This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/59303d-748a-4797-811e-fee2e8d4084f/1/AwpzkVc0oTDl0sjoa6-QEqDiUec.roa File: AwpzkVc0oTDl0sjoa6-QEqDiUec.roa (raw, json) Hash identifier: x7d6UyA4Hucc8K4+EGGBB/UoxNRtjZ72KYH63IunwOE= Subject key identifier: 03:0A:73:91:57:34:A1:30:E5:D2:C8:E8:6B:AF:90:12:A0:E2:51:E7 Certificate issuer: /CN=408025c7de0400e0f3c88d4a122a317e32c5e21c Certificate serial: 019B7D5C826FD7B31CB97608DF361E11A7D3 Authority key identifier: 40:80:25:C7:DE:04:00:E0:F3:C8:8D:4A:12:2A:31:7E:32:C5:E2:1C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QIAlx94EAODzyI1KEioxfjLF4hw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/59303d-748a-4797-811e-fee2e8d4084f/1/AwpzkVc0oTDl0sjoa6-QEqDiUec.roa Signing time: Fri 02 Jan 2026 06:19:33 +0000 ROA not before: Fri 02 Jan 2026 06:19:33 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 202780 IP address blocks: 185.101.124.0/24 maxlen: 24 185.101.125.0/24 maxlen: 24 185.101.126.0/24 maxlen: 24 185.101.127.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8c/59303d-748a-4797-811e-fee2e8d4084f/1/QIAlx94EAODzyI1KEioxfjLF4hw.crl rsync://rpki.ripe.net/repository/DEFAULT/8c/59303d-748a-4797-811e-fee2e8d4084f/1/QIAlx94EAODzyI1KEioxfjLF4hw.mft rsync://rpki.ripe.net/repository/DEFAULT/QIAlx94EAODzyI1KEioxfjLF4hw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5c:82:6f:d7:b3:1c:b9:76:08:df:36:1e:11:a7:d3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=408025c7de0400e0f3c88d4a122a317e32c5e21c Validity Not Before: Jan 2 06:19:33 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=030a73915734a130e5d2c8e86baf9012a0e251e7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:91:16:4d:bb:37:18:b6:bc:0e:9b:4b:05:5b:a6: 10:46:72:36:4e:4c:f4:7b:73:4b:36:8a:95:e8:86: f4:46:e9:cf:7b:f2:6a:e8:6d:10:be:12:ef:dd:68: 92:fe:69:67:f4:6a:6a:33:ef:b4:48:e6:0b:fb:60: e7:59:93:ce:39:44:78:c2:96:74:40:73:aa:06:86: 34:68:e2:4b:d5:00:2a:72:bc:dc:8f:20:fb:53:25: 83:ff:b9:a0:2d:18:e2:5f:bf:ee:19:d4:47:3f:a2: 01:93:77:ea:28:8f:31:cf:24:02:d5:ba:6c:09:d9: 7c:02:b7:5f:59:fd:56:36:57:03:14:50:91:2c:4b: 51:af:e5:45:48:5f:82:08:6f:ba:21:a5:f8:45:01: 3d:b6:f6:a3:0e:3a:b8:63:4e:a5:a0:bd:7e:a8:23: 26:0a:8a:64:98:f6:43:a1:94:38:26:7f:eb:60:c7: fe:a9:04:82:ef:7c:1d:fc:39:97:1e:8f:f5:16:23: 01:ec:17:8a:da:b9:d2:b2:34:5a:c7:8b:e4:a6:21: f9:d0:33:e5:77:75:86:55:92:56:20:22:0c:6a:9d: aa:49:c1:95:13:5d:e2:0c:b8:f5:81:f4:39:ce:05: aa:ca:c5:38:f1:f8:ad:a4:74:ed:7f:a3:2e:3e:21: 5b:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 03:0A:73:91:57:34:A1:30:E5:D2:C8:E8:6B:AF:90:12:A0:E2:51:E7 X509v3 Authority Key Identifier: keyid:40:80:25:C7:DE:04:00:E0:F3:C8:8D:4A:12:2A:31:7E:32:C5:E2:1C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QIAlx94EAODzyI1KEioxfjLF4hw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/59303d-748a-4797-811e-fee2e8d4084f/1/AwpzkVc0oTDl0sjoa6-QEqDiUec.