This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/QEW7nL_XFY7-pqU9RE8stFDsft4.roa File: QEW7nL_XFY7-pqU9RE8stFDsft4.roa (raw, json) Hash identifier: 7pAJQsO5s42ZP6VLMYiZZGH7bu2YJMD5N8HmIIw2Wi8= Subject key identifier: 40:45:BB:9C:BF:D7:15:8E:FE:A6:A5:3D:44:4F:2C:B4:50:EC:7E:DE Certificate issuer: /CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933 Certificate serial: 019B7D5D03F0DD5B313589903774DFA44315 Authority key identifier: 1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/QEW7nL_XFY7-pqU9RE8stFDsft4.roa Signing time: Fri 02 Jan 2026 06:20:06 +0000 ROA not before: Fri 02 Jan 2026 06:20:06 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 62308 IP address blocks: 89.174.20.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Gspj3ySLet893QfowtPu3QLO-TM.crl rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Gspj3ySLet893QfowtPu3QLO-TM.mft rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 12:01:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5d:03:f0:dd:5b:31:35:89:90:37:74:df:a4:43:15 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933 Validity Not Before: Jan 2 06:20:06 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=4045bb9cbfd7158efea6a53d444f2cb450ec7ede Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:03:a0:88:1b:a5:36:8c:81:d2:a0:19:e0:83: 36:49:e3:1e:df:2f:e2:3e:e4:90:cc:10:56:7a:04: 08:cc:68:a5:99:1d:74:2d:f7:f4:2b:6a:d1:0d:3c: d1:ff:c2:32:25:9f:2e:8b:2f:3e:5c:61:70:b7:67: 15:69:81:95:dd:8e:4e:f0:d5:7f:f8:9f:40:74:06: 55:86:be:06:83:f1:a8:8d:b4:fa:17:89:45:20:21: eb:b2:00:94:9f:94:91:bd:59:a7:50:f8:a5:06:94: 66:16:3b:ca:53:e7:a8:30:48:72:7b:68:5a:83:04: 70:cd:c1:2a:ca:7e:7a:ad:73:df:c6:1a:58:5d:98: 4c:4d:90:39:1f:f6:97:82:eb:ef:17:81:09:e1:0c: 30:db:5a:c1:38:41:95:34:9e:27:fc:aa:c8:70:f1: 65:29:de:2c:a7:e2:29:00:29:89:9b:aa:62:27:d4: 6d:f1:4b:e6:74:02:cd:8b:c0:8c:66:4b:ff:22:3f: c5:75:a5:a0:a8:0d:24:2e:f8:35:a1:01:b7:7f:2b: 52:4b:05:54:3e:77:c7:bc:3d:d6:5a:f3:ac:97:0b: 63:ab:ba:d5:98:0e:04:e3:a8:e2:9c:45:86:09:bd: a4:b4:ef:08:80:52:e8:06:68:29:43:97:4e:f4:a8: 2c:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:45:BB:9C:BF:D7:15:8E:FE:A6:A5:3D:44:4F:2C:B4:50:EC:7E:DE X509v3 Authority Key Identifier: keyid:1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/QEW7nL_XFY7-pqU9RE8stFDsft4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Gspj3ySLet893QfowtPu3QLO-TM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 89.174.20.0/24 Signature Algorithm: sha256WithRSAEncryption 