This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/3fc8da-3515-434d-9f0e-040127102209/1/Q7kjVEhiYHEz_AIBuFCX2o6kXpQ.roa File: Q7kjVEhiYHEz_AIBuFCX2o6kXpQ.roa (raw, json) Hash identifier: MuV9xof7zxa6mZSUu9k4zgmUqNgq/+xzFvRw2ejciSU= Subject key identifier: 43:B9:23:54:48:62:60:71:33:FC:02:01:B8:50:97:DA:8E:A4:5E:94 Certificate issuer: /CN=896a82a725ed22bb46847ae568912078de25c108 Certificate serial: 019B797EA3998A1C32000F2A3317C839989B Authority key identifier: 89:6A:82:A7:25:ED:22:BB:46:84:7A:E5:68:91:20:78:DE:25:C1:08 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iWqCpyXtIrtGhHrlaJEgeN4lwQg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/3fc8da-3515-434d-9f0e-040127102209/1/Q7kjVEhiYHEz_AIBuFCX2o6kXpQ.roa Signing time: Thu 01 Jan 2026 12:18:21 +0000 ROA not before: Thu 01 Jan 2026 12:18:21 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 44933 IP address blocks: 77.70.164.0/22 maxlen: 22 193.220.184.0/22 maxlen: 22 193.220.188.0/24 maxlen: 24 193.220.191.0/24 maxlen: 24 193.220.192.0/20 maxlen: 24 193.220.192.0/21 maxlen: 21 193.220.200.0/24 maxlen: 24 193.220.201.0/24 maxlen: 24 193.220.202.0/23 maxlen: 23 193.220.204.0/24 maxlen: 24 193.220.205.0/24 maxlen: 24 193.220.206.0/24 maxlen: 24 2a02:6600:2003::/48 maxlen: 48 2a02:6604:3::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/48/3fc8da-3515-434d-9f0e-040127102209/1/iWqCpyXtIrtGhHrlaJEgeN4lwQg.crl rsync://rpki.ripe.net/repository/DEFAULT/48/3fc8da-3515-434d-9f0e-040127102209/1/iWqCpyXtIrtGhHrlaJEgeN4lwQg.mft rsync://rpki.ripe.net/repository/DEFAULT/iWqCpyXtIrtGhHrlaJEgeN4lwQg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7e:a3:99:8a:1c:32:00:0f:2a:33:17:c8:39:98:9b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=896a82a725ed22bb46847ae568912078de25c108 Validity Not Before: Jan 1 12:18:21 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=43b923544862607133fc0201b85097da8ea45e94 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e9:86:5f:a6:57:3a:8a:f3:47:33:15:aa:4d:1e: 62:36:91:d2:40:87:9b:a8:af:34:03:14:84:04:3c: 47:61:d9:62:bb:ea:1f:eb:c0:9c:12:50:26:7e:84: b5:6b:09:92:b6:4d:66:aa:90:4f:88:90:ad:74:c7: 28:a2:84:b4:a2:b9:f7:91:cf:9a:3a:e2:7e:10:15: 82:1b:52:bf:4b:f6:56:88:e1:e4:dc:18:ba:65:6a: 7b:4e:13:ed:00:34:c7:b6:2f:60:57:f6:e4:10:ba: 24:b6:cd:e2:c6:76:aa:fa:3c:05:f6:02:c7:61:d9: 8f:ab:c0:6f:41:4f:81:87:aa:b5:3f:d1:61:5e:2d: 46:92:2c:9c:c3:23:78:48:df:7a:ae:56:c0:7c:14: ac:25:7d:7f:07:78:4e:ae:6d:75:27:69:c1:2b:86: 7d:1f:f3:48:ca:82:b2:c0:c0:25:52:11:a0:bc:90: 07:dd:0f:4b:06:48:ad:a4:cc:86:8f:c2:54:d0:7e: 8f:6b:6c:7e:aa:44:3b:ea:bb:5b:42:9f:3a:15:90: e6:69:54:e2:32:27:1b:d5:53:0e:15:89:3f:1e:b6: 24:c3:60:dd:82:8c:bf:ab:d4:34:1a:5a:fb:49:2a: 7a:f3:93:6d:57:6f:be:8d:b9:46:68:c2:f0:4b:3c: 2d:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 43:B9:23:54:48:62:60:71:33:FC:02:01:B8:50:97:DA:8E:A4:5E:94 X509v3 Authority Key Identifier: keyid:89:6A:82:A7:25:ED:22:BB:46:84:7A:E5:68:91:20:78:DE:25:C1:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iWqCpyXtIrtGhHrlaJEgeN4lwQg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/3fc8da-3515-434d-9f0e-040127102209/1/Q7kjVEhiYHEz_AIBuFCX2o6kXpQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/48/3fc8da-3515-434d-9f0e-040127102209/1/iWqCpyXtIrtGhHrlaJEgeN4lwQg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 77.70.164.0/22 193.220.184.0-193.220.188.255 193.220.191.0-193.220.207.255 IPv6: 2a02:6600:2003::/48 2a02:6604:3::/48 Signature Algorithm: sha256WithRSAEncryption 22:de:b0:4b:f7:e4:90:19:c1:9f:7e:8f:d4:71:0b:ec:98:70: 36:a7:dd:84:16:b5:86:44:59:fa:b7:30:12:f0:e4:2e:d0:0e: 17:bd:ed:b4:b6:37:88:b6:5c:78:18:f2:99:97:7d:ad:18:b1: 5c:8e:14:08:b7:a4:e0:5a:e9:da:81:9e:47:e4:67:75:29:80: 8e:ad:52:68:62:23:4f:c0:02:bb:97:d3:4e:86:97:d1:c3:b0: 10:fb:ec:39:cb:02:62:f5:dc:83:ae:3a:9f:90:39:68:34:31: af:05:75:a5:6d:46:fd:33:bd:aa:c4:1f:9b:de:29:47:59:9d: 4e:56:d2:fb:1d:36:96:ea:0a:6a:ab:88:c8:fb:47:89:63:1d: 1b:11:8f:3e:2f:ed:e3:c8:c4:d7:27:58:8d:47:a2:be:c7:58: 84:8e:a8:98:46:ef:57:ab:d6:b1:01:9d:4a:d9:36:76:c6:1a: 6d:1d:8e:49:e5:5a:5f:9c:9a:95:bf:b2:ba:b6:16:28:0e:80: 4e:12:3d:aa:e9:ec:13:df:2d:2b:93:26:45:69:7a:0b:b8:f3: 59:81:38:89:76:c7:3a:8b:75:8a:90:b9:18:38:3d:1d:43:b7: 2e:f1:73:ef:d9:27:d9:d4:50:25:41:e3:ec:75:81:cd:4e:43: e1:4b:ed:42 -----BEGIN CERTIFICATE----- MIIFMzCCBBugAwIBAgISAZt5fqOZihwyAA8qMxfIOZibMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg5NmE4MmE3MjVlZDIyYmI0Njg0N2FlNTY4OTEyMDc4ZGUy NWMxMDgwHhcNMjYwMTAxMTIxODIxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0M2I5MjM1NDQ4NjI2MDcxMzNmYzAyMDFiODUwOTdkYThlYTQ1ZTk0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6YZfplc6ivNHMxWqTR5iNpHSQIeb qK80AxSEBDxHYdliu+of68CcElAmfoS1awmStk1mqpBPiJCtdMcoooS0orn3kc+a OuJ+EBWCG1K/S/ZWiOHk3Bi6ZWp7ThPtADTHti9gV/bkELokts3ixnaq+jwF9gLH YdmPq8BvQU+Bh6q1P9FhXi1GkiycwyN4SN96rlbAfBSsJX1/B3hOrm11J2nBK4Z9 H/NIyoKywMAlUhGgvJAH3Q9LBkitpMyGj8JU0H6Pa2x+qkQ76rtbQp86FZDmaVTi Micb1VMOFYk/HrYkw2Ddgoy/q9Q0Glr7SSp685NtV2++jblGaMLwSzwtOwIDAQAB o4ICPzCCAjswHQYDVR0OBBYEFEO5I1RIYmBxM/wCAbhQl9qOpF6UMB8GA1UdIwQY MBaAFIlqgqcl7SK7RoR65WiRIHjeJcEIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaVdxQ3B5WHRJcnRHaEhybGFKRWdlTjRsd1FnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC8zZmM4ZGEtMzUxNS00MzRkLTlmMGUt MDQwMTI3MTAyMjA5LzEvUTdralZFaGlZSEV6X0FJQnVGQ1gybzZrWHBRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80OC8zZmM4ZGEtMzUxNS00MzRkLTlmMGUtMDQwMTI3MTAyMjA5 LzEvaVdxQ3B5WHRJcnRHaEhybGFKRWdlTjRsd1FnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDAoBAIAATAiAwQCTUakMAwD BAPB3LgDBADB3LwwDAMEAMHcvwMEBMHcwDAYBAIAAjASAwcAKgJmACADAwcAKgJm BAADMA0GCSqGSIb3DQEBCwUAA4IBAQAi3rBL9+SQGcGffo/UcQvsmHA2p92EFrWG RFn6tzAS8OQu0A4Xve20tjeItlx4GPKZl32tGLFcjhQIt6TgWunagZ5H5Gd1KYCO rVJoYiNPwAK7l9NOhpfRw7AQ++w5ywJi9dyDrjqfkDloNDGvBXWlbUb9M72qxB+b 3ilHWZ1OVtL7HTaW6gpqq4jI+0eJYx0bEY8+L+3jyMTXJ1iNR6K+x1iEjqiYRu9X q9axAZ1K2TZ2xhptHY5J5VpfnJqVv7K6thYoDoBOEj2q6ewT3y0rkyZFaXoLuPNZ gTiJdsc6i3WKkLkYOD0dQ7cu8XPv2SfZ1FAlQePsdYHNTkPhS+1C -----END CERTIFICATE-----Generated at Sun Jan 25 16:28:29 2026 by rpki-client