This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/1a134f-030a-43e7-b041-6c7856ef7b31/1/XK29cC1QNwFmLlwXGFjBJZAAGv0.roa File: XK29cC1QNwFmLlwXGFjBJZAAGv0.roa (raw, json) Hash identifier: 5TFT4jvvphRW6Wq8yqWzEFvPjIJTRforfs+JZwUoSgg= Subject key identifier: 5C:AD:BD:70:2D:50:37:01:66:2E:5C:17:18:58:C1:25:90:00:1A:FD Certificate issuer: /CN=e9e4dc968ed52935a04dee3b229c21ca9bfdbd7e Certificate serial: 019B7C80C4E038E9E09CD1D60E20776AA4F4 Authority key identifier: E9:E4:DC:96:8E:D5:29:35:A0:4D:EE:3B:22:9C:21:CA:9B:FD:BD:7E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6eTclo7VKTWgTe47Ipwhypv9vX4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/1a134f-030a-43e7-b041-6c7856ef7b31/1/XK29cC1QNwFmLlwXGFjBJZAAGv0.roa Signing time: Fri 02 Jan 2026 02:19:32 +0000 ROA not before: Fri 02 Jan 2026 02:19:32 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 51248 IP address blocks: 5.43.224.0/21 maxlen: 24 158.255.32.0/21 maxlen: 24 158.255.39.0/24 maxlen: 24 176.74.216.0/21 maxlen: 24 185.8.56.0/22 maxlen: 24 188.124.56.0/21 maxlen: 24 193.161.84.0/22 maxlen: 24 2a03:1840::/48 maxlen: 64 2a03:1840:1::/48 maxlen: 64 2a03:1840:2::/48 maxlen: 64 2a03:1840:3::/48 maxlen: 64 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c7/1a134f-030a-43e7-b041-6c7856ef7b31/1/6eTclo7VKTWgTe47Ipwhypv9vX4.crl rsync://rpki.ripe.net/repository/DEFAULT/c7/1a134f-030a-43e7-b041-6c7856ef7b31/1/6eTclo7VKTWgTe47Ipwhypv9vX4.mft rsync://rpki.ripe.net/repository/DEFAULT/6eTclo7VKTWgTe47Ipwhypv9vX4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:80:c4:e0:38:e9:e0:9c:d1:d6:0e:20:77:6a:a4:f4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e9e4dc968ed52935a04dee3b229c21ca9bfdbd7e Validity Not Before: Jan 2 02:19:32 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5cadbd702d503701662e5c171858c12590001afd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:8c:14:5c:ee:aa:0e:e9:14:b6:6b:d1:d3:bf: 18:78:45:ba:f2:43:16:7d:e1:ad:ab:b4:07:95:7c: 52:08:44:08:8d:c8:be:91:b5:bf:34:1c:38:89:be: 71:c2:42:43:f6:97:bd:38:8b:10:31:c6:ec:bf:51: c8:27:13:03:99:df:ec:f6:f5:83:41:5f:55:1f:3d: 74:0e:8e:f2:9a:a5:ca:7f:f5:aa:17:ff:08:a6:fe: ad:f6:18:bb:35:e2:20:5a:24:28:bd:4d:0e:22:3a: 3b:dc:91:07:4f:4a:be:c8:cb:5c:f6:0a:fc:cb:2e: ad:cf:a5:5e:a7:c1:30:33:47:a1:07:f4:09:76:f9: db:b5:79:5e:1e:45:bc:cd:a9:2a:67:b3:63:4e:51: fa:65:6b:8a:fd:c4:f2:5b:80:bc:ee:54:cc:f2:c3: 99:98:17:80:d0:4e:b2:bd:79:1e:51:42:19:b6:90: 6a:ec:cf:8c:dd:17:42:d8:4e:d9:39:5e:1d:81:c6: 0d:78:cf:1d:62:08:08:b4:dd:cb:bc:cd:a2:ac:8e: d3:91:71:d3:d9:b0:e5:08:bd:fa:6a:5a:e0:ce:af: cc:1a:9f:f4:4b:38:91:1a:1c:a1:c6:72:e8:a5:5f: 8f:44:a1:56:3c:56:f0:37:ca:58:ac:69:b6:5c:5c: 62:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5C:AD:BD:70:2D:50:37:01:66:2E:5C:17:18:58:C1:25:90:00:1A:FD X509v3 Authority Key Identifier: