This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/Xlo2dAjL9Nrixz0iYa0SAY5SYBc.roa File: Xlo2dAjL9Nrixz0iYa0SAY5SYBc.roa (raw, json) Hash identifier: Bg+pB+Sxi3uvjFsg12Ez9WbynlaVnSIe2mie+DFh+2c= Subject key identifier: 5E:5A:36:74:08:CB:F4:DA:E2:C7:3D:22:61:AD:12:01:8E:52:60:17 Certificate issuer: /CN=f51369ccbf86b1e84e1aeb46e6d336d39f752ae7 Certificate serial: 019B7F157D628A35562A59662EA4E9A7A5F2 Authority key identifier: F5:13:69:CC:BF:86:B1:E8:4E:1A:EB:46:E6:D3:36:D3:9F:75:2A:E7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/Xlo2dAjL9Nrixz0iYa0SAY5SYBc.roa Signing time: Fri 02 Jan 2026 14:21:13 +0000 ROA not before: Fri 02 Jan 2026 14:21:13 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 28878 IP address blocks: 31.223.160.0/20 maxlen: 20 37.17.208.0/20 maxlen: 20 78.108.128.0/20 maxlen: 20 80.246.192.0/20 maxlen: 20 80.246.194.0/24 maxlen: 24 80.255.240.0/20 maxlen: 20 81.21.136.0/21 maxlen: 21 81.30.32.0/20 maxlen: 20 85.10.160.0/19 maxlen: 24 141.255.176.0/22 maxlen: 24 171.33.128.0/21 maxlen: 21 176.74.224.0/19 maxlen: 19 185.15.248.0/22 maxlen: 22 217.21.240.0/20 maxlen: 20 217.149.128.0/20 maxlen: 20 2001:4cb8::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/9RNpzL-GsehOGutG5tM20591Kuc.crl rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/9RNpzL-GsehOGutG5tM20591Kuc.mft rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:00:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:15:7d:62:8a:35:56:2a:59:66:2e:a4:e9:a7:a5:f2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f51369ccbf86b1e84e1aeb46e6d336d39f752ae7 Validity Not Before: Jan 2 14:21:13 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5e5a367408cbf4dae2c73d2261ad12018e526017 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e7:c2:92:ad:ae:5e:6d:c4:8c:b5:e0:fc:4c:7a: 16:69:69:13:4c:9a:17:33:09:d9:bf:69:5c:6d:3f: 34:fe:3b:e7:1b:1c:79:e5:86:40:d4:19:fd:45:3b: 56:b7:e5:99:67:fa:a5:f8:d1:6f:ff:a3:f3:20:be: 3e:df:5b:44:93:bc:c4:a9:df:24:ee:fb:b1:75:cd: e2:62:ec:46:9b:e4:fc:40:7f:c2:21:ed:3a:46:b8: 71:77:84:77:f4:cf:c8:20:34:bb:de:ff:da:cf:dd: 07:40:04:a2:cb:79:80:8f:9a:01:d0:25:e0:a5:5b: e7:c3:3b:f3:77:05:a9:f3:7b:b8:5b:ae:37:49:d7: df:47:87:bd:2f:6f:56:18:39:54:38:c4:1b:44:2e: 32:95:d5:00:88:9a:41:4c:8e:f7:25:0b:d3:df:2a: d8:05:d5:3e:57:67:56:a5:5d:fd:20:10:d9:35:07: 46:4e:b8:96:91:4f:31:a1:32:e6:7c:c8:64:48:82: d6:ce:65:3e:df:62:db:a2:d7:30:2e:4c:2d:f9:0c: a3:a2:02:b5:7c:86:52:d9:0f:51:59:2a:ae:04:90: 2e:4c:c6:16:8d:5a:0b:33:07:61:98:f2:a4:d6:af: 7b:31:ec:3b:0c:dc:0c:90:06:ec:34:c5:a8:be:cc: 6e:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5E:5A:36:74:08:CB:F4:DA:E2:C7:3D:22:61:AD:12:01:8E:52:60:17 X509v3 Authority Key Identifier: keyid:F5:13:69:CC:BF:86:B1:E8:4E:1A:EB:46:E6:D3:36:D3:9F:75:2A:E7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/Xlo2dAjL9Nrixz0iYa0SAY5SYBc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/9RNpzL-GsehOGutG5tM20591Kuc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.223.160.0/20 