This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/QkKnlkQLz4dPGUFFiK8lN22X6dg.roa File: QkKnlkQLz4dPGUFFiK8lN22X6dg.roa (raw, json) Hash identifier: dvWueaMUeQqIss2AZGQBpfEX4bUWEPbUAAHBb4DyPrI= Subject key identifier: 42:42:A7:96:44:0B:CF:87:4F:19:41:45:88:AF:25:37:6D:97:E9:D8 Certificate issuer: /CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933 Certificate serial: 019B7D5D026B43F6BCB2702819CCA69AED2E Authority key identifier: 1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/QkKnlkQLz4dPGUFFiK8lN22X6dg.roa Signing time: Fri 02 Jan 2026 06:20:05 +0000 ROA not before: Fri 02 Jan 2026 06:20:05 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 59958 IP address blocks: 85.219.176.0/20 maxlen: 20 89.174.128.0/19 maxlen: 19 89.174.160.0/23 maxlen: 23 89.174.162.0/24 maxlen: 24 89.174.192.0/20 maxlen: 20 89.174.208.0/22 maxlen: 22 217.153.84.0/26 maxlen: 26 217.153.85.192/26 maxlen: 26 217.153.168.0/23 maxlen: 23 217.153.252.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Gspj3ySLet893QfowtPu3QLO-TM.crl rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Gspj3ySLet893QfowtPu3QLO-TM.mft rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 12:01:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5d:02:6b:43:f6:bc:b2:70:28:19:cc:a6:9a:ed:2e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933 Validity Not Before: Jan 2 06:20:05 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=4242a796440bcf874f19414588af25376d97e9d8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:1d:c0:d5:4a:b0:cc:5f:35:93:ec:75:96:6c: c2:4f:9d:b0:cd:6d:63:46:0d:a8:d6:de:17:46:c8: 9b:7c:f3:64:6a:d9:c4:48:19:c4:c6:f4:3d:68:22: 8b:ac:c9:90:f4:98:f7:fb:62:44:89:2c:32:0a:82: 3b:6e:7e:98:51:a0:31:b9:78:48:2d:02:16:43:74: 89:0c:1c:56:14:72:4e:9b:71:e3:fb:9f:41:4d:c2: ff:c6:df:d8:16:3b:d6:5c:1a:3d:1c:88:fa:ea:ad: 7c:0a:b4:44:aa:ec:0a:01:f9:1a:7b:b0:8f:7b:f6: 02:2c:57:c7:f5:d2:89:ee:44:e6:20:eb:a2:a3:7b: e1:73:ac:90:cd:c4:24:7d:f7:23:a4:79:50:07:9f: 09:f6:35:3e:9c:a3:37:67:d4:ee:2b:ad:30:ad:ff: 23:a0:df:98:be:de:2e:bc:05:07:92:40:e1:e8:dd: df:f0:35:90:75:45:3a:aa:2d:b5:f8:21:d7:76:20: b3:6f:d3:a6:7f:af:21:29:87:41:00:f9:ab:8b:f4: 16:e5:57:9c:3c:23:6d:3e:2a:51:34:4e:46:29:31: 70:35:f3:44:50:7b:18:f6:ae:4c:97:3d:0c:3a:58: da:7e:c5:88:31:a1:6e:58:b6:e3:87:8c:a8:3f:2e: e5:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 42:42:A7:96:44:0B:CF:87:4F:19:41:45:88:AF:25:37:6D:97:E9:D8 X509v3 Authority Key Identifier: keyid:1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/QkKnlkQLz4dPGUFFiK8lN22X6dg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Gspj3ySLet893QfowtPu3QLO-TM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 85.219.176.0/20 