This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/cxO68hNaCZEJK0_eijlE0MK9M40.roa File: cxO68hNaCZEJK0_eijlE0MK9M40.roa (raw, json) Hash identifier: OgBUx1XjDrCplccjAeknfJhyU1eoHtFGOoHo4bob4bA= Subject key identifier: 73:13:BA:F2:13:5A:09:91:09:2B:4F:DE:8A:39:44:D0:C2:BD:33:8D Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09 Certificate serial: 019B7EA77A17531E74BA33E00398F64FAF28 Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/cxO68hNaCZEJK0_eijlE0MK9M40.roa Signing time: Fri 02 Jan 2026 12:21:03 +0000 ROA not before: Fri 02 Jan 2026 12:21:03 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 44237 IP address blocks: 77.51.247.0/24 maxlen: 24 77.51.249.0/24 maxlen: 24 77.51.250.0/24 maxlen: 24 77.51.252.0/22 maxlen: 22 85.94.0.0/23 maxlen: 23 85.94.0.0/24 maxlen: 24 2a02:930::/32 maxlen: 32 2a02:930::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.mft rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 15:00:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a7:7a:17:53:1e:74:ba:33:e0:03:98:f6:4f:af:28 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09 Validity Not Before: Jan 2 12:21:03 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=7313baf2135a0991092b4fde8a3944d0c2bd338d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:7b:c2:97:ed:31:77:fc:e9:da:65:9e:d1:83: bc:37:f7:93:3f:b4:b9:82:76:c4:43:62:52:e0:cd: 7b:cf:fc:72:b1:39:c5:e1:4a:99:20:04:f9:d6:7e: 9e:61:12:96:d7:33:f4:c1:13:88:c5:c2:b8:19:ce: 9e:bd:ea:71:34:fe:0b:8e:ed:14:05:9d:c4:06:ed: ab:1e:58:48:8d:7e:cc:e6:80:35:8c:aa:31:96:52: 7f:a3:2e:69:08:1b:31:1d:84:0f:b9:60:9f:24:e0: 14:58:f6:8b:67:52:04:30:42:d5:db:02:0c:d8:79: 33:74:25:7b:89:b8:a4:25:f6:81:5f:27:52:8e:b0: c9:04:52:b6:72:4c:2d:ac:1d:61:1e:7f:69:9c:0f: a5:e6:81:bc:5d:3e:63:7b:b6:ec:17:d0:e1:7c:16: d3:7a:66:73:ba:2f:a7:8f:07:d1:29:33:dc:53:52: 2a:ad:db:88:4d:60:61:55:45:df:29:19:fa:e0:97: ca:8c:ac:d4:1e:12:76:47:b6:91:71:58:e7:9c:e0: 52:95:71:4d:6f:a4:70:20:eb:b9:93:ca:99:17:44: bd:4a:ba:73:08:81:98:b9:1e:af:f1:ea:9c:51:00: 91:e8:cc:1f:6b:a6:cc:3f:43:20:c7:8d:27:1b:ae: 13:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 73:13:BA:F2:13:5A:09:91:09:2B:4F:DE:8A:39:44:D0:C2:BD:33:8D X509v3 Authority Key Identifier: keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/cxO68hNaCZEJK0_eijlE0MK9M40.