This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/f58ac8-53e9-4ca6-acb2-be57d7dfa0de/1/1-CQYobvcQG21mAnMiaW7vyH7CXY.roa File: 1-CQYobvcQG21mAnMiaW7vyH7CXY.roa (raw, json) Hash identifier: F30Qwwm1mnG4O3FtxSySy1RIR2PJUKOcNn6fyL1ZO8E= Subject key identifier: F8:24:18:A1:BB:DC:40:6D:B5:98:09:CC:89:A5:BB:BF:21:FB:09:76 Certificate issuer: /CN=621310302018a387c692146a35efd33a6ed6b1ef Certificate serial: 019B797F1F5FB2A76F3ED74AAB1300F2C90D Authority key identifier: 62:13:10:30:20:18:A3:87:C6:92:14:6A:35:EF:D3:3A:6E:D6:B1:EF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YhMQMCAYo4fGkhRqNe_TOm7Wse8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/f58ac8-53e9-4ca6-acb2-be57d7dfa0de/1/1-CQYobvcQG21mAnMiaW7vyH7CXY.roa Signing time: Thu 01 Jan 2026 12:18:52 +0000 ROA not before: Thu 01 Jan 2026 12:18:52 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 197099 IP address blocks: 193.7.192.0/24 maxlen: 24 193.7.193.0/24 maxlen: 24 193.7.194.0/24 maxlen: 24 2a0d:be00::/29 maxlen: 29 2a0d:d340::/29 maxlen: 29 2a10:fd40::/29 maxlen: 29 2a11:a000::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/f58ac8-53e9-4ca6-acb2-be57d7dfa0de/1/YhMQMCAYo4fGkhRqNe_TOm7Wse8.crl rsync://rpki.ripe.net/repository/DEFAULT/25/f58ac8-53e9-4ca6-acb2-be57d7dfa0de/1/YhMQMCAYo4fGkhRqNe_TOm7Wse8.mft rsync://rpki.ripe.net/repository/DEFAULT/YhMQMCAYo4fGkhRqNe_TOm7Wse8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 03:01:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7f:1f:5f:b2:a7:6f:3e:d7:4a:ab:13:00:f2:c9:0d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=621310302018a387c692146a35efd33a6ed6b1ef Validity Not Before: Jan 1 12:18:52 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=f82418a1bbdc406db59809cc89a5bbbf21fb0976 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:fe:d7:2f:09:34:f5:9f:ef:3c:2c:20:8f:d9: e4:08:82:7c:f7:4b:65:64:fa:2e:39:84:8e:36:fb: 86:2c:76:d3:93:bf:18:c8:04:c5:ba:48:aa:34:cb: e8:b8:8e:bd:9e:d1:5f:da:da:71:5d:06:a3:a5:66: 11:ce:26:9c:34:81:a4:df:f0:d8:c5:04:2a:7c:54: 2d:7b:c2:c2:36:46:48:e9:d7:b2:ae:84:7b:79:65: ed:ca:60:fb:91:bb:8a:8c:f5:74:9b:b3:b9:fe:e6: 3f:91:32:3d:14:06:cf:c8:a6:0f:07:e3:28:97:ff: f5:60:3b:e4:36:6c:45:a0:49:33:9e:2d:80:56:5d: e2:fd:12:bf:ff:a1:4f:41:50:d4:61:01:8e:c7:13: 2d:f9:0b:26:bb:9f:f2:72:13:e0:ec:97:ee:7c:51: 74:d9:c5:51:32:53:f5:ac:7e:f3:b7:dc:02:8f:fd: 81:70:a2:8e:c4:e7:65:ed:89:85:3d:c1:76:57:51: d4:2a:c4:28:ed:e8:30:00:26:ef:47:48:4d:2f:fc: 64:9d:80:4d:15:54:f2:0f:12:98:dd:28:97:78:1c: 90:e5:55:70:31:42:b0:26:16:05:c3:3a:10:00:1e: 4e:a3:dc:ea:40:4d:89:d0:a1:7f:98:8f:8d:9e:1d: 82:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F8:24:18:A1:BB:DC:40:6D:B5:98:09:CC:89:A5:BB:BF:21:FB:09:76 X509v3 Authority Key Identifier: keyid:62:13:10:30:20:18:A3:87:C6:92:14:6A:35:EF:D3:3A:6E:D6:B1:EF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YhMQMCAYo4fGkhRqNe_TOm7Wse8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/f58ac8-53e9-4ca6-acb2-be57d7dfa0de/1/1-CQYobvcQG21mAnMiaW7vyH7CXY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/25/f58ac8-53e9-4ca6-acb2-be57d7dfa0de/1/YhMQMCAYo4fGkhRqNe_TOm7Wse8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 