This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/802b35-673c-4756-9761-f2274965c095/1/xtfoGeIECTpdCbZHNkFP50BN1MA.roa File: xtfoGeIECTpdCbZHNkFP50BN1MA.roa (raw, json) Hash identifier: Z1lBrIMUzn5W9YhrUqvcchRAFUBJEphcXoXllZ4p86k= Subject key identifier: C6:D7:E8:19:E2:04:09:3A:5D:09:B6:47:36:41:4F:E7:40:4D:D4:C0 Certificate issuer: /CN=428df99824ce67b0cb5f87fc46599e13adea5702 Certificate serial: 019B7E388321E16F2F470889A3FA136C9DE8 Authority key identifier: 42:8D:F9:98:24:CE:67:B0:CB:5F:87:FC:46:59:9E:13:AD:EA:57:02 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Qo35mCTOZ7DLX4f8RlmeE63qVwI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/802b35-673c-4756-9761-f2274965c095/1/xtfoGeIECTpdCbZHNkFP50BN1MA.roa Signing time: Fri 02 Jan 2026 10:19:51 +0000 ROA not before: Fri 02 Jan 2026 10:19:51 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 51402 IP address blocks: 178.239.64.0/20 maxlen: 20 185.128.120.0/22 maxlen: 22 185.196.224.0/22 maxlen: 22 185.221.136.0/22 maxlen: 22 2a02:2760::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f6/802b35-673c-4756-9761-f2274965c095/1/Qo35mCTOZ7DLX4f8RlmeE63qVwI.crl rsync://rpki.ripe.net/repository/DEFAULT/f6/802b35-673c-4756-9761-f2274965c095/1/Qo35mCTOZ7DLX4f8RlmeE63qVwI.mft rsync://rpki.ripe.net/repository/DEFAULT/Qo35mCTOZ7DLX4f8RlmeE63qVwI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:38:83:21:e1:6f:2f:47:08:89:a3:fa:13:6c:9d:e8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=428df99824ce67b0cb5f87fc46599e13adea5702 Validity Not Before: Jan 2 10:19:51 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=c6d7e819e204093a5d09b64736414fe7404dd4c0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:36:58:72:9e:4b:42:8c:55:bb:a6:8d:58:7c: af:f9:ba:40:5c:66:2c:8d:a1:64:78:cd:b1:1c:9f: cf:c2:6c:3f:b5:26:1c:ac:16:5a:ef:c5:40:34:6b: dc:ac:69:13:65:4b:cd:d2:bc:85:c4:a0:4f:fd:a1: 39:76:58:95:61:2f:1e:1e:5a:56:10:55:60:54:64: db:bc:37:3c:87:d5:b1:55:f3:e1:eb:7c:54:c7:a3: e6:bb:c5:8e:0d:c3:e5:35:c7:a0:0a:7a:17:0f:b8: 96:b4:61:74:8f:21:fc:de:ff:67:72:70:b6:1f:75: 58:63:40:0a:5a:3e:34:10:87:03:fe:ef:00:ef:08: 9d:2f:13:0f:9f:83:b4:83:90:bc:69:76:9f:07:b5: b7:04:39:12:f7:7c:f8:bf:ac:53:1b:19:ec:14:4a: 58:3f:07:c9:51:33:50:e4:cf:77:d9:ed:ff:c9:b3: 62:95:49:4b:7d:57:aa:b9:1a:7e:14:48:a1:77:9f: ff:35:cc:f5:af:68:0d:73:1b:63:ae:23:29:d4:c9: e3:1a:d4:d5:1c:40:5b:f6:1e:8b:39:8d:80:d9:6b: 9e:9d:85:58:89:62:07:c9:ed:f1:08:2d:ba:aa:03: 1b:9f:cf:ac:b2:7e:eb:90:0d:ba:38:b9:08:6a:fb: 84:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C6:D7:E8:19:E2:04:09:3A:5D:09:B6:47:36:41:4F:E7:40:4D:D4:C0 X509v3 Authority Key Identifier: keyid:42:8D:F9:98:24:CE:67:B0:CB:5F:87:FC:46:59:9E:13:AD:EA:57:02 