This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/WqZxU21CXk9II8O2lF6Y-ketCJI.roa File: WqZxU21CXk9II8O2lF6Y-ketCJI.roa (raw, json) Hash identifier: JoRrtKwoZC20Q/QLA/mOv68NwCQSWJ+6cWt4rKxvqxY= Subject key identifier: 5A:A6:71:53:6D:42:5E:4F:48:23:C3:B6:94:5E:98:FA:47:AD:08:92 Certificate issuer: /CN=359f0f5ff620e0db5311f64736909973ac60f6f3 Certificate serial: 019B797E454AAD98BDFA5695F65E3BBCF308 Authority key identifier: 35:9F:0F:5F:F6:20:E0:DB:53:11:F6:47:36:90:99:73:AC:60:F6:F3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/WqZxU21CXk9II8O2lF6Y-ketCJI.roa Signing time: Thu 01 Jan 2026 12:17:56 +0000 ROA not before: Thu 01 Jan 2026 12:17:56 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 202774 IP address blocks: 185.155.32.0/22 maxlen: 22 2a07:9100::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.crl rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.mft rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 16:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7e:45:4a:ad:98:bd:fa:56:95:f6:5e:3b:bc:f3:08 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=359f0f5ff620e0db5311f64736909973ac60f6f3 Validity Not Before: Jan 1 12:17:56 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5aa671536d425e4f4823c3b6945e98fa47ad0892 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:00:b1:86:04:f2:e3:a2:cb:7e:fb:26:15:6e: c8:d2:7a:30:77:3a:84:0e:f2:55:ab:b6:95:f5:0e: a7:32:e7:9d:d5:88:16:46:64:8c:cb:91:86:4e:3e: 3c:99:ed:d2:70:a4:18:86:94:6f:c6:9e:e7:4b:7f: 17:e4:cd:d1:7b:b7:fc:f9:2a:f0:d0:8d:86:c9:f9: a5:38:16:66:91:0d:68:45:bc:b3:f1:92:54:57:45: 15:ef:7f:2c:73:6b:2c:f0:3d:fc:ca:b4:09:bd:54: f6:48:70:91:0f:29:e4:0b:fc:d3:60:c6:d1:d9:bb: 00:29:1a:2d:c2:68:99:b7:45:c8:ac:cf:2b:64:50: 93:6c:9c:d0:41:1c:3d:70:53:15:0e:74:bc:62:39: 37:49:90:6e:a1:e0:25:ea:6b:d6:31:98:13:e0:60: 2a:cd:bd:27:4c:62:64:2e:d7:d0:29:15:14:eb:86: 4a:55:6d:97:c0:1e:3c:2c:a1:a1:67:6a:68:42:fa: f6:8c:cd:b3:21:fc:bc:6a:fa:b9:96:c3:11:d8:00: fe:50:cd:c3:93:be:46:81:30:56:20:bb:43:82:2b: 71:d1:fb:0d:a1:35:1f:ed:18:d2:89:e5:75:92:46: 13:b6:6e:77:74:a6:02:b0:fc:3e:69:3a:36:6d:7f: bd:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5A:A6:71:53:6D:42:5E:4F:48:23:C3:B6:94:5E:98:FA:47:AD:08:92 X509v3 Authority Key Identifier: keyid:35:9F:0F:5F:F6:20:E0:DB:53:11:F6:47:36:90:99:73:AC:60:F6:F3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/WqZxU21CXk9II8O2lF6Y-ketCJI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.155.32.0/22 IPv6: 2a07:9100::/29 Signature Algorithm: sha256WithRSAEncryption 