This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/9eaf1e-c9ec-466d-8371-aabadd0719ba/1/AiPCwT2mOHblP5OWBwZI_2If-qc.roa File: AiPCwT2mOHblP5OWBwZI_2If-qc.roa (raw, json) Hash identifier: ZI02ce5tKSPDXFD64PX8BGZ+5za9hEAGoOG8T2YkDzY= Subject key identifier: 02:23:C2:C1:3D:A6:38:76:E5:3F:93:96:07:06:48:FF:62:1F:FA:A7 Certificate issuer: /CN=0747a36d7768a7b30a4eecbb6964c8c237d74401 Certificate serial: 019B7E38C0E65695DAE6BF06153FFDA4EC45 Authority key identifier: 07:47:A3:6D:77:68:A7:B3:0A:4E:EC:BB:69:64:C8:C2:37:D7:44:01 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B0ejbXdop7MKTuy7aWTIwjfXRAE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/9eaf1e-c9ec-466d-8371-aabadd0719ba/1/AiPCwT2mOHblP5OWBwZI_2If-qc.roa Signing time: Fri 02 Jan 2026 10:20:07 +0000 ROA not before: Fri 02 Jan 2026 10:20:07 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 44749 IP address blocks: 185.126.172.0/22 maxlen: 24 2a06:ca40::/29 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1b/9eaf1e-c9ec-466d-8371-aabadd0719ba/1/B0ejbXdop7MKTuy7aWTIwjfXRAE.crl rsync://rpki.ripe.net/repository/DEFAULT/1b/9eaf1e-c9ec-466d-8371-aabadd0719ba/1/B0ejbXdop7MKTuy7aWTIwjfXRAE.mft rsync://rpki.ripe.net/repository/DEFAULT/B0ejbXdop7MKTuy7aWTIwjfXRAE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:38:c0:e6:56:95:da:e6:bf:06:15:3f:fd:a4:ec:45 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0747a36d7768a7b30a4eecbb6964c8c237d74401 Validity Not Before: Jan 2 10:20:07 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=0223c2c13da63876e53f9396070648ff621ffaa7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:4c:b4:78:32:7a:f6:45:39:5a:3d:32:43:8f: 6a:72:2a:87:8e:a1:43:ff:24:1c:ab:04:63:d9:71: 53:67:cf:6e:9e:37:fa:1d:10:b8:9d:8e:cb:8e:c0: f4:c6:53:f1:60:fb:a6:e3:f7:e3:33:10:b2:62:ac: aa:3d:9a:09:8e:80:2e:c5:c4:fa:1a:15:da:9c:97: 51:ee:bd:16:47:f7:42:b1:0f:94:3e:e4:0d:d1:c4: cb:21:bd:af:2d:f0:3f:8b:60:47:74:c8:c9:45:d1: f0:fc:8f:15:89:e0:55:4e:e0:fb:f3:87:88:a2:f0: e8:8c:15:8d:22:8c:b7:05:ba:3b:18:53:3c:43:2c: af:a0:28:a0:71:39:4b:03:fb:b3:8b:d7:44:82:40: 2f:67:b6:f3:a8:50:c8:fd:fa:6e:33:24:7c:aa:28: 17:ed:06:2e:dd:ee:e2:f2:0e:7d:22:62:38:8c:0e: b2:a4:54:ee:03:6f:55:a1:55:fc:49:bc:d8:15:cd: ad:8c:b0:87:ef:0a:91:38:f0:d0:bc:df:28:54:58: 17:a5:b9:41:bc:78:38:98:85:60:31:f7:32:52:68: 0d:69:e7:59:1f:2d:93:97:61:44:c8:4b:e1:64:c0: 5e:c4:7a:c3:13:10:c4:d6:4f:75:57:61:b5:ee:72: a8:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 02:23:C2:C1:3D:A6:38:76:E5:3F:93:96:07:06:48:FF:62:1F:FA:A7 X509v3 Authority Key Identifier: keyid:07:47:A3:6D:77:68:A7:B3:0A:4E:EC:BB:69:64:C8:C2:37:D7:44:01 