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/59303d-748a-4797-811e-fee2e8d4084f/1/QIAlx94EAODzyI1KEioxfjLF4hw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.101.124.0/22 Signature Algorithm: sha256WithRSAEncryption b9:ce:9a:68:4d:0b:ae:4e:7e:d1:d5:82:cf:d9:c0:29:44:06: a8:60:56:75:6b:55:ad:eb:fd:cc:3a:e8:3a:67:93:89:52:cc: 7b:c2:6a:d7:10:1a:45:4a:1b:43:83:16:fa:0a:18:36:bf:0f: 6e:76:f4:20:cb:ec:ef:96:07:41:76:f1:8c:a2:71:5a:07:9f: 31:e4:fe:cc:57:f7:d7:8f:1f:89:b6:5e:50:06:5f:c8:fe:a5: 75:19:3b:63:af:06:c8:c3:c1:86:32:83:71:9e:f7:57:83:f2: 09:ca:25:40:ed:53:2b:a0:b2:2d:f9:7e:54:a2:94:35:0d:fb: 36:85:f4:a6:0b:d8:a5:92:75:4f:c4:91:6b:87:a7:4c:7a:4b: 61:c6:38:22:93:38:c1:ec:c8:74:83:6f:8d:a6:b4:20:ef:33: 7a:a1:8e:ef:c9:d2:65:75:24:e3:b8:b7:c1:58:d6:8d:9c:1e: eb:33:3b:79:ff:89:29:32:84:55:e6:1d:fe:7b:cf:3a:64:8a: 30:7f:b7:41:d5:13:e0:39:38:27:57:f8:9d:71:b1:ba:3a:bb: 98:4e:9f:36:c0:c1:25:9b:1b:d5:49:a1:91:d4:d3:b6:1e:7c: e1:ed:0e:0e:03:06:ef:3e:04:33:e5:3c:b0:0a:39:eb:7a:ac: 1a:dd:98:8c -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt9XIJv17McuXYI3zYeEafTMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQwODAyNWM3ZGUwNDAwZTBmM2M4OGQ0YTEyMmEzMTdlMzJj NWUyMWMwHhcNMjYwMTAyMDYxOTMzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwMzBhNzM5MTU3MzRhMTMwZTVkMmM4ZTg2YmFmOTAxMmEwZTI1MWU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkRZNuzcYtrwOm0sFW6YQRnI2Tkz0 e3NLNoqV6Ib0RunPe/Jq6G0QvhLv3WiS/mln9GpqM++0SOYL+2DnWZPOOUR4wpZ0 QHOqBoY0aOJL1QAqcrzcjyD7UyWD/7mgLRjiX7/uGdRHP6IBk3fqKI8xzyQC1bps Cdl8ArdfWf1WNlcDFFCRLEtRr+VFSF+CCG+6IaX4RQE9tvajDjq4Y06loL1+qCMm CopkmPZDoZQ4Jn/rYMf+qQSC73wd/DmXHo/1FiMB7BeK2rnSsjRax4vkpiH50DPl d3WGVZJWICIMap2qScGVE13iDLj1gfQ5zgWqysU48fitpHTtf6MuPiFbnwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFAMKc5FXNKEw5dLI6GuvkBKg4lHnMB8GA1UdIwQY MBaAFECAJcfeBADg88iNShIqMX4yxeIcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUUlBbHg5NEVBT0R6eUkxS0Vpb3hmakxGNGh3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy81OTMwM2QtNzQ4YS00Nzk3LTgxMWUt ZmVlMmU4ZDQwODRmLzEvQXdwemtWYzBvVERsMHNqb2E2LVFFcURpVWVjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Yy81OTMwM2QtNzQ4YS00Nzk3LTgxMWUtZmVlMmU4ZDQwODRm LzEvUUlBbHg5NEVBT0R6eUkxS0Vpb3hmakxGNGh3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuWV8MA0G CSqGSIb3DQEBCwUAA4IBAQC5zppoTQuuTn7R1YLP2cApRAaoYFZ1a1Wt6/3MOug6 Z5OJUsx7wmrXEBpFShtDgxb6Chg2vw9udvQgy+zvlgdBdvGMonFaB58x5P7MV/fX jx+Jtl5QBl/I/qV1GTtjrwbIw8GGMoNxnvdXg/IJyiVA7VMroLIt+X5UopQ1Dfs2 hfSmC9ilknVPxJFrh6dMekthxjgikzjB7Mh0g2+NprQg7zN6oY7vydJldSTjuLfB WNaNnB7rMzt5/4kpMoRV5h3+e886ZIowf7dB1RPgOTgnV/idcbG6OruYTp82wMEl mxvVSaGR1NO2Hnzh7Q4OAwbvPgQz5TywCjnreqwa3ZiM -----END CERTIFICATE-----Generated at Sun Jan 25 16:38:16 2026 by rpki-client