This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/Q3TX55OnMfXY8Mf6ulW6eACMlqI.roa File: Q3TX55OnMfXY8Mf6ulW6eACMlqI.roa (raw, json) Hash identifier: bASfbNp4RW1bHplMgRmS6bnHIy1+J3AGfVLTC1zLp04= Subject key identifier: 43:74:D7:E7:93:A7:31:F5:D8:F0:C7:FA:BA:55:BA:78:00:8C:96:A2 Certificate issuer: /CN=38b22023b6ead4c29683a9fed4493d03dee2c685 Certificate serial: 019B7E39082914672E9A52D506414BA06E16 Authority key identifier: 38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/Q3TX55OnMfXY8Mf6ulW6eACMlqI.roa Signing time: Fri 02 Jan 2026 10:20:25 +0000 ROA not before: Fri 02 Jan 2026 10:20:25 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 42289 IP address blocks: 194.85.160.0/22 maxlen: 22 194.85.164.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.crl rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.mft rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:39:08:29:14:67:2e:9a:52:d5:06:41:4b:a0:6e:16 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=38b22023b6ead4c29683a9fed4493d03dee2c685 Validity Not Before: Jan 2 10:20:25 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=4374d7e793a731f5d8f0c7faba55ba78008c96a2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:72:11:b9:a7:24:05:ac:95:4f:dc:2d:dc:3e: 6f:01:c3:c1:ab:2d:5a:0d:99:1b:c1:94:e9:66:b6: af:28:e9:8d:34:14:ee:bd:da:8e:55:fe:4c:50:0a: b3:ec:fa:e7:81:2c:2d:03:60:95:c1:7b:72:c1:09: 4a:1c:13:c0:cf:77:10:e6:04:9f:7d:ed:9e:bc:33: 84:6e:da:6f:57:18:2d:6b:55:31:b0:b7:7c:81:d5: 4e:fc:bd:df:e3:8b:e0:9a:f9:49:fb:94:89:14:86: c8:6c:29:42:00:58:8e:73:53:00:bc:89:41:7b:09: 08:eb:99:5b:1f:ad:93:30:32:95:93:3c:a5:22:e8: c2:26:8b:b0:9f:3b:07:cf:c9:44:1b:b8:39:e4:6d: 15:72:0a:18:42:83:e9:85:b7:db:69:7e:8e:f7:dd: b7:59:65:fe:bd:53:31:10:5d:1f:d6:a6:98:9c:85: 91:b3:47:ee:14:09:72:2b:cd:22:83:bf:2f:5b:4b: 03:33:dc:48:f9:2b:c7:2c:5a:5e:b2:14:ba:5b:67: eb:90:6e:61:4d:43:74:73:e6:70:03:83:78:5b:a1: ca:fb:75:4c:32:f0:8e:8f:ad:45:43:08:31:ad:97: 7a:26:f7:e6:55:d7:f8:9e:43:2b:75:e0:67:4a:c4: bb:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 43:74:D7:E7:93:A7:31:F5:D8:F0:C7:FA:BA:55:BA:78:00:8C:96:A2 X509v3 Authority Key Identifier: keyid:38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/Q3TX55OnMfXY8Mf6ulW6eACMlqI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 194.85.160.0-194.85.165.255 Signature Algorithm: sha256WithRSAEncryption 49:11:51:8b:17:b1:5c:aa:83:99:ec:71:2a:bc:93:72:c0:33: 2e:a7:6f:2f:d1:fe:50:fa:8c:ea:70:f6:43:f3:32:c3:40:71: 7a:bd:d2:87:09:8e:c1:1c:88:05:33:ed:20:c7:d0:4d:d5:23: 18:81:95:6a:d4:12:82:46:ab:32:5e:9e:e6:c6:1c:f2:35:62: 84:15:b5:24:a6:68:ff:3e:e6:fd:99:1f:be:87:11:c8:f8:26: 08:78:6e:cc:9f:46:cb:46:29:5d:88:3f:ea:f1:ee:36:cb:e7: 0b:11:9f:71:b5:68:c6:fa:e9:17:c3:5d:19:a5:28:61:41:4e: 0f:bb:eb:74:a2:af:c8:cf:e7:2b:24:86:f2:ea:b0:e9:dc:b5: fc:b3:0a:c1:90:c8:55:79:e3:07:d8:ef:8a:a7:22:71:22:d4: 5e:3f:71:ff:1e:a2:df:fd:3d:a7:cc:73:df:23:0c:07:b5:b8: d6:e6:42:3d:59:2f:52:68:9b:60:2b:39:57:72:d8:24:0b:29: 91:fe:c7:ef:e6:df:66:1c:fc:66:0b:4c:da:6b:62:3e:2f:44: f2:c9:6f:9e:23:08:8a:17:3b:cf:2d:15:a9:33:b4:18:41:8c: 07:75:af:12:16:88:14:cc:84:78:b1:c2:af:70:0d:3c:ed:c0: 74:a9:47:86 -----BEGIN CERTIFICATE----- MIIFBTCCA+2gAwIBAgISAZt+OQgpFGcumlLVBkFLoG4WMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM4YjIyMDIzYjZlYWQ0YzI5NjgzYTlmZWQ0NDkzZDAzZGVl MmM2ODUwHhcNMjYwMTAyMTAyMDI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0Mzc0ZDdlNzkzYTczMWY1ZDhmMGM3ZmFiYTU1YmE3ODAwOGM5NmEyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt3IRuackBayVT9wt3D5vAcPBqy1a DZkbwZTpZravKOmNNBTuvdqOVf5MUAqz7PrngSwtA2CVwXtywQlKHBPAz3cQ5gSf fe2evDOEbtpvVxgta1UxsLd8gdVO/L3f44vgmvlJ+5SJFIbIbClCAFiOc1MAvIlB ewkI65lbH62TMDKVkzylIujCJouwnzsHz8lEG7g55G0VcgoYQoPphbfbaX6O9923 WWX+vVMxEF0f1qaYnIWRs0fuFAlyK80ig78vW0sDM9xI+SvHLFpeshS6W2frkG5h TUN0c+ZwA4N4W6HK+3VMMvCOj61FQwgxrZd6JvfmVdf4nkMrdeBnSsS7kwIDAQAB o4ICETCCAg0wHQYDVR0OBBYEFEN01+eTpzH12PDH+rpVungAjJaiMB8GA1UdIwQY MBaAFDiyICO26tTCloOp/tRJPQPe4saFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMt NDBkOTViZDMzZmNiLzEvUTNUWDU1T25NZlhZOE1mNnVsVzZlQUNNbHFJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMtNDBkOTViZDMzZmNi LzEvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAXCVaAD BAHCVaQwDQYJKoZIhvcNAQELBQADggEBAEkRUYsXsVyqg5nscSq8k3LAMy6nby/R /lD6jOpw9kPzMsNAcXq90ocJjsEciAUz7SDH0E3VIxiBlWrUEoJGqzJenubGHPI1 YoQVtSSmaP8+5v2ZH76HEcj4Jgh4bsyfRstGKV2IP+rx7jbL5wsRn3G1aMb66RfD XRmlKGFBTg+763Sir8jP5yskhvLqsOnctfyzCsGQyFV54wfY74qnInEi1F4/cf8e ot/9PafMc98jDAe1uNbmQj1ZL1Jom2ArOVdy2CQLKZH+x+/m32Yc/GYLTNprYj4v RPLJb54jCIoXO88tFakztBhBjAd1rxIWiBTMhHixwq9wDTztwHSpR4Y= -----END CERTIFICATE-----Generated at Sun Jan 25 19:17:42 2026 by rpki-client