This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/QkQat_PSicCGu8KQr65qaIs6Bek.roa File: QkQat_PSicCGu8KQr65qaIs6Bek.roa (raw, json) Hash identifier: q5fpggcrO0H1q8A29ksIPQ1SBgvNbMv81BZ6RhZHHN4= Subject key identifier: 42:44:1A:B7:F3:D2:89:C0:86:BB:C2:90:AF:AE:6A:68:8B:3A:05:E9 Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702 Certificate serial: 019B77C7170ECA3DB4E120E98BA119DAABBE Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/QkQat_PSicCGu8KQr65qaIs6Bek.roa Signing time: Thu 01 Jan 2026 04:18:14 +0000 ROA not before: Thu 01 Jan 2026 04:18:14 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 212077 IP address blocks: 85.133.200.0/24 maxlen: 24 85.133.243.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.mft rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:00:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c7:17:0e:ca:3d:b4:e1:20:e9:8b:a1:19:da:ab:be Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702 Validity Not Before: Jan 1 04:18:14 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=42441ab7f3d289c086bbc290afae6a688b3a05e9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:a1:8d:6a:74:5e:7e:09:48:f6:30:ef:d2:d5: 0a:92:7b:6f:fa:de:33:25:6a:6f:62:11:f0:9c:50: f6:e0:c0:de:9e:72:6f:40:fb:69:05:2a:c3:d5:46: 86:bf:c5:0b:d8:b2:49:f2:84:a2:3b:c7:75:8b:3b: f5:b1:48:2a:91:6f:97:23:27:59:15:7e:26:fc:57: 60:fb:88:91:0e:95:c7:2f:8c:d9:2b:1b:68:d0:30: 97:98:de:a9:a9:13:86:a8:f2:a7:70:48:89:aa:82: 08:22:e1:67:f9:53:c0:b7:b9:a9:7c:6e:3a:f8:9e: 9e:34:39:01:61:43:f6:12:d9:c2:eb:d1:29:65:d7: 0c:03:d9:34:3a:a9:98:17:9f:14:10:8a:d2:9f:44: b9:d9:55:fe:9f:85:ed:79:87:62:02:28:4f:7f:63: 3b:7c:dc:3c:91:0c:50:52:45:3e:d1:18:27:d3:29: ba:e6:9c:34:72:4e:70:8e:18:6b:30:72:05:ca:5b: 7c:06:98:d6:b8:96:5c:56:dc:6e:38:a1:19:a3:1b: b2:ae:61:45:00:37:dd:b8:2f:e6:d7:2f:bb:03:09: 7e:30:23:26:a5:0e:1d:f2:8b:a5:d6:fd:d0:06:fd: 18:b5:94:b2:de:ef:9e:1d:34:c1:98:2d:e3:d0:84: 29:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 42:44:1A:B7:F3:D2:89:C0:86:BB:C2:90:AF:AE:6A:68:8B:3A:05:E9 X509v3 Authority Key Identifier: keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/QkQat_PSicCGu8KQr65qaIs6Bek.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 85.133.200.0/24 85.133.243.0/24 Signature Algorithm: sha256WithRSAEncryption 3a:9b:10:37:93:48:a9:3f:da:15:15:24:0b:c1:7f:02:63:f8: 2b:7e:1b:41:ac:e2:ba:78:b5:5a:3d:6f:00:3b:81:cb:a7:c5: 65:35:21:30:bc:55:30:e9:c1:fe:81:35:1e:dd:67:b6:18:ec: 2b:2f:7d:44:de:84:0a:13:42:ee:0a:96:c4:8f:09:16:44:b0: 9d:6a:8b:3f:fe:a3:61:67:7d:ba:9d:63:10:45:83:31:68:c5: 9d:59:12:97:51:7f:50:23:53:56:ce:74:ff:13:b4:68:19:b0: 7b:fe:68:5c:be:4a:07:7f:85:d6:f5:b8:2e:12:fc:9d:e5:0b: 87:ca:e9:02:34:be:7d:dd:5d:35:9d:1d:4d:58:cd:d5:15:2a: bf:69:2e:bc:e0:37:72:be:9c:f5:fa:69:7e:7c:13:25:05:bc: 8e:0f:a1:30:b0:c5:6c:04:8b:b0:60:75:19:7f:ad:7e:83:af: 92:32:11:d5:47:81:3e:79:97:ca:da:f2:12:3a:00:d1:98:92: 80:2a:3c:01:92:ca:51:05:9a:8f:5c:43:80:23:c1:3f:87:ca: 7c:74:f6:50:e8:2a:54:08:85:ba:e1:70:13:51:fa:4c:b7:41: 1c:1a:ae:d0:51:07:8f:e5:b9:cb:a0:fc:18:3b:46:53:ec:21: be:82:5a:38 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt3xxcOyj204SDpi6EZ2qu+MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5 NDY3MDIwHhcNMjYwMTAxMDQxODE0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0MjQ0MWFiN2YzZDI4OWMwODZiYmMyOTBhZmFlNmE2ODhiM2EwNWU5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwqGNanRefglI9jDv0tUKkntv+t4z JWpvYhHwnFD24MDennJvQPtpBSrD1UaGv8UL2LJJ8oSiO8d1izv1sUgqkW+XIydZ FX4m/Fdg+4iRDpXHL4zZKxto0DCXmN6pqROGqPKncEiJqoIIIuFn+VPAt7mpfG46 +J6eNDkBYUP2EtnC69EpZdcMA9k0OqmYF58UEIrSn0S52VX+n4XteYdiAihPf2M7 fNw8kQxQUkU+0Rgn0ym65pw0ck5wjhhrMHIFylt8BpjWuJZcVtxuOKEZoxuyrmFF ADfduC/m1y+7Awl+MCMmpQ4d8oul1v3QBv0YtZSy3u+eHTTBmC3j0IQp2wIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFEJEGrfz0onAhrvCkK+uamiLOgXpMB8GA1UdIwQY MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt NWQxZmE2NmMzNjNiLzEvUWtRYXRfUFNpY0NHdThLUXI2NXFhSXM2QmVrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVYXIAwQA VYXzMA0GCSqGSIb3DQEBCwUAA4IBAQA6mxA3k0ipP9oVFSQLwX8CY/grfhtBrOK6 eLVaPW8AO4HLp8VlNSEwvFUw6cH+gTUe3We2GOwrL31E3oQKE0LuCpbEjwkWRLCd aos//qNhZ326nWMQRYMxaMWdWRKXUX9QI1NWznT/E7RoGbB7/mhcvkoHf4XW9bgu Evyd5QuHyukCNL593V01nR1NWM3VFSq/aS684Ddyvpz1+ml+fBMlBbyOD6EwsMVs BIuwYHUZf61+g6+SMhHVR4E+eZfK2vISOgDRmJKAKjwBkspRBZqPXEOAI8E/h8p8 dPZQ6CpUCIW64XATUfpMt0EcGq7QUQeP5bnLoPwYO0ZT7CG+glo4 -----END CERTIFICATE-----Generated at Sun Jan 25 21:02:59 2026 by rpki-client