10:93:71:74:1a:63:c9:fa:bf:52:e8:f7:62:44:c4:2e:a5:6d: 67:18:1f:3e:4c:96:1d:46:0a:5b:69:55:78:8d:ee:a6:f8:f0: ba:0f:e0:51:33:8b:67:10:ca:6c:90:60:fc:d6:9b:6e:9d:74: 02:74:09:18:43:07:8d:8e:86:62:e9:d4:e1:e7:74:61:e5:93: 3f:58:15:10:51:c6:39:16:00:23:c3:04:0d:35:45:bf:b8:ab: d4:ab:03:41:f9:a8:dc:86:c3:24:00:2d:1b:3c:89:01:d6:99: 02:47:26:f1:7c:d6:cd:e7:e7:4b:89:6f:8a:e6:89:06:be:cc: ee:60:b3:d9:3a:17:c9:5c:7e:ec:9f:62:d0:8c:9f:ec:b7:82: 1f:2b:ff:05:43:f1:67:e1:a3:86:38:68:2c:2c:72:81:38:e1: 56:ee:0c:4d:22:79:66:5b:b5:ae:77:e0:a5:5d:d3:e1:68:29: 68:ee:df:60:15:2d:b1:54:69:b1:9c:04:40:b4:14:35:aa:16: b8:6f:7f:f8:d1:56:2e:db:3f:0c:62:e2:6a:d3:84:43:52:2d: 14:7a:95:58:33:c0:01:7f:b2:9c:4f:3c:f7:f9:b6:1e:dd:8b: b8:82:ef:b3:0c:d6:ee:35:65:04:4c:7d:f8:64:a9:ae:38:fd: 3f:53:f5:da -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt5fkVKrZi9+laV9l47vPMIMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM1OWYwZjVmZjYyMGUwZGI1MzExZjY0NzM2OTA5OTczYWM2 MGY2ZjMwHhcNMjYwMTAxMTIxNzU2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1YWE2NzE1MzZkNDI1ZTRmNDgyM2MzYjY5NDVlOThmYTQ3YWQwODkyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlwCxhgTy46LLfvsmFW7I0nowdzqE DvJVq7aV9Q6nMued1YgWRmSMy5GGTj48me3ScKQYhpRvxp7nS38X5M3Re7f8+Srw 0I2GyfmlOBZmkQ1oRbyz8ZJUV0UV738sc2ss8D38yrQJvVT2SHCRDynkC/zTYMbR 2bsAKRotwmiZt0XIrM8rZFCTbJzQQRw9cFMVDnS8Yjk3SZBuoeAl6mvWMZgT4GAq zb0nTGJkLtfQKRUU64ZKVW2XwB48LKGhZ2poQvr2jM2zIfy8avq5lsMR2AD+UM3D k75GgTBWILtDgitx0fsNoTUf7RjSieV1kkYTtm53dKYCsPw+aTo2bX+9OwIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFFqmcVNtQl5PSCPDtpRemPpHrQiSMB8GA1UdIwQY MBaAFDWfD1/2IODbUxH2RzaQmXOsYPbzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTlo4UFhfWWc0TnRURWZaSE5wQ1pjNnhnOXZNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS80MGQ5YTUtMjU2Ni00OWUxLWE1N2It ZDFhYmY0ZWUzMmNiLzEvV3FaeFUyMUNYazlJSThPMmxGNlkta2V0Q0pJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85YS80MGQ5YTUtMjU2Ni00OWUxLWE1N2ItZDFhYmY0ZWUzMmNi LzEvTlo4UFhfWWc0TnRURWZaSE5wQ1pjNnhnOXZNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZsgMA0E AgACMAcDBQMqB5EAMA0GCSqGSIb3DQEBCwUAA4IBAQAQk3F0GmPJ+r9S6PdiRMQu pW1nGB8+TJYdRgpbaVV4je6m+PC6D+BRM4tnEMpskGD81ptunXQCdAkYQweNjoZi 6dTh53Rh5ZM/WBUQUcY5FgAjwwQNNUW/uKvUqwNB+ajchsMkAC0bPIkB1pkCRybx fNbN5+dLiW+K5okGvszuYLPZOhfJXH7sn2LQjJ/st4IfK/8FQ/Fn4aOGOGgsLHKB OOFW7gxNInlmW7Wud+ClXdPhaClo7t9gFS2xVGmxnARAtBQ1qha4b3/40VYu2z8M YuJq04RDUi0UepVYM8ABf7KcTzz3+bYe3Yu4gu+zDNbuNWUETH34ZKmuOP0/U/Xa -----END CERTIFICATE-----Generated at Mon Jan 26 00:59:31 2026 by rpki-client