This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d3df26-3db5-4539-8030-f2ce77e3191e/1/RQBMarFkU3OrDTBkZypKiOwxqg8.roa File: RQBMarFkU3OrDTBkZypKiOwxqg8.roa (raw, json) Hash identifier: WhhYg2h0zkcqk2yaFPJERRYww67tY59hAk64ZXv/RAg= Subject key identifier: 45:00:4C:6A:B1:64:53:73:AB:0D:30:64:67:2A:4A:88:EC:31:AA:0F Certificate issuer: /CN=4e2a299f182a1fd51d4b0362997af7aaae0d6be9 Certificate serial: 019B7C7F9DF79376156330A00494DD52B594 Authority key identifier: 4E:2A:29:9F:18:2A:1F:D5:1D:4B:03:62:99:7A:F7:AA:AE:0D:6B:E9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TiopnxgqH9UdSwNimXr3qq4Na-k.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d3df26-3db5-4539-8030-f2ce77e3191e/1/RQBMarFkU3OrDTBkZypKiOwxqg8.roa Signing time: Fri 02 Jan 2026 02:18:16 +0000 ROA not before: Fri 02 Jan 2026 02:18:16 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 199255 IP address blocks: 185.4.248.0/24 maxlen: 24 185.4.249.0/24 maxlen: 24 185.4.251.0/24 maxlen: 24 2a02:6840::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/d3df26-3db5-4539-8030-f2ce77e3191e/1/TiopnxgqH9UdSwNimXr3qq4Na-k.crl rsync://rpki.ripe.net/repository/DEFAULT/34/d3df26-3db5-4539-8030-f2ce77e3191e/1/TiopnxgqH9UdSwNimXr3qq4Na-k.mft rsync://rpki.ripe.net/repository/DEFAULT/TiopnxgqH9UdSwNimXr3qq4Na-k.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 02:00:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:7f:9d:f7:93:76:15:63:30:a0:04:94:dd:52:b5:94 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4e2a299f182a1fd51d4b0362997af7aaae0d6be9 Validity Not Before: Jan 2 02:18:16 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=45004c6ab1645373ab0d3064672a4a88ec31aa0f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:86:48:8b:d3:33:f5:be:ee:2b:c3:4e:a0:ae:2c: 90:9c:14:6f:00:de:5c:1a:86:2c:e5:9d:54:76:e5: 37:70:a7:fb:a0:45:1e:ee:bf:87:cd:0b:fe:11:01: 86:be:f0:fe:05:fd:a6:32:f1:2c:29:05:a1:01:a6: 74:cc:63:63:d4:bd:3d:db:44:c1:0f:b7:19:a9:70: e8:78:3c:95:f8:f0:ac:e0:42:a0:fa:32:e5:8b:bc: e0:90:fd:95:99:c9:d0:75:8e:0a:2b:7c:08:37:51: a6:87:5a:d6:5d:e9:9f:8c:b7:74:a5:87:04:ea:de: 8a:7e:fb:a7:7d:e1:41:a2:34:40:c8:a1:8b:45:30: 6a:69:3f:8c:d6:50:f2:b1:5a:c5:d5:c5:93:63:e9: 8d:4e:4e:af:bf:f1:3e:32:0b:63:e9:03:ae:20:75: 42:28:dc:57:83:3d:6b:67:17:bf:aa:7b:4c:41:25: de:1d:d7:47:36:53:e7:b7:d5:ec:3b:a8:4a:9b:05: a6:cd:d7:fb:f7:f5:0c:ba:87:6b:31:b0:00:2a:8c: f7:5b:0a:72:5e:31:db:79:e4:8d:43:14:2e:13:08: 06:ab:86:35:5c:28:58:e3:4c:d8:ea:ef:43:35:37: e8:34:a9:98:f3:28:f3:5f:b4:6d:6d:ce:82:a0:37: f0:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 45:00:4C:6A:B1:64:53:73:AB:0D:30:64:67:2A:4A:88:EC:31:AA:0F X509v3 Authority Key Identifier: keyid:4E:2A:29:9F:18:2A:1F:D5:1D:4B:03:62:99:7A:F7:AA:AE:0D:6B:E9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TiopnxgqH9UdSwNimXr3qq4Na-k.