This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/df7d6a-4592-400b-ade4-0ec5235d4e9f/1/sq6m1FOXK52o6uTxOqe6Hm1SOOY.roa File: sq6m1FOXK52o6uTxOqe6Hm1SOOY.roa (raw, json) Hash identifier: VWjwuEuO3NTNcpVAcvUXrXMeZI6YpyY7QfPuhsD8Kas= Subject key identifier: B2:AE:A6:D4:53:97:2B:9D:A8:EA:E4:F1:3A:A7:BA:1E:6D:52:38:E6 Certificate issuer: /CN=21df245ead9980d2b39533782f65d7566d0462d1 Certificate serial: 019B8DC949BA6228B71CF1247C99331400EF Authority key identifier: 21:DF:24:5E:AD:99:80:D2:B3:95:33:78:2F:65:D7:56:6D:04:62:D1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Id8kXq2ZgNKzlTN4L2XXVm0EYtE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/df7d6a-4592-400b-ade4-0ec5235d4e9f/1/sq6m1FOXK52o6uTxOqe6Hm1SOOY.roa Signing time: Mon 05 Jan 2026 10:52:17 +0000 ROA not before: Mon 05 Jan 2026 10:52:17 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 207003 IP address blocks: 185.188.30.0/24 maxlen: 24 185.218.192.0/22 maxlen: 22 185.218.194.0/24 maxlen: 24 185.218.195.0/24 maxlen: 24 193.163.5.0/24 maxlen: 24 2a0b:a700::/29 maxlen: 29 2a0b:dbc0::/29 maxlen: 29 2a10:f2c0::/29 maxlen: 29 2a10:f2c0:a001::/48 maxlen: 48 2a10:f2c0:a002::/48 maxlen: 48 2a10:f2c0:a003::/48 maxlen: 48 2a10:f2c0:a004::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/61/df7d6a-4592-400b-ade4-0ec5235d4e9f/1/Id8kXq2ZgNKzlTN4L2XXVm0EYtE.crl rsync://rpki.ripe.net/repository/DEFAULT/61/df7d6a-4592-400b-ade4-0ec5235d4e9f/1/Id8kXq2ZgNKzlTN4L2XXVm0EYtE.mft rsync://rpki.ripe.net/repository/DEFAULT/Id8kXq2ZgNKzlTN4L2XXVm0EYtE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 25 Jan 2026 23:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:8d:c9:49:ba:62:28:b7:1c:f1:24:7c:99:33:14:00:ef Signature Algorithm: sha256WithRSAEncryption Issuer: CN=21df245ead9980d2b39533782f65d7566d0462d1 Validity Not Before: Jan 5 10:52:17 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=b2aea6d453972b9da8eae4f13aa7ba1e6d5238e6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:db:d9:d5:66:6c:d4:0b:5d:47:a0:6c:0d:6a: 5b:17:e3:38:f2:37:5e:04:e1:85:74:35:78:6f:52: 40:79:98:1b:16:8c:dc:37:3a:af:2b:71:c7:e3:75: 1f:39:8e:bc:cf:05:ed:93:29:bb:bc:e3:84:f7:a0: 58:dd:1b:18:cc:4a:fa:91:3f:15:44:b4:ec:e2:56: e1:3c:8f:20:c9:da:e8:15:c5:1e:42:13:54:50:9c: 0a:60:87:e6:b4:22:66:ae:7d:6e:27:91:57:6c:d2: 65:dc:5c:c2:b3:37:07:e6:a6:cd:54:8b:0c:6c:fc: 59:9f:09:88:54:0a:56:9a:e8:0b:f0:88:a9:7b:70: d5:bc:d4:92:7e:5b:72:1f:26:3b:85:ca:8c:b4:03: c5:12:4e:9c:9c:fb:f8:b1:da:74:a7:a4:5b:86:04: 05:ac:29:78:49:56:e3:0f:09:47:6d:81:ef:c4:b9: cd:e3:ad:b0:7b:f0:de:81:fe:3a:8b:4d:7d:7a:25: 55:7f:3e:1c:0b:57:ad:48:81:e7:61:0f:3d:1a:7b: e9:c2:b3:e5:fa:62:2b:01:a8:2d:95:03:63:1f:ed: b7:90:f6:02:a2:2e:c0:e0:ea:a0:d7:ef:ec:c1:59: ac:f9:68:6e:9b:08:e8:c9:34:48:44:58:97:98:ec: ad:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B2:AE:A6:D4:53:97:2B:9D:A8:EA:E4:F1:3A:A7:BA:1E:6D:52:38:E6 X509v3 Authority Key Identifier: keyid:21:DF:24:5E:AD:99:80:D2:B3:95:33:78:2F:65:D7:56:6D:04:62:D1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Id8kXq2ZgNKzlTN4L2XXVm0EYtE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/df7d6a-4592-400b-ade4-0ec5235d4e9f/1/sq6m1FOXK52o6uTxOqe6Hm1SOOY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/61/df7d6a-4592-400b-ade4-0ec5235d4e9f/1/Id8kXq2ZgNKzlTN4L2XXVm0EYtE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.188.30.0/24 185.218.192.0/22 193.163.5.0/24 IPv6: 2a0b:a700::/29 2a0b:dbc0::/29 2a10:f2c0::/29 Signature Algorithm: sha256WithRSAEncryption 88:1d:07:c5:a4:7c:a9:00:f5:69:57:b9:ca:20:8b:54:15:a9: 0a:c5:93:75:23:52:28:c7:63:af:34:93:95:05:30:ae:79:8c: 4e:5d:23:38:3a:ef:7c:06:bc:00:8a:8e:78:05:6d:d2:8e:89: ed:2d:e9:6c:2d:b0:80:bf:92:94:b6:7e:77:b4:53:a0:fe:81: a0:40:fe:9e:87:c7:ee:6f:7b:1b:88:4c:2a:0e:88:a1:0d:ae: e1:e6:29:49:61:85:cb:40:69:c6:c9:23:5d:1b:70:5d:e2:00: b4:e8:b9:2c:5a:dd:2f:66:1e:95:f7:d5:0a:34:cd:1a:49:0f: f2:66:eb:73:57:39:2d:41:f7:48:46:1d:31:a0:4d:46:1e:2a: 40:63:f1:05:08:24:39:7e:b9:47:d9:89:ed:41:0b:4e:10:c0: 43:44:de:81:6e:b8:31:ba:db:ba:7d:ef:bb:08:9b:b5:90:23: 3b:b0:ea:2c:84:10:2a:5f:84:6b:28:d8:fb:e9:4d:8a:5e:1d: a5:bb:87:98:9f:bc:6a:a3:34:34:bb:29:a8:08:9a:c7:f6:93: 85:59:9d:82:2b:fb:bc:74:7d:00:43:d1:1e:9e:c8:5c:35:e7: b9:b9:d5:52:d1:c2:a0:ce:34:9f:1f:3d:c1:85:c9:2c:3f:c4: 1b:b3:ce:a6 -----BEGIN CERTIFICATE----- MIIFJjCCBA6gAwIBAgISAZuNyUm6Yii3HPEkfJkzFADvMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIxZGYyNDVlYWQ5OTgwZDJiMzk1MzM3ODJmNjVkNzU2NmQw NDYyZDEwHhcNMjYwMTA1MTA1MjE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiMmFlYTZkNDUzOTcyYjlkYThlYWU0ZjEzYWE3YmExZTZkNTIzOGU2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAstvZ1WZs1AtdR6BsDWpbF+M48jde BOGFdDV4b1JAeZgbFozcNzqvK3HH43UfOY68zwXtkym7vOOE96BY3RsYzEr6kT8V RLTs4lbhPI8gydroFcUeQhNUUJwKYIfmtCJmrn1uJ5FXbNJl3FzCszcH5qbNVIsM bPxZnwmIVApWmugL8Iipe3DVvNSSfltyHyY7hcqMtAPFEk6cnPv4sdp0p6RbhgQF rCl4SVbjDwlHbYHvxLnN462we/Degf46i019eiVVfz4cC1etSIHnYQ89GnvpwrPl +mIrAagtlQNjH+23kPYCoi7A4Oqg1+/swVms+WhumwjoyTRIRFiXmOytbwIDAQAB o4ICMjCCAi4wHQYDVR0OBBYEFLKuptRTlyudqOrk8Tqnuh5tUjjmMB8GA1UdIwQY MBaAFCHfJF6tmYDSs5UzeC9l11ZtBGLRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSWQ4a1hxMlpnTkt6bFRONEwyWFhWbTBFWXRFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS9kZjdkNmEtNDU5Mi00MDBiLWFkZTQt MGVjNTIzNWQ0ZTlmLzEvc3E2bTFGT1hLNTJvNnVUeE9xZTZIbTFTT09ZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82MS9kZjdkNmEtNDU5Mi00MDBiLWFkZTQtMGVjNTIzNWQ0ZTlm LzEvSWQ4a1hxMlpnTkt6bFRONEwyWFhWbTBFWXRFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAYBAIAATASAwQAubweAwQC udrAAwQAwaMFMBsEAgACMBUDBQMqC6cAAwUDKgvbwAMFAyoQ8sAwDQYJKoZIhvcN AQELBQADggEBAIgdB8WkfKkA9WlXucogi1QVqQrFk3UjUijHY680k5UFMK55jE5d Izg673wGvACKjngFbdKOie0t6WwtsIC/kpS2fne0U6D+gaBA/p6Hx+5vexuITCoO iKENruHmKUlhhctAacbJI10bcF3iALTouSxa3S9mHpX31Qo0zRpJD/Jm63NXOS1B 90hGHTGgTUYeKkBj8QUIJDl+uUfZie1BC04QwENE3oFuuDG627p977sIm7WQIzuw 6iyEECpfhGso2PvpTYpeHaW7h5ifvGqjNDS7KagImsf2k4VZnYIr+7x0fQBD0R6e yFw157m51VLRwqDONJ8fPcGFySw/xBuzzqY= -----END CERTIFICATE-----Generated at Sun Jan 25 10:20:04 2026 by rpki-client