8:dd:c1:ab:06:f1:7e:1c:d9:d8:a8: 8f:fe:93:40:73:67:f3:5a:47:66:91:08:63:2a:de:56:06:bd: 23:f4:52:0b:a5:f4:28:88:44:e5:d3:74:d3:0a:22:cc:4e:b0: a1:b5:60:3c:ba:1d:dd:48:22:c1:77:9a:6f:cd:b5:31:29:d3: 05:4f:82:c7:74:3f:5e:cf:f3:03:0c:87:3b:92:a4:fb:f8:1d: 69:36:0c:7e:f0:ca:d7:78:fb:8e:5d:9f:f7:00:c5:74:ee:d4: fb:64:1c:ee:9c:c2:76:2d:d0:60:5e:bf:ec:f5:bb:7b:2d:e6: 07:95:62:b3:e3:6f:73:ab:55:65:3f:d3:50:7d:fa:f0:f8:1c: 91:2d:14:b5:23:4c:50:91:0c:d6:46:d0:86:92:a9:f2:51:41: 7a:46:06:c9:0a:0c:bc:9e:ec:49:b3:bb:be:98:3e:e7:36:f3: e0:36:3f:ce:e1:df:21:01:c9:84:40:74:51:54:0a:74:d5:b5: 84:14:0e:d4 -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt9XGRZ1WW7RSAs88C8VE2mMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIzZDg0NDhjNWNiOTAzOThlNGMyODVjZWM5YzBmNDc2NmFj OTMxZGYwHhcNMjYwMTAyMDYxOTI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1ZGM5NmUyODhlNDYyYmRlMzFiZWRmYjY1NmM3ZWMxZmQ2MDBjNWFiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnb/BRHaTRnF8Rs43KLr0eq09WhDL M2CpYqtkiyhzpbikaMnx5nzkrvFIE+KPmquXcktRfenUIhkLkNLau3wf6oTqdTfx 8c1njp9k9KJu4RRVFATrnt3PXZNBYpcmEW1ghT90y03X3xP/CXLVjKfDlQe5oA/c TSRuwRcQAwojmj2PW7eBv7hOXWmC2g44QNsRSLwuQW1+tLoxkPeZPsHeZnAZPxMG sE1ZbH6mB0xczYMSyrWy19Ym/ocl+59GXWT301TyibIzwwPCtjkGTNZrbC+HlnTT caEMOqMcdA/HummgNXr2jQbokT1pDMxtxPdGOTGWTtOpUUC1KOOn7aAi0QIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFF3JbiiORiveMb7ftlbH7B/WAMWrMB8GA1UdIwQY MBaAFCPYRIxcuQOY5MKFzsnA9HZqyTHfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSTloRWpGeTVBNWprd29YT3ljRDBkbXJKTWQ4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9mNGE4MGQtZjVmNy00NTIyLWI5YjUt Zjc3MmEwMTM5MDE2LzEvWGNsdUtJNUdLOTR4dnQtMlZzZnNIOVlBeGFzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85OS9mNGE4MGQtZjVmNy00NTIyLWI5YjUtZjc3MmEwMTM5MDE2 LzEvSTloRWpGeTVBNWprd29YT3ljRDBkbXJKTWQ4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfBM8 MA0GCSqGSIb3DQEBCwUAA4IBAQBe7rP/2bFRPXLrG7bTXfpOQ8kq/hJPLSUG6+3T zz63fUj2ZqPa5dI1LFpcKIyRWCy34e/zKBNY4RM946CF6N3BqwbxfhzZ2KiP/pNA c2fzWkdmkQhjKt5WBr0j9FILpfQoiETl03TTCiLMTrChtWA8uh3dSCLBd5pvzbUx KdMFT4LHdD9ez/MDDIc7kqT7+B1pNgx+8MrXePuOXZ/3AMV07tT7ZBzunMJ2LdBg Xr/s9bt7LeYHlWKz429zq1VlP9NQffrw+ByRLRS1I0xQkQzWRtCGkqnyUUF6RgbJ Cgy8nuxJs7u+mD7nNvPgNj/O4d8hAcmEQHRRVAp01bWEFA7U -----END CERTIFICATE-----Generated at Tue Jan 27 09:50:07 2026 by rpki-client