This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/daffb6-8bdf-411d-b6c4-ae4f84e16ca1/1/qvuOHYoyggsc9g8iuTbD4CEqvBo.roa File: qvuOHYoyggsc9g8iuTbD4CEqvBo.roa (raw, json) Hash identifier: jWZoQBgvdhifzrjkxPZUHR/6QgarurKmN/mBEWXh09w= Subject key identifier: AA:FB:8E:1D:8A:32:82:0B:1C:F6:0F:22:B9:36:C3:E0:21:2A:BC:1A Certificate issuer: /CN=11bc40bcab5e9053ab6db7d19e2a38df1b6f9a4b Certificate serial: 019B7C13586FF328DDC7799CAD3D2FAA7A60 Authority key identifier: 11:BC:40:BC:AB:5E:90:53:AB:6D:B7:D1:9E:2A:38:DF:1B:6F:9A:4B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EbxAvKtekFOrbbfRnio43xtvmks.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/daffb6-8bdf-411d-b6c4-ae4f84e16ca1/1/qvuOHYoyggsc9g8iuTbD4CEqvBo.roa Signing time: Fri 02 Jan 2026 00:20:01 +0000 ROA not before: Fri 02 Jan 2026 00:20:01 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 202391 IP address blocks: 185.235.136.0/24 maxlen: 24 185.235.139.0/24 maxlen: 24 185.255.208.0/22 maxlen: 22 185.255.208.0/24 maxlen: 24 2a0a:4b80::/30 maxlen: 30 2a0a:4b84::/30 maxlen: 30 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/daffb6-8bdf-411d-b6c4-ae4f84e16ca1/1/EbxAvKtekFOrbbfRnio43xtvmks.crl rsync://rpki.ripe.net/repository/DEFAULT/20/daffb6-8bdf-411d-b6c4-ae4f84e16ca1/1/EbxAvKtekFOrbbfRnio43xtvmks.mft rsync://rpki.ripe.net/repository/DEFAULT/EbxAvKtekFOrbbfRnio43xtvmks.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 15:00:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:13:58:6f:f3:28:dd:c7:79:9c:ad:3d:2f:aa:7a:60 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=11bc40bcab5e9053ab6db7d19e2a38df1b6f9a4b Validity Not Before: Jan 2 00:20:01 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=aafb8e1d8a32820b1cf60f22b936c3e0212abc1a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ed:11:4c:37:0f:f6:b2:b4:96:51:f1:5d:04:6a: 2c:28:a7:f9:10:ea:22:68:00:1e:4a:e8:5a:48:54: e9:9a:40:d9:52:ea:3e:3f:f2:47:57:d2:5b:10:3f: a3:31:40:94:f1:b7:11:ba:7a:00:a2:d2:0e:01:f2: 84:a3:d1:e8:c0:3a:b9:08:b4:cd:42:fa:f2:3c:eb: d6:7d:56:1b:5b:51:3a:b7:01:54:b2:c8:02:76:64: bb:11:97:5b:1c:7c:6e:a6:29:0f:cc:97:fc:52:9a: e0:90:be:df:dd:98:29:c1:6c:0f:14:c6:bd:94:3f: 32:42:79:3e:92:ae:f6:e9:77:7f:c6:f3:2d:db:2c: c0:48:ff:7c:26:f3:61:f4:68:19:7b:9a:95:b4:18: 16:f1:5b:75:a6:bc:97:67:46:97:6b:6c:0a:be:76: ce:dc:a3:4a:2f:17:27:ed:f6:ca:93:7b:b1:ff:f5: 8a:72:bc:1d:6a:1b:fe:64:f0:c8:34:1a:9f:b7:1d: 8a:89:0d:8e:0c:ba:ea:5d:d0:03:1c:2a:f3:a6:f4: 47:ac:52:c7:10:70:82:45:3a:62:a4:90:0a:5b:8c: 12:db:7e:39:d3:00:dd:ff:bf:e1:fd:b0:5a:ee:8e: 88:1f:b5:80:74:35:92:c3:68:7c:b7:52:53:ee:b3: 12:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AA:FB:8E:1D:8A:32:82:0B:1C:F6:0F:22:B9:36:C3:E0:21:2A:BC:1A X509v3 Authority Key Identifier: keyid:11:BC:40:BC:AB:5E:90:53:AB:6D:B7:D1:9E:2A:38:DF:1B:6F:9A:4B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EbxAvKtekFOrbbfRnio43xtvmks.