37.17.208.0/20 78.108.128.0/20 80.246.192.0/20 80.255.240.0/20 81.21.136.0/21 81.30.32.0/20 85.10.160.0/19 141.255.176.0/22 171.33.128.0/21 176.74.224.0/19 185.15.248.0/22 217.21.240.0/20 217.149.128.0/20 IPv6: 2001:4cb8::/29 Signature Algorithm: sha256WithRSAEncryption 21:0b:81:35:b2:05:46:50:0f:ec:94:51:0c:16:09:49:8f:87: cf:8e:26:d9:13:fc:16:52:07:1c:06:6c:d9:0a:45:82:fc:44: 63:16:77:40:eb:46:38:9d:b2:e4:78:fc:70:79:e4:c8:bb:9b: cc:2b:d5:88:d0:58:28:89:f7:cd:8a:56:42:1a:ad:80:a7:40: a8:43:70:1a:bc:9d:11:a7:18:f2:dc:2c:e8:d5:1a:bf:fa:d2: b4:3b:87:b7:1e:ae:98:de:5f:14:b6:c3:c6:7f:dd:6f:da:2b: 06:3a:30:0e:2e:61:f1:04:32:03:3b:93:d9:29:b6:19:ec:f7: 3c:44:55:00:72:67:a1:b4:29:bd:5e:d9:23:34:a0:85:a3:79: 7d:40:e1:e4:c7:c6:06:f5:1a:fc:82:96:ca:9d:53:31:6b:f4: 4e:9f:ec:4d:96:e0:35:f2:77:53:20:ce:02:dc:a6:79:a4:3d: 35:e4:58:60:6a:5f:11:4e:e8:6c:17:76:fa:44:df:6f:bf:3b: 8d:98:c2:a8:ac:6d:17:ba:20:8d:b4:51:9f:11:4c:c5:ee:77: dc:be:7a:62:d8:de:e5:41:90:af:d5:07:09:99:27:58:c5:43: 1a:da:f8:98:2f:75:de:87:f9:65:a1:82:bd:cc:4d:01:a7:ef: 9b:30:1a:4e -----BEGIN CERTIFICATE----- MIIFWjCCBEKgAwIBAgISAZt/FX1iijVWKllmLqTpp6XyMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGY1MTM2OWNjYmY4NmIxZTg0ZTFhZWI0NmU2ZDMzNmQzOWY3 NTJhZTcwHhcNMjYwMTAyMTQyMTEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1ZTVhMzY3NDA4Y2JmNGRhZTJjNzNkMjI2MWFkMTIwMThlNTI2MDE3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA58KSra5ebcSMteD8THoWaWkTTJoX MwnZv2lcbT80/jvnGxx55YZA1Bn9RTtWt+WZZ/ql+NFv/6PzIL4+31tEk7zEqd8k 7vuxdc3iYuxGm+T8QH/CIe06Rrhxd4R39M/IIDS73v/az90HQASiy3mAj5oB0CXg pVvnwzvzdwWp83u4W643SdffR4e9L29WGDlUOMQbRC4yldUAiJpBTI73JQvT3yrY BdU+V2dWpV39IBDZNQdGTriWkU8xoTLmfMhkSILWzmU+32LbotcwLkwt+QyjogK1 fIZS2Q9RWSquBJAuTMYWjVoLMwdhmPKk1q97Mew7DNwMkAbsNMWovsxu4wIDAQAB o4ICZjCCAmIwHQYDVR0OBBYEFF5aNnQIy/Ta4sc9ImGtEgGOUmAXMB8GA1UdIwQY MBaAFPUTacy/hrHoThrrRubTNtOfdSrnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvOVJOcHpMLUdzZWhPR3V0RzV0TTIwNTkxS3VjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi8yZDViZGYtNTI2NS00OWI4LThhZmUt MmI5MjBiZGUzOTkwLzEvWGxvMmRBakw5TnJpeHowaVlhMFNBWTVTWUJjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hMi8yZDViZGYtNTI2NS00OWI4LThhZmUtMmI5MjBiZGUzOTkw LzEvOVJOcHpMLUdzZWhPR3V0RzV0TTIwNTkxS3VjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMHwGCCsGAQUFBwEHAQH/BG0wazBaBAIAATBUAwQEH9+gAwQE JRHQAwQETmyAAwQEUPbAAwQEUP/wAwQDURWIAwQEUR4gAwQFVQqgAwQCjf+wAwQD qyGAAwQFsErgAwQCuQ/4AwQE2RXwAwQE2ZWAMA0EAgACMAcDBQMgAUy4MA0GCSqG SIb3DQEBCwUAA4IBAQAhC4E1sgVGUA/slFEMFglJj4fPjibZE/wWUgccBmzZCkWC /ERjFndA60Y4nbLkePxweeTIu5vMK9WI0FgoiffNilZCGq2Ap0CoQ3AavJ0Rpxjy 3Czo1Rq/+tK0O4e3Hq6Y3l8UtsPGf91v2isGOjAOLmHxBDIDO5PZKbYZ7Pc8RFUA cmehtCm9XtkjNKCFo3l9QOHkx8YG9Rr8gpbKnVMxa/ROn+xNluA18ndTIM4C3KZ5 pD015Fhgal8RTuhsF3b6RN9vvzuNmMKorG0XuiCNtFGfEUzF7nfcvnpi2N7lQZCv 1QcJmSdYxUMa2viYL3Xeh/lloYK9zE0Bp++bMBpO -----END CERTIFICATE-----Generated at Sun Jan 25 18:06:35 2026 by rpki-client