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d3df26-3db5-4539-8030-f2ce77e3191e/1/RQBMarFkU3OrDTBkZypKiOwxqg8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d3df26-3db5-4539-8030-f2ce77e3191e/1/TiopnxgqH9UdSwNimXr3qq4Na-k.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.4.248.0/23 185.4.251.0/24 IPv6: 2a02:6840::/32 Signature Algorithm: sha256WithRSAEncryption 04:54:84:a3:41:e6:75:09:7a:9e:8a:8c:e0:b1:dd:1c:af:41: 22:ad:e8:90:09:dc:d0:72:99:5e:c8:d9:af:bd:f1:83:87:f4: df:ec:d8:53:d2:71:30:e9:de:08:2e:5a:e1:c5:ad:ec:0f:ab: 71:d3:1b:f1:60:bf:e3:ae:25:ec:5a:45:fa:d2:79:f4:ee:dc: fb:c8:b5:01:f3:78:95:3c:1d:46:7d:a5:10:c4:61:36:39:3d: 8b:cb:3b:9e:84:29:17:4c:43:ae:e6:59:b7:22:61:19:d4:92: 38:a2:23:56:17:54:6d:34:29:1c:61:58:c8:25:ad:7f:34:6f: ee:3a:89:a7:e7:eb:f5:6e:81:c7:d5:e1:be:f6:f7:55:93:54: d7:a7:76:de:6b:9b:91:28:f5:af:09:68:65:f1:6b:44:38:c7: 25:9f:4a:98:86:76:82:04:f6:a1:b8:79:36:d1:d3:13:87:ce: a0:a7:db:c5:78:5a:94:e2:40:4b:df:15:54:09:21:75:ca:e8: 4e:0a:b3:95:22:26:a1:98:84:f8:9a:ad:d6:54:ca:84:6b:02: 4d:39:28:25:90:1c:48:f6:84:d6:78:7e:0b:de:6b:cf:3a:36: b9:db:ad:0f:c7:5d:83:4d:90:81:8c:4f:6d:97:b0:15:d3:45: 11:80:3d:01 -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt8f533k3YVYzCgBJTdUrWUMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRlMmEyOTlmMTgyYTFmZDUxZDRiMDM2Mjk5N2FmN2FhYWUw ZDZiZTkwHhcNMjYwMTAyMDIxODE2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0NTAwNGM2YWIxNjQ1MzczYWIwZDMwNjQ2NzJhNGE4OGVjMzFhYTBmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhkiL0zP1vu4rw06griyQnBRvAN5c GoYs5Z1UduU3cKf7oEUe7r+HzQv+EQGGvvD+Bf2mMvEsKQWhAaZ0zGNj1L0920TB D7cZqXDoeDyV+PCs4EKg+jLli7zgkP2VmcnQdY4KK3wIN1Gmh1rWXemfjLd0pYcE 6t6KfvunfeFBojRAyKGLRTBqaT+M1lDysVrF1cWTY+mNTk6vv/E+Mgtj6QOuIHVC KNxXgz1rZxe/qntMQSXeHddHNlPnt9XsO6hKmwWmzdf79/UMuodrMbAAKoz3Wwpy XjHbeeSNQxQuEwgGq4Y1XChY40zY6u9DNTfoNKmY8yjzX7Rtbc6CoDfwoQIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFEUATGqxZFNzqw0wZGcqSojsMaoPMB8GA1UdIwQY MBaAFE4qKZ8YKh/VHUsDYpl696quDWvpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVGlvcG54Z3FIOVVkU3dOaW1YcjNxcTROYS1rLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kM2RmMjYtM2RiNS00NTM5LTgwMzAt ZjJjZTc3ZTMxOTFlLzEvUlFCTWFyRmtVM09yRFRCa1p5cEtpT3d4cWc4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNC9kM2RmMjYtM2RiNS00NTM5LTgwMzAtZjJjZTc3ZTMxOTFl LzEvVGlvcG54Z3FIOVVkU3dOaW1YcjNxcTROYS1rLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBuQT4AwQA uQT7MA0EAgACMAcDBQAqAmhAMA0GCSqGSIb3DQEBCwUAA4IBAQAEVISjQeZ1CXqe iozgsd0cr0EireiQCdzQcpleyNmvvfGDh/Tf7NhT0nEw6d4ILlrhxa3sD6tx0xvx YL/jriXsWkX60nn07tz7yLUB83iVPB1GfaUQxGE2OT2LyzuehCkXTEOu5lm3ImEZ 1JI4oiNWF1RtNCkcYVjIJa1/NG/uOomn5+v1boHH1eG+9vdVk1TXp3bea5uRKPWv CWhl8WtEOMcln0qYhnaCBPahuHk20dMTh86gp9vFeFqU4kBL3xVUCSF1yuhOCrOV IiahmIT4mq3WVMqEawJNOSglkBxI9oTWeH4L3mvPOja5260Px12DTZCBjE9tl7AV 00URgD0B -----END CERTIFICATE-----Generated at Mon Jan 26 12:38:35 2026 by rpki-client