This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/d4a89c-54b2-445b-bb7c-609a48b2b14d/1/XkdalcQg6hGFzhglm3gQzCnpww4.roa File: XkdalcQg6hGFzhglm3gQzCnpww4.roa (raw, json) Hash identifier: 8jItQEffXXa+ZvcKZLLyn2RNT/EfLCbVUQe+TOkVNeM= Subject key identifier: 5E:47:5A:95:C4:20:EA:11:85:CE:18:25:9B:78:10:CC:29:E9:C3:0E Certificate issuer: /CN=387d6df7eb7542e0333aeedd14adff8f51f8cbd8 Certificate serial: 019B7D5B6DE3499B3CA8290F312CA8D19035 Authority key identifier: 38:7D:6D:F7:EB:75:42:E0:33:3A:EE:DD:14:AD:FF:8F:51:F8:CB:D8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OH1t9-t1QuAzOu7dFK3_j1H4y9g.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/d4a89c-54b2-445b-bb7c-609a48b2b14d/1/XkdalcQg6hGFzhglm3gQzCnpww4.roa Signing time: Fri 02 Jan 2026 06:18:22 +0000 ROA not before: Fri 02 Jan 2026 06:18:22 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 211447 IP address blocks: 193.200.194.0/24 maxlen: 24 2a0a:d6c0:194::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/d4a89c-54b2-445b-bb7c-609a48b2b14d/1/OH1t9-t1QuAzOu7dFK3_j1H4y9g.crl rsync://rpki.ripe.net/repository/DEFAULT/c8/d4a89c-54b2-445b-bb7c-609a48b2b14d/1/OH1t9-t1QuAzOu7dFK3_j1H4y9g.mft rsync://rpki.ripe.net/repository/DEFAULT/OH1t9-t1QuAzOu7dFK3_j1H4y9g.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 16:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5b:6d:e3:49:9b:3c:a8:29:0f:31:2c:a8:d1:90:35 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=387d6df7eb7542e0333aeedd14adff8f51f8cbd8 Validity Not Before: Jan 2 06:18:22 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5e475a95c420ea1185ce18259b7810cc29e9c30e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:93:ab:b3:cb:5f:17:b0:dc:57:ac:28:9d:c0: 5b:ca:c7:73:4a:30:b0:f5:a7:ad:e9:18:50:92:c0: 05:a9:71:4f:ea:22:38:74:b4:55:ca:ee:51:b4:e1: 44:4d:4a:fb:8e:4c:08:78:01:9c:88:35:56:d4:38: f3:36:75:3e:74:e1:a1:77:7f:be:8b:ae:9b:e2:2f: d4:6e:da:77:83:bb:01:e1:ae:08:58:a7:66:e3:58: cc:71:8e:71:52:2e:8f:d1:8b:69:c7:09:ed:b2:50: 74:63:1c:80:df:ec:dc:dc:3d:c1:bd:d6:e0:96:c3: 90:96:f4:2a:cb:a3:b7:d2:12:c0:e4:92:d9:a3:e7: 60:06:ce:74:51:0f:e1:72:ce:c2:64:a3:c4:46:8a: 39:f4:47:72:90:52:62:b8:2c:de:d7:90:6a:6d:2d: 1c:68:e8:79:b1:cc:dc:37:56:31:51:15:f8:4f:a7: 8d:65:4d:69:a0:d5:cb:36:93:4b:db:ec:ad:bd:15: d1:44:d3:ee:be:20:cd:51:6d:0c:fa:5e:a0:cd:0f: 64:1c:0f:32:d2:71:59:dc:bb:3d:2d:66:70:a3:66: 2a:e4:bf:1d:3b:8d:9a:54:bd:67:b2:92:22:1d:22: 7c:52:89:af:02:df:3a:c6:c0:53:2e:ce:80:ba:82: 4c:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5E:47:5A:95:C4:20:EA:11:85:CE:18:25:9B:78:10:CC:29:E9:C3:0E X509v3 Authority Key Identifier: keyid:38:7D:6D:F7:EB:75:42:E0:33:3A:EE:DD:14:AD:FF:8F:51:F8:CB:D8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OH1t9-t1QuAzOu7dFK3_j1H4y9g.