This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/8fc3b0-9704-4751-b149-5a37f6a1bca9/1/TQWvkAi8bonEzYNgt0Kx7jD-EqQ.roa File: TQWvkAi8bonEzYNgt0Kx7jD-EqQ.roa (raw, json) Hash identifier: 4l9r6gsisRPOUrwiMnNC/ZEB32QweKRJ3pss8gUXvAk= Subject key identifier: 4D:05:AF:90:08:BC:6E:89:C4:CD:83:60:B7:42:B1:EE:30:FE:12:A4 Certificate issuer: /CN=4368330bea2dfe880ffa62f67b566aeae2d287fd Certificate serial: 019B7E37E86FDCF9D965347ADCEA8312F65A Authority key identifier: 43:68:33:0B:EA:2D:FE:88:0F:FA:62:F6:7B:56:6A:EA:E2:D2:87:FD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q2gzC-ot_ogP-mL2e1Zq6uLSh_0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/8fc3b0-9704-4751-b149-5a37f6a1bca9/1/TQWvkAi8bonEzYNgt0Kx7jD-EqQ.roa Signing time: Fri 02 Jan 2026 10:19:11 +0000 ROA not before: Fri 02 Jan 2026 10:19:11 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 47873 IP address blocks: 91.205.120.0/24 maxlen: 24 91.205.121.0/24 maxlen: 24 91.205.122.0/24 maxlen: 24 91.205.123.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/8fc3b0-9704-4751-b149-5a37f6a1bca9/1/Q2gzC-ot_ogP-mL2e1Zq6uLSh_0.crl rsync://rpki.ripe.net/repository/DEFAULT/11/8fc3b0-9704-4751-b149-5a37f6a1bca9/1/Q2gzC-ot_ogP-mL2e1Zq6uLSh_0.mft rsync://rpki.ripe.net/repository/DEFAULT/Q2gzC-ot_ogP-mL2e1Zq6uLSh_0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 21:05:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:37:e8:6f:dc:f9:d9:65:34:7a:dc:ea:83:12:f6:5a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4368330bea2dfe880ffa62f67b566aeae2d287fd Validity Not Before: Jan 2 10:19:11 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=4d05af9008bc6e89c4cd8360b742b1ee30fe12a4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:9c:de:c6:5d:ba:ff:aa:7b:34:1b:2c:d2:f2: 7a:31:c0:2b:8e:18:98:93:3c:94:13:29:64:42:7b: 8b:56:42:d5:fd:11:87:f0:56:b8:52:9b:c8:7a:7b: 7d:8f:7d:61:92:46:ef:89:d2:d5:07:47:c1:b0:44: 0a:21:75:0c:4b:b8:ad:9f:3e:c6:ae:dc:f8:cb:38: cb:b2:4b:e3:4b:14:6c:ca:47:10:b1:a8:d2:32:00: cc:87:92:49:eb:ea:87:cc:2a:f3:00:ab:eb:c8:a0: 8a:33:e0:05:d2:0c:ff:2e:38:c2:0e:9a:cc:59:05: 71:29:40:22:7d:1e:8e:10:fe:7b:7e:3b:7e:c2:bc: cc:b8:cb:53:f5:b0:5f:e3:37:bc:74:18:20:62:9e: 7a:ec:20:fd:4b:67:34:87:10:38:ed:5a:3c:62:3b: 23:e7:1f:99:76:60:da:bf:97:ff:c0:2f:9d:96:2a: c9:c2:18:dd:13:51:ae:f6:b7:97:df:f4:cf:33:40: b6:66:3a:bc:48:d9:49:78:48:84:f1:b4:23:a1:3a: 54:85:63:e7:18:69:8a:c7:51:93:3f:9d:e1:54:dc: 56:68:b2:c2:76:34:f3:60:4d:03:7f:18:a2:e3:e1: 3f:e8:48:48:ea:32:c4:45:0e:76:cb:4c:5b:b6:b8: cb:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4D:05:AF:90:08:BC:6E:89:C4:CD:83:60:B7:42:B1:EE:30:FE:12:A4 X509v3 Authority Key Identifier: