This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/e6a554-d974-4377-becc-cbf343deb7bc/1/QxJ6dEmDHiw3lmS5PxMFumYPnck.roa File: QxJ6dEmDHiw3lmS5PxMFumYPnck.roa (raw, json) Hash identifier: aqxNNZjWenyXEE3qtSl1nU9WOF/JQO83RlkjXS7clZY= Subject key identifier: 43:12:7A:74:49:83:1E:2C:37:96:64:B9:3F:13:05:BA:66:0F:9D:C9 Certificate issuer: /CN=ec5fdf6a51b98091e9ec7bdfaf483ec7743a5a25 Certificate serial: 019B7CEDC4BEF769ACD483034F160B3D9285 Authority key identifier: EC:5F:DF:6A:51:B9:80:91:E9:EC:7B:DF:AF:48:3E:C7:74:3A:5A:25 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7F_falG5gJHp7Hvfr0g-x3Q6WiU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/e6a554-d974-4377-becc-cbf343deb7bc/1/QxJ6dEmDHiw3lmS5PxMFumYPnck.roa Signing time: Fri 02 Jan 2026 04:18:35 +0000 ROA not before: Fri 02 Jan 2026 04:18:35 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 42000 IP address blocks: 185.216.220.0/22 maxlen: 22 2a0b:bdc0::/29 maxlen: 29 2a0b:bdc0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/82/e6a554-d974-4377-becc-cbf343deb7bc/1/7F_falG5gJHp7Hvfr0g-x3Q6WiU.crl rsync://rpki.ripe.net/repository/DEFAULT/82/e6a554-d974-4377-becc-cbf343deb7bc/1/7F_falG5gJHp7Hvfr0g-x3Q6WiU.mft rsync://rpki.ripe.net/repository/DEFAULT/7F_falG5gJHp7Hvfr0g-x3Q6WiU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 10:01:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:ed:c4:be:f7:69:ac:d4:83:03:4f:16:0b:3d:92:85 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ec5fdf6a51b98091e9ec7bdfaf483ec7743a5a25 Validity Not Before: Jan 2 04:18:35 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=43127a7449831e2c379664b93f1305ba660f9dc9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:85:55:57:66:09:08:6a:b2:3f:c7:ab:8b:3a:15: 56:71:d7:e7:7c:05:ec:8a:2a:06:e4:e8:19:3e:64: 44:e9:ce:3e:72:ce:b8:e7:92:1f:d0:a2:35:e3:21: e6:33:1a:aa:c4:38:c0:59:27:cb:3d:8b:53:4f:ca: 30:6e:62:c5:e5:fc:5b:e7:de:c7:04:e3:a3:b5:5d: ad:73:81:a8:f0:86:58:cd:a1:d2:98:66:33:af:f0: f2:1d:d2:e4:df:50:6c:6a:16:14:72:f7:d7:e8:b5: 30:f6:61:49:f7:38:7d:c8:aa:be:ca:fa:9e:41:9f: 83:78:8f:b5:6a:c8:85:e7:76:29:35:06:c3:c7:a4: 8b:d7:82:99:2e:a1:b4:ac:b9:45:dd:e1:94:ee:65: fc:91:db:4a:ab:40:17:9a:e0:2f:e2:c2:a1:70:92: 34:b1:f8:58:f4:7a:32:e1:7d:21:6d:7c:d3:73:18: cb:fa:47:30:1f:38:1f:0b:87:4f:32:c3:c0:a3:bb: 68:e7:80:76:97:94:48:43:75:8a:da:3b:05:36:26: a7:e6:8d:66:08:cd:6a:ec:43:cc:86:62:29:8c:ee: 44:64:d2:bf:f9:aa:b3:a1:91:2a:93:22:2d:34:86: f4:e2:8c:2d:ce:bd:0e:8a:b4:ff:0f:df:32:f6:dd: 32:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 43:12:7A:74:49:83:1E:2C:37:96:64:B9:3F:13:05:BA:66:0F:9D:C9 X509v3 Authority Key Identifier: keyid:EC:5F:DF:6A:51:B9:80:91:E9:EC:7B:DF:AF:48:3E:C7:74:3A:5A:25 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7F_falG5gJHp7Hvfr0g-x3Q6WiU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/e6a554-d974-4377-becc-cbf343deb7bc/1/QxJ6dEmDHiw3lmS5PxMFumYPnck.