keyid:E9:E4:DC:96:8E:D5:29:35:A0:4D:EE:3B:22:9C:21:CA:9B:FD:BD:7E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6eTclo7VKTWgTe47Ipwhypv9vX4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/1a134f-030a-43e7-b041-6c7856ef7b31/1/XK29cC1QNwFmLlwXGFjBJZAAGv0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/1a134f-030a-43e7-b041-6c7856ef7b31/1/6eTclo7VKTWgTe47Ipwhypv9vX4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.43.224.0/21 158.255.32.0/21 176.74.216.0/21 185.8.56.0/22 188.124.56.0/21 193.161.84.0/22 IPv6: 2a03:1840::/46 Signature Algorithm: sha256WithRSAEncryption 45:6b:63:98:1d:77:23:66:fb:66:4c:c2:b4:e1:5b:de:ed:49: d5:c0:d9:ff:b1:3a:1d:13:75:ed:47:1a:d2:d9:45:ca:da:d3: 4e:c8:f2:87:0a:2b:b9:a1:ef:0c:38:30:99:cf:c2:04:9b:1e: b0:8a:5a:ce:4a:8d:33:b8:d3:7c:0e:63:4f:dd:d3:d6:2f:56: 92:9f:84:5e:db:4e:e7:5f:cc:2d:66:4f:3d:fc:66:55:81:23: c9:a4:10:be:0b:b9:01:c2:a7:d4:1c:93:fa:b8:97:93:01:18: d1:e7:d1:0f:84:a6:b7:63:5a:94:e3:b0:45:46:35:ce:67:11: a5:f7:74:a6:fd:4e:4b:75:d4:16:43:a0:49:39:45:0c:6e:7a: fb:45:ec:15:0c:f3:9f:53:4b:2a:ea:a1:26:67:bd:c0:bd:88: 56:3d:0b:c2:b6:90:52:9e:e1:ad:e1:6e:e4:0f:56:2f:2b:93: 58:25:df:15:e8:fe:d3:08:c1:c9:34:47:4d:39:f2:54:28:89: 23:2b:15:59:a6:99:7b:80:ad:bc:85:64:5a:c0:8c:87:e7:ae: 79:48:25:27:10:14:cb:34:ae:91:09:35:5f:02:dd:97:7d:f6: 31:05:5e:df:28:f4:94:b8:ea:c0:04:67:d6:e2:3e:e7:3f:95: 56:aa:f1:cf -----BEGIN CERTIFICATE----- MIIFLDCCBBSgAwIBAgISAZt8gMTgOOngnNHWDiB3aqT0MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGU5ZTRkYzk2OGVkNTI5MzVhMDRkZWUzYjIyOWMyMWNhOWJm ZGJkN2UwHhcNMjYwMTAyMDIxOTMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1Y2FkYmQ3MDJkNTAzNzAxNjYyZTVjMTcxODU4YzEyNTkwMDAxYWZkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnowUXO6qDukUtmvR078YeEW68kMW feGtq7QHlXxSCEQIjci+kbW/NBw4ib5xwkJD9pe9OIsQMcbsv1HIJxMDmd/s9vWD QV9VHz10Do7ymqXKf/WqF/8Ipv6t9hi7NeIgWiQovU0OIjo73JEHT0q+yMtc9gr8 yy6tz6Vep8EwM0ehB/QJdvnbtXleHkW8zakqZ7NjTlH6ZWuK/cTyW4C87lTM8sOZ mBeA0E6yvXkeUUIZtpBq7M+M3RdC2E7ZOV4dgcYNeM8dYggItN3LvM2irI7TkXHT 2bDlCL36alrgzq/MGp/0SziRGhyhxnLopV+PRKFWPFbwN8pYrGm2XFxiBwIDAQAB o4ICODCCAjQwHQYDVR0OBBYEFFytvXAtUDcBZi5cFxhYwSWQABr9MB8GA1UdIwQY MBaAFOnk3JaO1Sk1oE3uOyKcIcqb/b1+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNmVUY2xvN1ZLVFdnVGU0N0lwd2h5cHY5dlg0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy8xYTEzNGYtMDMwYS00M2U3LWIwNDEt NmM3ODU2ZWY3YjMxLzEvWEsyOWNDMVFOd0ZtTGx3WEdGakJKWkFBR3YwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jNy8xYTEzNGYtMDMwYS00M2U3LWIwNDEtNmM3ODU2ZWY3YjMx LzEvNmVUY2xvN1ZLVFdnVGU0N0lwd2h5cHY5dlg0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAqBAIAATAkAwQDBSvgAwQD nv8gAwQDsErYAwQCuQg4AwQDvHw4AwQCwaFUMA8EAgACMAkDBwIqAxhAAAAwDQYJ KoZIhvcNAQELBQADggEBAEVrY5gddyNm+2ZMwrThW97tSdXA2f+xOh0Tde1HGtLZ Rcra007I8ocKK7mh7ww4MJnPwgSbHrCKWs5KjTO403wOY0/d09YvVpKfhF7bTudf zC1mTz38ZlWBI8mkEL4LuQHCp9Qck/q4l5MBGNHn0Q+EprdjWpTjsEVGNc5nEaX3 dKb9Tkt11BZDoEk5RQxuevtF7BUM859TSyrqoSZnvcC9iFY9C8K2kFKe4a3hbuQP Vi8rk1gl3xXo/tMIwck0R0058lQoiSMrFVmmmXuArbyFZFrAjIfnrnlIJScQFMs0 rpEJNV8C3Zd99jEFXt8o9JS46sAEZ9biPuc/lVaq8c8= -----END CERTIFICATE-----Generated at Sun Jan 25 20:47:08 2026 by rpki-client