This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/3f151b-fb71-4f1b-bb09-539b329f995c/1/QyZa0nXuZdTRYOcamDUuEXlxJrw.roa File: QyZa0nXuZdTRYOcamDUuEXlxJrw.roa (raw, json) Hash identifier: fY3crQbaUbhZWemSvo5lCgx+xQL5kp/7I3vPr0MN5Fo= Subject key identifier: 43:26:5A:D2:75:EE:65:D4:D1:60:E7:1A:98:35:2E:11:79:71:26:BC Certificate issuer: /CN=434421cf6a02b38af5b6bbca6dbd3764448b6cb7 Certificate serial: 019B7C80CDB0CD722C38B803CDB4A677208A Authority key identifier: 43:44:21:CF:6A:02:B3:8A:F5:B6:BB:CA:6D:BD:37:64:44:8B:6C:B7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q0Qhz2oCs4r1trvKbb03ZESLbLc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/3f151b-fb71-4f1b-bb09-539b329f995c/1/QyZa0nXuZdTRYOcamDUuEXlxJrw.roa Signing time: Fri 02 Jan 2026 02:19:34 +0000 ROA not before: Fri 02 Jan 2026 02:19:34 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 199244 IP address blocks: 185.3.192.0/22 maxlen: 22 2a02:5f40::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/3f151b-fb71-4f1b-bb09-539b329f995c/1/Q0Qhz2oCs4r1trvKbb03ZESLbLc.crl rsync://rpki.ripe.net/repository/DEFAULT/27/3f151b-fb71-4f1b-bb09-539b329f995c/1/Q0Qhz2oCs4r1trvKbb03ZESLbLc.mft rsync://rpki.ripe.net/repository/DEFAULT/Q0Qhz2oCs4r1trvKbb03ZESLbLc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:80:cd:b0:cd:72:2c:38:b8:03:cd:b4:a6:77:20:8a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=434421cf6a02b38af5b6bbca6dbd3764448b6cb7 Validity Not Before: Jan 2 02:19:34 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=43265ad275ee65d4d160e71a98352e11797126bc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:89:73:77:8c:76:de:cf:36:5e:25:ba:15:eb: 7a:33:c3:dd:0e:f6:18:e2:ef:15:ff:1e:9a:02:5e: 8d:dd:ce:a9:07:98:ee:dc:c1:38:5e:77:18:00:73: ad:f7:ab:00:46:34:85:40:5f:d9:c2:b9:9f:97:1c: 4a:7c:6d:fe:93:66:41:d1:89:82:d6:5a:53:89:bd: 48:fb:9c:73:f2:ed:48:08:63:64:4c:d1:33:c5:4f: 9b:9c:c5:64:77:0d:f2:a3:ee:6d:44:2b:97:6b:f0: 3c:84:95:4b:77:d3:89:84:79:c2:8d:7f:90:a7:b0: 3d:e4:2e:32:30:38:9c:a4:57:b5:73:0f:ed:56:95: 15:56:60:0d:42:e8:f2:11:18:21:16:d5:87:4c:e5: e2:1d:b4:3e:fe:0d:d1:6a:db:51:d8:a4:cf:63:ea: 1f:85:85:1a:fa:32:6a:52:59:70:c5:fe:29:10:4f: 3a:16:17:ed:38:8d:c4:1b:58:6e:6b:3d:12:d7:7c: ac:a0:2f:ff:f3:c5:8c:12:85:22:8e:83:3c:69:b7: b3:3b:ce:dc:56:d0:cc:3a:4b:82:77:1d:2e:91:db: c6:ee:97:69:37:ab:fc:f5:36:ce:da:4f:7f:25:f8: d8:6f:f1:68:e4:76:cf:a7:49:aa:bf:7d:71:79:f6: 11:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 43:26:5A:D2:75:EE:65:D4:D1:60:E7:1A:98:35:2E:11:79:71:26:BC X509v3 Authority Key Identifier: keyid:43:44:21:CF:6A:02:B3:8A:F5:B6:BB:CA:6D:BD:37:64:44:8B:6C:B7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q0Qhz2oCs4r1trvKbb03ZESLbLc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/3f151b-fb71-4f1b-bb09-539b329f995c/1/QyZa0nXuZdTRYOcamDUuEXlxJrw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/27/3f151b-fb71-4f1b-bb09-539b329f995c/1/Q0Qhz2oCs4r1trvKbb03ZESLbLc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.3.192.0/22 