This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/671194-51c8-4bcf-bd83-aefe8d178e6a/1/Q-XaXdYNyXwK0mc7YIVoepDORlM.roa File: Q-XaXdYNyXwK0mc7YIVoepDORlM.roa (raw, json) Hash identifier: d+yMV8SrvvLaa9ouz0mOIlebIPHpwRPv3zGG1GfdREw= Subject key identifier: 43:E5:DA:5D:D6:0D:C9:7C:0A:D2:67:3B:60:85:68:7A:90:CE:46:53 Certificate issuer: /CN=e833461e9d2bdafcc29ad9189fb0acf1f33960a9 Certificate serial: 019B7DCA45487D133E41C261D1901AC11774 Authority key identifier: E8:33:46:1E:9D:2B:DA:FC:C2:9A:D9:18:9F:B0:AC:F1:F3:39:60:A9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6DNGHp0r2vzCmtkYn7Cs8fM5YKk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/671194-51c8-4bcf-bd83-aefe8d178e6a/1/Q-XaXdYNyXwK0mc7YIVoepDORlM.roa Signing time: Fri 02 Jan 2026 08:19:26 +0000 ROA not before: Fri 02 Jan 2026 08:19:26 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 205275 IP address blocks: 85.204.19.0/24 maxlen: 24 86.104.13.0/24 maxlen: 24 86.105.214.0/24 maxlen: 24 86.106.30.0/24 maxlen: 24 86.107.23.0/24 maxlen: 24 86.107.169.0/24 maxlen: 24 89.33.24.0/24 maxlen: 24 89.33.25.0/24 maxlen: 24 89.33.26.0/24 maxlen: 24 89.33.27.0/24 maxlen: 24 89.33.44.0/24 maxlen: 24 89.34.92.0/24 maxlen: 24 89.37.212.0/24 maxlen: 24 89.37.213.0/24 maxlen: 24 89.37.214.0/24 maxlen: 24 89.37.215.0/24 maxlen: 24 89.39.83.0/24 maxlen: 24 89.39.246.0/24 maxlen: 24 89.40.72.0/24 maxlen: 24 89.41.36.0/24 maxlen: 24 89.41.37.0/24 maxlen: 24 89.41.38.0/24 maxlen: 24 89.41.39.0/24 maxlen: 24 89.42.216.0/24 maxlen: 24 89.42.217.0/24 maxlen: 24 89.42.218.0/24 maxlen: 24 89.42.219.0/24 maxlen: 24 89.42.220.0/24 maxlen: 24 89.42.221.0/24 maxlen: 24 89.42.222.0/24 maxlen: 24 89.42.223.0/24 maxlen: 24 89.44.137.0/24 maxlen: 24 89.45.15.0/24 maxlen: 24 89.45.83.0/24 maxlen: 24 89.47.53.0/24 maxlen: 24 89.47.240.0/24 maxlen: 24 89.47.241.0/24 maxlen: 24 89.47.242.0/24 maxlen: 24 89.47.243.0/24 maxlen: 24 93.115.53.0/24 maxlen: 24 185.162.64.0/24 maxlen: 24 185.162.65.0/24 maxlen: 24 185.162.66.0/24 maxlen: 24 185.162.67.0/24 maxlen: 24 188.209.214.0/24 maxlen: 24 188.213.205.0/24 maxlen: 24 188.214.210.0/24 maxlen: 24 188.214.211.0/24 maxlen: 24 188.214.215.0/24 maxlen: 24 188.215.2.0/24 maxlen: 24 188.240.20.0/24 maxlen: 24 188.240.21.0/24 maxlen: 24 188.240.22.0/24 maxlen: 24 188.240.23.0/24 maxlen: 24 188.241.142.0/24 maxlen: 24 188.241.152.