keyid:43:68:33:0B:EA:2D:FE:88:0F:FA:62:F6:7B:56:6A:EA:E2:D2:87:FD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q2gzC-ot_ogP-mL2e1Zq6uLSh_0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/8fc3b0-9704-4751-b149-5a37f6a1bca9/1/TQWvkAi8bonEzYNgt0Kx7jD-EqQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/11/8fc3b0-9704-4751-b149-5a37f6a1bca9/1/Q2gzC-ot_ogP-mL2e1Zq6uLSh_0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.205.120.0/22 Signature Algorithm: sha256WithRSAEncryption 5a:3e:da:87:a3:20:90:ae:d4:d7:a9:9d:95:2f:57:93:39:ac: b8:5a:e2:e9:5a:97:bc:2c:b4:78:66:94:b5:da:66:50:99:cd: c4:7a:f7:d6:be:67:5d:63:84:aa:29:69:6a:73:02:d9:76:ce: e0:66:68:58:67:c3:40:44:b3:34:a2:45:f2:7d:fa:60:76:07: 1a:6d:b0:2e:df:c3:8e:4b:45:b8:18:ca:b7:9b:f9:e4:0f:c3: 8d:c6:3a:26:df:42:98:08:c1:85:0e:df:3b:60:be:c1:38:f0: b2:a2:4e:f4:07:78:fd:ad:e9:a1:22:45:7b:64:ae:dd:49:71: cc:6e:84:b1:36:08:6a:34:36:0e:20:19:1d:90:c0:4a:d0:12: 5e:8f:37:f7:ea:14:a8:87:40:c9:1c:6a:50:0d:a4:1e:aa:4a: 3a:9f:7b:12:42:bc:92:39:43:07:8f:97:10:13:9d:f8:8f:1b: fe:91:2a:9b:6f:3f:6c:bf:5c:95:30:19:bf:a2:0d:ca:7c:b9: bd:28:b7:12:6c:bb:84:b5:ca:0a:5e:37:7c:b5:09:e9:19:0e: 73:e8:c9:d5:f6:f2:e1:3f:54:8c:65:2a:51:70:ac:99:e5:38: e8:c3:88:6c:f8:ff:4c:54:db:f5:61:16:50:21:15:05:10:59: 86:9c:29:6e -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt+N+hv3PnZZTR63OqDEvZaMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQzNjgzMzBiZWEyZGZlODgwZmZhNjJmNjdiNTY2YWVhZTJk Mjg3ZmQwHhcNMjYwMTAyMTAxOTExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0ZDA1YWY5MDA4YmM2ZTg5YzRjZDgzNjBiNzQyYjFlZTMwZmUxMmE0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn5zexl26/6p7NBss0vJ6McArjhiY kzyUEylkQnuLVkLV/RGH8Fa4UpvIent9j31hkkbvidLVB0fBsEQKIXUMS7itnz7G rtz4yzjLskvjSxRsykcQsajSMgDMh5JJ6+qHzCrzAKvryKCKM+AF0gz/LjjCDprM WQVxKUAifR6OEP57fjt+wrzMuMtT9bBf4ze8dBggYp567CD9S2c0hxA47Vo8Yjsj 5x+ZdmDav5f/wC+dlirJwhjdE1Gu9reX3/TPM0C2Zjq8SNlJeEiE8bQjoTpUhWPn GGmKx1GTP53hVNxWaLLCdjTzYE0Dfxii4+E/6EhI6jLERQ52y0xbtrjL2wIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFE0Fr5AIvG6JxM2DYLdCse4w/hKkMB8GA1UdIwQY MBaAFENoMwvqLf6ID/pi9ntWauri0of9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUTJnekMtb3Rfb2dQLW1MMmUxWnE2dUxTaF8wLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS84ZmMzYjAtOTcwNC00NzUxLWIxNDkt NWEzN2Y2YTFiY2E5LzEvVFFXdmtBaThib25FellOZ3QwS3g3akQtRXFRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xMS84ZmMzYjAtOTcwNC00NzUxLWIxNDktNWEzN2Y2YTFiY2E5 LzEvUTJnekMtb3Rfb2dQLW1MMmUxWnE2dUxTaF8wLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW814MA0G CSqGSIb3DQEBCwUAA4IBAQBaPtqHoyCQrtTXqZ2VL1eTOay4WuLpWpe8LLR4ZpS1 2mZQmc3EevfWvmddY4SqKWlqcwLZds7gZmhYZ8NARLM0okXyffpgdgcabbAu38OO S0W4GMq3m/nkD8ONxjom30KYCMGFDt87YL7BOPCyok70B3j9remhIkV7ZK7dSXHM boSxNghqNDYOIBkdkMBK0BJejzf36hSoh0DJHGpQDaQeqko6n3sSQrySOUMHj5cQ E534jxv+kSqbbz9sv1yVMBm/og3KfLm9KLcSbLuEtcoKXjd8tQnpGQ5z6MnV9vLh P1SMZSpRcKyZ5Tjow4hs+P9MVNv1YRZQIRUFEFmGnClu -----END CERTIFICATE-----Generated at Tue Feb 10 04:17:03 2026 by rpki-client