This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/c8406d-a564-4795-98b0-868160668382/1/XKQN9GdCDnkkYw875rkSfXAvJBg.roa File: XKQN9GdCDnkkYw875rkSfXAvJBg.roa (raw, json) Hash identifier: fV6EdFaVajqg4dj/k6xrLoqomy/vlK7OlhjNnf6pmQA= Subject key identifier: 5C:A4:0D:F4:67:42:0E:79:24:63:0F:3B:E6:B9:12:7D:70:2F:24:18 Certificate issuer: /CN=1cadfb9cfcda8426212dd7d8873b5fe48b412f2a Certificate serial: 019B7E3771AFCCD4DFEC944FBD1DA9ACF824 Authority key identifier: 1C:AD:FB:9C:FC:DA:84:26:21:2D:D7:D8:87:3B:5F:E4:8B:41:2F:2A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HK37nPzahCYhLdfYhztf5ItBLyo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/c8406d-a564-4795-98b0-868160668382/1/XKQN9GdCDnkkYw875rkSfXAvJBg.roa Signing time: Fri 02 Jan 2026 10:18:41 +0000 ROA not before: Fri 02 Jan 2026 10:18:41 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 211551 IP address blocks: 2001:678:f20::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/c8406d-a564-4795-98b0-868160668382/1/HK37nPzahCYhLdfYhztf5ItBLyo.crl rsync://rpki.ripe.net/repository/DEFAULT/43/c8406d-a564-4795-98b0-868160668382/1/HK37nPzahCYhLdfYhztf5ItBLyo.mft rsync://rpki.ripe.net/repository/DEFAULT/HK37nPzahCYhLdfYhztf5ItBLyo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 12 Jan 2026 09:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:37:71:af:cc:d4:df:ec:94:4f:bd:1d:a9:ac:f8:24 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1cadfb9cfcda8426212dd7d8873b5fe48b412f2a Validity Not Before: Jan 2 10:18:41 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5ca40df467420e7924630f3be6b9127d702f2418 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:e7:33:47:5d:f1:2d:3d:84:60:e8:39:eb:23: 64:5a:8b:52:c1:68:fd:c4:d7:5d:ec:20:de:8a:43: 6b:cb:79:e9:3d:4e:0c:0b:26:9c:e5:e8:91:c9:c4: 15:bf:8a:1a:f9:54:9a:4a:44:e4:4e:3a:77:a2:4a: 8e:df:06:2c:40:17:5f:32:f7:4e:29:10:75:ac:44: d4:d8:89:32:6c:91:36:0c:71:56:05:8e:33:98:07: 35:55:4d:b0:43:6a:92:77:35:70:d5:25:31:31:99: 9a:f9:f8:f3:40:b4:71:d2:c1:60:02:42:bf:7f:96: d0:7d:49:9f:9a:7d:36:2f:6c:58:77:62:5f:5d:d3: 27:78:e1:4d:de:2a:34:d6:4f:79:d6:8e:13:bb:c6: b6:a9:0d:e2:4a:a0:49:d7:0e:e5:4c:22:59:83:45: 0a:cd:a5:52:46:75:e1:2f:05:b5:cc:76:ec:d6:13: ee:17:5e:2d:0f:f9:fc:93:2f:8e:df:2e:5d:3e:c4: e2:8b:66:70:78:8e:00:fd:2d:66:f0:1a:bb:8d:79: bc:8c:e4:00:24:62:5f:0c:ad:89:e5:ba:42:a6:79: 34:97:b0:88:e0:4c:b9:f6:1f:c6:a8:88:ea:b1:e4: c7:4e:2a:af:e9:9d:e3:a7:d7:89:91:9f:02:b0:a0: aa:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5C:A4:0D:F4:67:42:0E:79:24:63:0F:3B:E6:B9:12:7D:70:2F:24:18 X509v3 Authority Key Identifier: keyid:1C:AD:FB:9C:FC:DA:84:26:21:2D:D7:D8:87:3B:5F:E4:8B:41:2F:2A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HK37nPzahCYhLdfYhztf5ItBLyo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/c8406d-a564-4795-98b0-868160668382/1/XKQN9GdCDnkkYw875rkSfXAvJBg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/43/c8406d-a564-4795-98b0-868160668382/1/HK37nPzahCYhLdfYhztf5ItBLyo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:678:f20::/48 Signature Algorithm: sha256WithRSAEncryption 3e:5e:05:23:13:be:fd:08:e4:49:fc:73:2b:c3:dd:26:5b:84: 06:b0:b8:1e:c5:83:67:81:1f:f9:4f:db:30:7c:06:b0:80:a3: 15:d3:39:83:d5:c3:96:59:d8:8d:1c:43:e1:d4:b1:c7:db:29: b5:d2:65:b8:1b:66:14:fd:fe:30:04:88:97:5f:6a:b7:04:a9: fa:03:0a:b0:34:36:b5:e1:aa:f3:ec:1f:38:25:8d:6a:ad:84: aa:23:c9:7d:db:3d:1b:9b:3f:0b:c3:d5:44:49:a4:1c:61:dc: 0f:ad:0d:1a:eb:d7:59:fe:fd:f2:0c:72:8d:be:31:26:a7:c9: 87:c2:5d:f1:e3:e6:eb:33:50:79:24:83:0e:a5:de:4f:c1:44: 97:87:c8:96:71:09:1f:32:3f:8a:3e:2e:25:52:14:1b:57:28: 58:b7:c1:75:85:31:9c:70:48:9e:77:d9:43:8e:f6:08:3d:a1: 04:b6:15:af:99:1f:b6:cc:86:dd:75:6f:20:27:c9:89:bb:3c: 8d:87:f4:12:4d:2a:98:13:a6:21:74:8e:d4:eb:b6:ac:be:9c: 91:2e:0e:63:bb:32:ca:13:8e:82:78:64:44:cb:35:b2:42:2b: b5:c9:d8:78:0c:f0:89:5e:8d:8a:6b:0f:f0:43:3e:e5:22:c2: 1a:19:fb:7b -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt+N3GvzNTf7JRPvR2prPgkMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFjYWRmYjljZmNkYTg0MjYyMTJkZDdkODg3M2I1ZmU0OGI0 MTJmMmEwHhcNMjYwMTAyMTAxODQxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1Y2E0MGRmNDY3NDIwZTc5MjQ2MzBmM2JlNmI5MTI3ZDcwMmYyNDE4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmOczR13xLT2EYOg56yNkWotSwWj9 xNdd7CDeikNry3npPU4MCyac5eiRycQVv4oa+VSaSkTkTjp3okqO3wYsQBdfMvdO KRB1rETU2IkybJE2DHFWBY4zmAc1VU2wQ2qSdzVw1SUxMZma+fjzQLRx0sFgAkK/ f5bQfUmfmn02L2xYd2JfXdMneOFN3io01k951o4Tu8a2qQ3iSqBJ1w7lTCJZg0UK zaVSRnXhLwW1zHbs1hPuF14tD/n8ky+O3y5dPsTii2ZweI4A/S1m8Bq7jXm8jOQA JGJfDK2J5bpCpnk0l7CI4Ey59h/GqIjqseTHTiqv6Z3jp9eJkZ8CsKCqXwIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFFykDfRnQg55JGMPO+a5En1wLyQYMB8GA1UdIwQY MBaAFByt+5z82oQmIS3X2Ic7X+SLQS8qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSEszN25QemFoQ1loTGRmWWh6dGY1SXRCTHlvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9jODQwNmQtYTU2NC00Nzk1LTk4YjAt ODY4MTYwNjY4MzgyLzEvWEtRTjlHZENEbmtrWXc4NzVya1NmWEF2SkJnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80My9jODQwNmQtYTU2NC00Nzk1LTk4YjAtODY4MTYwNjY4Mzgy LzEvSEszN25QemFoQ1loTGRmWWh6dGY1SXRCTHlvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeA8g MA0GCSqGSIb3DQEBCwUAA4IBAQA+XgUjE779CORJ/HMrw90mW4QGsLgexYNngR/5 T9swfAawgKMV0zmD1cOWWdiNHEPh1LHH2ym10mW4G2YU/f4wBIiXX2q3BKn6Awqw NDa14arz7B84JY1qrYSqI8l92z0bmz8Lw9VESaQcYdwPrQ0a69dZ/v3yDHKNvjEm p8mHwl3x4+brM1B5JIMOpd5PwUSXh8iWcQkfMj+KPi4lUhQbVyhYt8F1hTGccEie d9lDjvYIPaEEthWvmR+2zIbddW8gJ8mJuzyNh/QSTSqYE6YhdI7U67asvpyRLg5j uzLKE46CeGREyzWyQiu1ydh4DPCJXo2Kaw/wQz7lIsIaGft7 -----END CERTIFICATE-----Generated at Sun Jan 11 18:02:58 2026 by rpki-client