89.174.128.0-89.174.162.255 89.174.192.0-89.174.211.255 217.153.84.0/26 217.153.85.192/26 217.153.168.0/23 217.153.252.0/22 Signature Algorithm: sha256WithRSAEncryption 19:37:34:f0:f2:a1:e9:b5:a9:e6:19:49:87:f2:b9:c5:38:5e: 9a:55:d6:7b:ea:31:66:82:67:a0:52:1c:de:c7:cd:49:83:4f: dc:88:09:1f:c7:b1:ff:a8:9d:14:84:b4:e3:2b:40:28:f2:24: 0f:f9:a7:bf:75:9f:72:2a:99:af:43:fd:ee:a4:be:89:ff:16: 0a:15:c6:03:67:4a:52:8d:1e:d5:cf:a0:58:76:82:3f:c2:b4: fc:50:6d:ee:a3:b0:5f:79:bd:ed:82:b8:7d:e9:bb:bc:f7:f2: 9a:5f:c1:1c:46:28:65:ff:d0:dd:7d:d9:c2:a2:21:00:3d:63: e5:4b:21:fb:c7:58:22:ae:f1:22:e3:19:dc:90:ec:fb:53:d2: 53:66:03:58:53:4e:67:30:8e:c1:d1:7b:4f:32:b5:46:1f:fe: 4e:9e:32:94:aa:5e:3c:c7:ea:8f:39:1e:5a:63:32:91:1c:8a: bf:f1:d5:1f:7d:29:84:b2:22:4a:5e:38:49:02:02:01:c1:3f: c6:ea:61:36:7f:0a:bc:ff:4d:44:c2:4a:bf:8f:cf:62:ae:7e: cd:df:f7:4c:9b:f0:05:69:72:9a:79:dd:f7:3e:9a:7f:7d:c5: ac:0d:45:4c:9f:9d:e0:4c:ff:ad:16:a3:f5:58:7c:48:05:97: 56:89:38:42 -----BEGIN CERTIFICATE----- MIIFMzCCBBugAwIBAgISAZt9XQJrQ/a8snAoGcymmu0uMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFhY2E2M2RmMjQ4YjdhZGYzZGRkMDdlOGMyZDNlZWRkMDJj ZWY5MzMwHhcNMjYwMTAyMDYyMDA1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0MjQyYTc5NjQ0MGJjZjg3NGYxOTQxNDU4OGFmMjUzNzZkOTdlOWQ4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtB3A1UqwzF81k+x1lmzCT52wzW1j Rg2o1t4XRsibfPNkatnESBnExvQ9aCKLrMmQ9Jj3+2JEiSwyCoI7bn6YUaAxuXhI LQIWQ3SJDBxWFHJOm3Hj+59BTcL/xt/YFjvWXBo9HIj66q18CrREquwKAfkae7CP e/YCLFfH9dKJ7kTmIOuio3vhc6yQzcQkffcjpHlQB58J9jU+nKM3Z9TuK60wrf8j oN+Yvt4uvAUHkkDh6N3f8DWQdUU6qi21+CHXdiCzb9Omf68hKYdBAPmri/QW5Vec PCNtPipRNE5GKTFwNfNEUHsY9q5Mlz0MOljafsWIMaFuWLbjh4yoPy7l0QIDAQAB o4ICPzCCAjswHQYDVR0OBBYEFEJCp5ZEC8+HTxlBRYivJTdtl+nYMB8GA1UdIwQY MBaAFBrKY98ki3rfPd0H6MLT7t0CzvkzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvR3NwajN5U0xldDg5M1Fmb3d0UHUzUUxPLVRNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8xZjY0NTgtZGM3NS00YWRkLWFlNzIt OTFlMzE4NGJiMGFiLzEvUWtLbmxrUUx6NGRQR1VGRmlLOGxOMjJYNmRnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iZS8xZjY0NTgtZGM3NS00YWRkLWFlNzItOTFlMzE4NGJiMGFi LzEvR3NwajN5U0xldDg5M1Fmb3d0UHUzUUxPLVRNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQEVduwMAwD BAdZroADBABZrqIwDAMEBlmuwAMEAlmu0AMFBtmZVAADBQbZmVXAAwQB2ZmoAwQC 2Zn8MA0GCSqGSIb3DQEBCwUAA4IBAQAZNzTw8qHptanmGUmH8rnFOF6aVdZ76jFm gmegUhzex81Jg0/ciAkfx7H/qJ0UhLTjK0Ao8iQP+ae/dZ9yKpmvQ/3upL6J/xYK FcYDZ0pSjR7Vz6BYdoI/wrT8UG3uo7Bfeb3tgrh96bu89/KaX8EcRihl/9DdfdnC oiEAPWPlSyH7x1girvEi4xnckOz7U9JTZgNYU05nMI7B0XtPMrVGH/5OnjKUql48 x+qPOR5aYzKRHIq/8dUffSmEsiJKXjhJAgIBwT/G6mE2fwq8/01Ewkq/j89irn7N 3/dMm/AFaXKaed33Ppp/fcWsDUVMn53gTP+tFqP1WHxIBZdWiThC -----END CERTIFICATE-----Generated at Sun Jan 25 20:48:51 2026 by rpki-client