This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/b9a283-5c8d-4628-80bc-ee7ba0e9f7ca/1/QWs1csGK8KUFGhfj2QFKlBU8El0.roa File: QWs1csGK8KUFGhfj2QFKlBU8El0.roa (raw, json) Hash identifier: 0iVAN86kduscSDUBK67oi4SEPANLs+DqgTgFkRGgbJQ= Subject key identifier: 41:6B:35:72:C1:8A:F0:A5:05:1A:17:E3:D9:01:4A:94:15:3C:12:5D Certificate issuer: /CN=aff4242c10e438537e169ab002bf6be81fa2a5ed Certificate serial: 019B77588440AE1F2F46040F5E7FF6F384F0 Authority key identifier: AF:F4:24:2C:10:E4:38:53:7E:16:9A:B0:02:BF:6B:E8:1F:A2:A5:ED Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r_QkLBDkOFN-FpqwAr9r6B-ipe0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/b9a283-5c8d-4628-80bc-ee7ba0e9f7ca/1/QWs1csGK8KUFGhfj2QFKlBU8El0.roa Signing time: Thu 01 Jan 2026 02:17:28 +0000 ROA not before: Thu 01 Jan 2026 02:17:28 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 42926 IP address blocks: 185.135.223.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/b9a283-5c8d-4628-80bc-ee7ba0e9f7ca/1/r_QkLBDkOFN-FpqwAr9r6B-ipe0.crl rsync://rpki.ripe.net/repository/DEFAULT/a0/b9a283-5c8d-4628-80bc-ee7ba0e9f7ca/1/r_QkLBDkOFN-FpqwAr9r6B-ipe0.mft rsync://rpki.ripe.net/repository/DEFAULT/r_QkLBDkOFN-FpqwAr9r6B-ipe0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 20:01:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:58:84:40:ae:1f:2f:46:04:0f:5e:7f:f6:f3:84:f0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=aff4242c10e438537e169ab002bf6be81fa2a5ed Validity Not Before: Jan 1 02:17:28 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=416b3572c18af0a5051a17e3d9014a94153c125d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:74:11:f6:11:d9:bb:f8:5f:44:ce:d3:7d:2b: c8:bd:ac:08:7c:ae:7d:fd:93:f5:29:ff:34:80:c6: a6:5f:aa:ea:f5:5d:4e:14:b6:bb:46:74:b4:7c:fb: a0:3b:17:66:ba:e9:9e:42:41:a4:ed:11:ba:87:8c: bf:8a:0e:c2:1e:34:f9:74:dd:76:68:04:66:dc:56: 41:0c:f4:2e:22:ad:1c:dc:39:61:1e:ff:92:77:59: e7:a9:4a:d4:92:d8:e0:e7:80:6b:ec:f8:cd:cc:a3: 10:e0:ee:37:b2:c4:94:3a:97:b9:60:af:c1:83:74: 0c:04:46:ec:27:35:4e:a1:53:78:b8:21:44:00:83: 81:c3:ff:b6:88:21:5a:d5:b0:03:f3:d5:32:fe:26: 1e:7d:87:cb:ea:65:3b:43:92:07:f4:7b:1c:48:63: 95:fb:d1:92:b3:6c:89:38:bc:34:0e:59:1d:05:c2: fd:b8:fe:b0:f8:d2:3c:cd:44:23:90:a3:e1:52:11: 79:5d:5c:de:59:3e:ab:d2:74:de:b4:34:d7:a9:0d: 2f:49:e9:5e:13:23:0f:3a:a6:8c:8b:73:04:a8:dd: 16:c6:94:51:2c:88:1a:73:1a:47:05:85:e1:ae:7f: 76:59:3f:df:d9:56:3a:72:0a:9a:30:a3:b8:e7:99: 4f:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 41:6B:35:72:C1:8A:F0:A5:05:1A:17:E3:D9:01:4A:94:15:3C:12:5D X509v3 Authority Key Identifier: keyid:AF:F4:24:2C:10:E4:38:53:7E:16:9A:B0:02:BF:6B:E8:1F:A2:A5:ED