This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/QEhSXcwXsu0G-eTWLTcEW4Ss3Kw.roa File: QEhSXcwXsu0G-eTWLTcEW4Ss3Kw.roa (raw, json) Hash identifier: 3hazU/kPvVBI6tMsprnBgK/LziRES3Sxxtlr+bH5YbI= Subject key identifier: 40:48:52:5D:CC:17:B2:ED:06:F9:E4:D6:2D:37:04:5B:84:AC:DC:AC Certificate issuer: /CN=6228e7e01fada49c1a52fa13f3626c41b41a51b8 Certificate serial: 019B7DC881D764185FF48EC7E6ED36B9A0D7 Authority key identifier: 62:28:E7:E0:1F:AD:A4:9C:1A:52:FA:13:F3:62:6C:41:B4:1A:51:B8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yijn4B-tpJwaUvoT82JsQbQaUbg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/QEhSXcwXsu0G-eTWLTcEW4Ss3Kw.roa Signing time: Fri 02 Jan 2026 08:17:30 +0000 ROA not before: Fri 02 Jan 2026 08:17:30 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 44907 IP address blocks: 91.108.20.0/22 maxlen: 22 91.108.20.0/23 maxlen: 23 2001:b28:f23c::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/Yijn4B-tpJwaUvoT82JsQbQaUbg.crl rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/Yijn4B-tpJwaUvoT82JsQbQaUbg.mft rsync://rpki.ripe.net/repository/DEFAULT/Yijn4B-tpJwaUvoT82JsQbQaUbg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:c8:81:d7:64:18:5f:f4:8e:c7:e6:ed:36:b9:a0:d7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6228e7e01fada49c1a52fa13f3626c41b41a51b8 Validity Not Before: Jan 2 08:17:30 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=4048525dcc17b2ed06f9e4d62d37045b84acdcac Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:ff:0d:e1:80:4e:84:53:10:19:b5:bb:40:e0: dc:4d:46:77:5d:0c:ec:49:e4:2e:a7:74:52:41:f8: 7a:58:62:d6:ad:d3:74:a6:be:a2:4b:b7:3d:96:c7: 96:e9:8f:c9:f9:2b:72:c3:c5:8a:3b:33:0f:d2:2e: eb:a7:83:cb:73:4d:ff:21:33:75:bb:e6:46:f9:10: f4:99:67:89:43:1f:7c:ba:a6:67:53:0b:78:33:95: 81:12:7b:b7:75:fb:e6:8c:53:cb:14:1a:57:60:9a: 66:85:77:3f:e1:68:24:a2:b5:63:be:76:f5:be:79: e1:f7:e3:a4:8d:6e:a4:f9:9d:f4:41:56:68:3f:3e: e0:05:68:37:79:48:f2:c9:50:a4:56:4a:e9:91:b0: 1c:07:0d:3a:74:87:17:cd:92:dc:ab:48:45:87:a4: 99:5e:02:94:67:51:6a:8d:69:e0:f8:72:4e:f9:37: d5:e1:99:f3:ac:6f:c8:e1:ee:da:ea:2b:7a:d8:84: d8:14:69:58:2c:69:30:f3:16:f9:b1:fa:12:6f:e1: db:50:16:42:fa:10:66:e2:df:18:2b:18:63:73:c8: 34:f7:25:f6:ec:83:c2:59:1b:f3:48:a2:18:c2:8a: fb:58:2e:da:32:ed:23:08:61:1a:4e:7e:6c:d3:9d: ab:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:48:52:5D:CC:17:B2:ED:06:F9:E4:D6:2D:37:04:5B:84:AC:DC:AC X509v3 Authority Key Identifier: keyid:62:28:E7:E0:1F:AD:A4:9C:1A:52:FA:13:F3:62:6C:41:B4:1A:51:B8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yijn4B-tpJwaUvoT82JsQbQaUbg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/QEhSXcwXsu0G-eTWLTcEW4Ss3Kw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/Yijn4B-tpJwaUvoT82JsQbQaUbg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.108.20.0/22 