This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/0b61cf-80ba-4e8e-a2e5-20a0d130c456/1/qXz1wwKxqiN0TXCABlpmdej_AF4.roa File: qXz1wwKxqiN0TXCABlpmdej_AF4.roa (raw, json) Hash identifier: 80kAjI8jd2lcruWJ4j/gPqkVYCIlUhbIwX0K9xxTqBU= Subject key identifier: A9:7C:F5:C3:02:B1:AA:23:74:4D:70:80:06:5A:66:75:E8:FF:00:5E Certificate issuer: /CN=2add438a7ce3cb379f28cfa051cf63d5ad8fe3ca Certificate serial: 019B7E37DD3B985200635595AC3AEBF88763 Authority key identifier: 2A:DD:43:8A:7C:E3:CB:37:9F:28:CF:A0:51:CF:63:D5:AD:8F:E3:CA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Kt1DinzjyzefKM-gUc9j1a2P48o.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/0b61cf-80ba-4e8e-a2e5-20a0d130c456/1/qXz1wwKxqiN0TXCABlpmdej_AF4.roa Signing time: Fri 02 Jan 2026 10:19:08 +0000 ROA not before: Fri 02 Jan 2026 10:19:08 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 43309 IP address blocks: 2.56.168.0/24 maxlen: 24 185.234.252.0/24 maxlen: 24 2a0f:ca00::/33 maxlen: 33 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/0b61cf-80ba-4e8e-a2e5-20a0d130c456/1/Kt1DinzjyzefKM-gUc9j1a2P48o.crl rsync://rpki.ripe.net/repository/DEFAULT/dd/0b61cf-80ba-4e8e-a2e5-20a0d130c456/1/Kt1DinzjyzefKM-gUc9j1a2P48o.mft rsync://rpki.ripe.net/repository/DEFAULT/Kt1DinzjyzefKM-gUc9j1a2P48o.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:37:dd:3b:98:52:00:63:55:95:ac:3a:eb:f8:87:63 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2add438a7ce3cb379f28cfa051cf63d5ad8fe3ca Validity Not Before: Jan 2 10:19:08 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=a97cf5c302b1aa23744d7080065a6675e8ff005e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:01:ea:20:c3:3a:76:f4:a6:0d:2c:8c:a7:50: 80:92:19:28:7a:88:b2:f3:a1:9d:e9:ee:c4:58:40: dc:73:6a:b8:12:f5:60:31:cc:27:4f:df:27:03:9b: 56:21:b7:bc:0d:86:05:ce:3f:d2:92:f7:d6:64:ed: 56:74:69:1d:a3:ed:38:b6:77:33:fb:fe:a3:5f:fe: 09:6c:c1:36:4d:04:5d:f0:d5:ad:e2:e6:e2:6e:03: 16:a3:45:64:ea:fb:9f:be:ef:9a:e8:27:b4:ea:7b: 36:cf:68:0f:ad:4f:f2:27:32:6f:9c:92:fc:0e:76: 81:74:1c:dc:13:fb:5a:88:8f:39:e4:8d:8c:bb:48: d6:7f:91:8f:69:43:42:74:94:4e:50:03:02:bf:ae: d4:8b:62:94:b2:3b:7c:c8:50:24:e9:c3:54:d1:6d: 68:1c:0b:a0:58:8d:74:9f:c5:cd:a6:74:01:76:60: d3:cb:0e:85:de:b5:cf:e7:a2:16:b1:c3:b8:63:d4: 98:bf:2f:fc:21:c9:e6:8d:9f:06:34:88:21:72:dd: a0:c7:cc:3c:f1:b5:17:8a:7a:66:b9:8d:62:53:b5: 7c:08:d4:70:08:c1:18:42:e6:c0:05:1a:65:ca:f9: 0b:59:f4:26:55:9f:69:fa:30:55:dd:3c:fd:18:ea: 3e:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A9:7C:F5:C3:02:B1:AA:23:74:4D:70:80:06:5A:66:75:E8:FF:00:5E X509v3 Authority Key Identifier: keyid:2A:DD:43:8A:7C:E3:CB:37:9F:28:CF:A0:51:CF:63:D5:AD:8F:E3:CA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Kt1DinzjyzefKM-gUc9j1a2P48o.