89:dd:56:74:95:8f:26:21:14:00:29:5a:5d:7b:10:1c:6f:36: b2:50:5a:82:25:72:c6:1b:61:90:67:3e:b4:5d:cb:60:e4:c3: c2:99:84:55:e7:42:97:38:c1:03:2f:40:74:e8:28:d2:70:d2: fb:8e:55:32:28:b7:81:fb:6c:14:93:fc:7c:43:fb:f9:c9:fb: 50:21:d4:ef:d1:f1:3e:fc:24:e1:b7:92:9f:60:19:3d:09:18: 92:80:4e:0e:c1:3b:6c:ef:ea:98:80:fb:f5:10:51:52:29:26: fd:b7:45:20:29:2a:9a:c6:e9:69:40:5b:6c:19:a2:c1:6a:3a: d1:34:e8:c3:23:01:4c:57:52:22:2a:87:a0:d4:cc:92:a3:fc: 1d:b2:71:5c:20:f5:14:fd:06:ca:c0:67:5a:ef:bf:8c:a1:80: 1a:90:77:19:74:be:25:7b:bc:8a:74:4e:fd:3b:ff:97:cb:f4: 5f:39:0d:86:f5:c3:d7:0e:1c:75:a6:41:41:74:74:b0:f3:d3: 75:f5:79:d6:fa:5c:aa:51:df:ba:c9:ba:13:81:6c:4d:4d:2f: d0:2e:d5:b2:6d:b3:c7:30:f3:68:90:eb:27:b9:9e:70:92:67: 3e:b8:82:84:0c:33:db:96:da:85:cc:dc:81:3b:17:c7:5c:86: 64:95:b9:4d -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt9XQPw3VsxNYmQN3TfpEMVMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFhY2E2M2RmMjQ4YjdhZGYzZGRkMDdlOGMyZDNlZWRkMDJj ZWY5MzMwHhcNMjYwMTAyMDYyMDA2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0MDQ1YmI5Y2JmZDcxNThlZmVhNmE1M2Q0NDRmMmNiNDUwZWM3ZWRlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtgOgiBulNoyB0qAZ4IM2SeMe3y/i PuSQzBBWegQIzGilmR10Lff0K2rRDTzR/8IyJZ8uiy8+XGFwt2cVaYGV3Y5O8NV/ +J9AdAZVhr4Gg/GojbT6F4lFICHrsgCUn5SRvVmnUPilBpRmFjvKU+eoMEhye2ha gwRwzcEqyn56rXPfxhpYXZhMTZA5H/aXguvvF4EJ4Qww21rBOEGVNJ4n/KrIcPFl Kd4sp+IpACmJm6piJ9Rt8UvmdALNi8CMZkv/Ij/FdaWgqA0kLvg1oQG3fytSSwVU PnfHvD3WWvOslwtjq7rVmA4E46jinEWGCb2ktO8IgFLoBmgpQ5dO9Kgs0wIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFEBFu5y/1xWO/qalPURPLLRQ7H7eMB8GA1UdIwQY MBaAFBrKY98ki3rfPd0H6MLT7t0CzvkzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvR3NwajN5U0xldDg5M1Fmb3d0UHUzUUxPLVRNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8xZjY0NTgtZGM3NS00YWRkLWFlNzIt OTFlMzE4NGJiMGFiLzEvUUVXN25MX1hGWTctcHFVOVJFOHN0RkRzZnQ0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iZS8xZjY0NTgtZGM3NS00YWRkLWFlNzItOTFlMzE4NGJiMGFi LzEvR3NwajN5U0xldDg5M1Fmb3d0UHUzUUxPLVRNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWa4UMA0G CSqGSIb3DQEBCwUAA4IBAQCJ3VZ0lY8mIRQAKVpdexAcbzayUFqCJXLGG2GQZz60 Xctg5MPCmYRV50KXOMEDL0B06CjScNL7jlUyKLeB+2wUk/x8Q/v5yftQIdTv0fE+ /CTht5KfYBk9CRiSgE4OwTts7+qYgPv1EFFSKSb9t0UgKSqaxulpQFtsGaLBajrR NOjDIwFMV1IiKoeg1MySo/wdsnFcIPUU/QbKwGda77+MoYAakHcZdL4le7yKdE79 O/+Xy/RfOQ2G9cPXDhx1pkFBdHSw89N19XnW+lyqUd+6yboTgWxNTS/QLtWybbPH MPNokOsnuZ5wkmc+uIKEDDPbltqFzNyBOxfHXIZklblN -----END CERTIFICATE-----Generated at Sun Jan 25 19:16:15 2026 by rpki-client