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/671194-51c8-4bcf-bd83-aefe8d178e6a/1/6DNGHp0r2vzCmtkYn7Cs8fM5YKk.crl rsync://rpki.ripe.net/repository/DEFAULT/d5/671194-51c8-4bcf-bd83-aefe8d178e6a/1/6DNGHp0r2vzCmtkYn7Cs8fM5YKk.mft rsync://rpki.ripe.net/repository/DEFAULT/6DNGHp0r2vzCmtkYn7Cs8fM5YKk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 05:00:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:ca:45:48:7d:13:3e:41:c2:61:d1:90:1a:c1:17:74 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e833461e9d2bdafcc29ad9189fb0acf1f33960a9 Validity Not Before: Jan 2 08:19:26 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=43e5da5dd60dc97c0ad2673b6085687a90ce4653 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:66:94:e7:fa:ba:e1:1c:2d:fb:55:4d:b0:64: e9:4a:c0:9d:e3:10:79:16:21:c6:af:9f:56:36:81: 77:c1:35:19:71:20:a6:24:c7:66:ad:07:04:da:70: 86:91:e7:01:5a:0a:31:45:b5:ae:08:fe:54:75:11: 79:1f:fc:3d:f9:62:b6:9f:d8:ce:39:b8:0a:3c:35: 35:71:74:1e:f8:0b:e5:c9:99:98:c3:05:16:13:c3: 07:ad:c3:91:43:ff:5d:a7:27:57:f6:d5:69:4a:56: df:ed:32:c0:bf:c1:97:95:9d:3d:20:c6:84:17:95: 7d:ef:e4:74:bb:4e:9e:d7:74:31:e4:b6:b8:e4:59: 9e:90:6a:1f:f4:0f:0e:09:24:10:01:6f:ef:23:0a: 04:a2:9a:74:1d:b8:5f:2b:4c:95:69:44:79:3b:f0: c8:92:c7:85:3f:2e:ec:35:93:1a:34:50:59:b0:db: 2a:fd:27:c0:fb:0a:f3:9f:da:3d:0f:b9:4d:30:25: d6:f0:aa:79:51:73:6b:7b:a5:3a:4f:45:58:52:7f: ce:2b:5f:04:92:f3:c9:e4:27:68:d7:ac:3d:db:04: b6:50:24:f6:d7:e5:2f:51:b6:83:a5:af:51:4e:33: 11:47:71:ac:17:38:11:d4:92:cd:b8:8e:db:15:bf: 1b:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 43:E5:DA:5D:D6:0D:C9:7C:0A:D2:67:3B:60:85:68:7A:90:CE:46:53 X509v3 Authority Key Identifier: keyid:E8:33:46:1E:9D:2B:DA:FC:C2:9A:D9:18:9F:B0:AC:F1:F3:39:60:A9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6DNGHp0r2vzCmtkYn7Cs8fM5YKk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/671194-51c8-4bcf-bd83-aefe8d178e6a/1/Q-XaXdYNyXwK0mc7YIVoepDORlM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/671194-51c8-4bcf-bd83-aefe8d178e6a/1/6DNGHp0r2vzCmtkYn7Cs8fM5YKk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 85.204.19.0/24 86.104.13.0/24 86.105.214.0/24 86.106.30.0/24 86.107.23.0/24 86.107.169.0/24 89.33.24.0/22 89.33.44.0/24 89.34.92.0/24 89.37.212.0/22 89.39.83.0/24 89.39.246.0/24 89.40.72.0/24 89.41.36.0/22 89.42.216.0/21 89.44.137.0/24 89.45.15.0/24 89.45.83.0/24 89.47.53.0/24 89.47.240.0/22 93.115.53.0/24 185.162.64.0/22 188.209.214.0/24 188.213.205.0/24 188.214.210.0/23 188.214.215.0/24 188.215.2.0/24 188.240.20.0/22 188.241.142.0/24 188.241.152.0/24 Signature Algorithm: sha256WithRSAEncryption 2f:02:ac:e8:6a:f6:fe:9b:45:ce:65:10:40:77:2d:e3:4c:59: 56:98:3c:d8:74:7d:fc:98:ba:8d:a9:5b:48:f6:ec:84:5e:5f: 51:0c:3b:58:e1:7f:c8:3f:af:2b:7f:a7:f9:8c:41:58:26:87: bb:94:92:23:20:f7:15:80:09:d4:94:e9:7e:52:cc:cf:f5:25: 8b:16:50:50:6e:c1:05:0c:3f:66:cc:90:a1:c7:d9:3c:4b:f2: d2:15:00:3c:54:62:84:56:ed:80:80:87:e6:6c:38:79:ee:ba: cc:a4:bb:43:a9:16:f9:28:b8:23:3d:23:dd:4a:5b:f1:c0:f9: 8b:5d:1b:3b:c5:c0:cb:ed:97:2b:57:b7:d6:c0:4d:8b:3f:22: 64:ab:37:d1:c6:18:f2:03:1e:f6:47:26:0a:e1:fa:2d:38:90: cd:62:7b:d3:f3:4a:c4:13:6b:16:1b:02:84:b6:2a:05:9b:aa: 73:da:ea:4d:93:79:97:27:92:ef:dc:a2:f2:ef:81:0f:90:b4: 8c:34:d6:2c:3c:5d:dd:d0:47:98:18:c9:c7:d9:3e:9b:06:66: 72:db:99:85:96:a8:26:ed:67:c1:a1:e3:67:bd:65:c2:8f:31: c9:3b:32:2e:2a:ff:0c:10:5c:ea:a2:7c:88:58:26:06:01:a7: 15:c7:cc:cf -----BEGIN CERTIFICATE----- MIIFsDCCBJigAwIBAgISAZt9ykVIfRM+QcJh0ZAawRd0MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGU4MzM0NjFlOWQyYmRhZmNjMjlhZDkxODlmYjBhY2YxZjMz OTYwYTkwHhcNMjYwMTAyMDgxOTI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0M2U1ZGE1ZGQ2MGRjOTdjMGFkMjY3M2I2MDg1Njg3YTkwY2U0NjUzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwGaU5/q64Rwt+1VNsGTpSsCd4xB5 FiHGr59WNoF3wTUZcSCmJMdmrQcE2nCGkecBWgoxRbWuCP5UdRF5H/w9+WK2n9jO ObgKPDU1cXQe+AvlyZmYwwUWE8MHrcORQ/9dpydX9tVpSlbf7TLAv8GXlZ09IMaE F5V97+R0u06e13Qx5La45FmekGof9A8OCSQQAW/vIwoEopp0HbhfK0yVaUR5O/DI kseFPy7sNZMaNFBZsNsq/SfA+wrzn9o9D7lNMCXW8Kp5UXNre6U6T0VYUn/OK18E kvPJ5Cdo16w92wS2UCT21+UvUbaDpa9RTjMRR3GsFzgR1JLNuI7bFb8bVwIDAQAB o4ICvDCCArgwHQYDVR0OBBYEFEPl2l3WDcl8CtJnO2CFaHqQzkZTMB8GA1UdIwQY MBaAFOgzRh6dK9r8wprZGJ+wrPHzOWCpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNkROR0hwMHIydnpDbXRrWW43Q3M4Zk01WUtrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS82NzExOTQtNTFjOC00YmNmLWJkODMt YWVmZThkMTc4ZTZhLzEvUS1YYVhkWU55WHdLMG1jN1lJVm9lcERPUmxNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kNS82NzExOTQtNTFjOC00YmNmLWJkODMtYWVmZThkMTc4ZTZh LzEvNkROR0hwMHIydnpDbXRrWW43Q3M4Zk01WUtrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIHRBggrBgEFBQcBBwEB/wSBwTCBvjCBuwQCAAEwgbQDBABV zBMDBABWaA0DBABWadYDBABWah4DBABWaxcDBABWa6kDBAJZIRgDBABZISwDBABZ IlwDBAJZJdQDBABZJ1MDBABZJ/YDBABZKEgDBAJZKSQDBANZKtgDBABZLIkDBABZ LQ8DBABZLVMDBABZLzUDBAJZL/ADBABdczUDBAK5okADBAC80dYDBAC81c0DBAG8 1tIDBAC81tcDBAC81wIDBAK88BQDBAC88Y4DBAC88ZgwDQYJKoZIhvcNAQELBQAD ggEBAC8CrOhq9v6bRc5lEEB3LeNMWVaYPNh0ffyYuo2pW0j27IReX1EMO1jhf8g/ ryt/p/mMQVgmh7uUkiMg9xWACdSU6X5SzM/1JYsWUFBuwQUMP2bMkKHH2TxL8tIV ADxUYoRW7YCAh+ZsOHnuusyku0OpFvkouCM9I91KW/HA+YtdGzvFwMvtlytXt9bA TYs/ImSrN9HGGPIDHvZHJgrh+i04kM1ie9PzSsQTaxYbAoS2KgWbqnPa6k2TeZcn ku/covLvgQ+QtIw01iw8Xd3QR5gYycfZPpsGZnLbmYWWqCbtZ8Gh42e9ZcKPMck7 Mi4q/wwQXOqifIhYJgYBpxXHzM8= -----END CERTIFICATE-----Generated at Sun Jan 25 16:09:34 2026 by rpki-client