This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/2ece62-1d8c-450c-91e8-8eeb757cf545/1/qKKybqkrLx3Ya1--kbP2_lmbPEk.roa File: qKKybqkrLx3Ya1--kbP2_lmbPEk.roa (raw, json) Hash identifier: uTZzIjPiBF1BZfJxXa4Io6x8P1a8OROcC2WIKx0Gejk= Subject key identifier: A8:A2:B2:6E:A9:2B:2F:1D:D8:6B:5F:BE:91:B3:F6:FE:59:9B:3C:49 Certificate issuer: /CN=d673d849b7d5047376d57e6f796f0018b70b4506 Certificate serial: 019B77C714869354E4D36C08F7BDAFFABDF3 Authority key identifier: D6:73:D8:49:B7:D5:04:73:76:D5:7E:6F:79:6F:00:18:B7:0B:45:06 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1nPYSbfVBHN21X5veW8AGLcLRQY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/2ece62-1d8c-450c-91e8-8eeb757cf545/1/qKKybqkrLx3Ya1--kbP2_lmbPEk.roa Signing time: Thu 01 Jan 2026 04:18:14 +0000 ROA not before: Thu 01 Jan 2026 04:18:14 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 62239 IP address blocks: 91.216.247.0/24 maxlen: 24 213.255.198.0/24 maxlen: 24 2a04:9300::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/99/2ece62-1d8c-450c-91e8-8eeb757cf545/1/1nPYSbfVBHN21X5veW8AGLcLRQY.crl rsync://rpki.ripe.net/repository/DEFAULT/99/2ece62-1d8c-450c-91e8-8eeb757cf545/1/1nPYSbfVBHN21X5veW8AGLcLRQY.mft rsync://rpki.ripe.net/repository/DEFAULT/1nPYSbfVBHN21X5veW8AGLcLRQY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c7:14:86:93:54:e4:d3:6c:08:f7:bd:af:fa:bd:f3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d673d849b7d5047376d57e6f796f0018b70b4506 Validity Not Before: Jan 1 04:18:14 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=a8a2b26ea92b2f1dd86b5fbe91b3f6fe599b3c49 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:0e:fa:40:3f:ba:47:ba:4d:7e:d1:ab:b6:c9: e3:7a:cc:cf:24:a2:32:90:ff:7a:fa:0f:c5:53:d0: 60:08:44:63:e1:82:30:7d:de:91:83:57:06:47:9e: f3:7f:e9:f2:d4:b9:d4:20:60:dd:8c:48:fd:ce:8f: bf:2f:5b:d7:fb:72:fb:3e:0d:76:6b:79:e4:3f:5f: df:e5:1f:5b:bf:ba:53:ef:35:93:df:17:e1:d0:e2: 46:89:a7:a2:d7:30:44:f1:ec:84:dd:88:5c:df:c7: af:2c:da:c5:01:ed:32:48:1e:e3:ea:77:80:8f:4b: be:69:73:c1:f9:36:99:f5:21:22:ce:54:1a:29:dc: e3:7f:fb:af:27:d8:5b:82:21:8f:12:01:4e:64:e6: 0f:7d:af:df:2e:aa:4f:cd:54:31:0d:6f:c3:7b:7f: 40:3a:39:8c:6c:1c:8c:ff:df:6b:0d:b2:17:de:f5: b3:9d:31:4e:11:3c:f7:1b:68:55:40:05:bf:f0:50: 9b:2b:8a:38:d7:b3:80:d3:62:80:f3:69:2f:f1:91: a0:93:97:3d:8e:e3:86:e0:49:fa:c2:92:d1:83:15: 0a:54:a8:a6:d3:5e:8b:f5:28:6c:23:fa:91:6e:0e: 84:d5:9d:f8:0b:42:55:d9:89:d0:54:e3:df:18:1a: b8:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A8:A2:B2:6E:A9:2B:2F:1D:D8:6B:5F:BE:91:B3:F6:FE:59:9B:3C:49 X509v3 Authority Key Identifier: keyid:D6:73:D8:49:B7:D5:04:73:76:D5:7E:6F:79:6F:00:18:B7:0B:45:06 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1nPYSbfVBHN21X5veW8AGLcLRQY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/2ece62-1d8c-450c-91e8-8eeb757cf545/1/qKKybqkrLx3Ya1--kbP2_lmbPEk.