This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/4d2831-12ec-4770-9cea-9ac08c3eaaa1/1/XCD8aXlAzGnzxXRVOLV38VoENzs.roa File: XCD8aXlAzGnzxXRVOLV38VoENzs.roa (raw, json) Hash identifier: nXyOSXVfXWMbU4dphXnH7dDUeGh2mNE9IwSEdv2yiZs= Subject key identifier: 5C:20:FC:69:79:40:CC:69:F3:C5:74:55:38:B5:77:F1:5A:04:37:3B Certificate issuer: /CN=88b75aeefe8eea1ac5c219d87505d2e7c5f32f48 Certificate serial: 019B7CEE456807BEB860E98ED2AD52E08737 Authority key identifier: 88:B7:5A:EE:FE:8E:EA:1A:C5:C2:19:D8:75:05:D2:E7:C5:F3:2F:48 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iLda7v6O6hrFwhnYdQXS58XzL0g.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/4d2831-12ec-4770-9cea-9ac08c3eaaa1/1/XCD8aXlAzGnzxXRVOLV38VoENzs.roa Signing time: Fri 02 Jan 2026 04:19:08 +0000 ROA not before: Fri 02 Jan 2026 04:19:08 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 60162 IP address blocks: 185.51.156.0/22 maxlen: 24 185.143.108.0/22 maxlen: 24 2a01:b420::/32 maxlen: 44 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/4d2831-12ec-4770-9cea-9ac08c3eaaa1/1/iLda7v6O6hrFwhnYdQXS58XzL0g.crl rsync://rpki.ripe.net/repository/DEFAULT/c5/4d2831-12ec-4770-9cea-9ac08c3eaaa1/1/iLda7v6O6hrFwhnYdQXS58XzL0g.mft rsync://rpki.ripe.net/repository/DEFAULT/iLda7v6O6hrFwhnYdQXS58XzL0g.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 04:01:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:ee:45:68:07:be:b8:60:e9:8e:d2:ad:52:e0:87:37 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=88b75aeefe8eea1ac5c219d87505d2e7c5f32f48 Validity Not Before: Jan 2 04:19:08 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5c20fc697940cc69f3c5745538b577f15a04373b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:53:61:47:f3:6d:fb:23:2d:dc:59:23:60:b3: 01:d8:8e:da:73:bf:87:8d:0f:8a:6d:d2:7e:00:f1: 33:bb:99:fe:5e:6b:43:d9:63:c4:68:4a:69:18:9c: 18:6e:66:40:d6:ca:22:6e:1c:b2:f3:9a:64:64:24: 8d:45:50:e3:70:f6:70:00:b4:5c:0f:12:19:5f:0b: 94:2a:d0:66:67:02:3f:18:d1:d1:d8:6e:d7:49:24: d0:fa:73:cf:02:19:54:b3:8f:4c:9a:b3:89:1e:d8: 0d:6f:ec:47:61:dc:3a:11:f2:df:cc:3f:e9:7a:65: f7:bb:7f:9c:e9:90:c7:0a:38:0a:a6:04:4e:ca:72: f1:23:fa:b3:21:55:80:bf:65:c8:05:cc:fc:b4:cb: 2c:7a:98:74:54:ef:f8:f5:23:1d:a1:ba:51:3e:a4: c7:ca:b3:65:02:c2:16:df:8f:62:49:01:f8:83:ff: e5:75:0f:45:f3:19:b7:0f:0f:56:ad:ef:24:1b:aa: 1e:bf:79:c2:c9:62:77:62:bd:60:2a:8e:d9:2e:69: f7:10:0f:0b:6c:b5:02:9e:60:25:1a:63:77:cc:0b: 22:14:92:22:07:0f:ef:f0:d2:a9:f1:98:23:08:3d: a3:1f:ef:bb:4c:73:9c:d1:c9:3b:b6:45:d1:b1:77: bd:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5C:20:FC:69:79:40:CC:69:F3:C5:74:55:38:B5:77:F1:5A:04:37:3B X509v3 Authority Key Identifier: keyid:88:B7:5A:EE:FE:8E:EA:1A:C5:C2:19:D8:75:05:D2:E7:C5:F3:2F:48 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iLda7v6O6hrFwhnYdQXS58XzL0g.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/4d2831-12ec-4770-9cea-9ac08c3eaaa1/1/XCD8aXlAzGnzxXRVOLV38VoENzs.