This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/Xf3bZPWk0_bi28_oQ2232QrSJQQ.roa File: Xf3bZPWk0_bi28_oQ2232QrSJQQ.roa (raw, json) Hash identifier: ffz/L4K0R9hVyQDyQ+n17EfkZ224IbQsJdVzmjU75wU= Subject key identifier: 5D:FD:DB:64:F5:A4:D3:F6:E2:DB:CF:E8:43:6D:B7:D9:0A:D2:25:04 Certificate issuer: /CN=f04eb204f358004788224e2fb18e4d5e74bebf8d Certificate serial: 019B7C7FE040926D02FF537FD801A6EE4D00 Authority key identifier: F0:4E:B2:04:F3:58:00:47:88:22:4E:2F:B1:8E:4D:5E:74:BE:BF:8D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8E6yBPNYAEeIIk4vsY5NXnS-v40.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/Xf3bZPWk0_bi28_oQ2232QrSJQQ.roa Signing time: Fri 02 Jan 2026 02:18:33 +0000 ROA not before: Fri 02 Jan 2026 02:18:33 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 400536 IP address blocks: 45.129.92.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/8E6yBPNYAEeIIk4vsY5NXnS-v40.crl rsync://rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/8E6yBPNYAEeIIk4vsY5NXnS-v40.mft rsync://rpki.ripe.net/repository/DEFAULT/8E6yBPNYAEeIIk4vsY5NXnS-v40.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:7f:e0:40:92:6d:02:ff:53:7f:d8:01:a6:ee:4d:00 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f04eb204f358004788224e2fb18e4d5e74bebf8d Validity Not Before: Jan 2 02:18:33 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5dfddb64f5a4d3f6e2dbcfe8436db7d90ad22504 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:58:83:6b:5b:b3:67:31:31:0f:fb:4a:f1:92: fb:12:cb:16:13:41:47:ed:24:29:fb:9a:39:9c:19: 80:28:4f:f1:48:df:a0:ce:84:ab:a4:5c:77:24:6b: f4:de:31:8d:ef:ef:3c:a9:b6:ca:96:8e:25:9b:f2: d8:d1:74:6f:98:c0:47:19:0f:db:d2:f5:a8:97:f0: 65:40:ff:45:5d:01:15:c2:92:41:1e:b1:15:89:73: 5a:c5:fb:54:ce:e2:2d:ed:01:b7:5c:28:11:92:0c: 12:4e:e4:ec:ae:7a:40:7a:d0:5f:df:e3:34:b2:cc: 6d:81:97:39:ae:67:21:23:3f:05:e8:39:ef:a1:13: 35:16:d7:bd:2d:a9:b5:95:78:13:e1:dc:ab:32:1e: c0:04:9a:05:90:de:ce:88:d7:f8:eb:fb:9c:18:a7: 08:45:53:f5:06:b7:c0:9c:22:14:2e:25:71:63:01: 10:b2:05:d5:36:2d:04:dd:90:3d:dc:b1:a4:5d:16: cb:26:c5:9e:6f:b6:8e:ea:3a:0a:9b:ce:4c:4d:03: 18:0c:4f:8f:01:5c:1a:1c:a3:aa:9a:0d:e9:34:45: 41:c3:9f:a0:8d:39:1d:82:e6:82:ac:c6:31:47:3a: 78:6b:c1:c7:6f:85:b0:28:ee:68:7d:29:dc:59:47: 1c:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:FD:DB:64:F5:A4:D3:F6:E2:DB:CF:E8:43:6D:B7:D9:0A:D2:25:04 X509v3 Authority Key Identifier: keyid:F0:4E:B2:04:F3:58:00:47:88:22:4E:2F:B1:8E:4D:5E:74:BE:BF:8D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8E6yBPNYAEeIIk4vsY5NXnS-v40.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/Xf3bZPWk0_bi28_oQ2232QrSJQQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/8E6yBPNYAEeIIk4vsY5NXnS-v40.