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B0ejbXdop7MKTuy7aWTIwjfXRAE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/9eaf1e-c9ec-466d-8371-aabadd0719ba/1/AiPCwT2mOHblP5OWBwZI_2If-qc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/9eaf1e-c9ec-466d-8371-aabadd0719ba/1/B0ejbXdop7MKTuy7aWTIwjfXRAE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.126.172.0/22 IPv6: 2a06:ca40::/29 Signature Algorithm: sha256WithRSAEncryption 31:3b:bd:71:d3:68:27:43:f0:46:68:7e:3e:97:11:b4:b8:dc: a1:e6:da:3a:01:52:f5:d5:28:f2:25:9a:84:cc:b2:5c:71:8d: b5:6e:fd:54:38:27:96:4b:89:e1:c9:95:74:00:84:03:6e:8a: 8c:38:4f:53:d7:f7:0e:3e:c8:17:7b:c1:49:6a:ab:16:e8:45: 91:a9:d8:3f:eb:98:8c:51:79:09:f6:05:d0:3b:cb:8d:af:a4: 39:78:cb:95:ba:a8:e6:5b:4b:7c:92:75:51:79:9a:8d:b9:f6: 46:16:81:96:6b:fb:c8:49:45:3b:a4:a9:85:e9:8b:97:b1:3c: b1:93:a2:c6:e3:78:a0:36:3c:24:49:f8:e0:e7:95:0a:b8:1d: fd:d2:35:23:97:00:68:89:29:c0:2d:1e:e7:6a:79:32:67:94: cd:12:e1:03:42:a0:d6:f8:06:27:cc:fc:40:7f:c9:bb:79:3c: 75:36:43:6a:a1:5f:19:8f:d7:c3:8a:b0:69:47:a7:13:bd:74: 14:a9:8e:79:62:fc:f6:54:f2:23:a3:f1:bd:88:e6:eb:4a:ab: 38:8f:ac:0f:1f:dc:22:a8:63:c4:db:85:02:b8:f5:bd:0a:03: 16:7b:3b:82:27:60:18:59:b9:54:0e:9c:c4:11:7b:56:66:38: 2f:22:b7:d4 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt+OMDmVpXa5r8GFT/9pOxFMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA3NDdhMzZkNzc2OGE3YjMwYTRlZWNiYjY5NjRjOGMyMzdk NzQ0MDEwHhcNMjYwMTAyMTAyMDA3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwMjIzYzJjMTNkYTYzODc2ZTUzZjkzOTYwNzA2NDhmZjYyMWZmYWE3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxEy0eDJ69kU5Wj0yQ49qciqHjqFD /yQcqwRj2XFTZ89unjf6HRC4nY7LjsD0xlPxYPum4/fjMxCyYqyqPZoJjoAuxcT6 GhXanJdR7r0WR/dCsQ+UPuQN0cTLIb2vLfA/i2BHdMjJRdHw/I8VieBVTuD784eI ovDojBWNIoy3Bbo7GFM8QyyvoCigcTlLA/uzi9dEgkAvZ7bzqFDI/fpuMyR8qigX 7QYu3e7i8g59ImI4jA6ypFTuA29VoVX8SbzYFc2tjLCH7wqROPDQvN8oVFgXpblB vHg4mIVgMfcyUmgNaedZHy2Tl2FEyEvhZMBexHrDExDE1k91V2G17nKoAwIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFAIjwsE9pjh25T+TlgcGSP9iH/qnMB8GA1UdIwQY MBaAFAdHo213aKezCk7su2lkyMI310QBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQjBlamJYZG9wN01LVHV5N2FXVEl3amZYUkFFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi85ZWFmMWUtYzllYy00NjZkLTgzNzEt YWFiYWRkMDcxOWJhLzEvQWlQQ3dUMm1PSGJsUDVPV0J3WklfMklmLXFjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xYi85ZWFmMWUtYzllYy00NjZkLTgzNzEtYWFiYWRkMDcxOWJh LzEvQjBlamJYZG9wN01LVHV5N2FXVEl3amZYUkFFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuX6sMA0E AgACMAcDBQMqBspAMA0GCSqGSIb3DQEBCwUAA4IBAQAxO71x02gnQ/BGaH4+lxG0 uNyh5to6AVL11SjyJZqEzLJccY21bv1UOCeWS4nhyZV0AIQDboqMOE9T1/cOPsgX e8FJaqsW6EWRqdg/65iMUXkJ9gXQO8uNr6Q5eMuVuqjmW0t8knVReZqNufZGFoGW a/vISUU7pKmF6YuXsTyxk6LG43igNjwkSfjg55UKuB390jUjlwBoiSnALR7nanky Z5TNEuEDQqDW+AYnzPxAf8m7eTx1NkNqoV8Zj9fDirBpR6cTvXQUqY55Yvz2VPIj o/G9iObrSqs4j6wPH9wiqGPE24UCuPW9CgMWezuCJ2AYWblUDpzEEXtWZjgvIrfU -----END CERTIFICATE-----Generated at Mon Feb 9 22:16:30 2026 by rpki-client