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/99/2ece62-1d8c-450c-91e8-8eeb757cf545/1/1nPYSbfVBHN21X5veW8AGLcLRQY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.216.247.0/24 213.255.198.0/24 IPv6: 2a04:9300::/32 Signature Algorithm: sha256WithRSAEncryption c5:b7:f4:4a:4e:58:a4:f3:cd:b9:85:b2:28:b0:55:e6:7c:0d: a9:34:de:84:32:a3:54:db:05:01:1b:96:5a:bd:49:b2:f0:e7: d8:1a:6c:9a:50:7e:33:60:66:a8:cd:af:b4:06:b4:f7:57:fb: b5:cb:55:fa:da:7d:17:65:d5:2d:b7:3c:1e:10:4a:de:de:a7: bb:e1:dd:ba:9a:97:0f:9f:d0:de:ab:7f:8d:b8:41:80:8c:d4: 7b:e1:1e:64:5b:2d:35:c3:eb:d3:eb:5c:ca:8b:40:ac:ff:96: 74:80:9e:1a:3a:f5:21:80:56:de:1c:34:4d:84:55:6e:17:d6: 8f:f0:91:92:a5:bc:27:c7:68:33:1a:d5:95:e6:8e:b9:96:e5: 88:af:6b:d7:5d:45:6b:e6:78:56:b1:18:a2:32:ff:b6:bf:d5: c9:0a:a5:40:25:21:45:5c:02:b7:de:10:72:fb:7b:f3:47:d4: ae:03:09:08:5a:b0:78:2c:db:67:73:11:ef:dc:cc:35:cc:33: 13:cd:b3:12:90:0d:9a:63:ac:47:47:c2:58:08:9a:da:6a:2d: d8:13:27:6c:d4:0d:cd:0b:6a:ba:96:c6:33:99:9a:c2:47:f5: 66:f6:b2:74:02:ba:b5:a4:55:57:93:da:b5:d2:38:49:dc:21: 85:98:74:00 -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt3xxSGk1Tk02wI972v+r3zMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ2NzNkODQ5YjdkNTA0NzM3NmQ1N2U2Zjc5NmYwMDE4Yjcw YjQ1MDYwHhcNMjYwMTAxMDQxODE0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhOGEyYjI2ZWE5MmIyZjFkZDg2YjVmYmU5MWIzZjZmZTU5OWIzYzQ5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3w76QD+6R7pNftGrtsnjeszPJKIy kP96+g/FU9BgCERj4YIwfd6Rg1cGR57zf+ny1LnUIGDdjEj9zo+/L1vX+3L7Pg12 a3nkP1/f5R9bv7pT7zWT3xfh0OJGiaei1zBE8eyE3Yhc38evLNrFAe0ySB7j6neA j0u+aXPB+TaZ9SEizlQaKdzjf/uvJ9hbgiGPEgFOZOYPfa/fLqpPzVQxDW/De39A OjmMbByM/99rDbIX3vWznTFOETz3G2hVQAW/8FCbK4o417OA02KA82kv8ZGgk5c9 juOG4En6wpLRgxUKVKim016L9ShsI/qRbg6E1Z34C0JV2YnQVOPfGBq49QIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFKiism6pKy8d2GtfvpGz9v5ZmzxJMB8GA1UdIwQY MBaAFNZz2Em31QRzdtV+b3lvABi3C0UGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMW5QWVNiZlZCSE4yMVg1dmVXOEFHTGNMUlFZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS8yZWNlNjItMWQ4Yy00NTBjLTkxZTgt OGVlYjc1N2NmNTQ1LzEvcUtLeWJxa3JMeDNZYTEtLWtiUDJfbG1iUEVrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85OS8yZWNlNjItMWQ4Yy00NTBjLTkxZTgtOGVlYjc1N2NmNTQ1 LzEvMW5QWVNiZlZCSE4yMVg1dmVXOEFHTGNMUlFZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAW9j3AwQA 1f/GMA0EAgACMAcDBQAqBJMAMA0GCSqGSIb3DQEBCwUAA4IBAQDFt/RKTlik8825 hbIosFXmfA2pNN6EMqNU2wUBG5ZavUmy8OfYGmyaUH4zYGaoza+0BrT3V/u1y1X6 2n0XZdUttzweEEre3qe74d26mpcPn9Deq3+NuEGAjNR74R5kWy01w+vT61zKi0Cs /5Z0gJ4aOvUhgFbeHDRNhFVuF9aP8JGSpbwnx2gzGtWV5o65luWIr2vXXUVr5nhW sRiiMv+2v9XJCqVAJSFFXAK33hBy+3vzR9SuAwkIWrB4LNtncxHv3Mw1zDMTzbMS kA2aY6xHR8JYCJraai3YEyds1A3NC2q6lsYzmZrCR/Vm9rJ0Arq1pFVXk9q10jhJ 3CGFmHQA -----END CERTIFICATE-----Generated at Mon Jan 26 02:44:03 2026 by rpki-client