This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/411696-93be-46ba-8e91-5c017bd43663/1/QctoD9ranLBEP2UiaUJlWbkv5bc.roa File: QctoD9ranLBEP2UiaUJlWbkv5bc.roa (raw, json) Hash identifier: x+yFAg7UwJjgCBv8Ws9qAi3y7N30iaQWEU6rOz2fDDg= Subject key identifier: 41:CB:68:0F:DA:DA:9C:B0:44:3F:65:22:69:42:65:59:B9:2F:E5:B7 Certificate issuer: /CN=d833bfa014b9192f2700acaf6f279dbef8a0aff2 Certificate serial: 019B7B36F6164E9D4358E1E9FDA76BE75109 Authority key identifier: D8:33:BF:A0:14:B9:19:2F:27:00:AC:AF:6F:27:9D:BE:F8:A0:AF:F2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2DO_oBS5GS8nAKyvbyedvvigr_I.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/411696-93be-46ba-8e91-5c017bd43663/1/QctoD9ranLBEP2UiaUJlWbkv5bc.roa Signing time: Thu 01 Jan 2026 20:19:17 +0000 ROA not before: Thu 01 Jan 2026 20:19:17 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 8943 IP address blocks: 185.73.44.0/22 maxlen: 22 194.33.11.0/24 maxlen: 24 194.153.169.0/24 maxlen: 24 212.13.192.0/19 maxlen: 19 2001:ba8::/32 maxlen: 32 2001:baa::/32 maxlen: 32 2001:baf::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6f/411696-93be-46ba-8e91-5c017bd43663/1/2DO_oBS5GS8nAKyvbyedvvigr_I.crl rsync://rpki.ripe.net/repository/DEFAULT/6f/411696-93be-46ba-8e91-5c017bd43663/1/2DO_oBS5GS8nAKyvbyedvvigr_I.mft rsync://rpki.ripe.net/repository/DEFAULT/2DO_oBS5GS8nAKyvbyedvvigr_I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:36:f6:16:4e:9d:43:58:e1:e9:fd:a7:6b:e7:51:09 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d833bfa014b9192f2700acaf6f279dbef8a0aff2 Validity Not Before: Jan 1 20:19:17 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=41cb680fdada9cb0443f652269426559b92fe5b7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:db:01:34:d4:5f:b9:66:3b:6f:31:28:6e:5a: 1e:1a:41:d0:f1:a3:24:e0:a8:b3:2a:ae:3c:37:76: 65:8f:87:6a:d0:77:ef:ba:3e:99:dd:43:cb:81:5d: 55:6d:0e:ad:70:29:bb:b6:7b:ff:c7:07:a0:49:76: 38:22:27:be:6f:91:02:9a:87:f5:59:a7:c0:11:f0: da:3c:6e:31:4f:3e:8d:ca:6b:c8:aa:19:e2:41:54: c3:65:f4:d3:8d:91:1c:85:0f:b4:28:79:f2:71:8d: 21:a3:25:6b:e0:02:84:7f:0f:bd:0c:ba:d7:86:b1: 5b:af:14:6f:56:1f:5f:fa:57:67:0a:5b:dc:13:80: 0e:d0:02:20:b2:c2:b1:49:42:74:d1:00:86:9d:bb: 00:53:a9:0a:78:41:0b:0d:13:a9:36:95:7b:1d:55: 40:d0:2b:37:fc:2f:4c:10:fb:92:f3:ca:b6:f0:06: 48:3f:59:e8:b6:f9:e5:ec:c1:f2:5f:01:35:8d:ab: 06:e3:15:32:dc:3a:d6:56:c2:fb:0a:7c:a4:b1:96: 8f:66:b3:16:d8:5a:51:df:05:4e:46:c6:7e:61:69: 11:9f:ab:7a:d0:6a:63:ed:82:36:1f:f6:56:ed:73: ca:e4:b2:8a:d7:a8:1d:3a:7c:e3:98:07:87:20:76: 91:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 41:CB:68:0F:DA:DA:9C:B0:44:3F:65:22:69:42:65:59:B9:2F:E5:B7 X509v3 Authority Key Identifier: keyid:D8:33:BF:A0:14:B9:19:2F:27:00:AC:AF:6F:27:9D:BE:F8:A0:AF:F2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2DO_oBS5GS8nAKyvbyedvvigr_I.