This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/3b1544-4b50-4684-ab75-fce214c6ffda/1/xyq2X_f3zC6Xz55IxSXIUgnM5z4.roa File: xyq2X_f3zC6Xz55IxSXIUgnM5z4.roa (raw, json) Hash identifier: NjWdv7TCmRAiHCp58PtMucOC3ZgidTmZVOahys71z+g= Subject key identifier: C7:2A:B6:5F:F7:F7:CC:2E:97:CF:9E:48:C5:25:C8:52:09:CC:E7:3E Certificate issuer: /CN=f2e160f0ce5e035af3cb21f4dfd04eab9ea7ee51 Certificate serial: 019BE0A0C2B447F3ADE9C322ED2520C1B535 Authority key identifier: F2:E1:60:F0:CE:5E:03:5A:F3:CB:21:F4:DF:D0:4E:AB:9E:A7:EE:51 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8uFg8M5eA1rzyyH039BOq56n7lE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/3b1544-4b50-4684-ab75-fce214c6ffda/1/xyq2X_f3zC6Xz55IxSXIUgnM5z4.roa Signing time: Wed 21 Jan 2026 12:56:30 +0000 ROA not before: Wed 21 Jan 2026 12:56:30 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 42861 IP address blocks: 2a00:1e68::/32 maxlen: 32 2a00:1e68:100::/47 maxlen: 47 2a00:1e68:100::/48 maxlen: 48 2a00:1e68:101::/48 maxlen: 48 2a00:1e68:112::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b5/3b1544-4b50-4684-ab75-fce214c6ffda/1/8uFg8M5eA1rzyyH039BOq56n7lE.crl rsync://rpki.ripe.net/repository/DEFAULT/b5/3b1544-4b50-4684-ab75-fce214c6ffda/1/8uFg8M5eA1rzyyH039BOq56n7lE.mft rsync://rpki.ripe.net/repository/DEFAULT/8uFg8M5eA1rzyyH039BOq56n7lE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 06:00:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:e0:a0:c2:b4:47:f3:ad:e9:c3:22:ed:25:20:c1:b5:35 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f2e160f0ce5e035af3cb21f4dfd04eab9ea7ee51 Validity Not Before: Jan 21 12:56:30 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=c72ab65ff7f7cc2e97cf9e48c525c85209cce73e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:c1:7a:90:31:18:71:98:72:60:cf:4a:ba:28: c3:94:c3:a4:9a:d0:8e:6a:2e:b8:31:cb:ce:5c:de: 3f:a9:65:66:4b:12:18:e6:be:23:e2:15:cf:84:00: b7:39:a6:83:e7:88:97:c5:02:da:1a:2d:ae:99:7f: 56:f7:8b:63:5c:ab:df:7b:34:70:f5:63:70:b4:e9: 52:85:d6:7e:a4:57:c5:39:20:92:0a:4a:bd:fc:36: 29:1b:e7:d1:31:bc:88:a0:e6:25:e6:6e:c2:c1:5f: 9a:a4:e5:a6:4f:cf:a8:25:a6:17:74:17:ca:76:69: 9d:fd:11:6b:62:b0:43:d3:20:4b:0f:c8:56:38:38: d6:62:a6:07:cf:d9:7d:ec:0e:1c:ff:42:18:07:eb: 2b:0e:55:4b:6d:37:52:1d:93:7e:32:8c:da:48:0b: 68:e6:52:55:39:74:c1:b5:0b:92:3d:20:5a:66:08: 14:06:f1:eb:e5:74:f6:c5:1a:37:e0:46:c6:8f:fe: 61:d9:14:f8:f8:c0:dd:8d:f6:2c:d9:16:9a:75:50: 5c:e1:1e:e0:93:f2:30:fa:3e:72:19:51:44:69:ba: 2c:d2:d4:f2:80:42:b2:12:55:bd:54:c2:c7:1a:5b: dd:8e:0a:9e:54:e2:19:b9:2e:3d:77:ce:6f:3a:1e: c1:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C7:2A:B6:5F:F7:F7:CC:2E:97:CF:9E:48:C5:25:C8:52:09:CC:E7:3E X509v3 Authority Key Identifier: keyid:F2:E1:60:F0:CE:5E:03:5A:F3:CB:21:F4:DF:D0:4E:AB:9E:A7:EE:51 