This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/MQQzsxU40W_xEpXzt8cvUT-bq9E.roa File: MQQzsxU40W_xEpXzt8cvUT-bq9E.roa (raw, json) Hash identifier: d2EdB5G5EgArFhc3OWiFNquY+C0ERTnVWLmjHj1Wbbo= Subject key identifier: 31:04:33:B3:15:38:D1:6F:F1:12:95:F3:B7:C7:2F:51:3F:9B:AB:D1 Certificate issuer: /CN=95b30111b0b720a209f788c8b90f60380b465c2e Certificate serial: 019B7CED587FA4F384159A6DB87E70D0CF35 Authority key identifier: 95:B3:01:11:B0:B7:20:A2:09:F7:88:C8:B9:0F:60:38:0B:46:5C:2E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/MQQzsxU40W_xEpXzt8cvUT-bq9E.roa Signing time: Fri 02 Jan 2026 04:18:08 +0000 ROA not before: Fri 02 Jan 2026 04:18:08 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 29119 IP address blocks: 185.223.217.0/24 maxlen: 24 185.223.218.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.crl rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.mft rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:ed:58:7f:a4:f3:84:15:9a:6d:b8:7e:70:d0:cf:35 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=95b30111b0b720a209f788c8b90f60380b465c2e Validity Not Before: Jan 2 04:18:08 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=310433b31538d16ff11295f3b7c72f513f9babd1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:8f:78:d2:68:21:a8:66:53:da:a6:3c:42:ab: d1:a6:19:dc:37:ec:9f:50:b6:0e:3a:dd:54:96:99: 19:19:72:45:59:cc:3a:d7:b3:8d:d4:6d:07:c8:60: 77:b2:e1:21:8d:0e:a9:d4:42:7d:b0:59:8b:c9:be: f9:7e:55:22:2e:7e:f0:93:40:32:fe:c3:3b:d7:24: 9d:1c:69:c3:d8:da:17:80:03:ae:34:2d:d2:6c:9c: 5e:04:5b:91:06:c0:6d:1b:a9:c4:a7:fd:6e:a5:4d: aa:82:60:08:bd:d7:b1:a2:ce:c9:4d:45:35:b9:66: e6:d5:0d:b0:8e:d4:59:55:83:6c:40:47:aa:6a:7b: 1b:e6:fb:c1:43:7b:31:39:d3:76:cb:fc:29:26:e4: 09:70:42:22:b1:f2:f6:7f:71:5d:4b:c0:fd:fb:1a: bf:e4:aa:49:78:00:8b:13:2e:be:c8:18:f1:1b:67: 23:bf:f6:aa:b7:a5:92:20:44:b9:79:ab:20:e1:97: 6e:2f:f1:32:91:b4:30:3a:0c:9c:46:39:e7:a2:58: 48:fd:d4:a5:f8:b9:93:7e:2b:b8:03:18:fb:e7:cf: 42:1e:99:b5:2d:90:71:d5:e1:92:f1:a0:02:7c:b1: c5:54:b3:7c:f6:cb:c6:c8:e4:26:85:91:6c:2c:84: e1:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 31:04:33:B3:15:38:D1:6F:F1:12:95:F3:B7:C7:2F:51:3F:9B:AB:D1 X509v3 Authority Key Identifier: keyid:95:B3:01:11:B0:B7:20:A2:09:F7:88:C8:B9:0F:60:38:0B:46:5C:2E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/MQQzsxU40W_xEpXzt8cvUT-bq9E.