This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/87ac4b-aa25-428f-a368-e58edc42f04c/1/XcofZ2zUXbUkXhdjGHo_Ijp3eqY.roa File: XcofZ2zUXbUkXhdjGHo_Ijp3eqY.roa (raw, json) Hash identifier: G155Cwdr7xdTzfgF1ccmtV2g6/W9sVULFwUJkZWAH2M= Subject key identifier: 5D:CA:1F:67:6C:D4:5D:B5:24:5E:17:63:18:7A:3F:22:3A:77:7A:A6 Certificate issuer: /CN=5b4b452dbfd4c704bda9cc2a4e915f47192a7f71 Certificate serial: 019B7FF237DC51802EC888D0206CE902A399 Authority key identifier: 5B:4B:45:2D:BF:D4:C7:04:BD:A9:CC:2A:4E:91:5F:47:19:2A:7F:71 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W0tFLb_UxwS9qcwqTpFfRxkqf3E.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/87ac4b-aa25-428f-a368-e58edc42f04c/1/XcofZ2zUXbUkXhdjGHo_Ijp3eqY.roa Signing time: Fri 02 Jan 2026 18:22:18 +0000 ROA not before: Fri 02 Jan 2026 18:22:18 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 204617 IP address blocks: 2001:67c:a0c::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/87ac4b-aa25-428f-a368-e58edc42f04c/1/W0tFLb_UxwS9qcwqTpFfRxkqf3E.crl rsync://rpki.ripe.net/repository/DEFAULT/b0/87ac4b-aa25-428f-a368-e58edc42f04c/1/W0tFLb_UxwS9qcwqTpFfRxkqf3E.mft rsync://rpki.ripe.net/repository/DEFAULT/W0tFLb_UxwS9qcwqTpFfRxkqf3E.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 06:01:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:f2:37:dc:51:80:2e:c8:88:d0:20:6c:e9:02:a3:99 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5b4b452dbfd4c704bda9cc2a4e915f47192a7f71 Validity Not Before: Jan 2 18:22:18 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5dca1f676cd45db5245e1763187a3f223a777aa6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:67:f3:51:1b:16:a2:c4:42:41:c0:45:d3:7e: 97:17:a4:df:9e:ce:9b:05:e9:90:85:d2:81:87:86: 6b:80:f8:28:97:84:aa:53:3b:1e:30:86:98:17:00: ba:f1:33:60:f5:07:70:8f:08:10:0b:80:8d:bc:50: 8c:de:9c:05:79:d3:6a:20:5a:9b:fc:e8:27:7d:ab: 7e:04:79:46:e0:47:e8:79:9a:e6:73:22:3a:61:8a: 5c:8a:a5:8c:27:3f:fd:23:72:1c:13:2b:d1:c7:4a: 8d:c2:32:03:af:55:27:16:a9:f0:c8:db:6a:87:ef: 14:1b:12:9c:02:ff:b4:2b:5c:30:7a:01:58:18:7a: 13:c1:51:dc:1c:a7:89:92:af:78:a7:ff:b0:a1:60: 96:b8:3d:36:4d:40:57:12:e4:c6:e3:44:9f:bd:e7: bb:9a:20:13:55:af:14:77:96:70:f7:3e:be:e8:dc: 13:f5:e9:45:a6:1d:38:17:91:fc:1c:89:c7:ae:73: 36:e3:1f:77:e7:b3:45:13:bd:71:8e:e1:23:b6:cc: fd:7a:c9:52:e0:90:f6:49:18:d2:1b:0a:2b:9b:f8: 2e:d9:3f:70:c7:04:0b:28:3a:8a:99:8b:51:2d:d5: 33:0d:1a:20:bd:6f:39:01:03:d2:c7:04:5f:51:d5: 9f:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:CA:1F:67:6C:D4:5D:B5:24:5E:17:63:18:7A:3F:22:3A:77:7A:A6 X509v3 Authority Key Identifier: keyid:5B:4B:45:2D:BF:D4:C7:04:BD:A9:CC:2A:4E:91:5F:47:19:2A:7F:71 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W0tFLb_UxwS9qcwqTpFfRxkqf3E.