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/4d2831-12ec-4770-9cea-9ac08c3eaaa1/1/iLda7v6O6hrFwhnYdQXS58XzL0g.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.51.156.0/22 185.143.108.0/22 IPv6: 2a01:b420::/32 Signature Algorithm: sha256WithRSAEncryption 07:ec:b7:d7:61:fc:d6:63:cd:c5:45:b5:e6:51:14:70:d2:d2: b2:c6:ba:da:7b:04:51:65:05:ff:0d:0a:6e:7e:f9:b4:0d:80: fb:c0:b8:36:ba:c0:c3:6e:e4:45:30:fb:e4:7d:48:40:ce:85: 78:c9:7c:27:98:4f:cf:34:c2:02:b8:b5:f7:69:dc:23:1d:1e: e1:59:a4:06:8a:e1:80:49:da:47:0c:c8:43:e9:17:51:2b:5e: 71:2b:01:66:97:d5:f2:12:d0:a7:e8:10:7d:04:18:da:71:0a: 47:ce:82:46:df:0f:23:68:87:57:30:42:d2:4e:ab:b6:60:38: a6:49:a6:04:9a:30:71:82:12:c0:b5:ee:13:6f:72:0e:d6:65: e7:92:fc:cb:39:20:51:6d:4b:55:c1:0e:10:4f:21:a4:0f:64: f6:23:0b:10:67:d9:27:cd:d5:5c:1e:7e:e5:db:b2:31:74:d4: 4c:02:32:96:5f:5d:1f:68:a1:c2:79:af:5f:be:58:59:0d:a1: fb:d6:32:47:aa:26:cb:fc:30:a7:55:d4:06:7e:55:32:52:fa: 89:d3:a0:3d:07:7d:37:34:fe:cd:81:cd:9c:96:96:b5:37:d2: ea:c0:b2:16:22:85:ff:97:55:ce:8d:2e:9d:3a:dd:72:f1:73: 21:70:dd:06 -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt87kVoB764YOmO0q1S4Ic3MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg4Yjc1YWVlZmU4ZWVhMWFjNWMyMTlkODc1MDVkMmU3YzVm MzJmNDgwHhcNMjYwMTAyMDQxOTA4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1YzIwZmM2OTc5NDBjYzY5ZjNjNTc0NTUzOGI1NzdmMTVhMDQzNzNiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtVNhR/Nt+yMt3FkjYLMB2I7ac7+H jQ+KbdJ+APEzu5n+XmtD2WPEaEppGJwYbmZA1soibhyy85pkZCSNRVDjcPZwALRc DxIZXwuUKtBmZwI/GNHR2G7XSSTQ+nPPAhlUs49MmrOJHtgNb+xHYdw6EfLfzD/p emX3u3+c6ZDHCjgKpgROynLxI/qzIVWAv2XIBcz8tMsseph0VO/49SMdobpRPqTH yrNlAsIW349iSQH4g//ldQ9F8xm3Dw9Wre8kG6oev3nCyWJ3Yr1gKo7ZLmn3EA8L bLUCnmAlGmN3zAsiFJIiBw/v8NKp8ZgjCD2jH++7THOc0ck7tkXRsXe91QIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFFwg/Gl5QMxp88V0VTi1d/FaBDc7MB8GA1UdIwQY MBaAFIi3Wu7+juoaxcIZ2HUF0ufF8y9IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaUxkYTd2Nk82aHJGd2huWWRRWFM1OFh6TDBnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS80ZDI4MzEtMTJlYy00NzcwLTljZWEt OWFjMDhjM2VhYWExLzEvWENEOGFYbEF6R256eFhSVk9MVjM4Vm9FTnpzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jNS80ZDI4MzEtMTJlYy00NzcwLTljZWEtOWFjMDhjM2VhYWEx LzEvaUxkYTd2Nk82aHJGd2huWWRRWFM1OFh6TDBnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuTOcAwQC uY9sMA0EAgACMAcDBQAqAbQgMA0GCSqGSIb3DQEBCwUAA4IBAQAH7LfXYfzWY83F RbXmURRw0tKyxrraewRRZQX/DQpufvm0DYD7wLg2usDDbuRFMPvkfUhAzoV4yXwn mE/PNMICuLX3adwjHR7hWaQGiuGASdpHDMhD6RdRK15xKwFml9XyEtCn6BB9BBja cQpHzoJG3w8jaIdXMELSTqu2YDimSaYEmjBxghLAte4Tb3IO1mXnkvzLOSBRbUtV wQ4QTyGkD2T2IwsQZ9knzdVcHn7l27IxdNRMAjKWX10faKHCea9fvlhZDaH71jJH qibL/DCnVdQGflUyUvqJ06A9B303NP7Ngc2clpa1N9LqwLIWIoX/l1XOjS6dOt1y 8XMhcN0G -----END CERTIFICATE-----Generated at Mon Jan 26 12:26:00 2026 by rpki-client