This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/Xb9XYMZUrwhrcR5xtkjXTXwPh5A.roa File: Xb9XYMZUrwhrcR5xtkjXTXwPh5A.roa (raw, json) Hash identifier: U9XBcNhQpsFM5ENPd3Io7dwRU7Djmy7wkF+Tl5w0TE0= Subject key identifier: 5D:BF:57:60:C6:54:AF:08:6B:71:1E:71:B6:48:D7:4D:7C:0F:87:90 Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b Certificate serial: 019B7834529E8A6442371C0A9EAE033C8133 Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/Xb9XYMZUrwhrcR5xtkjXTXwPh5A.roa Signing time: Thu 01 Jan 2026 06:17:33 +0000 ROA not before: Thu 01 Jan 2026 06:17:33 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 33980 IP address blocks: 192.165.72.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.mft rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 25 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:34:52:9e:8a:64:42:37:1c:0a:9e:ae:03:3c:81:33 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b Validity Not Before: Jan 1 06:17:33 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5dbf5760c654af086b711e71b648d74d7c0f8790 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:1e:95:d8:96:a5:c9:3d:5c:c6:ae:67:ae:01: 7c:6d:50:9e:99:34:0b:42:76:28:57:de:b1:3b:58: 4a:85:95:6e:11:52:46:95:a8:6c:ab:12:73:c1:57: 0b:4c:a0:f3:26:cd:b9:8a:7e:93:fb:79:a7:f4:8e: 84:a5:fb:21:15:5a:70:fc:50:a6:2c:04:3f:32:9a: d4:1f:d5:bc:2e:f9:00:18:8e:68:74:71:67:69:1a: 9b:5f:d6:85:8e:71:67:d9:a2:d2:70:21:a3:51:4e: cc:bf:44:e1:f0:68:46:6d:22:b7:96:ea:bd:e4:08: 76:7c:82:7e:56:02:cf:35:56:c1:c7:fd:56:71:88: 0a:b0:28:4f:6c:a2:a4:bb:9b:2a:3d:cd:f2:a7:67: 61:fb:b9:25:0b:59:46:72:ec:3d:16:da:dc:15:cb: de:e2:af:02:8e:96:ae:c2:24:a4:14:23:4b:07:5f: 11:40:29:f4:9f:98:9a:bc:17:62:fd:0c:7a:0e:68: d7:54:ae:fe:d9:3b:cc:00:5c:c6:78:e3:63:0e:db: b9:78:3b:88:a0:12:26:1d:97:ab:fc:3e:83:41:b8: ac:d2:bd:ad:72:c0:ab:42:89:cf:f0:fe:82:c5:85: f8:9a:46:ea:c1:53:b7:66:e7:ac:a2:19:97:d1:24: 0d:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:BF:57:60:C6:54:AF:08:6B:71:1E:71:B6:48:D7:4D:7C:0F:87:90 X509v3 Authority Key Identifier: keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/Xb9XYMZUrwhrcR5xtkjXTXwPh5A.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 192.165.72.0/24 Signature Algorithm: sha256WithRSAEncryption 38:5b:76:fe:a6:e9:34:23:bf:70:d0:fd:90:25:46:e3:93:e2: a3:f3:98:a9:aa:cb:15:b7:e0:24:d7:a6:25:fb:02:9c:4c:08: f1:e5:ab:b9:85:f4:f3:5f:19:a3:23:61:e7:66:d1:e3:3d:53: 79:94:82:97:93:07:44:a8:fa:14:f0:03:8c:f7:de:9b:a9:6d: c0:67:fb:1c:50:0c:d9:fc:0c:83:3f:31:99:cd:68:de:68:28: 67:11:cd:4f:43:9c:05:24:38:a8:cb:eb:d8:e9:02:d8:c9:75: 6a:46:2e:35:9d:ae:2d:66:f0:69:75:e8:21:b0:d8:83:92:91: 62:1c:31:4e:e4:a8:71:ab:15:19:20:5b:f6:fb:4a:cd:3e:75: d8:f7:ab:db:8b:40:74:a2:81:95:94:41:20:67:5d:a0:48:37: ef:61:86:52:9c:da:78:3e:43:b4:1d:fd:22:e4:19:5b:db:3f: e6:68:16:a5:fa:ff:0a:e6:e8:20:6c:a0:75:27:65:1a:bb:80: 3f:dd:ca:ee:f2:33:12:8e:e9:bc:95:53:d4:65:3d:fe:4a:79: 08:d0:1e:6f:b2:f6:9b:05:41:bb:ef:2e:25:16:54:de:6c:f1: d1:52:28:69:cb:db:1f:00:ab:fb:d7:a7:44:f8:ee:71:f9:40: d2:fc:cd:bd -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt4NFKeimRCNxwKnq4DPIEzMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh ZGFmMWIwHhcNMjYwMTAxMDYxNzMzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1ZGJmNTc2MGM2NTRhZjA4NmI3MTFlNzFiNjQ4ZDc0ZDdjMGY4NzkwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvh6V2JalyT1cxq5nrgF8bVCemTQL QnYoV96xO1hKhZVuEVJGlahsqxJzwVcLTKDzJs25in6T+3mn9I6EpfshFVpw/FCm LAQ/MprUH9W8LvkAGI5odHFnaRqbX9aFjnFn2aLScCGjUU7Mv0Th8GhGbSK3luq9 5Ah2fIJ+VgLPNVbBx/1WcYgKsChPbKKku5sqPc3yp2dh+7klC1lGcuw9FtrcFcve 4q8CjpauwiSkFCNLB18RQCn0n5iavBdi/Qx6DmjXVK7+2TvMAFzGeONjDtu5eDuI oBImHZer/D6DQbis0r2tcsCrQonP8P6CxYX4mkbqwVO3ZuesohmX0SQNgwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFF2/V2DGVK8Ia3EecbZI1018D4eQMB8GA1UdIwQY MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt OTQzZDAzMzIxMzI2LzEvWGI5WFlNWlVyd2hyY1I1eHRralhUWHdQaDVBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2 LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwKVIMA0G CSqGSIb3DQEBCwUAA4IBAQA4W3b+puk0I79w0P2QJUbjk+Kj85ipqssVt+Ak16Yl +wKcTAjx5au5hfTzXxmjI2HnZtHjPVN5lIKXkwdEqPoU8AOM996bqW3AZ/scUAzZ /AyDPzGZzWjeaChnEc1PQ5wFJDioy+vY6QLYyXVqRi41na4tZvBpdeghsNiDkpFi HDFO5KhxqxUZIFv2+0rNPnXY96vbi0B0ooGVlEEgZ12gSDfvYYZSnNp4PkO0Hf0i 5Blb2z/maBal+v8K5uggbKB1J2Uau4A/3cru8jMSjum8lVPUZT3+SnkI0B5vsvab BUG77y4lFlTebPHRUihpy9sfAKv716dE+O5x+UDS/M29 -----END CERTIFICATE-----Generated at Sun Jan 25 09:04:18 2026 by rpki-client