This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/39d734-6fb1-4dc0-a128-d75f595fa7c3/1/QuPhVmekJ4dhqBPpcI5OG6WfkBk.roa File: QuPhVmekJ4dhqBPpcI5OG6WfkBk.roa (raw, json) Hash identifier: c8GP0XBznN8FZcjPHI/drnI5xLOeTCTAN2FjtvB53n0= Subject key identifier: 42:E3:E1:56:67:A4:27:87:61:A8:13:E9:70:8E:4E:1B:A5:9F:90:19 Certificate issuer: /CN=60c8d57747f729700ef2f5614f6dfdec8d119f2d Certificate serial: 019B7DC992DF2DBE028E2E60A6B1AB6BCD4E Authority key identifier: 60:C8:D5:77:47:F7:29:70:0E:F2:F5:61:4F:6D:FD:EC:8D:11:9F:2D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YMjVd0f3KXAO8vVhT2397I0Rny0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/39d734-6fb1-4dc0-a128-d75f595fa7c3/1/QuPhVmekJ4dhqBPpcI5OG6WfkBk.roa Signing time: Fri 02 Jan 2026 08:18:40 +0000 ROA not before: Fri 02 Jan 2026 08:18:40 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 35732 IP address blocks: 185.130.136.0/24 maxlen: 24 185.130.137.0/24 maxlen: 24 185.130.138.0/24 maxlen: 24 185.130.139.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d6/39d734-6fb1-4dc0-a128-d75f595fa7c3/1/YMjVd0f3KXAO8vVhT2397I0Rny0.crl rsync://rpki.ripe.net/repository/DEFAULT/d6/39d734-6fb1-4dc0-a128-d75f595fa7c3/1/YMjVd0f3KXAO8vVhT2397I0Rny0.mft rsync://rpki.ripe.net/repository/DEFAULT/YMjVd0f3KXAO8vVhT2397I0Rny0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:c9:92:df:2d:be:02:8e:2e:60:a6:b1:ab:6b:cd:4e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=60c8d57747f729700ef2f5614f6dfdec8d119f2d Validity Not Before: Jan 2 08:18:40 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=42e3e15667a4278761a813e9708e4e1ba59f9019 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:59:bf:26:6e:4f:da:2c:d3:0d:03:8a:d1:31: 4f:c0:fa:0c:e7:69:84:51:17:5e:5f:9e:ca:45:d6: cc:f4:87:9f:97:28:3e:60:de:a4:89:16:db:bc:bb: cd:ea:3c:c1:53:a4:fa:c0:99:fa:23:3c:c9:e9:02: 70:8c:cb:e4:75:80:f5:44:92:62:1d:b4:1c:45:29: 97:ce:f2:a0:7f:b3:ff:21:56:c8:4d:c2:c4:f3:b2: d0:33:cd:36:1d:f5:8f:25:43:99:a8:e0:c4:a8:a2: a4:30:21:47:67:95:9b:bb:83:c2:8c:6c:14:f6:0d: 26:a3:60:f3:a8:b4:ee:55:ed:f0:f5:0f:2b:7c:e8: aa:50:ac:7b:a9:76:56:b4:47:6c:13:2d:b8:55:34: a5:13:84:25:b7:6e:6f:49:87:10:02:11:27:8e:9e: ca:5a:ef:7c:e5:27:57:d1:d1:45:f5:f1:02:3c:a2: 7f:0a:e6:b6:7d:b8:8c:95:f3:18:47:39:3e:7e:a8: 68:55:7b:f5:45:92:e3:49:2c:a5:8e:78:c4:7d:04: 38:aa:a6:ff:df:d3:1a:81:e1:a7:96:c6:fa:93:fd: 6c:fa:94:63:bd:00:1c:30:bf:15:d9:e2:34:4f:87: 74:cb:b9:fc:7b:ba:29:37:b3:b9:5c:10:29:35:31: 6f:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 42:E3:E1:56:67:A4:27:87:61:A8:13:E9:70:8E:4E:1B:A5:9F:90:19 X509v3 Authority Key Identifier: keyid:60:C8:D5:77:47:F7:29:70:0E:F2:F5:61:4F:6D:FD:EC:8D:11:9F:2D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YMjVd0f3KXAO8vVhT2397I0Rny0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/39d734-6fb1-4dc0-a128-d75f595fa7c3/1/QuPhVmekJ4dhqBPpcI5OG6WfkBk.