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 77.51.247.0/24 77.51.249.0-77.51.250.255 77.51.252.0/22 85.94.0.0/23 IPv6: 2a02:930::/32 Signature Algorithm: sha256WithRSAEncryption 28:74:dc:dc:a2:d9:f3:5e:1d:48:8a:97:e0:ec:c8:06:aa:f6: c6:5c:4c:af:34:31:65:9b:29:ca:1d:49:b8:28:0f:b0:ba:1a: ec:cd:53:8f:6b:5c:0d:ae:93:7c:bf:52:9c:8d:31:e2:9b:c3: ce:11:50:32:56:9f:7d:5f:bd:bd:cc:bc:27:cb:b3:b6:c3:79: 1b:4d:61:0b:28:1c:36:17:e3:00:93:5c:61:76:0a:d7:91:d2: ce:bb:63:9b:c9:b1:5b:8e:f5:dd:49:0d:ce:0a:7a:68:cb:d7: c2:22:cd:89:15:b1:c4:5d:78:d2:25:7a:a3:10:e0:36:8d:eb: 5f:b3:fd:44:61:97:4f:f2:a8:a6:3d:71:15:ee:40:9c:f5:98: 84:ec:44:59:f5:66:ee:9c:8f:47:fd:8d:03:cb:58:31:2a:6b: d4:8c:cd:f6:bb:0b:d8:f1:b5:f5:e3:98:9b:32:57:4d:48:f0: da:63:bd:11:ee:1e:1a:57:8c:00:01:b2:fc:32:7d:51:97:10: 4d:6a:4b:9e:81:75:27:db:9a:71:e9:2e:39:68:a2:8e:f8:1b: 38:a8:41:c2:ba:03:a9:8b:df:cf:d8:8c:06:39:47:db:8d:32: d9:2e:b1:cf:4c:3c:16:c3:71:f2:4b:33:70:7a:81:3b:df:d8: 08:a1:ff:19 -----BEGIN CERTIFICATE----- MIIFJjCCBA6gAwIBAgISAZt+p3oXUx50ujPgA5j2T68oMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx ZTZjMDkwHhcNMjYwMTAyMTIyMTAzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3MzEzYmFmMjEzNWEwOTkxMDkyYjRmZGU4YTM5NDRkMGMyYmQzMzhkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw3vCl+0xd/zp2mWe0YO8N/eTP7S5 gnbEQ2JS4M17z/xysTnF4UqZIAT51n6eYRKW1zP0wROIxcK4Gc6evepxNP4Lju0U BZ3EBu2rHlhIjX7M5oA1jKoxllJ/oy5pCBsxHYQPuWCfJOAUWPaLZ1IEMELV2wIM 2HkzdCV7ibikJfaBXydSjrDJBFK2ckwtrB1hHn9pnA+l5oG8XT5je7bsF9DhfBbT emZzui+njwfRKTPcU1IqrduITWBhVUXfKRn64JfKjKzUHhJ2R7aRcVjnnOBSlXFN b6RwIOu5k8qZF0S9SrpzCIGYuR6v8eqcUQCR6Mwfa6bMP0Mgx40nG64TBQIDAQAB o4ICMjCCAi4wHQYDVR0OBBYEFHMTuvITWgmRCStP3oo5RNDCvTONMB8GA1UdIwQY MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt NWE4NmMyNzU3YzFlLzEvY3hPNjhoTmFDWkVKSzBfZWlqbEUwTUs5TTQwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAmBAIAATAgAwQATTP3MAwD BABNM/kDBABNM/oDBAJNM/wDBAFVXgAwDQQCAAIwBwMFACoCCTAwDQYJKoZIhvcN AQELBQADggEBACh03Nyi2fNeHUiKl+DsyAaq9sZcTK80MWWbKcodSbgoD7C6GuzN U49rXA2uk3y/UpyNMeKbw84RUDJWn31fvb3MvCfLs7bDeRtNYQsoHDYX4wCTXGF2 CteR0s67Y5vJsVuO9d1JDc4KemjL18IizYkVscRdeNIleqMQ4DaN61+z/URhl0/y qKY9cRXuQJz1mITsRFn1Zu6cj0f9jQPLWDEqa9SMzfa7C9jxtfXjmJsyV01I8Npj vRHuHhpXjAABsvwyfVGXEE1qS56BdSfbmnHpLjlooo74GzioQcK6A6mL38/YjAY5 R9uNMtkusc9MPBbDcfJLM3B6gTvf2Aih/xk= -----END CERTIFICATE-----Generated at Mon Jan 26 01:42:29 2026 by rpki-client