This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/D7_QPk2qAFTVuCWwAG0izANeaRc.roa File: D7_QPk2qAFTVuCWwAG0izANeaRc.roa (raw, json) Hash identifier: n5F0AgHZRQ1JYqQ0higj9UJBRqSdojfEHkwWOchuMIU= Subject key identifier: 0F:BF:D0:3E:4D:AA:00:54:D5:B8:25:B0:00:6D:22:CC:03:5E:69:17 Certificate issuer: /CN=29a9964e0cd35fb36757e5653ffa7626ac5deee8 Certificate serial: 019B7F84FC39568D96553C644EC55F58591B Authority key identifier: 29:A9:96:4E:0C:D3:5F:B3:67:57:E5:65:3F:FA:76:26:AC:5D:EE:E8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KamWTgzTX7NnV-VlP_p2Jqxd7ug.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/D7_QPk2qAFTVuCWwAG0izANeaRc.roa Signing time: Fri 02 Jan 2026 16:23:00 +0000 ROA not before: Fri 02 Jan 2026 16:23:00 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 39826 IP address blocks: 94.250.32.0/23 maxlen: 23 94.250.33.0/24 maxlen: 24 94.250.34.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/KamWTgzTX7NnV-VlP_p2Jqxd7ug.crl rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/KamWTgzTX7NnV-VlP_p2Jqxd7ug.mft rsync://rpki.ripe.net/repository/DEFAULT/KamWTgzTX7NnV-VlP_p2Jqxd7ug.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 16:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:84:fc:39:56:8d:96:55:3c:64:4e:c5:5f:58:59:1b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=29a9964e0cd35fb36757e5653ffa7626ac5deee8 Validity Not Before: Jan 2 16:23:00 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=0fbfd03e4daa0054d5b825b0006d22cc035e6917 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:b4:e2:a9:f3:81:40:10:7a:8a:7a:69:4e:c0: f7:02:a2:de:7a:f2:06:f0:b0:5f:96:ca:be:4a:da: d2:ff:da:5f:5e:88:61:2c:f7:ec:06:8e:e5:f5:cc: 7e:43:f4:7e:81:3e:fc:7d:5d:f8:b4:22:28:32:54: 3f:3b:50:de:0d:47:7e:26:f9:bd:ed:31:5f:85:c0: a5:08:83:ea:82:3b:93:cf:69:50:b4:2a:c1:95:76: 45:6a:a7:fb:29:4f:7a:8e:9e:61:0c:b5:9d:af:0b: 58:fd:55:f4:e9:48:3b:58:db:55:f8:3a:09:53:95: a1:d9:72:1a:fe:b3:c9:ea:be:43:34:34:0b:db:d1: 07:8f:59:09:64:83:7f:17:22:ed:66:cf:91:9b:79: 6d:74:46:a8:da:9e:3f:d0:c9:b5:9d:b1:6a:b0:e2: bb:f2:4f:a3:f7:2c:12:24:7c:93:e1:65:5d:96:84: c3:14:1f:93:85:db:0b:ec:1c:be:d4:a8:41:62:20: 8d:23:a2:04:9b:38:db:f9:e1:39:92:8c:e3:94:fb: 40:ff:51:61:40:46:f4:f3:b6:a6:eb:35:dd:49:44: 93:4f:87:3b:3b:7c:04:b1:6d:6e:5b:0b:8c:39:d3: 1c:3d:f1:3d:c8:87:5c:f9:1f:6f:72:0b:80:23:81: a0:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0F:BF:D0:3E:4D:AA:00:54:D5:B8:25:B0:00:6D:22:CC:03:5E:69:17 X509v3 Authority Key Identifier: keyid:29:A9:96:4E:0C:D3:5F:B3:67:57:E5:65:3F:FA:76:26:AC:5D:EE:E8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KamWTgzTX7NnV-VlP_p2Jqxd7ug.