This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/0bd4d3-d46c-483f-956e-ea7ae72bd32d/1/Q19n_Odq8OLPbbKb7YsfCyN0tDE.roa File: Q19n_Odq8OLPbbKb7YsfCyN0tDE.roa (raw, json) Hash identifier: Gs4XriuYX+dQoQwaB99+U61vIT5aHV9N7U3+i1qD1ak= Subject key identifier: 43:5F:67:FC:E7:6A:F0:E2:CF:6D:B2:9B:ED:8B:1F:0B:23:74:B4:31 Certificate issuer: /CN=9338840926ac73ead5b6187919e88f10032299ca Certificate serial: 019ACA85F6AFF25BAF3990F2A552AD913BE0 Authority key identifier: 93:38:84:09:26:AC:73:EA:D5:B6:18:79:19:E8:8F:10:03:22:99:CA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kziECSasc-rVthh5GeiPEAMimco.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/0bd4d3-d46c-483f-956e-ea7ae72bd32d/1/Q19n_Odq8OLPbbKb7YsfCyN0tDE.roa Signing time: Fri 28 Nov 2025 12:52:48 +0000 ROA not before: Fri 28 Nov 2025 12:52:48 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 34696 IP address blocks: 81.172.101.0/24 maxlen: 24 2a0d:340::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/79/0bd4d3-d46c-483f-956e-ea7ae72bd32d/1/kziECSasc-rVthh5GeiPEAMimco.crl rsync://rpki.ripe.net/repository/DEFAULT/79/0bd4d3-d46c-483f-956e-ea7ae72bd32d/1/kziECSasc-rVthh5GeiPEAMimco.mft rsync://rpki.ripe.net/repository/DEFAULT/kziECSasc-rVthh5GeiPEAMimco.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 08:00:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:ca:85:f6:af:f2:5b:af:39:90:f2:a5:52:ad:91:3b:e0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9338840926ac73ead5b6187919e88f10032299ca Validity Not Before: Nov 28 12:52:48 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=435f67fce76af0e2cf6db29bed8b1f0b2374b431 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:ed:9b:7f:63:7a:b2:b8:d1:85:b7:19:bb:29: 02:20:95:75:1d:d2:05:e3:8a:c4:fe:e4:63:00:32: 83:3d:57:31:1d:13:38:cb:3f:34:55:cf:f7:d3:df: b6:d2:cf:2f:68:aa:ef:ef:dc:50:6b:94:15:07:0a: 50:03:52:6c:1e:c3:77:53:51:26:b8:01:00:b7:6d: 55:16:95:01:b0:89:20:6a:f8:4c:85:f2:2e:46:97: e3:d3:ad:75:04:29:2f:55:ae:f7:cc:ae:8f:bc:b8: e4:8c:33:ed:96:4a:e3:0d:a2:06:73:ac:57:0d:8c: c0:eb:50:c8:36:1d:6b:32:03:66:11:f3:ff:9a:89: 6d:01:15:ad:c8:f5:36:2c:b0:cf:30:ff:e4:72:c7: a5:71:0b:b9:ea:36:48:a1:38:69:0a:15:15:63:72: 31:d8:1b:b8:10:7f:89:63:38:ef:e5:87:1e:a5:0a: 91:a4:6d:cd:a0:2e:91:ca:00:c7:27:3e:e1:77:4d: f7:d7:22:44:b9:74:e6:56:ca:cc:57:79:2e:ec:61: 4c:29:c6:0a:32:50:d0:c3:e7:63:54:fa:46:07:3b: b1:f0:a4:b7:d9:9f:bb:35:a6:b7:55:e2:e7:73:b8: cf:2e:f9:09:d8:74:89:83:2c:7e:f0:51:1b:03:09: 4d:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 43:5F:67:FC:E7:6A:F0:E2:CF:6D:B2:9B:ED:8B:1F:0B:23:74:B4:31 X509v3 Authority Key Identifier: keyid:93:38:84:09:26:AC:73:EA:D5:B6:18:79:19:E8:8F:10:03:22:99:CA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kziECSasc-rVthh5GeiPEAMimco.