IPv6: 2a02:5f40::/32 Signature Algorithm: sha256WithRSAEncryption 44:ef:b6:f0:18:af:be:29:62:50:2a:fd:74:5b:53:bd:57:91: a6:60:7a:20:16:00:20:a8:c0:c6:70:43:63:58:fc:59:5a:2a: b0:28:c7:c5:49:47:67:4f:87:60:89:b5:a5:67:4e:bc:84:13: 60:84:de:26:a6:75:29:6f:74:a3:95:5b:13:77:8d:71:a5:1e: e2:c7:cf:d0:48:74:bd:26:ba:1f:ae:0b:af:71:2e:50:e0:6d: ad:0f:df:a0:a2:3e:5d:f3:80:8d:8f:17:2d:db:4e:44:e4:fe: e5:ab:85:50:a5:97:35:58:80:6e:78:61:0c:e2:8b:2a:e1:7a: 6e:3f:76:df:8b:c1:86:f5:d1:ac:12:a2:75:3e:17:92:f4:45: 9c:ce:87:b4:c2:ca:02:ea:be:d1:43:cf:e0:4e:f7:8a:02:e0: e7:80:97:ea:a0:92:ac:2b:cc:e0:be:ea:f1:7b:39:60:14:ec: 26:3d:c4:f4:4a:1b:b4:ea:c7:c1:ce:45:2f:86:e8:79:c7:5c: 34:42:0c:b0:cc:e9:d8:45:40:0d:60:04:4b:55:52:4f:45:fe: 40:c2:1b:f2:89:92:3d:9d:0f:cb:ea:8f:1c:b5:f5:7e:ff:8e: 7a:70:16:25:32:27:a5:52:f8:06:f4:a8:cd:6d:99:82:de:9c: 9a:22:a5:5e -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt8gM2wzXIsOLgDzbSmdyCKMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQzNDQyMWNmNmEwMmIzOGFmNWI2YmJjYTZkYmQzNzY0NDQ4 YjZjYjcwHhcNMjYwMTAyMDIxOTM0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0MzI2NWFkMjc1ZWU2NWQ0ZDE2MGU3MWE5ODM1MmUxMTc5NzEyNmJjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuYlzd4x23s82XiW6Fet6M8PdDvYY 4u8V/x6aAl6N3c6pB5ju3ME4XncYAHOt96sARjSFQF/ZwrmflxxKfG3+k2ZB0YmC 1lpTib1I+5xz8u1ICGNkTNEzxU+bnMVkdw3yo+5tRCuXa/A8hJVLd9OJhHnCjX+Q p7A95C4yMDicpFe1cw/tVpUVVmANQujyERghFtWHTOXiHbQ+/g3RattR2KTPY+of hYUa+jJqUllwxf4pEE86FhftOI3EG1huaz0S13ysoC//88WMEoUijoM8abezO87c VtDMOkuCdx0ukdvG7pdpN6v89TbO2k9/JfjYb/Fo5HbPp0mqv31xefYRRQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFEMmWtJ17mXU0WDnGpg1LhF5cSa8MB8GA1UdIwQY MBaAFENEIc9qArOK9ba7ym29N2REi2y3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUTBRaHoyb0NzNHIxdHJ2S2JiMDNaRVNMYkxjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8zZjE1MWItZmI3MS00ZjFiLWJiMDkt NTM5YjMyOWY5OTVjLzEvUXlaYTBuWHVaZFRSWU9jYW1EVXVFWGx4SnJ3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNy8zZjE1MWItZmI3MS00ZjFiLWJiMDktNTM5YjMyOWY5OTVj LzEvUTBRaHoyb0NzNHIxdHJ2S2JiMDNaRVNMYkxjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuQPAMA0E AgACMAcDBQAqAl9AMA0GCSqGSIb3DQEBCwUAA4IBAQBE77bwGK++KWJQKv10W1O9 V5GmYHogFgAgqMDGcENjWPxZWiqwKMfFSUdnT4dgibWlZ068hBNghN4mpnUpb3Sj lVsTd41xpR7ix8/QSHS9JrofrguvcS5Q4G2tD9+goj5d84CNjxct205E5P7lq4VQ pZc1WIBueGEM4osq4XpuP3bfi8GG9dGsEqJ1PheS9EWczoe0wsoC6r7RQ8/gTveK AuDngJfqoJKsK8zgvurxezlgFOwmPcT0Shu06sfBzkUvhuh5x1w0QgywzOnYRUAN YARLVVJPRf5AwhvyiZI9nQ/L6o8ctfV+/456cBYlMielUvgG9KjNbZmC3pyaIqVe -----END CERTIFICATE-----Generated at Mon Feb 9 19:54:44 2026 by rpki-client