This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/c78020-fa32-4988-9e14-5c602fde963b/1/xm2EH0bMS7Lp6R8nocX142XHBiE.roa File: xm2EH0bMS7Lp6R8nocX142XHBiE.roa (raw, json) Hash identifier: Sw8xk1+itLI+I+ws0cUgg1V722l6xa6aNkokvCgQUD4= Subject key identifier: C6:6D:84:1F:46:CC:4B:B2:E9:E9:1F:27:A1:C5:F5:E3:65:C7:06:21 Certificate issuer: /CN=cb5799d8d05f4a020011dca8031762bea012255d Certificate serial: 019B7EA54ED031363380A0F17FB9BBA78603 Authority key identifier: CB:57:99:D8:D0:5F:4A:02:00:11:DC:A8:03:17:62:BE:A0:12:25:5D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y1eZ2NBfSgIAEdyoAxdivqASJV0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/c78020-fa32-4988-9e14-5c602fde963b/1/xm2EH0bMS7Lp6R8nocX142XHBiE.roa Signing time: Fri 02 Jan 2026 12:18:41 +0000 ROA not before: Fri 02 Jan 2026 12:18:41 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 201975 IP address blocks: 31.210.19.0/24 maxlen: 24 45.86.176.0/22 maxlen: 24 86.58.208.0/21 maxlen: 24 93.90.64.0/22 maxlen: 24 157.97.112.0/21 maxlen: 24 185.54.180.0/22 maxlen: 24 193.148.20.0/22 maxlen: 24 2a02:4660::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/c78020-fa32-4988-9e14-5c602fde963b/1/y1eZ2NBfSgIAEdyoAxdivqASJV0.crl rsync://rpki.ripe.net/repository/DEFAULT/28/c78020-fa32-4988-9e14-5c602fde963b/1/y1eZ2NBfSgIAEdyoAxdivqASJV0.mft rsync://rpki.ripe.net/repository/DEFAULT/y1eZ2NBfSgIAEdyoAxdivqASJV0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 12 Jan 2026 18:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a5:4e:d0:31:36:33:80:a0:f1:7f:b9:bb:a7:86:03 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cb5799d8d05f4a020011dca8031762bea012255d Validity Not Before: Jan 2 12:18:41 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=c66d841f46cc4bb2e9e91f27a1c5f5e365c70621 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:91:1f:7e:c1:32:ba:df:ee:08:2b:e4:7a:f6:dd: e4:c4:8b:f1:e7:8f:df:65:6b:42:df:dd:20:27:2d: 24:23:91:4b:57:8d:17:55:c6:28:d5:44:50:2c:65: 9d:4c:5d:fa:68:21:08:60:46:5c:1f:de:be:76:8e: b9:4b:5d:98:01:e2:d0:9d:3a:94:c1:3b:7b:65:6c: 7e:08:37:e6:f0:23:48:d8:2f:3e:93:2a:65:b2:32: bd:2b:66:12:35:9e:70:03:61:59:2c:d3:3d:6a:5f: 44:b0:d1:eb:40:b0:a3:35:92:ba:4e:d3:8a:f8:ba: 10:58:53:42:b5:d0:6a:a8:c4:10:13:74:51:51:3e: be:51:a8:69:c6:48:a7:f3:8b:82:ee:7e:f2:de:d9: 29:b1:1c:e0:d1:5f:f1:4f:a5:af:77:ab:43:56:f8: 3c:82:af:a6:63:17:a4:dd:22:16:ef:16:79:f8:68: bf:33:72:0e:a0:b2:5a:73:35:cc:6c:ef:6c:44:eb: c2:b1:05:87:25:8b:36:70:f7:11:11:cf:47:c8:b2: 83:d3:0b:93:9b:30:0a:10:3a:66:cd:1f:e9:1d:75: e1:80:77:13:ff:2c:2a:5a:d9:6a:01:ca:f6:af:42: b0:d3:3f:39:dc:c6:1b:87:41:ad:20:c0:f7:3d:40: 4e:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C6:6D:84:1F:46:CC:4B:B2:E9:E9:1F:27:A1:C5:F5:E3:65:C7:06:21 X509v3 Authority Key Identifier: keyid:CB:57:99:D8:D0:5F:4A:02:00:11:DC:A8:03:17:62:BE:A0:12:25:5D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y1eZ2NBfSgIAEdyoAxdivqASJV0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/c78020-fa32-4988-9e14-5c602fde963b/1/xm2EH0bMS7Lp6R8nocX142XHBiE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/28/c78020-fa32-4988-9e14-5c602fde963b/1/y1eZ2NBfSgIAEdyoAxdivqASJV0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.210.19.0/24 45.86.176.0/22 86.58.208.0/21 93.90.64.0/22 157.97.112.0/21 185.54.180.0/22 193.148.20.0/22 IPv6: 2a02:4660::/32 Signature Algorithm: sha256WithRSAEncryption 51:4a:cf:f1:d0:d9:62:98:9c:fe:bc:ed:d2:df:a0:0b:f2:ed: d7:ed:d1:53:5e:1e:97:8f:42:60:55:ff:4a:48:ab:cb:c6:2e: 3b:b3:cf:0d:b9:9b:a1:96:70:82:1e:3f:45:7c:55:d4:e8:3a: 9e:2f:1a:56:c0:70:56:a7:c5:59:7e:44:10:86:55:19:ed:c7: e5:d9:c4:37:41:b6:36:c1:9f:3c:c4:44:e6:86:05:23:8b:98: 5e:5c:ac:8f:ba:41:24:33:29:3c:ca:8b:31:a2:34:94:a3:fd: 8b:93:3a:5f:52:d9:04:09:eb:06:00:b3:a7:ed:1d:c2:b4:50: b7:28:c6:cb:15:33:9b:20:37:78:54:09:f0:3f:c1:e5:43:e8: 36:d0:a8:9f:74:55:9c:36:15:ef:0f:40:c3:b3:e6:8b:b5:cb: 1c:1b:f0:13:1e:74:97:e0:e0:13:28:02:98:03:93:cc:bb:e3: 94:87:db:16:1c:ef:d1:1c:16:f8:53:32:36:58:a2:71:b8:d9: d6:84:65:34:7d:2a:4d:3d:89:07:7d:26:a7:b1:39:8e:06:40: 1a:c6:bf:72:0a:52:af:d1:78:fb:0e:82:1e:f9:84:f8:51:8c: 9f:c3:79:05:7f:b6:96:c1:ec:18:96:48:bc:5f:96:36:5d:4a: b3:68:a4:3b -----BEGIN CERTIFICATE----- MIIFMDCCBBigAwIBAgISAZt+pU7QMTYzgKDxf7m7p4YDMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNiNTc5OWQ4ZDA1ZjRhMDIwMDExZGNhODAzMTc2MmJlYTAx MjI1NWQwHhcNMjYwMTAyMTIxODQxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjNjZkODQxZjQ2Y2M0YmIyZTllOTFmMjdhMWM1ZjVlMzY1YzcwNjIxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkR9+wTK63+4IK+R69t3kxIvx54/f ZWtC390gJy0kI5FLV40XVcYo1URQLGWdTF36aCEIYEZcH96+do65S12YAeLQnTqU wTt7ZWx+CDfm8CNI2C8+kyplsjK9K2YSNZ5wA2FZLNM9al9EsNHrQLCjNZK6TtOK +LoQWFNCtdBqqMQQE3RRUT6+Uahpxkin84uC7n7y3tkpsRzg0V/xT6Wvd6tDVvg8 gq+mYxek3SIW7xZ5+Gi/M3IOoLJaczXMbO9sROvCsQWHJYs2cPcREc9HyLKD0wuT mzAKEDpmzR/pHXXhgHcT/ywqWtlqAcr2r0Kw0z853MYbh0GtIMD3PUBOZwIDAQAB o4ICPDCCAjgwHQYDVR0OBBYEFMZthB9GzEuy6ekfJ6HF9eNlxwYhMB8GA1UdIwQY MBaAFMtXmdjQX0oCABHcqAMXYr6gEiVdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveTFlWjJOQmZTZ0lBRWR5b0F4ZGl2cUFTSlYwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9jNzgwMjAtZmEzMi00OTg4LTllMTQt NWM2MDJmZGU5NjNiLzEveG0yRUgwYk1TN0xwNlI4bm9jWDE0MlhIQmlFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yOC9jNzgwMjAtZmEzMi00OTg4LTllMTQtNWM2MDJmZGU5NjNi LzEveTFlWjJOQmZTZ0lBRWR5b0F4ZGl2cUFTSlYwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQAH9ITAwQC LVawAwQDVjrQAwQCXVpAAwQDnWFwAwQCuTa0AwQCwZQUMA0EAgACMAcDBQAqAkZg MA0GCSqGSIb3DQEBCwUAA4IBAQBRSs/x0NlimJz+vO3S36AL8u3X7dFTXh6Xj0Jg Vf9KSKvLxi47s88NuZuhlnCCHj9FfFXU6DqeLxpWwHBWp8VZfkQQhlUZ7cfl2cQ3 QbY2wZ88xETmhgUji5heXKyPukEkMyk8yosxojSUo/2LkzpfUtkECesGALOn7R3C tFC3KMbLFTObIDd4VAnwP8HlQ+g20KifdFWcNhXvD0DDs+aLtcscG/ATHnSX4OAT KAKYA5PMu+OUh9sWHO/RHBb4UzI2WKJxuNnWhGU0fSpNPYkHfSansTmOBkAaxr9y ClKv0Xj7DoIe+YT4UYyfw3kFf7aWwewYlki8X5Y2XUqzaKQ7 -----END CERTIFICATE-----Generated at Mon Jan 12 03:10:51 2026 by rpki-client