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.223.217.0-185.223.218.255 Signature Algorithm: sha256WithRSAEncryption a3:15:5a:4b:5e:cd:ab:c5:c5:f6:af:3e:56:42:6a:b4:b7:12: 28:29:30:c0:ec:aa:c3:27:a1:b9:91:d6:56:20:9a:e2:1d:3e: ee:98:df:bb:0c:8f:08:5b:a5:76:0c:70:4c:a7:57:38:e9:a0: a6:08:da:3e:7d:c4:d8:16:e3:be:18:32:18:6b:4b:8f:74:f1: a9:e9:df:fa:19:56:75:e2:c2:52:63:2e:53:7a:fc:03:7c:cd: c7:4d:44:63:15:d4:25:ec:78:1a:7e:05:ac:cf:54:7b:65:d1: 65:76:8e:8c:34:7e:8d:4a:4d:a9:71:51:e3:9a:6f:f8:6b:04: 5a:ac:99:7c:40:1b:58:ca:b9:a2:51:89:28:ef:b6:7f:5d:29: 51:08:c5:d4:ee:c2:17:29:26:ab:84:65:9c:b8:89:60:a7:77: a8:82:32:7c:1c:ce:be:83:88:ee:ca:5f:17:5e:1b:65:64:04: e7:f1:4e:fd:e5:8d:60:73:d5:c1:c2:d4:ac:fc:c2:8e:c9:23: 4a:5c:c1:7e:53:b5:c8:3f:b6:3f:c0:27:93:ac:3c:29:0a:73: 88:e1:b6:c9:78:a9:c8:fa:29:07:68:cc:d8:4c:32:9b:fe:11: ab:b9:1a:c4:25:9e:0c:02:61:fc:07:08:c4:5a:66:9e:84:5f: d2:1d:d9:73 -----BEGIN CERTIFICATE----- MIIFBTCCA+2gAwIBAgISAZt87Vh/pPOEFZptuH5w0M81MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk1YjMwMTExYjBiNzIwYTIwOWY3ODhjOGI5MGY2MDM4MGI0 NjVjMmUwHhcNMjYwMTAyMDQxODA4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzMTA0MzNiMzE1MzhkMTZmZjExMjk1ZjNiN2M3MmY1MTNmOWJhYmQxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv4940mghqGZT2qY8QqvRphncN+yf ULYOOt1UlpkZGXJFWcw617ON1G0HyGB3suEhjQ6p1EJ9sFmLyb75flUiLn7wk0Ay /sM71ySdHGnD2NoXgAOuNC3SbJxeBFuRBsBtG6nEp/1upU2qgmAIvdexos7JTUU1 uWbm1Q2wjtRZVYNsQEeqansb5vvBQ3sxOdN2y/wpJuQJcEIisfL2f3FdS8D9+xq/ 5KpJeACLEy6+yBjxG2cjv/aqt6WSIES5easg4ZduL/EykbQwOgycRjnnolhI/dSl +LmTfiu4Axj7589CHpm1LZBx1eGS8aACfLHFVLN89svGyOQmhZFsLIThCwIDAQAB o4ICETCCAg0wHQYDVR0OBBYEFDEEM7MVONFv8RKV87fHL1E/m6vRMB8GA1UdIwQY MBaAFJWzARGwtyCiCfeIyLkPYDgLRlwuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbGJNQkViQzNJS0lKOTRqSXVROWdPQXRHWEM0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8wM2JmMjgtYzU1ZC00YzdhLTkxYmIt OTE2NDZiZjAxNTNkLzEvTVFRenN4VTQwV194RXBYenQ4Y3ZVVC1icTlFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81MS8wM2JmMjgtYzU1ZC00YzdhLTkxYmItOTE2NDZiZjAxNTNk LzEvbGJNQkViQzNJS0lKOTRqSXVROWdPQXRHWEM0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAC539kD BAC539owDQYJKoZIhvcNAQELBQADggEBAKMVWktezavFxfavPlZCarS3EigpMMDs qsMnobmR1lYgmuIdPu6Y37sMjwhbpXYMcEynVzjpoKYI2j59xNgW474YMhhrS490 8anp3/oZVnXiwlJjLlN6/AN8zcdNRGMV1CXseBp+BazPVHtl0WV2jow0fo1KTalx UeOab/hrBFqsmXxAG1jKuaJRiSjvtn9dKVEIxdTuwhcpJquEZZy4iWCnd6iCMnwc zr6DiO7KXxdeG2VkBOfxTv3ljWBz1cHC1Kz8wo7JI0pcwX5Ttcg/tj/AJ5OsPCkK c4jhtsl4qcj6KQdozNhMMpv+Eau5GsQlngwCYfwHCMRaZp6EX9Id2XM= -----END CERTIFICATE-----Generated at Sun Jan 25 17:22:12 2026 by rpki-client