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/d4a89c-54b2-445b-bb7c-609a48b2b14d/1/XkdalcQg6hGFzhglm3gQzCnpww4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/d4a89c-54b2-445b-bb7c-609a48b2b14d/1/OH1t9-t1QuAzOu7dFK3_j1H4y9g.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 193.200.194.0/24 IPv6: 2a0a:d6c0:194::/48 Signature Algorithm: sha256WithRSAEncryption 91:58:6f:2d:af:3e:dd:56:04:d4:9f:fe:72:df:2e:39:3e:42: bd:7f:28:fe:57:1b:dc:c5:08:84:1f:69:ec:cd:1c:eb:fb:be: 41:01:37:c8:f2:97:e4:bb:d0:f7:a1:c8:96:f4:54:45:98:5d: 25:25:5a:f3:8c:35:52:84:56:3a:47:88:cc:2e:94:09:60:52: 72:cc:02:b6:9d:ca:22:25:6b:2b:51:19:db:f2:03:cc:f6:1d: 05:00:58:d5:1b:f9:f3:1b:9a:23:2c:a5:26:f1:26:2d:24:39: f0:9c:73:c1:da:6e:cf:62:ec:fa:f4:1c:66:38:df:7d:d5:27: 5e:f6:45:47:4e:f2:57:ff:a7:93:f7:92:d7:04:b9:20:29:c7: 26:8c:c1:63:f3:dd:99:81:66:33:b5:34:25:bd:bc:f3:f5:9d: 6e:7e:cd:10:b3:b0:51:bf:ef:60:f7:a0:78:5b:29:0f:08:81: 72:ea:c4:ee:09:fe:56:db:78:e0:91:89:6e:70:ec:70:9b:c7: d0:8d:cd:d7:e2:3d:d4:fc:b0:d7:4e:f2:31:83:5a:59:fb:88: b7:fd:89:50:66:05:1e:d0:85:2f:96:de:19:5d:e5:2e:99:c5: 5b:b3:26:ec:51:3b:ec:65:2f:8b:15:86:82:1e:3e:eb:0f:7b: 8a:f2:bd:18 -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgISAZt9W23jSZs8qCkPMSyo0ZA1MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM4N2Q2ZGY3ZWI3NTQyZTAzMzNhZWVkZDE0YWRmZjhmNTFm OGNiZDgwHhcNMjYwMTAyMDYxODIyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1ZTQ3NWE5NWM0MjBlYTExODVjZTE4MjU5Yjc4MTBjYzI5ZTljMzBlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwZOrs8tfF7DcV6woncBbysdzSjCw 9aet6RhQksAFqXFP6iI4dLRVyu5RtOFETUr7jkwIeAGciDVW1DjzNnU+dOGhd3++ i66b4i/Ubtp3g7sB4a4IWKdm41jMcY5xUi6P0YtpxwntslB0YxyA3+zc3D3Bvdbg lsOQlvQqy6O30hLA5JLZo+dgBs50UQ/hcs7CZKPERoo59EdykFJiuCze15BqbS0c aOh5sczcN1YxURX4T6eNZU1poNXLNpNL2+ytvRXRRNPuviDNUW0M+l6gzQ9kHA8y 0nFZ3Ls9LWZwo2Yq5L8dO42aVL1nspIiHSJ8UomvAt86xsBTLs6AuoJMywIDAQAB o4ICGjCCAhYwHQYDVR0OBBYEFF5HWpXEIOoRhc4YJZt4EMwp6cMOMB8GA1UdIwQY MBaAFDh9bffrdULgMzru3RSt/49R+MvYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT0gxdDktdDFRdUF6T3U3ZEZLM19qMUg0eTlnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9kNGE4OWMtNTRiMi00NDViLWJiN2Mt NjA5YTQ4YjJiMTRkLzEvWGtkYWxjUWc2aEdGemhnbG0zZ1F6Q25wd3c0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jOC9kNGE4OWMtNTRiMi00NDViLWJiN2MtNjA5YTQ4YjJiMTRk LzEvT0gxdDktdDFRdUF6T3U3ZEZLM19qMUg0eTlnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwcjCMA8E AgACMAkDBwAqCtbAAZQwDQYJKoZIhvcNAQELBQADggEBAJFYby2vPt1WBNSf/nLf Ljk+Qr1/KP5XG9zFCIQfaezNHOv7vkEBN8jyl+S70PehyJb0VEWYXSUlWvOMNVKE VjpHiMwulAlgUnLMAradyiIlaytRGdvyA8z2HQUAWNUb+fMbmiMspSbxJi0kOfCc c8Habs9i7Pr0HGY4333VJ172RUdO8lf/p5P3ktcEuSApxyaMwWPz3ZmBZjO1NCW9 vPP1nW5+zRCzsFG/72D3oHhbKQ8IgXLqxO4J/lbbeOCRiW5w7HCbx9CNzdfiPdT8 sNdO8jGDWln7iLf9iVBmBR7QhS+W3hld5S6ZxVuzJuxRO+xlL4sVhoIePusPe4ry vRg= -----END CERTIFICATE-----Generated at Mon Jan 26 00:14:01 2026 by rpki-client