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/411696-93be-46ba-8e91-5c017bd43663/1/QctoD9ranLBEP2UiaUJlWbkv5bc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/411696-93be-46ba-8e91-5c017bd43663/1/2DO_oBS5GS8nAKyvbyedvvigr_I.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.73.44.0/22 194.33.11.0/24 194.153.169.0/24 212.13.192.0/19 IPv6: 2001:ba8::/32 2001:baa::/32 2001:baf::/32 Signature Algorithm: sha256WithRSAEncryption 8b:3e:d4:98:26:62:a5:1f:c7:d9:f0:9c:a7:33:4b:ba:82:9d: 50:a2:76:5c:25:2b:8f:9b:54:20:da:17:6a:60:ba:48:6e:4d: 8a:51:eb:92:e3:65:6f:de:ba:f3:59:55:34:09:93:37:b8:4f: 85:95:df:e0:a7:57:23:9a:7e:38:ab:b4:94:9c:95:56:0f:78: 16:23:2b:88:e0:6a:2d:bf:51:68:19:42:07:92:11:7b:de:4e: 2e:d0:6c:6a:03:8e:2e:28:36:fa:33:44:1c:c8:b9:5a:b7:25: 34:57:d1:af:f7:9c:85:1c:45:dd:17:ee:1a:54:23:ef:cb:b7: 00:f5:15:b3:c4:35:62:94:c4:3e:7a:3f:e9:4c:21:7b:43:3b: 86:f1:22:aa:e4:0d:81:cd:06:8a:fc:d9:d8:28:bd:31:b9:12: 46:3e:ca:63:0b:05:90:8e:db:91:1f:9c:46:c6:ee:c6:26:3e: be:19:ff:28:e4:f1:af:32:15:44:40:49:f2:4e:f7:e8:ee:17: 11:b0:f9:b9:1d:10:88:43:11:24:3b:d5:bd:1e:d3:e5:1a:34: c8:cd:02:d3:0f:b0:f7:af:89:fd:cd:20:1b:a1:3a:20:5c:c8: be:0a:37:21:5b:1b:d0:ca:97:e8:10:8a:da:2c:54:d8:86:76: 7e:8e:d1:bf -----BEGIN CERTIFICATE----- MIIFLDCCBBSgAwIBAgISAZt7NvYWTp1DWOHp/adr51EJMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ4MzNiZmEwMTRiOTE5MmYyNzAwYWNhZjZmMjc5ZGJlZjhh MGFmZjIwHhcNMjYwMTAxMjAxOTE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0MWNiNjgwZmRhZGE5Y2IwNDQzZjY1MjI2OTQyNjU1OWI5MmZlNWI3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2NsBNNRfuWY7bzEobloeGkHQ8aMk 4KizKq48N3Zlj4dq0Hfvuj6Z3UPLgV1VbQ6tcCm7tnv/xwegSXY4Iie+b5ECmof1 WafAEfDaPG4xTz6NymvIqhniQVTDZfTTjZEchQ+0KHnycY0hoyVr4AKEfw+9DLrX hrFbrxRvVh9f+ldnClvcE4AO0AIgssKxSUJ00QCGnbsAU6kKeEELDROpNpV7HVVA 0Cs3/C9MEPuS88q28AZIP1notvnl7MHyXwE1jasG4xUy3DrWVsL7CnyksZaPZrMW 2FpR3wVORsZ+YWkRn6t60Gpj7YI2H/ZW7XPK5LKK16gdOnzjmAeHIHaRHQIDAQAB o4ICODCCAjQwHQYDVR0OBBYEFEHLaA/a2pywRD9lImlCZVm5L+W3MB8GA1UdIwQY MBaAFNgzv6AUuRkvJwCsr28nnb74oK/yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMkRPX29CUzVHUzhuQUt5dmJ5ZWR2dmlncl9JLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi80MTE2OTYtOTNiZS00NmJhLThlOTEt NWMwMTdiZDQzNjYzLzEvUWN0b0Q5cmFuTEJFUDJVaWFVSmxXYmt2NWJjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Zi80MTE2OTYtOTNiZS00NmJhLThlOTEtNWMwMTdiZDQzNjYz LzEvMkRPX29CUzVHUzhuQUt5dmJ5ZWR2dmlncl9JLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAeBAIAATAYAwQCuUksAwQA wiELAwQAwpmpAwQF1A3AMBsEAgACMBUDBQAgAQuoAwUAIAELqgMFACABC68wDQYJ KoZIhvcNAQELBQADggEBAIs+1JgmYqUfx9nwnKczS7qCnVCidlwlK4+bVCDaF2pg ukhuTYpR65LjZW/euvNZVTQJkze4T4WV3+CnVyOafjirtJSclVYPeBYjK4jgai2/ UWgZQgeSEXveTi7QbGoDji4oNvozRBzIuVq3JTRX0a/3nIUcRd0X7hpUI+/LtwD1 FbPENWKUxD56P+lMIXtDO4bxIqrkDYHNBor82dgovTG5EkY+ymMLBZCO25EfnEbG 7sYmPr4Z/yjk8a8yFURASfJO9+juFxGw+bkdEIhDESQ71b0e0+UaNMjNAtMPsPev if3NIBuhOiBcyL4KNyFbG9DKl+gQitosVNiGdn6O0b8= -----END CERTIFICATE-----Generated at Sun Jan 25 22:51:07 2026 by rpki-client