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/0b61cf-80ba-4e8e-a2e5-20a0d130c456/1/qXz1wwKxqiN0TXCABlpmdej_AF4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/0b61cf-80ba-4e8e-a2e5-20a0d130c456/1/Kt1DinzjyzefKM-gUc9j1a2P48o.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 2.56.168.0/24 185.234.252.0/24 IPv6: 2a0f:ca00::/33 Signature Algorithm: sha256WithRSAEncryption 39:42:2e:f0:93:9c:f7:c2:a6:5d:1b:0b:54:ab:33:b2:d8:8f: d2:c0:ef:d2:d7:60:64:90:02:6a:82:ab:be:05:f6:8b:36:ba: 4c:f8:8b:a8:10:bb:a1:d3:ee:bc:f2:a6:73:aa:36:d9:4c:73: 81:73:26:2a:81:d3:10:bb:49:69:60:4f:09:43:ee:7e:b2:01: 9b:d0:95:24:d2:ed:e1:aa:b6:e3:69:76:75:ee:76:bb:f4:44: 0f:4d:76:84:92:58:0c:0f:3e:93:21:57:6a:5e:8a:fd:a6:68: a3:15:b8:e6:20:d4:38:ba:e9:8c:50:fb:96:ff:a2:c0:26:45: 2d:43:3a:80:5e:43:6f:50:5c:f6:e8:88:bc:e0:2e:1b:58:83: 91:70:ee:e4:35:ca:01:fe:f0:68:ad:94:c0:1a:36:fa:7e:07: da:e9:17:91:04:1c:41:51:ce:1b:2a:0e:6b:d6:3e:14:c5:ab: e1:d6:f1:d3:da:48:0f:db:e8:91:c7:9d:9f:9e:36:df:85:10: 09:04:40:a2:d2:af:fa:e4:3e:f2:09:64:e7:e2:5c:42:a1:ab: 06:bf:b9:ef:92:ea:4c:8f:b8:0c:ee:1e:8c:13:f1:2e:74:36: 9d:ba:f0:7e:50:59:a0:6f:1d:ad:35:5b:f8:55:b0:81:68:86: 3a:f2:51:bd -----BEGIN CERTIFICATE----- MIIFEzCCA/ugAwIBAgISAZt+N907mFIAY1WVrDrr+IdjMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhZGQ0MzhhN2NlM2NiMzc5ZjI4Y2ZhMDUxY2Y2M2Q1YWQ4 ZmUzY2EwHhcNMjYwMTAyMTAxOTA4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhOTdjZjVjMzAyYjFhYTIzNzQ0ZDcwODAwNjVhNjY3NWU4ZmYwMDVlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqgHqIMM6dvSmDSyMp1CAkhkoeoiy 86Gd6e7EWEDcc2q4EvVgMcwnT98nA5tWIbe8DYYFzj/SkvfWZO1WdGkdo+04tncz +/6jX/4JbME2TQRd8NWt4ubibgMWo0Vk6vufvu+a6Ce06ns2z2gPrU/yJzJvnJL8 DnaBdBzcE/taiI855I2Mu0jWf5GPaUNCdJROUAMCv67Ui2KUsjt8yFAk6cNU0W1o HAugWI10n8XNpnQBdmDTyw6F3rXP56IWscO4Y9SYvy/8IcnmjZ8GNIghct2gx8w8 8bUXinpmuY1iU7V8CNRwCMEYQubABRplyvkLWfQmVZ9p+jBV3Tz9GOo+5wIDAQAB o4ICHzCCAhswHQYDVR0OBBYEFKl89cMCsaojdE1wgAZaZnXo/wBeMB8GA1UdIwQY MBaAFCrdQ4p848s3nyjPoFHPY9Wtj+PKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS3QxRGluemp5emVmS00tZ1VjOWoxYTJQNDhvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC8wYjYxY2YtODBiYS00ZThlLWEyZTUt MjBhMGQxMzBjNDU2LzEvcVh6MXd3S3hxaU4wVFhDQUJscG1kZWpfQUY0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kZC8wYjYxY2YtODBiYS00ZThlLWEyZTUtMjBhMGQxMzBjNDU2 LzEvS3QxRGluemp5emVmS00tZ1VjOWoxYTJQNDhvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDASBAIAATAMAwQAAjioAwQA uer8MA4EAgACMAgDBgcqD8oAADANBgkqhkiG9w0BAQsFAAOCAQEAOUIu8JOc98Km XRsLVKszstiP0sDv0tdgZJACaoKrvgX2iza6TPiLqBC7odPuvPKmc6o22UxzgXMm KoHTELtJaWBPCUPufrIBm9CVJNLt4aq242l2de52u/RED012hJJYDA8+kyFXal6K /aZooxW45iDUOLrpjFD7lv+iwCZFLUM6gF5Db1Bc9uiIvOAuG1iDkXDu5DXKAf7w aK2UwBo2+n4H2ukXkQQcQVHOGyoOa9Y+FMWr4dbx09pID9vokcedn54234UQCQRA otKv+uQ+8glk5+JcQqGrBr+575LqTI+4DO4ejBPxLnQ2nbrwflBZoG8drTVb+FWw gWiGOvJRvQ== -----END CERTIFICATE-----Generated at Sun Jan 25 20:46:27 2026 by rpki-client