This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/9c5a00-0b5f-4a95-98a8-8bd976910dbf/1/qKqi_rXQXOvxeFffB2pfRZ_x1CM.roa File: qKqi_rXQXOvxeFffB2pfRZ_x1CM.roa (raw, json) Hash identifier: XYn4rn0UvMRvensr1fkhAzYC4HLrGdOg2tErj1J5QmQ= Subject key identifier: A8:AA:A2:FE:B5:D0:5C:EB:F1:78:57:DF:07:6A:5F:45:9F:F1:D4:23 Certificate issuer: /CN=c3bd26fe2295e462be2678533efa531e23b7f102 Certificate serial: 019B7CECD99A571A823F0871B8664D97EFB8 Authority key identifier: C3:BD:26:FE:22:95:E4:62:BE:26:78:53:3E:FA:53:1E:23:B7:F1:02 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w70m_iKV5GK-JnhTPvpTHiO38QI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/9c5a00-0b5f-4a95-98a8-8bd976910dbf/1/qKqi_rXQXOvxeFffB2pfRZ_x1CM.roa Signing time: Fri 02 Jan 2026 04:17:35 +0000 ROA not before: Fri 02 Jan 2026 04:17:35 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 57773 IP address blocks: 85.208.80.0/22 maxlen: 22 91.208.188.0/24 maxlen: 24 171.22.68.0/22 maxlen: 22 185.141.112.0/22 maxlen: 22 185.205.48.0/22 maxlen: 22 185.205.48.0/23 maxlen: 23 185.205.50.0/23 maxlen: 23 194.33.80.0/24 maxlen: 24 2a09:3b40::/29 maxlen: 29 2a0b:140::/29 maxlen: 29 2a0b:143::/48 maxlen: 48 2a0b:145::/43 maxlen: 43 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/9c5a00-0b5f-4a95-98a8-8bd976910dbf/1/w70m_iKV5GK-JnhTPvpTHiO38QI.crl rsync://rpki.ripe.net/repository/DEFAULT/40/9c5a00-0b5f-4a95-98a8-8bd976910dbf/1/w70m_iKV5GK-JnhTPvpTHiO38QI.mft rsync://rpki.ripe.net/repository/DEFAULT/w70m_iKV5GK-JnhTPvpTHiO38QI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 19:01:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:ec:d9:9a:57:1a:82:3f:08:71:b8:66:4d:97:ef:b8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c3bd26fe2295e462be2678533efa531e23b7f102 Validity Not Before: Jan 2 04:17:35 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=a8aaa2feb5d05cebf17857df076a5f459ff1d423 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:1c:7c:c7:c5:ee:ba:b6:2f:f8:8d:1e:3e:04: 1b:35:b1:85:6f:5e:df:30:6d:85:d9:5c:03:74:f4: cb:a9:ed:23:2c:f0:53:24:12:93:bc:30:fc:ed:39: a6:83:4a:f7:83:12:69:39:2f:92:12:84:c3:70:d1: 40:ea:c3:7a:d3:4d:4b:d2:2f:53:71:b0:77:1a:ce: 86:ed:56:eb:ff:6b:92:b5:76:54:24:f3:e4:e3:b2: 5b:90:54:0d:f5:df:b5:cc:56:98:65:33:29:34:63: a6:a8:06:63:75:9b:35:df:35:e6:15:19:bb:14:f9: 62:84:c5:6a:3e:90:d0:a8:11:bf:4e:91:59:6e:a7: 8c:06:7e:0e:4e:5e:c2:0e:39:60:01:f5:0f:e1:28: 73:3e:4d:6d:9f:d2:07:7b:a4:d5:24:67:a9:da:8d: d3:0b:8a:ef:1e:6c:f5:ef:ee:aa:d2:ea:c9:1c:47: 3a:22:6c:2a:95:48:6d:c4:76:37:bd:38:2a:73:9a: f2:dd:ac:75:04:0d:03:af:c1:fa:c5:27:97:e1:1c: 52:29:28:c1:0d:db:66:04:3b:36:a9:a6:c9:f2:e7: 00:fb:62:12:87:f9:b9:17:32:a1:a8:24:a9:dd:ab: e4:20:0a:79:f5:58:be:a8:5c:0f:af:5c:09:e7:20: 6c:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A8:AA:A2:FE:B5:D0:5C:EB:F1:78:57:DF:07:6A:5F:45:9F:F1:D4:23 X509v3 Authority Key Identifier: keyid:C3:BD:26:FE:22:95:E4:62:BE:26:78:53:3E:FA:53:1E:23:B7:F1:02 