This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/qyH9g-LtOlBJfOk80eGKnj3N41E.roa File: qyH9g-LtOlBJfOk80eGKnj3N41E.roa (raw, json) Hash identifier: 4jO8fPN4WWnMFLE9nZa5b1kXgsTUYov/Hm9BiJbPmcA= Subject key identifier: AB:21:FD:83:E2:ED:3A:50:49:7C:E9:3C:D1:E1:8A:9E:3D:CD:E3:51 Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478 Certificate serial: 019B76EB01395F2DC01CC2D3528D4FEFD034 Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/qyH9g-LtOlBJfOk80eGKnj3N41E.roa Signing time: Thu 01 Jan 2026 00:17:51 +0000 ROA not before: Thu 01 Jan 2026 00:17:51 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 213136 IP address blocks: 185.217.109.0/24 maxlen: 24 185.218.4.0/23 maxlen: 23 185.218.4.0/24 maxlen: 24 185.218.5.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.mft rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:76:eb:01:39:5f:2d:c0:1c:c2:d3:52:8d:4f:ef:d0:34 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478 Validity Not Before: Jan 1 00:17:51 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=ab21fd83e2ed3a50497ce93cd1e18a9e3dcde351 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:6b:07:61:24:7d:c6:e3:df:82:46:2c:20:3e: 88:2b:85:69:1c:b1:a2:c8:e4:63:0b:ca:71:55:67: 2d:92:fc:69:b5:05:21:b2:dd:19:c8:bc:13:49:42: 07:e0:fe:b0:29:7b:b6:0c:f1:45:93:29:96:c0:26: 41:01:dc:d0:d0:a2:6f:33:30:c2:a1:ae:54:28:c5: 04:49:78:ea:6c:a5:44:ef:59:9e:d4:c0:25:c2:51: ec:4c:20:1a:a2:f1:d5:bf:79:26:17:64:b1:75:b7: 84:71:01:e8:b2:fe:d7:e4:e0:bd:19:e6:62:b2:5c: c9:73:7c:8f:c3:c1:8c:be:7d:00:90:31:27:a4:30: 7b:ce:53:b3:76:10:c1:6c:70:94:05:31:fa:07:8e: 38:c8:7b:18:4b:d1:ed:0d:7b:73:ef:03:7c:be:e6: 26:ae:6b:0f:c1:91:b5:df:d6:44:6a:4e:eb:6d:e1: 16:90:0b:27:9d:40:b0:ec:2e:f3:79:f0:26:09:b5: e0:96:59:47:94:47:33:9a:5d:7e:ea:b3:5a:e7:f9: 27:0c:9b:74:9e:d0:35:da:6f:15:8b:2b:53:b8:e3: 66:e4:84:70:83:bc:0b:a7:6e:20:0d:ad:20:ba:11: bb:4e:ab:f1:1c:e3:18:59:77:99:1b:dd:fd:84:05: 88:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AB:21:FD:83:E2:ED:3A:50:49:7C:E9:3C:D1:E1:8A:9E:3D:CD:E3:51 X509v3 Authority Key Identifier: keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/qyH9g-LtOlBJfOk80eGKnj3N41E.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.217.109.0/24 185.218.4.0/23 Signature Algorithm: sha256WithRSAEncryption 5d:0a:ae:42:ad:80:e9:e9:0a:72:05:0e:bf:87:46:28:3d:a6: 7b:7c:fd:8b:43:73:7e:a9:db:a4:d5:dd:56:f5:92:56:1c:78: 6d:45:10:3d:01:44:20:d0:09:59:8e:3d:62:e1:de:8f:69:3e: c9:0e:fb:90:62:75:c7:55:e9:8f:62:50:15:5a:10:89:42:39: cf:f0:dc:37:68:e4:57:73:67:40:66:29:1e:a2:4d:11:93:4b: cf:b4:77:bf:75:bf:05:c9:15:de:81:88:08:c7:22:08:e3:69: 70:f2:d5:f0:bf:9f:1b:f7:df:ad:ee:95:e0:1b:54:d7:81:a4: 3e:d5:a5:d6:2c:23:c8:83:0c:1f:29:31:4b:37:4c:21:f8:05: 84:97:a3:c5:1b:eb:02:14:19:6e:e8:b5:3d:80:88:3e:da:e0: 2a:e6:98:bf:2c:5c:fc:db:3f:99:2a:fd:04:b5:94:ed:3b:44: 8a:f3:b8:27:60:3d:41:7f:9c:f1:14:4a:b0:be:08:6d:cd:3a: d6:49:9c:bc:25:e6:50:61:2c:6f:66:6c:54:b3:dc:72:28:bd: f0:88:06:e6:fa:97:89:5b:a2:7a:28:c1:09:0e:fb:1d:74:c9: 8e:c2:95:f2:65:0c:93:fc:6f:ef:81:35:4a:32:e1:b5:60:66: d8:0c:88:b1 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt26wE5Xy3AHMLTUo1P79A0MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2 NWE0NzgwHhcNMjYwMTAxMDAxNzUxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhYjIxZmQ4M2UyZWQzYTUwNDk3Y2U5M2NkMWUxOGE5ZTNkY2RlMzUxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwGsHYSR9xuPfgkYsID6IK4VpHLGi yORjC8pxVWctkvxptQUhst0ZyLwTSUIH4P6wKXu2DPFFkymWwCZBAdzQ0KJvMzDC oa5UKMUESXjqbKVE71me1MAlwlHsTCAaovHVv3kmF2SxdbeEcQHosv7X5OC9GeZi slzJc3yPw8GMvn0AkDEnpDB7zlOzdhDBbHCUBTH6B444yHsYS9HtDXtz7wN8vuYm rmsPwZG139ZEak7rbeEWkAsnnUCw7C7zefAmCbXglllHlEczml1+6rNa5/knDJt0 ntA12m8ViytTuONm5IRwg7wLp24gDa0guhG7TqvxHOMYWXeZG939hAWIzQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFKsh/YPi7TpQSXzpPNHhip49zeNRMB8GA1UdIwQY MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt ZmUwNjU5MTc2YTU2LzEvcXlIOWctTHRPbEJKZk9rODBlR0tuajNONDFFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2 LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAudltAwQB udoEMA0GCSqGSIb3DQEBCwUAA4IBAQBdCq5CrYDp6QpyBQ6/h0YoPaZ7fP2LQ3N+ qduk1d1W9ZJWHHhtRRA9AUQg0AlZjj1i4d6PaT7JDvuQYnXHVemPYlAVWhCJQjnP 8Nw3aORXc2dAZikeok0Rk0vPtHe/db8FyRXegYgIxyII42lw8tXwv58b99+t7pXg G1TXgaQ+1aXWLCPIgwwfKTFLN0wh+AWEl6PFG+sCFBlu6LU9gIg+2uAq5pi/LFz8 2z+ZKv0EtZTtO0SK87gnYD1Bf5zxFEqwvghtzTrWSZy8JeZQYSxvZmxUs9xyKL3w iAbm+peJW6J6KMEJDvsddMmOwpXyZQyT/G/vgTVKMuG1YGbYDIix -----END CERTIFICATE-----Generated at Sun Jan 25 12:03:22 2026 by rpki-client