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/daffb6-8bdf-411d-b6c4-ae4f84e16ca1/1/qvuOHYoyggsc9g8iuTbD4CEqvBo.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/20/daffb6-8bdf-411d-b6c4-ae4f84e16ca1/1/EbxAvKtekFOrbbfRnio43xtvmks.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.235.136.0/24 185.235.139.0/24 185.255.208.0/22 IPv6: 2a0a:4b80::/29 Signature Algorithm: sha256WithRSAEncryption 14:78:16:21:7c:e6:5d:13:6f:ee:95:fa:34:9f:b3:1f:34:9d: c1:f9:b8:67:dc:f9:fb:a6:ce:bc:39:64:00:6e:ec:63:ec:de: 79:d6:ce:e5:2e:c8:3f:5c:5f:5e:ca:9c:6e:17:9f:37:5a:2e: cd:39:97:70:48:7e:c3:5f:56:f0:2d:ae:48:3d:58:c2:6c:a4: c5:c6:a1:f7:92:11:b8:51:e3:ec:24:61:8b:98:c3:65:e9:9d: 85:bb:34:99:32:19:16:84:44:21:4c:e1:40:c4:d0:38:da:04: 72:e2:8b:c5:de:ae:a9:a2:57:95:60:1a:a3:65:ae:aa:d4:6c: 43:15:6f:3e:68:f6:58:02:48:6b:32:2e:35:a5:dc:36:03:93: 5b:bb:ea:49:41:99:4a:6a:2c:e6:c6:85:63:a2:92:7b:6e:0e: 5c:c3:d9:34:f3:21:4f:f1:d7:fc:fd:f4:37:7a:58:53:f7:ba: 43:f1:8a:cd:37:ee:bc:61:19:7c:32:46:12:2d:93:ca:09:8a: be:9f:11:60:e9:36:72:76:a1:58:35:b3:3a:8a:05:44:99:f1: 50:bf:59:a3:e5:75:7b:87:d9:58:83:35:48:74:b2:a9:75:5c: 60:55:87:ca:4a:58:b1:fe:77:29:83:13:68:9d:24:bb:ba:3d: 99:85:b5:07 -----BEGIN CERTIFICATE----- MIIFGDCCBACgAwIBAgISAZt8E1hv8yjdx3mcrT0vqnpgMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDExYmM0MGJjYWI1ZTkwNTNhYjZkYjdkMTllMmEzOGRmMWI2 ZjlhNGIwHhcNMjYwMTAyMDAyMDAxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhYWZiOGUxZDhhMzI4MjBiMWNmNjBmMjJiOTM2YzNlMDIxMmFiYzFhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7RFMNw/2srSWUfFdBGosKKf5EOoi aAAeSuhaSFTpmkDZUuo+P/JHV9JbED+jMUCU8bcRunoAotIOAfKEo9HowDq5CLTN QvryPOvWfVYbW1E6twFUssgCdmS7EZdbHHxupikPzJf8UprgkL7f3ZgpwWwPFMa9 lD8yQnk+kq726Xd/xvMt2yzASP98JvNh9GgZe5qVtBgW8Vt1pryXZ0aXa2wKvnbO 3KNKLxcn7fbKk3ux//WKcrwdahv+ZPDINBqftx2KiQ2ODLrqXdADHCrzpvRHrFLH EHCCRTpipJAKW4wS23450wDd/7/h/bBa7o6IH7WAdDWSw2h8t1JT7rMSAQIDAQAB o4ICJDCCAiAwHQYDVR0OBBYEFKr7jh2KMoILHPYPIrk2w+AhKrwaMB8GA1UdIwQY MBaAFBG8QLyrXpBTq2230Z4qON8bb5pLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRWJ4QXZLdGVrRk9yYmJmUm5pbzQzeHR2bWtzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC9kYWZmYjYtOGJkZi00MTFkLWI2YzQt YWU0Zjg0ZTE2Y2ExLzEvcXZ1T0hZb3lnZ3NjOWc4aXVUYkQ0Q0VxdkJvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMC9kYWZmYjYtOGJkZi00MTFkLWI2YzQtYWU0Zjg0ZTE2Y2Ex LzEvRWJ4QXZLdGVrRk9yYmJmUm5pbzQzeHR2bWtzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAueuIAwQA ueuLAwQCuf/QMA0EAgACMAcDBQMqCkuAMA0GCSqGSIb3DQEBCwUAA4IBAQAUeBYh fOZdE2/ulfo0n7MfNJ3B+bhn3Pn7ps68OWQAbuxj7N551s7lLsg/XF9eypxuF583 Wi7NOZdwSH7DX1bwLa5IPVjCbKTFxqH3khG4UePsJGGLmMNl6Z2FuzSZMhkWhEQh TOFAxNA42gRy4ovF3q6poleVYBqjZa6q1GxDFW8+aPZYAkhrMi41pdw2A5Nbu+pJ QZlKaizmxoVjopJ7bg5cw9k08yFP8df8/fQ3elhT97pD8YrNN+68YRl8MkYSLZPK CYq+nxFg6TZydqFYNbM6igVEmfFQv1mj5XV7h9lYgzVIdLKpdVxgVYfKSlix/ncp gxNonSS7uj2ZhbUH -----END CERTIFICATE-----Generated at Mon Jan 26 02:22:02 2026 by rpki-client