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qo35mCTOZ7DLX4f8RlmeE63qVwI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/802b35-673c-4756-9761-f2274965c095/1/xtfoGeIECTpdCbZHNkFP50BN1MA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/802b35-673c-4756-9761-f2274965c095/1/Qo35mCTOZ7DLX4f8RlmeE63qVwI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 178.239.64.0/20 185.128.120.0/22 185.196.224.0/22 185.221.136.0/22 IPv6: 2a02:2760::/32 Signature Algorithm: sha256WithRSAEncryption cc:2b:8c:b0:92:4c:1f:a0:51:a8:82:60:b1:1c:ce:f1:7d:f0: b9:a0:87:fe:21:fa:d0:bb:de:cc:b5:87:4d:e1:e4:84:fc:61: fc:2f:fb:96:45:b2:8f:02:2a:90:d9:8d:18:b0:8f:7b:c5:42: 1b:9b:ad:a1:81:1b:e7:da:ec:b3:7c:50:46:a9:87:a0:8e:92: ed:83:7d:c8:04:df:84:94:92:90:0a:a4:e0:6b:28:b2:23:a4: 71:b5:fc:a2:91:a3:bb:2e:32:08:9a:b9:fc:82:fe:80:b8:f1: f9:8e:56:9c:00:79:71:83:55:25:98:a2:ed:94:41:53:e3:ea: ae:7a:a9:89:dd:37:a5:21:67:d4:7b:24:60:2c:15:cb:57:79: 86:8b:cb:7a:65:6a:29:43:bb:f6:fe:fc:e4:f3:b3:7f:99:74: 7d:9a:d7:06:cc:f2:51:00:4c:e0:a0:50:c9:ba:1f:f4:5a:fa: ce:c3:2c:76:74:f8:33:45:5f:e8:d8:15:ec:b5:3b:0b:58:de: ef:a4:66:af:5c:eb:dd:db:c2:6e:82:f4:35:ab:c6:3b:f3:45: ae:52:77:7a:93:88:b3:3b:0e:95:7d:ea:70:ef:d8:2b:e9:9c: 41:bb:2a:ff:08:09:1d:34:7f:45:e9:ba:9f:9f:20:29:4e:f3: 04:2c:42:aa -----BEGIN CERTIFICATE----- MIIFHjCCBAagAwIBAgISAZt+OIMh4W8vRwiJo/oTbJ3oMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQyOGRmOTk4MjRjZTY3YjBjYjVmODdmYzQ2NTk5ZTEzYWRl YTU3MDIwHhcNMjYwMTAyMTAxOTUxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjNmQ3ZTgxOWUyMDQwOTNhNWQwOWI2NDczNjQxNGZlNzQwNGRkNGMwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtTZYcp5LQoxVu6aNWHyv+bpAXGYs jaFkeM2xHJ/Pwmw/tSYcrBZa78VANGvcrGkTZUvN0ryFxKBP/aE5dliVYS8eHlpW EFVgVGTbvDc8h9WxVfPh63xUx6Pmu8WODcPlNcegCnoXD7iWtGF0jyH83v9ncnC2 H3VYY0AKWj40EIcD/u8A7widLxMPn4O0g5C8aXafB7W3BDkS93z4v6xTGxnsFEpY PwfJUTNQ5M932e3/ybNilUlLfVequRp+FEihd5//Ncz1r2gNcxtjriMp1MnjGtTV HEBb9h6LOY2A2WuenYVYiWIHye3xCC26qgMbn8+ssn7rkA26OLkIavuErwIDAQAB o4ICKjCCAiYwHQYDVR0OBBYEFMbX6BniBAk6XQm2RzZBT+dATdTAMB8GA1UdIwQY MBaAFEKN+Zgkzmewy1+H/EZZnhOt6lcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUW8zNW1DVE9aN0RMWDRmOFJsbWVFNjNxVndJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84MDJiMzUtNjczYy00NzU2LTk3NjEt ZjIyNzQ5NjVjMDk1LzEveHRmb0dlSUVDVHBkQ2JaSE5rRlA1MEJOMU1BLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mNi84MDJiMzUtNjczYy00NzU2LTk3NjEtZjIyNzQ5NjVjMDk1 LzEvUW8zNW1DVE9aN0RMWDRmOFJsbWVFNjNxVndJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQEsu9AAwQC uYB4AwQCucTgAwQCud2IMA0EAgACMAcDBQAqAidgMA0GCSqGSIb3DQEBCwUAA4IB AQDMK4ywkkwfoFGogmCxHM7xffC5oIf+IfrQu97MtYdN4eSE/GH8L/uWRbKPAiqQ 2Y0YsI97xUIbm62hgRvn2uyzfFBGqYegjpLtg33IBN+ElJKQCqTgayiyI6Rxtfyi kaO7LjIImrn8gv6AuPH5jlacAHlxg1UlmKLtlEFT4+queqmJ3TelIWfUeyRgLBXL V3mGi8t6ZWopQ7v2/vzk87N/mXR9mtcGzPJRAEzgoFDJuh/0WvrOwyx2dPgzRV/o 2BXstTsLWN7vpGavXOvd28JugvQ1q8Y780WuUnd6k4izOw6Vfepw79gr6ZxBuyr/ CAkdNH9F6bqfnyApTvMELEKq -----END CERTIFICATE-----Generated at Sun Jan 25 23:03:56 2026 by rpki-client