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/39d734-6fb1-4dc0-a128-d75f595fa7c3/1/YMjVd0f3KXAO8vVhT2397I0Rny0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.130.136.0/22 Signature Algorithm: sha256WithRSAEncryption 78:ce:b7:32:0d:87:25:d3:ef:84:05:0e:58:57:c3:5d:a9:8b: 9d:37:d1:0a:61:f8:31:81:2c:13:28:2c:b1:64:59:8b:3e:88: 4e:f9:11:31:52:b1:12:69:7c:80:ca:eb:65:90:36:5d:4b:9e: fc:f7:f7:72:fe:72:32:0f:95:9e:14:e5:05:e1:ad:0e:df:84: 34:af:cf:8a:14:dc:e2:2a:da:07:59:12:91:30:e4:ff:5b:cd: 7e:80:f4:ca:95:52:99:ee:3f:4c:2d:ba:79:af:7e:33:2d:9b: 09:c7:82:69:8d:2a:f3:dd:dc:05:9e:6a:5f:8d:54:14:a3:8c: b1:cb:4b:47:36:8d:98:92:24:29:cd:16:67:27:07:8f:17:e1: c9:3d:76:e4:c3:f6:2d:0a:10:c8:fc:4e:6f:ee:2d:a6:ea:63: 41:9d:53:82:c9:f0:00:af:8d:f2:40:94:69:15:a8:59:b3:03: 0a:3e:4f:2b:2f:f2:77:46:d5:b9:9c:d4:5b:2a:c4:0e:91:32: 59:28:3e:41:26:00:81:0b:0a:79:e3:ad:60:19:86:8a:ab:d9: 9f:46:78:28:c8:2f:f1:18:8c:5d:65:ff:a2:35:4d:38:f8:15: bb:f2:a9:c4:46:76:99:8b:09:89:1d:e5:a1:ee:87:67:84:f0: 33:ff:ef:84 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt9yZLfLb4Cji5gprGra81OMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYwYzhkNTc3NDdmNzI5NzAwZWYyZjU2MTRmNmRmZGVjOGQx MTlmMmQwHhcNMjYwMTAyMDgxODQwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0MmUzZTE1NjY3YTQyNzg3NjFhODEzZTk3MDhlNGUxYmE1OWY5MDE5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwlm/Jm5P2izTDQOK0TFPwPoM52mE URdeX57KRdbM9Ieflyg+YN6kiRbbvLvN6jzBU6T6wJn6IzzJ6QJwjMvkdYD1RJJi HbQcRSmXzvKgf7P/IVbITcLE87LQM802HfWPJUOZqODEqKKkMCFHZ5Wbu4PCjGwU 9g0mo2DzqLTuVe3w9Q8rfOiqUKx7qXZWtEdsEy24VTSlE4Qlt25vSYcQAhEnjp7K Wu985SdX0dFF9fECPKJ/Cua2fbiMlfMYRzk+fqhoVXv1RZLjSSyljnjEfQQ4qqb/ 39MageGnlsb6k/1s+pRjvQAcML8V2eI0T4d0y7n8e7opN7O5XBApNTFvYQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFELj4VZnpCeHYagT6XCOThuln5AZMB8GA1UdIwQY MBaAFGDI1XdH9ylwDvL1YU9t/eyNEZ8tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWU1qVmQwZjNLWEFPOHZWaFQyMzk3STBSbnkwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi8zOWQ3MzQtNmZiMS00ZGMwLWExMjgt ZDc1ZjU5NWZhN2MzLzEvUXVQaFZtZWtKNGRocUJQcGNJNU9HNldma0JrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kNi8zOWQ3MzQtNmZiMS00ZGMwLWExMjgtZDc1ZjU5NWZhN2Mz LzEvWU1qVmQwZjNLWEFPOHZWaFQyMzk3STBSbnkwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYKIMA0G CSqGSIb3DQEBCwUAA4IBAQB4zrcyDYcl0++EBQ5YV8NdqYudN9EKYfgxgSwTKCyx ZFmLPohO+RExUrESaXyAyutlkDZdS5789/dy/nIyD5WeFOUF4a0O34Q0r8+KFNzi KtoHWRKRMOT/W81+gPTKlVKZ7j9MLbp5r34zLZsJx4JpjSrz3dwFnmpfjVQUo4yx y0tHNo2YkiQpzRZnJwePF+HJPXbkw/YtChDI/E5v7i2m6mNBnVOCyfAAr43yQJRp FahZswMKPk8rL/J3RtW5nNRbKsQOkTJZKD5BJgCBCwp5461gGYaKq9mfRngoyC/x GIxdZf+iNU04+BW78qnERnaZiwmJHeWh7odnhPAz/++E -----END CERTIFICATE-----Generated at Mon Jan 26 04:50:16 2026 by rpki-client