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/87ac4b-aa25-428f-a368-e58edc42f04c/1/XcofZ2zUXbUkXhdjGHo_Ijp3eqY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/87ac4b-aa25-428f-a368-e58edc42f04c/1/W0tFLb_UxwS9qcwqTpFfRxkqf3E.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:67c:a0c::/48 Signature Algorithm: sha256WithRSAEncryption 0d:e2:0a:2e:1e:f1:24:e1:b7:e7:77:d3:82:ae:3d:84:4a:93: 89:0d:a8:79:1b:60:35:a5:ea:4f:d6:bc:fb:4c:51:e0:00:cc: b1:0f:50:53:15:c7:7a:7c:d0:64:ec:bc:5a:98:a1:37:e5:dc: 90:60:4d:20:9a:84:12:5a:ab:c2:b3:5f:c5:53:c9:bc:72:c4: df:39:a0:3f:dd:1b:28:eb:36:b9:63:f4:79:c6:22:4d:8c:7f: 16:71:45:de:8f:96:22:a1:fd:72:62:78:af:12:35:62:51:c9: 15:7a:fa:2d:63:dc:9b:ac:df:19:ea:2c:7b:76:32:b7:35:7e: 68:fc:4c:fe:b4:69:74:e9:5a:89:53:be:ac:c1:79:2b:35:eb: ac:b2:c8:04:1e:c0:3b:8b:d8:a0:5c:e9:c4:a3:c8:b3:63:40: 61:47:0c:35:91:b7:ac:27:95:a2:f4:9f:6b:d0:6d:52:63:31: 5b:78:d5:39:5d:3c:13:da:c5:49:3c:f6:33:0f:50:0f:e7:e0: d0:8d:48:bd:ae:69:35:08:ec:6c:18:8d:d2:db:f9:92:1d:99: a3:c0:e8:52:73:50:c3:bc:90:67:9d:24:81:72:2e:a7:5e:7c: 82:2a:6d:c6:3e:fd:be:4a:cf:d4:2a:e3:5f:e9:17:6b:16:25: 80:36:0f:37 -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt/8jfcUYAuyIjQIGzpAqOZMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDViNGI0NTJkYmZkNGM3MDRiZGE5Y2MyYTRlOTE1ZjQ3MTky YTdmNzEwHhcNMjYwMTAyMTgyMjE4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1ZGNhMWY2NzZjZDQ1ZGI1MjQ1ZTE3NjMxODdhM2YyMjNhNzc3YWE2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuWfzURsWosRCQcBF036XF6Tfns6b BemQhdKBh4ZrgPgol4SqUzseMIaYFwC68TNg9QdwjwgQC4CNvFCM3pwFedNqIFqb /Ognfat+BHlG4EfoeZrmcyI6YYpciqWMJz/9I3IcEyvRx0qNwjIDr1UnFqnwyNtq h+8UGxKcAv+0K1wwegFYGHoTwVHcHKeJkq94p/+woWCWuD02TUBXEuTG40Sfvee7 miATVa8Ud5Zw9z6+6NwT9elFph04F5H8HInHrnM24x9357NFE71xjuEjtsz9eslS 4JD2SRjSGworm/gu2T9wxwQLKDqKmYtRLdUzDRogvW85AQPSxwRfUdWfQwIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFF3KH2ds1F21JF4XYxh6PyI6d3qmMB8GA1UdIwQY MBaAFFtLRS2/1McEvanMKk6RX0cZKn9xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVzB0RkxiX1V4d1M5cWN3cVRwRmZSeGtxZjNFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC84N2FjNGItYWEyNS00MjhmLWEzNjgt ZTU4ZWRjNDJmMDRjLzEvWGNvZloyelVYYlVrWGhkakdIb19JanAzZXFZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMC84N2FjNGItYWEyNS00MjhmLWEzNjgtZTU4ZWRjNDJmMDRj LzEvVzB0RkxiX1V4d1M5cWN3cVRwRmZSeGtxZjNFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAoM MA0GCSqGSIb3DQEBCwUAA4IBAQAN4gouHvEk4bfnd9OCrj2ESpOJDah5G2A1pepP 1rz7TFHgAMyxD1BTFcd6fNBk7LxamKE35dyQYE0gmoQSWqvCs1/FU8m8csTfOaA/ 3Rso6za5Y/R5xiJNjH8WcUXej5Yiof1yYnivEjViUckVevotY9ybrN8Z6ix7djK3 NX5o/Ez+tGl06VqJU76swXkrNeusssgEHsA7i9igXOnEo8izY0BhRww1kbesJ5Wi 9J9r0G1SYzFbeNU5XTwT2sVJPPYzD1AP5+DQjUi9rmk1COxsGI3S2/mSHZmjwOhS c1DDvJBnnSSBci6nXnyCKm3GPv2+Ss/UKuNf6RdrFiWANg83 -----END CERTIFICATE-----Generated at Sun Jan 25 15:11:23 2026 by rpki-client