This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/xcWX6DznqEW4C71zJpWJN-QrPDQ.roa File: xcWX6DznqEW4C71zJpWJN-QrPDQ.roa (raw, json) Hash identifier: +1l0sVjd17+Z7nheyNBVU+fgNJqvceCmb4/QNIBVEUI= Subject key identifier: C5:C5:97:E8:3C:E7:A8:45:B8:0B:BD:73:26:95:89:37:E4:2B:3C:34 Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe Certificate serial: 019B78A2D4518D11250A6EFDFF41A756ACE8 Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/xcWX6DznqEW4C71zJpWJN-QrPDQ.roa Signing time: Thu 01 Jan 2026 08:18:15 +0000 ROA not before: Thu 01 Jan 2026 08:18:15 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 400810 IP address blocks: 109.72.114.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.mft rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 04:01:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a2:d4:51:8d:11:25:0a:6e:fd:ff:41:a7:56:ac:e8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe Validity Not Before: Jan 1 08:18:15 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=c5c597e83ce7a845b80bbd7326958937e42b3c34 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:48:74:c3:a5:38:ad:79:6d:b9:74:09:77:f8: 91:63:04:44:3e:5a:20:fc:67:4f:7a:0a:ee:d5:79: 60:6d:8d:ee:d0:f2:75:25:be:41:b0:bd:93:df:6a: 9f:ff:5c:81:f8:b5:9a:30:b6:4f:85:d3:27:90:31: 6d:02:c3:f0:34:c6:a0:3c:16:cb:2d:c9:0c:44:85: 0c:64:ef:ab:65:45:3f:ed:13:5d:9d:3f:af:71:e9: e2:0e:86:f2:c0:87:ed:f3:6b:59:b4:25:d8:e7:33: 7b:f7:07:78:a3:0a:d5:b3:10:4a:9a:91:02:65:80: 4a:0c:a1:3e:ef:d4:8a:10:07:c9:82:65:0e:0b:c1: 23:10:98:9d:3b:ba:09:f2:5a:1b:ea:99:62:8d:d0: 08:3d:a2:66:51:8e:44:44:55:47:a6:13:f3:86:fc: 7e:6d:e0:e2:b0:8a:89:ab:32:f8:c7:1b:c5:4c:82: ad:1c:c4:ca:ad:20:86:13:ae:54:32:64:44:09:ec: 42:91:6e:75:21:b7:66:aa:58:d1:4e:92:4d:3f:05: 30:4e:b7:c4:1a:19:21:5a:2d:d2:36:c1:28:01:6e: 2b:7b:55:29:13:c1:3a:26:13:35:93:f3:c3:cb:98: 9a:a1:ef:72:a1:f2:93:5a:70:9c:08:6d:e6:d4:c7: ae:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C5:C5:97:E8:3C:E7:A8:45:B8:0B:BD:73:26:95:89:37:E4:2B:3C:34 X509v3 Authority Key Identifier: keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/xcWX6DznqEW4C71zJpWJN-QrPDQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 109.72.114.0/23 Signature Algorithm: sha256WithRSAEncryption 08:9c:5c:e5:17:2a:07:03:24:b4:3d:02:76:d1:9b:b3:58:84: d2:59:bc:ea:f6:2b:f0:5f:c3:d1:53:d4:e9:4c:83:9c:9e:94: e3:5b:0f:4e:1f:0b:5e:23:ce:38:78:0f:c0:d4:68:85:dc:6e: 44:4b:15:ad:f9:78:56:7b:92:0f:29:56:1b:20:3f:85:b7:7b: b3:38:b0:79:fc:20:16:45:ae:33:34:13:73:98:08:16:2c:37: b6:73:cc:a6:14:c5:4c:fd:53:c5:26:9d:39:49:b5:72:0f:45: fb:86:42:77:9d:9b:b8:8d:90:93:b1:d4:b0:e1:e2:07:9a:e3: 84:93:8c:e2:07:82:b0:5c:34:21:63:75:11:32:32:0f:bc:1b: 69:85:d8:a1:42:a7:00:d6:ea:c1:c0:1c:c9:28:40:13:0c:a0: 92:77:94:fd:b1:97:62:33:8e:6e:5d:b8:85:7c:68:32:fd:b3: 3f:17:fc:a6:97:73:02:11:49:94:bb:fd:fa:d3:d8:2c:42:8d: 86:a1:91:1b:5f:64:4d:4f:e2:24:82:ef:d4:2a:8c:30:79:84: e6:44:d9:ab:b4:eb:1a:19:0d:c8:c7:61:8e:b3:4f:b6:51:30: 71:cd:11:2c:f2:04:f2:97:a5:20:39:3a:7b:3a:bb:26:df:ea: 0e:82:07:26 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt4otRRjRElCm79/0GnVqzoMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk OGRhYmUwHhcNMjYwMTAxMDgxODE1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjNWM1OTdlODNjZTdhODQ1YjgwYmJkNzMyNjk1ODkzN2U0MmIzYzM0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxUh0w6U4rXltuXQJd/iRYwREPlog /GdPegru1XlgbY3u0PJ1Jb5BsL2T32qf/1yB+LWaMLZPhdMnkDFtAsPwNMagPBbL LckMRIUMZO+rZUU/7RNdnT+vceniDobywIft82tZtCXY5zN79wd4owrVsxBKmpEC ZYBKDKE+79SKEAfJgmUOC8EjEJidO7oJ8lob6plijdAIPaJmUY5ERFVHphPzhvx+ beDisIqJqzL4xxvFTIKtHMTKrSCGE65UMmRECexCkW51IbdmqljRTpJNPwUwTrfE GhkhWi3SNsEoAW4re1UpE8E6JhM1k/PDy5iaoe9yofKTWnCcCG3m1MeuwwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFMXFl+g856hFuAu9cyaViTfkKzw0MB8GA1UdIwQY MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt ODJhZDE0NTU1ZWFhLzEveGNXWDZEem5xRVc0QzcxekpwV0pOLVFyUERRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBbUhyMA0G CSqGSIb3DQEBCwUAA4IBAQAInFzlFyoHAyS0PQJ20ZuzWITSWbzq9ivwX8PRU9Tp TIOcnpTjWw9OHwteI844eA/A1GiF3G5ESxWt+XhWe5IPKVYbID+Ft3uzOLB5/CAW Ra4zNBNzmAgWLDe2c8ymFMVM/VPFJp05SbVyD0X7hkJ3nZu4jZCTsdSw4eIHmuOE k4ziB4KwXDQhY3URMjIPvBtphdihQqcA1urBwBzJKEATDKCSd5T9sZdiM45uXbiF fGgy/bM/F/yml3MCEUmUu/3609gsQo2GoZEbX2RNT+Ikgu/UKowweYTmRNmrtOsa GQ3Ix2GOs0+2UTBxzREs8gTyl6UgOTp7Orsm3+oOggcm -----END CERTIFICATE-----Generated at Sun Jan 25 14:04:43 2026 by rpki-client