This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/Q2QENuhPgsVbgwNPIY4HpL4Yl6s.roa File: Q2QENuhPgsVbgwNPIY4HpL4Yl6s.roa (raw, json) Hash identifier: 2GKn2PAieyHRa/TsYWX239kz98GUSYpRBaKi2ST0IME= Subject key identifier: 43:64:04:36:E8:4F:82:C5:5B:83:03:4F:21:8E:07:A4:BE:18:97:AB Certificate issuer: /CN=93677d7cb9271ce361256e9833cc7b14fd023ebe Certificate serial: 019B7F15C3B709FBA28A6C7E5C1A9988B7CB Authority key identifier: 93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/Q2QENuhPgsVbgwNPIY4HpL4Yl6s.roa Signing time: Fri 02 Jan 2026 14:21:31 +0000 ROA not before: Fri 02 Jan 2026 14:21:31 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 57043 IP address blocks: 45.67.202.0/24 maxlen: 24 193.37.196.0/24 maxlen: 24 194.41.113.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.crl rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.mft rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:15:c3:b7:09:fb:a2:8a:6c:7e:5c:1a:99:88:b7:cb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=93677d7cb9271ce361256e9833cc7b14fd023ebe Validity Not Before: Jan 2 14:21:31 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=43640436e84f82c55b83034f218e07a4be1897ab Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:ed:db:93:87:e3:65:9d:74:91:49:02:2a:09: f6:5d:13:76:e1:e5:13:92:03:b4:09:b2:9f:ca:fd: 78:34:25:47:e7:f5:a4:d6:51:82:df:9d:fc:13:2b: 18:fd:de:40:de:40:b2:34:e0:9e:be:1f:03:fe:7d: 12:73:04:89:16:e5:2b:26:1d:18:fa:08:59:c9:6f: 3e:77:3f:5e:bd:3d:90:eb:2f:ca:07:81:57:f6:36: b5:ca:08:f4:8c:e1:eb:74:a6:c4:56:f1:0e:6e:63: d9:bc:5b:e6:82:af:70:bf:de:4d:88:ac:fd:57:01: 47:e3:ec:03:54:28:4a:cc:5f:f2:60:df:2f:e3:28: 8b:cc:38:be:52:6a:1e:b8:b9:f2:a3:71:1d:37:e2: 12:1d:0b:96:93:8d:31:c9:db:cb:64:6a:db:87:a1: 53:28:be:98:0f:7e:65:83:77:99:fa:b5:5e:58:76: 2c:8c:23:99:e7:8a:ba:8f:13:51:94:93:43:05:5f: 70:c6:75:5f:1c:66:79:ea:35:1f:53:54:ec:00:23: f9:8e:6b:0d:87:d6:7c:a9:b9:93:cc:ac:8a:3d:f3: 2a:ee:40:fa:8a:12:db:99:5c:4b:4c:0e:95:f8:27: ab:dd:a3:8f:16:03:f6:75:61:ea:6a:ca:15:90:cf: 10:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 43:64:04:36:E8:4F:82:C5:5B:83:03:4F:21:8E:07:A4:BE:18:97:AB X509v3 Authority Key Identifier: keyid:93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/Q2QENuhPgsVbgwNPIY4HpL4Yl6s.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.67.202.0/24 193.37.196.0/24 194.41.113.0/24 Signature Algorithm: sha256WithRSAEncryption 14:69:22:c4:32:5b:ba:0a:fe:4d:78:dd:99:a0:33:d3:85:b5: 40:72:b9:f1:78:c0:90:02:37:4a:38:5c:cc:7a:58:0c:d2:54: 86:fc:d4:da:48:d0:0b:f6:bd:16:4f:e4:a6:d3:58:f4:ac:40: 5e:01:01:ad:5f:f0:f3:40:0e:ac:87:15:cd:0c:dc:b2:1e:d5: e0:74:3e:16:2d:5f:fd:a1:99:b0:26:e4:92:85:e8:c1:e6:b1: 30:27:90:b0:f8:87:41:16:ee:b5:6c:cd:71:31:d8:55:9c:19: 7e:91:9b:2a:f7:be:a3:38:cb:9a:45:c4:fc:f0:13:32:94:8e: ae:bd:68:92:b8:7b:70:fe:ba:ab:55:36:ea:c1:7c:8a:e8:97: 00:83:62:34:87:b7:74:ab:c2:9a:95:1a:c1:2d:fa:ec:58:47: bb:39:7b:63:fe:7d:d4:d9:56:47:56:75:cc:ac:83:70:55:49: b2:b1:6f:24:c9:14:43:1e:c1:8f:8d:48:35:42:b2:d2:d0:81: e8:90:d5:9c:af:38:89:98:37:cd:f2:a4:a9:90:3f:b9:07:c7: da:96:5b:bb:b6:93:47:a2:bb:7b:0c:b2:d8:f7:5e:09:65:6e: 2c:8c:3a:10:48:8f:49:1e:45:ed:93:a0:be:54:85:10:38:18: 17:de:33:dd -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt/FcO3Cfuiimx+XBqZiLfLMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkzNjc3ZDdjYjkyNzFjZTM2MTI1NmU5ODMzY2M3YjE0ZmQw MjNlYmUwHhcNMjYwMTAyMTQyMTMxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0MzY0MDQzNmU4NGY4MmM1NWI4MzAzNGYyMThlMDdhNGJlMTg5N2FiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo+3bk4fjZZ10kUkCKgn2XRN24eUT kgO0CbKfyv14NCVH5/Wk1lGC3538EysY/d5A3kCyNOCevh8D/n0ScwSJFuUrJh0Y +ghZyW8+dz9evT2Q6y/KB4FX9ja1ygj0jOHrdKbEVvEObmPZvFvmgq9wv95NiKz9 VwFH4+wDVChKzF/yYN8v4yiLzDi+UmoeuLnyo3EdN+ISHQuWk40xydvLZGrbh6FT KL6YD35lg3eZ+rVeWHYsjCOZ54q6jxNRlJNDBV9wxnVfHGZ56jUfU1TsACP5jmsN h9Z8qbmTzKyKPfMq7kD6ihLbmVxLTA6V+Cer3aOPFgP2dWHqasoVkM8QtQIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFENkBDboT4LFW4MDTyGOB6S+GJerMB8GA1UdIwQY MBaAFJNnfXy5JxzjYSVumDPMexT9Aj6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYt OTlhY2I5OWNlNzU0LzEvUTJRRU51aFBnc1ZiZ3dOUElZNEhwTDRZbDZzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYtOTlhY2I5OWNlNzU0 LzEvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALUPKAwQA wSXEAwQAwilxMA0GCSqGSIb3DQEBCwUAA4IBAQAUaSLEMlu6Cv5NeN2ZoDPThbVA crnxeMCQAjdKOFzMelgM0lSG/NTaSNAL9r0WT+Sm01j0rEBeAQGtX/DzQA6shxXN DNyyHtXgdD4WLV/9oZmwJuSShejB5rEwJ5Cw+IdBFu61bM1xMdhVnBl+kZsq976j OMuaRcT88BMylI6uvWiSuHtw/rqrVTbqwXyK6JcAg2I0h7d0q8KalRrBLfrsWEe7 OXtj/n3U2VZHVnXMrINwVUmysW8kyRRDHsGPjUg1QrLS0IHokNWcrziJmDfN8qSp kD+5B8fallu7tpNHort7DLLY914JZW4sjDoQSI9JHkXtk6C+VIUQOBgX3jPd -----END CERTIFICATE-----Generated at Sun Jan 25 17:39:29 2026 by rpki-client