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8uFg8M5eA1rzyyH039BOq56n7lE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/3b1544-4b50-4684-ab75-fce214c6ffda/1/xyq2X_f3zC6Xz55IxSXIUgnM5z4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/3b1544-4b50-4684-ab75-fce214c6ffda/1/8uFg8M5eA1rzyyH039BOq56n7lE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a00:1e68::/32 Signature Algorithm: sha256WithRSAEncryption 59:ca:f2:6a:16:e0:df:db:19:c7:c9:99:2b:08:2c:c9:4f:8d: e6:86:32:44:ca:06:87:05:bc:b8:1c:8d:13:fa:d8:1a:32:65: 17:af:5a:1e:7c:48:6c:0e:3b:67:c2:59:ca:2d:eb:89:fe:cf: bd:58:6a:9b:42:f4:f0:79:75:ae:3b:e0:9f:b5:54:5c:09:74: a5:9c:02:19:f0:7b:71:b4:19:20:c1:fc:d0:b6:56:2c:68:2f: b3:ac:90:89:32:00:07:71:8c:8a:5c:4a:26:c6:aa:f0:e6:5c: dd:16:51:d5:cf:b5:57:00:0e:57:5e:54:1c:15:8f:5c:4b:f5: e5:cd:38:e9:62:40:5d:25:28:2b:52:a8:ed:a7:08:bc:50:53: a7:1c:21:66:dd:9b:8a:05:71:2c:d0:33:09:52:64:4d:3f:ce: 83:2d:6f:53:d9:8a:98:ea:e6:34:6f:28:35:50:c7:ab:e7:9d: ff:67:07:2a:1e:f2:bb:bc:55:e8:c9:40:a2:45:58:a8:57:25: 1a:8d:28:47:bf:3e:e2:fe:b5:03:e4:5f:4c:05:c0:5e:a3:b2: 83:1c:36:d0:c9:21:48:a4:90:2a:15:2f:6e:a7:ca:25:4e:04: fd:58:b0:29:6c:db:df:1a:06:29:9b:14:87:62:6b:3f:49:a2: 6e:52:51:bf -----BEGIN CERTIFICATE----- MIIE/jCCA+agAwIBAgISAZvgoMK0R/Ot6cMi7SUgwbU1MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGYyZTE2MGYwY2U1ZTAzNWFmM2NiMjFmNGRmZDA0ZWFiOWVh N2VlNTEwHhcNMjYwMTIxMTI1NjMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjNzJhYjY1ZmY3ZjdjYzJlOTdjZjllNDhjNTI1Yzg1MjA5Y2NlNzNlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvsF6kDEYcZhyYM9KuijDlMOkmtCO ai64McvOXN4/qWVmSxIY5r4j4hXPhAC3OaaD54iXxQLaGi2umX9W94tjXKvfezRw 9WNwtOlShdZ+pFfFOSCSCkq9/DYpG+fRMbyIoOYl5m7CwV+apOWmT8+oJaYXdBfK dmmd/RFrYrBD0yBLD8hWODjWYqYHz9l97A4c/0IYB+srDlVLbTdSHZN+MozaSAto 5lJVOXTBtQuSPSBaZggUBvHr5XT2xRo34EbGj/5h2RT4+MDdjfYs2RaadVBc4R7g k/Iw+j5yGVFEabos0tTygEKyElW9VMLHGlvdjgqeVOIZuS49d85vOh7BEwIDAQAB o4ICCjCCAgYwHQYDVR0OBBYEFMcqtl/398wul8+eSMUlyFIJzOc+MB8GA1UdIwQY MBaAFPLhYPDOXgNa88sh9N/QTquep+5RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvOHVGZzhNNWVBMXJ6eXlIMDM5Qk9xNTZuN2xFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS8zYjE1NDQtNGI1MC00Njg0LWFiNzUt ZmNlMjE0YzZmZmRhLzEveHlxMlhfZjN6QzZYejU1SXhTWElVZ25NNXo0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iNS8zYjE1NDQtNGI1MC00Njg0LWFiNzUtZmNlMjE0YzZmZmRh LzEvOHVGZzhNNWVBMXJ6eXlIMDM5Qk9xNTZuN2xFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgAeaDAN BgkqhkiG9w0BAQsFAAOCAQEAWcryahbg39sZx8mZKwgsyU+N5oYyRMoGhwW8uByN E/rYGjJlF69aHnxIbA47Z8JZyi3rif7PvVhqm0L08Hl1rjvgn7VUXAl0pZwCGfB7 cbQZIMH80LZWLGgvs6yQiTIAB3GMilxKJsaq8OZc3RZR1c+1VwAOV15UHBWPXEv1 5c046WJAXSUoK1Ko7acIvFBTpxwhZt2bigVxLNAzCVJkTT/Ogy1vU9mKmOrmNG8o NVDHq+ed/2cHKh7yu7xV6MlAokVYqFclGo0oR78+4v61A+RfTAXAXqOygxw20Mkh SKSQKhUvbqfKJU4E/ViwKWzb3xoGKZsUh2JrP0miblJRvw== -----END CERTIFICATE-----Generated at Sun Jan 25 17:48:44 2026 by rpki-client