This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/6eeb5c-d251-470a-a7cd-318362004e8a/1/xdrQzD8F-W74pVt7R0a-P7c9upU.roa File: xdrQzD8F-W74pVt7R0a-P7c9upU.roa (raw, json) Hash identifier: abblQYTkxZVFW1Ns3PROXNnoRQdUS1zz9CUYdEet9Bc= Subject key identifier: C5:DA:D0:CC:3F:05:F9:6E:F8:A5:5B:7B:47:46:BE:3F:B7:3D:BA:95 Certificate issuer: /CN=4e6df6838d03380141eb7e4ee55dc05d87061dc9 Certificate serial: 019B78A26C5BB3641E101BE6C7D9BD6656D5 Authority key identifier: 4E:6D:F6:83:8D:03:38:01:41:EB:7E:4E:E5:5D:C0:5D:87:06:1D:C9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tm32g40DOAFB635O5V3AXYcGHck.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/6eeb5c-d251-470a-a7cd-318362004e8a/1/xdrQzD8F-W74pVt7R0a-P7c9upU.roa Signing time: Thu 01 Jan 2026 08:17:48 +0000 ROA not before: Thu 01 Jan 2026 08:17:48 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 206516 IP address blocks: 45.8.140.0/22 maxlen: 24 2a0e:8200::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/6eeb5c-d251-470a-a7cd-318362004e8a/1/Tm32g40DOAFB635O5V3AXYcGHck.crl rsync://rpki.ripe.net/repository/DEFAULT/2b/6eeb5c-d251-470a-a7cd-318362004e8a/1/Tm32g40DOAFB635O5V3AXYcGHck.mft rsync://rpki.ripe.net/repository/DEFAULT/Tm32g40DOAFB635O5V3AXYcGHck.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 13 Jan 2026 23:00:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a2:6c:5b:b3:64:1e:10:1b:e6:c7:d9:bd:66:56:d5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4e6df6838d03380141eb7e4ee55dc05d87061dc9 Validity Not Before: Jan 1 08:17:48 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=c5dad0cc3f05f96ef8a55b7b4746be3fb73dba95 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:ac:29:bb:74:76:f3:ea:db:f5:65:60:0e:6c: 87:c2:ba:76:4a:5c:26:8d:92:d0:ca:55:48:3f:ad: 49:f3:5f:c2:21:7b:b3:17:26:eb:aa:08:fb:04:26: a2:a2:e7:45:60:aa:c7:d3:a9:9b:53:43:99:03:6d: 9e:08:c3:a6:6a:91:be:52:45:8c:f5:f8:8c:96:95: 3b:3b:9c:25:1f:36:37:20:cf:61:c7:c6:e6:6c:42: 84:4b:01:88:c4:ce:3c:4f:70:b4:8a:ab:62:e8:2e: 54:2d:7c:c9:81:12:86:68:27:aa:a6:3e:97:86:b0: 1c:43:c6:22:48:9f:7e:49:e9:cd:f1:e1:f6:15:a2: 15:76:31:1a:f0:e9:8a:22:69:4b:d9:a9:29:0c:4e: 15:dc:30:c1:47:bb:d8:99:63:99:47:8c:55:e0:71: a8:8a:db:cb:87:09:4f:21:13:e0:cf:8d:78:7c:8f: a4:1c:b6:87:85:e1:7a:4c:0b:0f:8f:fe:5b:34:10: 53:75:bf:63:ea:11:be:6f:e8:aa:d5:ad:7d:50:9d: 7d:8f:f4:61:0c:82:84:e2:63:40:b1:30:9d:c5:69: 9e:d8:db:ad:2b:28:ae:35:1b:81:b7:80:d5:ac:41: 33:66:e3:c3:f1:a8:e5:85:7b:7e:9f:e5:60:ff:da: 10:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C5:DA:D0:CC:3F:05:F9:6E:F8:A5:5B:7B:47:46:BE:3F:B7:3D:BA:95 X509v3 Authority Key Identifier: keyid:4E:6D:F6:83:8D:03:38:01:41:EB:7E:4E:E5:5D:C0:5D:87:06:1D:C9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tm32g40DOAFB635O5V3AXYcGHck.