IPv6: 2001:b28:f23c::/48 Signature Algorithm: sha256WithRSAEncryption 89:7b:85:56:dc:8f:a7:55:19:bc:a7:89:48:9d:1a:22:f0:40: 61:4b:bb:1f:5f:d2:9e:d0:44:98:44:1c:86:3b:d1:6d:ba:66: ec:dd:83:cc:3c:17:54:9a:16:e5:75:6e:ca:72:c5:65:35:75: 73:b8:df:40:80:67:f4:d3:b1:79:01:b6:ee:84:85:dd:09:88: ad:3f:55:7a:91:5b:11:8f:70:be:90:55:55:71:f8:42:4a:d7: 30:28:0c:7b:84:d1:53:2d:43:f6:50:7c:ee:1b:f8:98:c3:5f: 71:fd:35:4d:6e:10:72:f3:e8:7e:03:52:bd:2e:62:18:84:13: 5d:04:53:b7:c4:8e:a4:11:cd:eb:98:d3:10:89:7c:3c:e0:a8: a9:1e:f8:6d:a0:e7:63:58:ee:7f:fa:1f:a1:46:b9:a6:78:1e: f1:a7:5f:e6:fb:93:8e:b8:52:9c:dd:ac:20:0a:1e:1c:7f:01: 12:83:0d:61:1e:15:11:48:bc:e5:09:a8:10:72:fd:c3:2d:86: c5:33:36:ab:e1:6c:de:e4:9a:38:6d:76:eb:75:34:42:77:df: e4:2f:7d:31:ec:02:9a:2e:5c:d8:a4:ad:24:24:cf:6d:7e:bc: 6c:b2:4c:c4:99:01:73:04:72:37:df:87:50:b8:a7:5b:27:8d: fe:6e:e1:82 -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgISAZt9yIHXZBhf9I7H5u02uaDXMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYyMjhlN2UwMWZhZGE0OWMxYTUyZmExM2YzNjI2YzQxYjQx YTUxYjgwHhcNMjYwMTAyMDgxNzMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0MDQ4NTI1ZGNjMTdiMmVkMDZmOWU0ZDYyZDM3MDQ1Yjg0YWNkY2FjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvv8N4YBOhFMQGbW7QODcTUZ3XQzs SeQup3RSQfh6WGLWrdN0pr6iS7c9lseW6Y/J+Styw8WKOzMP0i7rp4PLc03/ITN1 u+ZG+RD0mWeJQx98uqZnUwt4M5WBEnu3dfvmjFPLFBpXYJpmhXc/4WgkorVjvnb1 vnnh9+OkjW6k+Z30QVZoPz7gBWg3eUjyyVCkVkrpkbAcBw06dIcXzZLcq0hFh6SZ XgKUZ1FqjWng+HJO+TfV4ZnzrG/I4e7a6it62ITYFGlYLGkw8xb5sfoSb+HbUBZC +hBm4t8YKxhjc8g09yX27IPCWRvzSKIYwor7WC7aMu0jCGEaTn5s052rSQIDAQAB o4ICGjCCAhYwHQYDVR0OBBYEFEBIUl3MF7LtBvnk1i03BFuErNysMB8GA1UdIwQY MBaAFGIo5+AfraScGlL6E/NibEG0GlG4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWWlqbjRCLXRwSndhVXZvVDgySnNRYlFhVWJnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS9iYWFmZjMtYWViNC00NjE2LThmYjUt NzY3NDE2NTI1MTBkLzEvUUVoU1hjd1hzdTBHLWVUV0xUY0VXNFNzM0t3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wZS9iYWFmZjMtYWViNC00NjE2LThmYjUtNzY3NDE2NTI1MTBk LzEvWWlqbjRCLXRwSndhVXZvVDgySnNRYlFhVWJnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCW2wUMA8E AgACMAkDBwAgAQso8jwwDQYJKoZIhvcNAQELBQADggEBAIl7hVbcj6dVGbyniUid GiLwQGFLux9f0p7QRJhEHIY70W26Zuzdg8w8F1SaFuV1bspyxWU1dXO430CAZ/TT sXkBtu6Ehd0JiK0/VXqRWxGPcL6QVVVx+EJK1zAoDHuE0VMtQ/ZQfO4b+JjDX3H9 NU1uEHLz6H4DUr0uYhiEE10EU7fEjqQRzeuY0xCJfDzgqKke+G2g52NY7n/6H6FG uaZ4HvGnX+b7k464UpzdrCAKHhx/ARKDDWEeFRFIvOUJqBBy/cMthsUzNqvhbN7k mjhtdut1NEJ33+QvfTHsApouXNikrSQkz21+vGyyTMSZAXMEcjffh1C4p1snjf5u 4YI= -----END CERTIFICATE-----Generated at Sun Jan 25 17:34:12 2026 by rpki-client