X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r_QkLBDkOFN-FpqwAr9r6B-ipe0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b9a283-5c8d-4628-80bc-ee7ba0e9f7ca/1/QWs1csGK8KUFGhfj2QFKlBU8El0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b9a283-5c8d-4628-80bc-ee7ba0e9f7ca/1/r_QkLBDkOFN-FpqwAr9r6B-ipe0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.135.223.0/24 Signature Algorithm: sha256WithRSAEncryption 1a:ba:e6:99:9a:b6:76:fa:06:ee:5a:f8:4c:ee:ce:da:b1:3b: 4e:aa:d7:ce:cf:fc:3c:82:f9:b7:b2:bc:fb:ca:15:4e:32:c1: bc:d4:92:0d:3e:b8:6b:b4:8a:2a:48:58:ca:11:82:7c:c9:27: 74:71:74:87:db:95:3a:2d:ee:1e:e7:68:71:d7:99:84:6d:b0: 6b:df:2d:b1:20:9b:4f:2b:d8:f0:9e:b6:9e:87:0c:48:14:8b: 8c:13:80:b6:10:ec:f5:3f:d4:4b:d2:44:f4:d3:7d:ca:b7:29: 20:28:18:60:10:e8:54:82:21:4f:15:6d:e9:13:97:62:c7:03: 4a:b5:36:05:12:1b:e8:c2:9a:5b:b9:06:4f:fc:aa:80:f8:46: ba:7b:33:70:48:2b:81:0a:a1:a8:63:a8:de:2a:bc:84:db:c6: 6b:8c:f5:6f:13:ad:6f:a0:d3:55:3f:44:ea:f7:37:9b:b3:b2: 5d:dc:e2:ab:aa:89:29:70:33:5e:a2:9e:ea:51:17:03:b3:cf: f4:eb:86:11:f9:ef:38:ff:39:93:13:1d:98:e0:9d:78:7c:4a: 90:ee:f0:8d:58:b8:a0:c6:1d:1b:d4:0d:23:06:bc:32:3f:de: 46:2c:fa:3a:85:69:95:4c:28:bf:d0:0e:7a:8d:48:22:5c:32: 54:57:e5:a5 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt3WIRArh8vRgQPXn/284TwMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFmZjQyNDJjMTBlNDM4NTM3ZTE2OWFiMDAyYmY2YmU4MWZh MmE1ZWQwHhcNMjYwMTAxMDIxNzI4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0MTZiMzU3MmMxOGFmMGE1MDUxYTE3ZTNkOTAxNGE5NDE1M2MxMjVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnnQR9hHZu/hfRM7TfSvIvawIfK59 /ZP1Kf80gMamX6rq9V1OFLa7RnS0fPugOxdmuumeQkGk7RG6h4y/ig7CHjT5dN12 aARm3FZBDPQuIq0c3DlhHv+Sd1nnqUrUktjg54Br7PjNzKMQ4O43ssSUOpe5YK/B g3QMBEbsJzVOoVN4uCFEAIOBw/+2iCFa1bAD89Uy/iYefYfL6mU7Q5IH9HscSGOV +9GSs2yJOLw0DlkdBcL9uP6w+NI8zUQjkKPhUhF5XVzeWT6r0nTetDTXqQ0vSele EyMPOqaMi3MEqN0WxpRRLIgacxpHBYXhrn92WT/f2VY6cgqaMKO455lPGwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFEFrNXLBivClBRoX49kBSpQVPBJdMB8GA1UdIwQY MBaAFK/0JCwQ5DhTfhaasAK/a+gfoqXtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcl9Ra0xCRGtPRk4tRnBxd0FyOXI2Qi1pcGUwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9iOWEyODMtNWM4ZC00NjI4LTgwYmMt ZWU3YmEwZTlmN2NhLzEvUVdzMWNzR0s4S1VGR2hmajJRRktsQlU4RWwwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hMC9iOWEyODMtNWM4ZC00NjI4LTgwYmMtZWU3YmEwZTlmN2Nh LzEvcl9Ra0xCRGtPRk4tRnBxd0FyOXI2Qi1pcGUwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuYffMA0G CSqGSIb3DQEBCwUAA4IBAQAauuaZmrZ2+gbuWvhM7s7asTtOqtfOz/w8gvm3srz7 yhVOMsG81JINPrhrtIoqSFjKEYJ8ySd0cXSH25U6Le4e52hx15mEbbBr3y2xIJtP K9jwnraehwxIFIuME4C2EOz1P9RL0kT0033KtykgKBhgEOhUgiFPFW3pE5dixwNK tTYFEhvowppbuQZP/KqA+Ea6ezNwSCuBCqGoY6jeKryE28ZrjPVvE61voNNVP0Tq 9zebs7Jd3OKrqokpcDNeop7qURcDs8/064YR+e84/zmTEx2Y4J14fEqQ7vCNWLig xh0b1A0jBrwyP95GLPo6hWmVTCi/0A56jUgiXDJUV+Wl -----END CERTIFICATE-----Generated at Mon Jan 26 03:56:26 2026 by rpki-client