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/82/e6a554-d974-4377-becc-cbf343deb7bc/1/7F_falG5gJHp7Hvfr0g-x3Q6WiU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.216.220.0/22 IPv6: 2a0b:bdc0::/29 Signature Algorithm: sha256WithRSAEncryption 51:87:f7:5d:a1:17:6e:30:7f:d7:b9:07:c1:29:4a:ae:54:49: 02:45:58:c5:dd:87:24:44:4c:12:e8:b9:d5:b0:08:2a:b7:1c: b5:5d:da:fb:2b:dc:54:c2:27:89:0c:89:15:c7:40:f1:bc:87: 55:1a:31:97:11:dd:33:55:d6:94:fb:ab:01:db:b6:98:30:bf: 4d:22:0d:32:c5:dc:5b:b5:42:cc:2a:53:87:80:95:1a:f1:45: 74:33:e3:48:e6:59:4e:ee:bd:41:4f:16:54:f4:56:e6:74:d1: 78:69:dd:31:22:a0:1f:ab:82:be:60:ca:58:78:f6:8a:6b:8e: 5f:90:fb:ce:d6:09:aa:df:b6:87:ff:e7:c2:db:9e:5a:45:3e: 61:d1:d6:bb:ad:81:2b:ee:d0:7e:87:aa:58:e1:09:08:da:6b: 6a:97:6d:7a:de:1d:c5:89:92:82:84:81:08:19:35:56:e5:35: a4:36:a4:52:31:f7:3f:89:77:43:6c:03:e5:de:54:c7:ca:70: 8b:7a:e3:dc:99:e3:51:0e:da:7d:06:b9:45:0b:12:13:8e:2c: 54:2b:2c:5f:0c:8c:61:07:64:96:1d:56:e5:19:aa:09:e9:8a: e6:93:4f:f8:e1:ad:dd:91:9e:d7:e8:13:db:b4:5c:dc:e4:de: 13:ba:3d:5f -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt87cS+92ms1IMDTxYLPZKFMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGVjNWZkZjZhNTFiOTgwOTFlOWVjN2JkZmFmNDgzZWM3NzQz YTVhMjUwHhcNMjYwMTAyMDQxODM1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0MzEyN2E3NDQ5ODMxZTJjMzc5NjY0YjkzZjEzMDViYTY2MGY5ZGM5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhVVXZgkIarI/x6uLOhVWcdfnfAXs iioG5OgZPmRE6c4+cs6455If0KI14yHmMxqqxDjAWSfLPYtTT8owbmLF5fxb597H BOOjtV2tc4Go8IZYzaHSmGYzr/DyHdLk31BsahYUcvfX6LUw9mFJ9zh9yKq+yvqe QZ+DeI+1asiF53YpNQbDx6SL14KZLqG0rLlF3eGU7mX8kdtKq0AXmuAv4sKhcJI0 sfhY9Hoy4X0hbXzTcxjL+kcwHzgfC4dPMsPAo7to54B2l5RIQ3WK2jsFNian5o1m CM1q7EPMhmIpjO5EZNK/+aqzoZEqkyItNIb04owtzr0OirT/D98y9t0yTwIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFEMSenRJgx4sN5ZkuT8TBbpmD53JMB8GA1UdIwQY MBaAFOxf32pRuYCR6ex7369IPsd0OlolMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvN0ZfZmFsRzVnSkhwN0h2ZnIwZy14M1E2V2lVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi9lNmE1NTQtZDk3NC00Mzc3LWJlY2Mt Y2JmMzQzZGViN2JjLzEvUXhKNmRFbURIaXczbG1TNVB4TUZ1bVlQbmNrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Mi9lNmE1NTQtZDk3NC00Mzc3LWJlY2MtY2JmMzQzZGViN2Jj LzEvN0ZfZmFsRzVnSkhwN0h2ZnIwZy14M1E2V2lVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCudjcMA0E AgACMAcDBQMqC73AMA0GCSqGSIb3DQEBCwUAA4IBAQBRh/ddoRduMH/XuQfBKUqu VEkCRVjF3YckREwS6LnVsAgqtxy1Xdr7K9xUwieJDIkVx0DxvIdVGjGXEd0zVdaU +6sB27aYML9NIg0yxdxbtULMKlOHgJUa8UV0M+NI5llO7r1BTxZU9FbmdNF4ad0x IqAfq4K+YMpYePaKa45fkPvO1gmq37aH/+fC255aRT5h0da7rYEr7tB+h6pY4QkI 2mtql2163h3FiZKChIEIGTVW5TWkNqRSMfc/iXdDbAPl3lTHynCLeuPcmeNRDtp9 BrlFCxITjixUKyxfDIxhB2SWHVblGaoJ6Yrmk0/44a3dkZ7X6BPbtFzc5N4Tuj1f -----END CERTIFICATE-----Generated at Sun Jan 25 20:29:07 2026 by rpki-client