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/0bd4d3-d46c-483f-956e-ea7ae72bd32d/1/Q19n_Odq8OLPbbKb7YsfCyN0tDE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/79/0bd4d3-d46c-483f-956e-ea7ae72bd32d/1/kziECSasc-rVthh5GeiPEAMimco.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 81.172.101.0/24 IPv6: 2a0d:340::/32 Signature Algorithm: sha256WithRSAEncryption 84:cf:2b:06:86:a5:eb:d7:e1:b8:22:c6:e4:01:c5:8d:55:51: bb:fb:9b:63:9e:6b:34:b5:bf:be:c1:38:f3:15:cd:a6:b7:b5: 90:89:43:fd:35:80:67:2d:70:38:24:5f:83:3b:ca:fe:54:b5: 32:77:e5:18:83:21:61:eb:98:70:76:c6:c5:0a:55:25:46:e2: 62:c6:eb:0f:60:8d:42:d9:02:91:5c:f1:ad:4b:e8:2e:98:bb: 36:99:33:be:90:89:83:1a:57:9b:cd:38:7e:34:a8:45:52:07: 16:fe:3b:b6:46:00:46:af:08:fa:ac:37:66:fa:38:b1:32:3b: 03:da:a1:82:dc:90:69:21:aa:64:b9:59:b7:7e:03:d3:7d:b4: 78:b9:52:71:64:20:e9:21:d0:c4:86:2a:44:c0:f6:d6:6e:e3: 4a:b3:6c:fe:54:4f:d8:1d:ca:52:dd:88:90:ea:06:aa:63:30: 3f:b5:1a:a3:5b:4f:43:c6:78:cf:4f:6e:d3:09:7c:44:54:48: 5b:5b:9e:da:56:1e:e9:85:8c:35:06:d6:93:39:23:0c:59:73: 46:61:eb:5e:d1:96:b7:51:8c:e1:1d:13:f0:d7:41:f0:8f:e3: ef:e5:76:cf:f5:38:73:de:12:cd:a1:7f:c6:9e:5f:59:34:b9: 8f:14:10:68 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZrKhfav8luvOZDypVKtkTvgMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkzMzg4NDA5MjZhYzczZWFkNWI2MTg3OTE5ZTg4ZjEwMDMy Mjk5Y2EwHhcNMjUxMTI4MTI1MjQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0MzVmNjdmY2U3NmFmMGUyY2Y2ZGIyOWJlZDhiMWYwYjIzNzRiNDMxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0+2bf2N6srjRhbcZuykCIJV1HdIF 44rE/uRjADKDPVcxHRM4yz80Vc/309+20s8vaKrv79xQa5QVBwpQA1JsHsN3U1Em uAEAt21VFpUBsIkgavhMhfIuRpfj0611BCkvVa73zK6PvLjkjDPtlkrjDaIGc6xX DYzA61DINh1rMgNmEfP/moltARWtyPU2LLDPMP/kcselcQu56jZIoThpChUVY3Ix 2Bu4EH+JYzjv5YcepQqRpG3NoC6RygDHJz7hd0331yJEuXTmVsrMV3ku7GFMKcYK MlDQw+djVPpGBzux8KS32Z+7Naa3VeLnc7jPLvkJ2HSJgyx+8FEbAwlNlQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFENfZ/znavDiz22ym+2LHwsjdLQxMB8GA1UdIwQY MBaAFJM4hAkmrHPq1bYYeRnojxADIpnKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva3ppRUNTYXNjLXJWdGhoNUdlaVBFQU1pbWNvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS8wYmQ0ZDMtZDQ2Yy00ODNmLTk1NmUt ZWE3YWU3MmJkMzJkLzEvUTE5bl9PZHE4T0xQYmJLYjdZc2ZDeU4wdERFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83OS8wYmQ0ZDMtZDQ2Yy00ODNmLTk1NmUtZWE3YWU3MmJkMzJk LzEva3ppRUNTYXNjLXJWdGhoNUdlaVBFQU1pbWNvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAUaxlMA0E AgACMAcDBQAqDQNAMA0GCSqGSIb3DQEBCwUAA4IBAQCEzysGhqXr1+G4IsbkAcWN VVG7+5tjnms0tb++wTjzFc2mt7WQiUP9NYBnLXA4JF+DO8r+VLUyd+UYgyFh65hw dsbFClUlRuJixusPYI1C2QKRXPGtS+gumLs2mTO+kImDGlebzTh+NKhFUgcW/ju2 RgBGrwj6rDdm+jixMjsD2qGC3JBpIapkuVm3fgPTfbR4uVJxZCDpIdDEhipEwPbW buNKs2z+VE/YHcpS3YiQ6gaqYzA/tRqjW09DxnjPT27TCXxEVEhbW57aVh7phYw1 BtaTOSMMWXNGYete0Za3UYzhHRPw10Hwj+Pv5XbP9Thz3hLNoX/Gnl9ZNLmPFBBo -----END CERTIFICATE-----Generated at Sat Dec 6 15:38:53 2025 by rpki-client