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/D7_QPk2qAFTVuCWwAG0izANeaRc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/KamWTgzTX7NnV-VlP_p2Jqxd7ug.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 94.250.32.0/22 Signature Algorithm: sha256WithRSAEncryption 4c:aa:b5:49:6a:59:63:d9:b7:0d:af:46:b1:2f:bf:df:8e:ab: df:ca:d9:1b:da:e8:f8:e0:5a:87:5e:1a:b8:f2:59:fa:eb:ad: b5:fc:8a:e3:54:89:ae:57:f6:24:22:bd:8e:ab:40:ba:cb:0e: a8:08:20:e8:70:e3:58:ff:41:63:32:1d:41:f4:47:10:42:35: 57:20:5c:82:74:c7:4d:29:49:a5:c8:94:97:7f:b2:8e:07:85: b2:e3:f9:4c:0b:44:76:da:d9:9a:cb:dd:0a:67:bf:c0:cf:f0: 41:49:19:af:b8:2e:5c:8f:3b:d4:f4:e5:07:60:94:79:96:ee: cf:d9:56:33:ab:c3:49:9d:e6:16:03:49:b6:f2:3d:a1:f8:be: 5d:26:59:6a:9a:9b:cf:62:a2:fe:1f:22:fb:7c:e5:ea:38:c5: d2:3a:99:d8:8e:6f:c4:33:40:f8:a2:6d:88:19:b1:50:ef:c0: 51:2b:8b:3b:fd:7c:71:32:48:01:21:7b:5f:e2:17:65:00:06: 87:fd:3e:fc:21:38:d9:6b:3a:86:09:32:c9:0a:c5:3f:ca:ef: 79:3c:43:20:80:47:1d:87:12:85:e1:cd:33:86:82:1b:1f:dc: 88:0e:f3:89:28:6d:cd:50:5f:bb:56:c6:22:c3:69:40:86:d6: 23:cd:e0:9a -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt/hPw5Vo2WVTxkTsVfWFkbMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI5YTk5NjRlMGNkMzVmYjM2NzU3ZTU2NTNmZmE3NjI2YWM1 ZGVlZTgwHhcNMjYwMTAyMTYyMzAwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwZmJmZDAzZTRkYWEwMDU0ZDViODI1YjAwMDZkMjJjYzAzNWU2OTE3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuLTiqfOBQBB6inppTsD3AqLeevIG 8LBflsq+StrS/9pfXohhLPfsBo7l9cx+Q/R+gT78fV34tCIoMlQ/O1DeDUd+Jvm9 7TFfhcClCIPqgjuTz2lQtCrBlXZFaqf7KU96jp5hDLWdrwtY/VX06Ug7WNtV+DoJ U5Wh2XIa/rPJ6r5DNDQL29EHj1kJZIN/FyLtZs+Rm3ltdEao2p4/0Mm1nbFqsOK7 8k+j9ywSJHyT4WVdloTDFB+ThdsL7By+1KhBYiCNI6IEmzjb+eE5kozjlPtA/1Fh QEb087am6zXdSUSTT4c7O3wEsW1uWwuMOdMcPfE9yIdc+R9vcguAI4GgdwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFA+/0D5NqgBU1bglsABtIswDXmkXMB8GA1UdIwQY MBaAFCmplk4M01+zZ1flZT/6diasXe7oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS2FtV1RnelRYN05uVi1WbFBfcDJKcXhkN3VnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy8yMTQwNjMtZjg4Zi00OTU4LWFlNTIt ZDliNTMzZjdmYmMzLzEvRDdfUVBrMnFBRlRWdUNXd0FHMGl6QU5lYVJjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Yy8yMTQwNjMtZjg4Zi00OTU4LWFlNTItZDliNTMzZjdmYmMz LzEvS2FtV1RnelRYN05uVi1WbFBfcDJKcXhkN3VnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCXvogMA0G CSqGSIb3DQEBCwUAA4IBAQBMqrVJallj2bcNr0axL7/fjqvfytkb2uj44FqHXhq4 8ln66621/IrjVImuV/YkIr2Oq0C6yw6oCCDocONY/0FjMh1B9EcQQjVXIFyCdMdN KUmlyJSXf7KOB4Wy4/lMC0R22tmay90KZ7/Az/BBSRmvuC5cjzvU9OUHYJR5lu7P 2VYzq8NJneYWA0m28j2h+L5dJllqmpvPYqL+HyL7fOXqOMXSOpnYjm/EM0D4om2I GbFQ78BRK4s7/XxxMkgBIXtf4hdlAAaH/T78ITjZazqGCTLJCsU/yu95PEMggEcd hxKF4c0zhoIbH9yIDvOJKG3NUF+7VsYiw2lAhtYjzeCa -----END CERTIFICATE-----Generated at Mon Jan 26 00:15:04 2026 by rpki-client