This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/65e543-7e7a-4aab-ac74-bc6794e95e5a/1/XtK9VzDXyv3sdwcTkwc5-Qya0DM.roa File: XtK9VzDXyv3sdwcTkwc5-Qya0DM.roa (raw, json) Hash identifier: teUAHbuYhJZuEkE7pLbgFZIEibZ6lPWc/nTcJhJoJaQ= Subject key identifier: 5E:D2:BD:57:30:D7:CA:FD:EC:77:07:13:93:07:39:F9:0C:9A:D0:33 Certificate issuer: /CN=17b5042fc20d9bab1676e09af7ff1ba5bfadae75 Certificate serial: 019B7E38D5B5323FF4A8958610DE75361773 Authority key identifier: 17:B5:04:2F:C2:0D:9B:AB:16:76:E0:9A:F7:FF:1B:A5:BF:AD:AE:75 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F7UEL8INm6sWduCa9_8bpb-trnU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/65e543-7e7a-4aab-ac74-bc6794e95e5a/1/XtK9VzDXyv3sdwcTkwc5-Qya0DM.roa Signing time: Fri 02 Jan 2026 10:20:12 +0000 ROA not before: Fri 02 Jan 2026 10:20:12 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 60262 IP address blocks: 2a11:1300::/29 maxlen: 29 2a11:1ac0::/29 maxlen: 29 2a11:3140::/29 maxlen: 29 2a11:3c80::/29 maxlen: 29 2a11:5340::/29 maxlen: 29 2a11:5500::/29 maxlen: 29 2a11:7a00::/29 maxlen: 29 2a11:7dc0::/29 maxlen: 29 2a11:8380::/29 maxlen: 29 2a11:b040::/29 maxlen: 29 2a11:b300::/29 maxlen: 29 2a11:ec80::/29 maxlen: 29 2a12:600::/29 maxlen: 29 2a12:2580::/29 maxlen: 29 2a12:2900::/29 maxlen: 29 2a12:5000::/29 maxlen: 29 2a12:b880::/29 maxlen: 29 2a12:d300::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/65e543-7e7a-4aab-ac74-bc6794e95e5a/1/F7UEL8INm6sWduCa9_8bpb-trnU.crl rsync://rpki.ripe.net/repository/DEFAULT/b1/65e543-7e7a-4aab-ac74-bc6794e95e5a/1/F7UEL8INm6sWduCa9_8bpb-trnU.mft rsync://rpki.ripe.net/repository/DEFAULT/F7UEL8INm6sWduCa9_8bpb-trnU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:38:d5:b5:32:3f:f4:a8:95:86:10:de:75:36:17:73 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=17b5042fc20d9bab1676e09af7ff1ba5bfadae75 Validity Not Before: Jan 2 10:20:12 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5ed2bd5730d7cafdec770713930739f90c9ad033 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:32:82:25:ea:fc:f0:d3:1f:bf:96:03:76:5c: ec:9f:52:11:9f:ce:c9:4c:ca:65:1c:87:c5:c8:6b: 21:76:96:8c:d2:d3:16:78:4e:0e:be:97:5b:b6:49: 16:89:6e:49:7d:64:6a:87:21:0f:7e:b8:bd:09:2d: 63:6d:c1:30:f1:ad:b3:79:fc:a5:f4:24:66:94:bb: d2:7f:8c:54:f0:58:07:26:20:30:de:20:22:2a:67: 53:5d:74:5d:a1:5b:cf:83:72:ef:16:b1:f8:c3:08: 52:e3:d6:81:b8:4e:d0:a1:da:9e:e7:ad:d6:62:04: 7a:9b:9e:36:2e:17:9a:6f:bc:3f:43:96:d6:02:63: d6:a0:a4:23:8c:f8:f4:26:31:5e:ad:f8:8c:58:55: bd:18:c4:e5:c9:cc:dc:55:b6:8b:92:6a:09:74:3f: c1:d1:d0:2c:2f:b6:b8:f1:b9:a3:f3:57:31:7a:90: 80:64:69:39:fa:db:d4:13:f8:7b:4c:15:97:62:93: ce:de:f6:6b:f5:26:56:ea:b9:03:83:a9:b1:84:ef: 5a:bc:96:01:9d:d8:b5:df:c6:78:6b:80:25:29:7e: df:17:b6:a4:b6:1b:60:e3:19:b3:eb:4c:5e:50:85: a5:01:02:fe:db:d1:5c:17:13:b5:a7:f5:3a:8c:b7: 08:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5E:D2:BD:57:30:D7:CA:FD:EC:77:07:13:93:07:39:F9:0C:9A:D0:33 X509v3 Authority Key Identifier: keyid:17:B5:04:2F:C2:0D:9B:AB:16:76:E0:9A:F7:FF:1B:A5:BF:AD:AE:75 