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/6eeb5c-d251-470a-a7cd-318362004e8a/1/xdrQzD8F-W74pVt7R0a-P7c9upU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/6eeb5c-d251-470a-a7cd-318362004e8a/1/Tm32g40DOAFB635O5V3AXYcGHck.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.8.140.0/22 IPv6: 2a0e:8200::/29 Signature Algorithm: sha256WithRSAEncryption 80:8b:9f:03:8c:d1:06:ec:3c:cf:8b:37:76:b9:1d:af:51:8c: 47:e1:2d:d8:a9:0b:9b:c6:03:ed:45:a9:97:62:4f:79:73:8b: 53:9c:b7:38:ad:15:1b:af:39:10:3a:5a:51:57:d1:c0:37:db: f4:05:05:56:3e:22:db:e6:08:4f:f3:7e:1d:8b:aa:7c:e4:d7: 8a:9e:2b:05:65:95:21:5d:e3:2c:f0:c0:a2:57:48:04:aa:af: 4d:36:b7:e3:38:c5:a0:88:54:b0:95:5c:34:aa:8f:c3:b8:b1: 48:74:96:92:50:35:c5:8d:d7:2f:bb:e2:e0:a3:75:5b:6f:2c: 53:cc:6a:1f:88:37:c6:b1:18:4f:7d:e1:0f:ca:87:0d:2e:9d: b4:cb:35:b2:05:80:59:7c:f6:25:06:f9:95:5b:d6:63:97:12: 5a:d9:57:65:05:25:90:18:15:be:43:b4:b3:4b:53:1f:c3:75: cf:58:06:26:d6:da:b4:eb:01:da:36:de:3e:58:ac:b2:9c:6d: 16:74:c9:46:b5:3d:a2:4a:5f:dd:59:28:70:ce:98:64:18:bc: 59:51:22:0e:36:49:2f:36:65:2b:a9:ff:5c:a6:1c:1c:d8:0c: 77:a6:2e:dc:4d:47:c4:a2:e1:de:4d:cb:5b:f9:2b:1e:cf:f2: 00:23:bb:f7 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt4omxbs2QeEBvmx9m9ZlbVMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRlNmRmNjgzOGQwMzM4MDE0MWViN2U0ZWU1NWRjMDVkODcw NjFkYzkwHhcNMjYwMTAxMDgxNzQ4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjNWRhZDBjYzNmMDVmOTZlZjhhNTViN2I0NzQ2YmUzZmI3M2RiYTk1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2qwpu3R28+rb9WVgDmyHwrp2Slwm jZLQylVIP61J81/CIXuzFybrqgj7BCaioudFYKrH06mbU0OZA22eCMOmapG+UkWM 9fiMlpU7O5wlHzY3IM9hx8bmbEKESwGIxM48T3C0iqti6C5ULXzJgRKGaCeqpj6X hrAcQ8YiSJ9+SenN8eH2FaIVdjEa8OmKImlL2akpDE4V3DDBR7vYmWOZR4xV4HGo itvLhwlPIRPgz414fI+kHLaHheF6TAsPj/5bNBBTdb9j6hG+b+iq1a19UJ19j/Rh DIKE4mNAsTCdxWme2NutKyiuNRuBt4DVrEEzZuPD8ajlhXt+n+Vg/9oQGQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFMXa0Mw/Bflu+KVbe0dGvj+3PbqVMB8GA1UdIwQY MBaAFE5t9oONAzgBQet+TuVdwF2HBh3JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVG0zMmc0MERPQUZCNjM1TzVWM0FYWWNHSGNrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi82ZWViNWMtZDI1MS00NzBhLWE3Y2Qt MzE4MzYyMDA0ZThhLzEveGRyUXpEOEYtVzc0cFZ0N1IwYS1QN2M5dXBVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yYi82ZWViNWMtZDI1MS00NzBhLWE3Y2QtMzE4MzYyMDA0ZThh LzEvVG0zMmc0MERPQUZCNjM1TzVWM0FYWWNHSGNrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLQiMMA0E AgACMAcDBQMqDoIAMA0GCSqGSIb3DQEBCwUAA4IBAQCAi58DjNEG7DzPizd2uR2v UYxH4S3YqQubxgPtRamXYk95c4tTnLc4rRUbrzkQOlpRV9HAN9v0BQVWPiLb5ghP 834di6p85NeKnisFZZUhXeMs8MCiV0gEqq9NNrfjOMWgiFSwlVw0qo/DuLFIdJaS UDXFjdcvu+Lgo3VbbyxTzGofiDfGsRhPfeEPyocNLp20yzWyBYBZfPYlBvmVW9Zj lxJa2VdlBSWQGBW+Q7SzS1Mfw3XPWAYm1tq06wHaNt4+WKyynG0WdMlGtT2iSl/d WShwzphkGLxZUSIONkkvNmUrqf9cphwc2Ax3pi7cTUfEouHeTctb+Ssez/IAI7v3 -----END CERTIFICATE-----Generated at Tue Jan 13 09:15:46 2026 by rpki-client