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.129.92.0/24 Signature Algorithm: sha256WithRSAEncryption 97:03:70:6b:50:d1:89:04:65:6a:52:ef:e5:22:e5:98:37:4f: 1a:ea:53:3e:79:35:f9:ac:25:6f:15:2e:6e:2d:64:af:99:bd: b1:c2:8b:46:03:21:e8:18:44:68:f0:75:56:0a:01:b5:54:cf: 2b:8b:cb:4a:e9:56:e1:6a:66:e8:85:0f:ce:73:0e:25:1a:59: 75:32:20:6b:a9:69:d8:78:7e:c1:ff:64:bf:d1:19:cf:21:19: f9:d4:d9:58:64:6e:fa:b3:18:2f:ce:44:0b:bd:af:48:73:36: 3b:38:76:c6:32:32:b4:f3:c9:a6:2c:dc:07:dc:3d:2c:b3:46: 5d:c1:c3:4c:40:fd:d9:a8:b6:fe:e3:67:d1:29:43:1b:32:78: 24:4e:c7:84:2d:bd:83:d7:79:a6:8f:82:f1:47:d2:f0:4a:e6: 8f:6c:29:3e:f8:6d:24:ff:ed:af:38:5a:86:eb:5c:ef:0b:ba: 6a:7f:e0:c5:f9:f6:9c:59:5c:4e:d9:14:ff:40:a9:95:19:e4: f4:2f:5d:bd:cf:27:f8:1b:0e:af:37:64:25:08:29:d6:18:50: d3:77:8a:be:a4:08:de:58:98:b6:4c:7e:2d:64:4b:a5:0c:f4: d2:31:f2:1e:4e:2b:34:2f:eb:42:1c:69:0d:7a:2f:82:6b:0c: 8f:16:c5:72 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt8f+BAkm0C/1N/2AGm7k0AMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGYwNGViMjA0ZjM1ODAwNDc4ODIyNGUyZmIxOGU0ZDVlNzRi ZWJmOGQwHhcNMjYwMTAyMDIxODMzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1ZGZkZGI2NGY1YTRkM2Y2ZTJkYmNmZTg0MzZkYjdkOTBhZDIyNTA0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxViDa1uzZzExD/tK8ZL7EssWE0FH 7SQp+5o5nBmAKE/xSN+gzoSrpFx3JGv03jGN7+88qbbKlo4lm/LY0XRvmMBHGQ/b 0vWol/BlQP9FXQEVwpJBHrEViXNaxftUzuIt7QG3XCgRkgwSTuTsrnpAetBf3+M0 ssxtgZc5rmchIz8F6DnvoRM1Fte9Lam1lXgT4dyrMh7ABJoFkN7OiNf46/ucGKcI RVP1BrfAnCIULiVxYwEQsgXVNi0E3ZA93LGkXRbLJsWeb7aO6joKm85MTQMYDE+P AVwaHKOqmg3pNEVBw5+gjTkdguaCrMYxRzp4a8HHb4WwKO5ofSncWUcceQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFF3922T1pNP24tvP6ENtt9kK0iUEMB8GA1UdIwQY MBaAFPBOsgTzWABHiCJOL7GOTV50vr+NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvOEU2eUJQTllBRWVJSWs0dnNZNU5YblMtdjQwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS85YWI0MmEtZGY5Mi00ZTQyLTllMzMt NWM1ODkyYWZhNDg3LzEvWGYzYlpQV2swX2JpMjhfb1EyMjMyUXJTSlFRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jNS85YWI0MmEtZGY5Mi00ZTQyLTllMzMtNWM1ODkyYWZhNDg3 LzEvOEU2eUJQTllBRWVJSWs0dnNZNU5YblMtdjQwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYFcMA0G CSqGSIb3DQEBCwUAA4IBAQCXA3BrUNGJBGVqUu/lIuWYN08a6lM+eTX5rCVvFS5u LWSvmb2xwotGAyHoGERo8HVWCgG1VM8ri8tK6VbhambohQ/Ocw4lGll1MiBrqWnY eH7B/2S/0RnPIRn51NlYZG76sxgvzkQLva9IczY7OHbGMjK088mmLNwH3D0ss0Zd wcNMQP3ZqLb+42fRKUMbMngkTseELb2D13mmj4LxR9LwSuaPbCk++G0k/+2vOFqG 61zvC7pqf+DF+facWVxO2RT/QKmVGeT0L129zyf4Gw6vN2QlCCnWGFDTd4q+pAje WJi2TH4tZEulDPTSMfIeTis0L+tCHGkNei+CawyPFsVy -----END CERTIFICATE-----Generated at Sun Jan 25 17:34:47 2026 by rpki-client