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F7UEL8INm6sWduCa9_8bpb-trnU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/65e543-7e7a-4aab-ac74-bc6794e95e5a/1/XtK9VzDXyv3sdwcTkwc5-Qya0DM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/65e543-7e7a-4aab-ac74-bc6794e95e5a/1/F7UEL8INm6sWduCa9_8bpb-trnU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a11:1300::/29 2a11:1ac0::/29 2a11:3140::/29 2a11:3c80::/29 2a11:5340::/29 2a11:5500::/29 2a11:7a00::/29 2a11:7dc0::/29 2a11:8380::/29 2a11:b040::/29 2a11:b300::/29 2a11:ec80::/29 2a12:600::/29 2a12:2580::/29 2a12:2900::/29 2a12:5000::/29 2a12:b880::/29 2a12:d300::/29 Signature Algorithm: sha256WithRSAEncryption 3b:13:12:7e:d8:7d:9e:a6:bc:9a:ba:ff:09:9d:a5:60:dc:86: fb:fa:a7:23:c0:da:33:48:be:0e:19:87:f4:da:32:98:0f:15: 76:61:3e:0d:7e:d8:18:b8:20:10:43:51:d7:e3:b4:dd:93:ee: b0:ee:ef:57:4d:82:fc:8e:ef:4f:ca:e4:8b:a3:1d:bd:d1:e2: ee:46:f0:e2:a0:7d:98:15:72:ae:55:5e:c9:0f:75:c7:70:77: 45:6e:4f:bd:a9:37:a9:85:fc:ea:06:b4:80:5e:6b:e4:17:13: 30:83:7e:2b:41:5d:37:0e:8b:87:67:9b:e4:f7:f6:34:54:9b: 2b:69:20:46:a2:23:22:8e:6d:8c:18:77:3c:d1:b5:b2:03:92: 57:c6:5a:d8:8f:d6:c7:09:70:ee:60:6a:62:38:40:27:c6:91: 27:58:86:37:3f:fd:08:0e:1c:1d:f6:f5:fb:08:c4:69:10:2a: a4:af:8b:2b:27:92:5a:6c:27:88:bf:c0:3e:9c:90:ef:c9:4d: ea:d3:ed:8e:8f:fa:83:a8:46:92:82:75:a6:3f:f5:e7:fb:ab: 02:9c:2c:7f:04:4f:03:51:86:53:a8:69:1b:04:57:b7:36:3a: f1:1f:f6:0f:8f:71:3f:11:6e:1d:74:42:b9:00:1e:90:8e:f9: a2:40:00:9b -----BEGIN CERTIFICATE----- MIIFeTCCBGGgAwIBAgISAZt+ONW1Mj/0qJWGEN51NhdzMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDE3YjUwNDJmYzIwZDliYWIxNjc2ZTA5YWY3ZmYxYmE1YmZh ZGFlNzUwHhcNMjYwMTAyMTAyMDEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1ZWQyYmQ1NzMwZDdjYWZkZWM3NzA3MTM5MzA3MzlmOTBjOWFkMDMzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1jKCJer88NMfv5YDdlzsn1IRn87J TMplHIfFyGshdpaM0tMWeE4OvpdbtkkWiW5JfWRqhyEPfri9CS1jbcEw8a2zefyl 9CRmlLvSf4xU8FgHJiAw3iAiKmdTXXRdoVvPg3LvFrH4wwhS49aBuE7Qodqe563W YgR6m542Lheab7w/Q5bWAmPWoKQjjPj0JjFerfiMWFW9GMTlyczcVbaLkmoJdD/B 0dAsL7a48bmj81cxepCAZGk5+tvUE/h7TBWXYpPO3vZr9SZW6rkDg6mxhO9avJYB ndi138Z4a4AlKX7fF7akthtg4xmz60xeUIWlAQL+29FcFxO1p/U6jLcIYwIDAQAB o4IChTCCAoEwHQYDVR0OBBYEFF7SvVcw18r97HcHE5MHOfkMmtAzMB8GA1UdIwQY MBaAFBe1BC/CDZurFnbgmvf/G6W/ra51MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRjdVRUw4SU5tNnNXZHVDYTlfOGJwYi10cm5VLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS82NWU1NDMtN2U3YS00YWFiLWFjNzQt YmM2Nzk0ZTk1ZTVhLzEvWHRLOVZ6RFh5djNzZHdjVGt3YzUtUXlhMERNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMS82NWU1NDMtN2U3YS00YWFiLWFjNzQtYmM2Nzk0ZTk1ZTVh LzEvRjdVRUw4SU5tNnNXZHVDYTlfOGJwYi10cm5VLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzCBhAQCAAIwfgMFAyoR EwADBQMqERrAAwUDKhExQAMFAyoRPIADBQMqEVNAAwUDKhFVAAMFAyoRegADBQMq EX3AAwUDKhGDgAMFAyoRsEADBQMqEbMAAwUDKhHsgAMFAyoSBgADBQMqEiWAAwUD KhIpAAMFAyoSUAADBQMqEriAAwUDKhLTADANBgkqhkiG9w0BAQsFAAOCAQEAOxMS fth9nqa8mrr/CZ2lYNyG+/qnI8DaM0i+DhmH9NoymA8VdmE+DX7YGLggEENR1+O0 3ZPusO7vV02C/I7vT8rki6MdvdHi7kbw4qB9mBVyrlVeyQ91x3B3RW5Pvak3qYX8 6ga0gF5r5BcTMIN+K0FdNw6Lh2eb5Pf2NFSbK2kgRqIjIo5tjBh3PNG1sgOSV8Za 2I/Wxwlw7mBqYjhAJ8aRJ1iGNz/9CA4cHfb1+wjEaRAqpK+LKyeSWmwniL/APpyQ 78lN6tPtjo/6g6hGkoJ1pj/15/urApwsfwRPA1GGU6hpGwRXtzY68R/2D49xPxFu HXRCuQAekI75okAAmw== -----END CERTIFICATE-----Generated at Sun Jan 25 15:28:51 2026 by rpki-client