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w70m_iKV5GK-JnhTPvpTHiO38QI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/9c5a00-0b5f-4a95-98a8-8bd976910dbf/1/qKqi_rXQXOvxeFffB2pfRZ_x1CM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/40/9c5a00-0b5f-4a95-98a8-8bd976910dbf/1/w70m_iKV5GK-JnhTPvpTHiO38QI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 85.208.80.0/22 91.208.188.0/24 171.22.68.0/22 185.141.112.0/22 185.205.48.0/22 194.33.80.0/24 IPv6: 2a09:3b40::/29 2a0b:140::/29 Signature Algorithm: sha256WithRSAEncryption 14:56:71:25:a5:84:fb:54:0b:3c:37:73:59:75:1c:d8:26:31: 30:50:87:85:04:7d:7e:77:18:65:f8:87:90:f4:12:ab:54:a0: c8:ec:c4:1f:cd:30:4e:d1:f7:4f:c0:97:1c:44:2d:be:7b:c0: 32:c7:32:09:0e:8f:d1:97:8c:0a:0c:f9:33:d2:c8:9b:37:50: 68:76:6d:da:b5:b9:74:f2:ca:cd:34:3d:9e:1a:f0:d8:ed:4a: 06:68:1e:61:f9:e8:24:67:32:06:00:54:6e:17:a8:a9:a9:a0: 8b:c6:a9:de:1e:f8:3a:47:d0:11:b8:0b:6f:d9:0c:39:79:96: 46:47:20:c9:4d:84:aa:6b:41:47:b5:08:9b:7c:7e:41:88:ee: 44:bf:76:8b:64:1a:68:a2:f9:9e:f3:12:01:df:a5:57:c8:13: 53:94:41:e5:f5:f0:8c:fa:d4:2f:1e:53:83:f0:b3:db:94:55: 72:40:8c:0d:a3:fd:8d:7e:8a:7d:60:af:ca:c4:69:5d:71:4d: 9d:ba:bc:df:de:d1:b4:00:c9:e0:de:7e:7f:f9:32:be:c2:95: e0:3a:48:1b:d1:66:46:2e:43:79:07:ea:b3:bd:98:2b:17:b1: 2d:c9:6e:c6:fa:d4:ff:92:dd:73:b4:c2:bc:45:b9:4d:e8:bf: 6e:71:a3:0a -----BEGIN CERTIFICATE----- MIIFMTCCBBmgAwIBAgISAZt87NmaVxqCPwhxuGZNl++4MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGMzYmQyNmZlMjI5NWU0NjJiZTI2Nzg1MzNlZmE1MzFlMjNi N2YxMDIwHhcNMjYwMTAyMDQxNzM1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhOGFhYTJmZWI1ZDA1Y2ViZjE3ODU3ZGYwNzZhNWY0NTlmZjFkNDIzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtxx8x8XuurYv+I0ePgQbNbGFb17f MG2F2VwDdPTLqe0jLPBTJBKTvDD87Tmmg0r3gxJpOS+SEoTDcNFA6sN6001L0i9T cbB3Gs6G7Vbr/2uStXZUJPPk47JbkFQN9d+1zFaYZTMpNGOmqAZjdZs13zXmFRm7 FPlihMVqPpDQqBG/TpFZbqeMBn4OTl7CDjlgAfUP4ShzPk1tn9IHe6TVJGep2o3T C4rvHmz17+6q0urJHEc6ImwqlUhtxHY3vTgqc5ry3ax1BA0Dr8H6xSeX4RxSKSjB DdtmBDs2qabJ8ucA+2ISh/m5FzKhqCSp3avkIAp59Vi+qFwPr1wJ5yBsKQIDAQAB o4ICPTCCAjkwHQYDVR0OBBYEFKiqov610Fzr8XhX3wdqX0Wf8dQjMB8GA1UdIwQY MBaAFMO9Jv4ileRiviZ4Uz76Ux4jt/ECMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdzcwbV9pS1Y1R0stSm5oVFB2cFRIaU8zOFFJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC85YzVhMDAtMGI1Zi00YTk1LTk4YTgt OGJkOTc2OTEwZGJmLzEvcUtxaV9yWFFYT3Z4ZUZmZkIycGZSWl94MUNNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80MC85YzVhMDAtMGI1Zi00YTk1LTk4YTgtOGJkOTc2OTEwZGJm LzEvdzcwbV9pS1Y1R0stSm5oVFB2cFRIaU8zOFFJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAqBAIAATAkAwQCVdBQAwQA W9C8AwQCqxZEAwQCuY1wAwQCuc0wAwQAwiFQMBQEAgACMA4DBQMqCTtAAwUDKgsB QDANBgkqhkiG9w0BAQsFAAOCAQEAFFZxJaWE+1QLPDdzWXUc2CYxMFCHhQR9fncY ZfiHkPQSq1SgyOzEH80wTtH3T8CXHEQtvnvAMscyCQ6P0ZeMCgz5M9LImzdQaHZt 2rW5dPLKzTQ9nhrw2O1KBmgeYfnoJGcyBgBUbheoqamgi8ap3h74OkfQEbgLb9kM OXmWRkcgyU2EqmtBR7UIm3x+QYjuRL92i2QaaKL5nvMSAd+lV8gTU5RB5fXwjPrU Lx5Tg/Cz25RVckCMDaP9jX6KfWCvysRpXXFNnbq8397RtADJ4N5+f/kyvsKV4DpI G9FmRi5DeQfqs72YKxexLcluxvrU/5Ldc7TCvEW5Tei/bnGjCg== -----END CERTIFICATE-----Generated at Mon Jan 26 04:40:46 2026 by rpki-client