193.7.192.0-193.7.194.255 IPv6: 2a0d:be00::/29 2a0d:d340::/29 2a10:fd40::/29 2a11:a000::/29 Signature Algorithm: sha256WithRSAEncryption 6a:ce:1a:1d:de:7f:38:1f:8b:03:b5:3c:bf:c6:6d:51:7a:50: 02:0f:7e:6b:82:f1:03:12:7d:f5:25:be:c8:35:eb:e7:c2:fa: d5:f0:7a:67:74:65:0c:4c:cc:36:7f:cd:bb:15:e8:73:3a:88: ef:d1:4d:92:78:42:5e:28:fc:ec:10:d2:f7:a4:b7:0e:6f:c2: 02:8b:8f:f6:93:12:2f:a5:c4:cb:79:75:62:41:2d:81:96:2d: 40:05:29:30:ba:bb:39:17:c9:1d:46:b9:61:e0:16:61:a7:a3: e4:76:94:70:76:19:b6:1f:55:90:04:0b:04:89:72:cf:fc:5c: 6e:be:51:51:00:24:a9:2e:ae:1e:0a:b6:73:3e:82:cd:ea:fc: 08:1e:b7:7a:15:c5:ef:96:9b:74:4c:54:08:d6:3f:b8:c7:c1: a8:86:07:03:18:d9:1e:78:98:c7:58:8e:08:a8:d5:4c:1d:48: 0b:b9:fe:74:6d:f2:2d:97:ea:ee:7a:52:60:34:26:b5:d8:49: 22:bf:d0:e1:56:ac:ab:cb:20:89:54:d9:8d:9f:d6:83:2d:16: 9c:59:91:56:d5:0e:45:a7:62:22:5c:d9:1c:69:ba:e4:13:67: 45:77:59:a1:04:5a:36:f1:1b:f3:2c:1a:11:33:95:1c:b7:ce: 15:78:79:9c -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgISAZt5fx9fsqdvPtdKqxMA8skNMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYyMTMxMDMwMjAxOGEzODdjNjkyMTQ2YTM1ZWZkMzNhNmVk NmIxZWYwHhcNMjYwMTAxMTIxODUyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmODI0MThhMWJiZGM0MDZkYjU5ODA5Y2M4OWE1YmJiZjIxZmIwOTc2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvf7XLwk09Z/vPCwgj9nkCIJ890tl ZPouOYSONvuGLHbTk78YyATFukiqNMvouI69ntFf2tpxXQajpWYRziacNIGk3/DY xQQqfFQte8LCNkZI6deyroR7eWXtymD7kbuKjPV0m7O5/uY/kTI9FAbPyKYPB+Mo l//1YDvkNmxFoEkzni2AVl3i/RK//6FPQVDUYQGOxxMt+Qsmu5/ychPg7JfufFF0 2cVRMlP1rH7zt9wCj/2BcKKOxOdl7YmFPcF2V1HUKsQo7egwACbvR0hNL/xknYBN FVTyDxKY3SiXeByQ5VVwMUKwJhYFwzoQAB5Oo9zqQE2J0KF/mI+Nnh2CSQIDAQAB o4ICNjCCAjIwHQYDVR0OBBYEFPgkGKG73EBttZgJzImlu78h+wl2MB8GA1UdIwQY MBaAFGITEDAgGKOHxpIUajXv0zpu1rHvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWWhNUU1DQVlvNGZHa2hScU5lX1RPbTdXc2U4LmNlcjCB jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9mNThhYzgtNTNlOS00Y2E2LWFjYjIt YmU1N2Q3ZGZhMGRlLzEvMS1DUVlvYnZjUUcyMW1Bbk1pYVc3dnlIN0NYWS5yb2Ew gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0 b3J5L0RFRkFVTFQvMjUvZjU4YWM4LTUzZTktNGNhNi1hY2IyLWJlNTdkN2RmYTBk ZS8xL1loTVFNQ0FZbzRmR2toUnFOZV9UT203V3NlOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjBLBggrBgEFBQcBBwEB/wQ8MDowFAQCAAEwDjAMAwQGwQfA AwQAwQfCMCIEAgACMBwDBQMqDb4AAwUDKg3TQAMFAyoQ/UADBQMqEaAAMA0GCSqG SIb3DQEBCwUAA4IBAQBqzhod3n84H4sDtTy/xm1RelACD35rgvEDEn31Jb7INevn wvrV8HpndGUMTMw2f827FehzOojv0U2SeEJeKPzsENL3pLcOb8ICi4/2kxIvpcTL eXViQS2Bli1ABSkwurs5F8kdRrlh4BZhp6PkdpRwdhm2H1WQBAsEiXLP/FxuvlFR ACSpLq4eCrZzPoLN6vwIHrd6FcXvlpt0TFQI1j+4x8GohgcDGNkeeJjHWI4IqNVM HUgLuf50bfItl+ruelJgNCa12Ekiv9DhVqyryyCJVNmNn9aDLRacWZFW1Q5Fp2Ii XNkcabrkE2dFd1mhBFo28RvzLBoRM5Uct84VeHmc -----END CERTIFICATE-----Generated at Sun Jan 25 12:17:24 2026 by rpki-client