This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/QBGrmO7Ev9Ji5UtDTbsGL-HRz08.roa File: QBGrmO7Ev9Ji5UtDTbsGL-HRz08.roa (raw, json) Hash identifier: ioX9m9zWEJN8nr5B9Twf0WuT9LzVXGuJ/6A2MThi9vc= Subject key identifier: 40:11:AB:98:EE:C4:BF:D2:62:E5:4B:43:4D:BB:06:2F:E1:D1:CF:4F Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8 Certificate serial: 019B7F854DAAD1E019331C09C698970D9B72 Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/QBGrmO7Ev9Ji5UtDTbsGL-HRz08.roa Signing time: Fri 02 Jan 2026 16:23:21 +0000 ROA not before: Fri 02 Jan 2026 16:23:21 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 209896 IP address blocks: 45.86.20.0/22 maxlen: 22 95.214.152.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.mft rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:85:4d:aa:d1:e0:19:33:1c:09:c6:98:97:0d:9b:72 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8 Validity Not Before: Jan 2 16:23:21 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=4011ab98eec4bfd262e54b434dbb062fe1d1cf4f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:50:78:95:38:25:1a:de:a1:fb:47:53:0d:9d: 60:41:c6:16:51:d5:24:fc:e6:ef:1e:43:0a:a1:c1: bc:3d:26:05:b1:63:05:24:0c:e6:5d:aa:01:3b:55: ea:62:fd:6e:05:91:df:bd:fb:6d:c9:1a:4a:32:0f: b4:f8:ac:cb:02:db:13:6c:25:d0:83:21:3a:3c:79: 82:37:c9:39:db:b3:05:0f:ff:17:94:a7:b0:cd:22: 1d:e0:55:b9:c7:8d:29:7b:5d:84:25:43:8e:23:1e: d5:f5:ec:a4:eb:a4:c7:d9:74:fe:e8:99:9a:5b:67: a9:56:70:9d:3c:49:54:12:00:21:5f:21:2a:c4:81: 95:6c:cd:fc:fb:45:ba:20:43:61:39:46:be:63:0a: ff:7d:3f:e6:d8:40:25:c1:57:6c:a8:56:a9:55:99: fe:df:11:27:6f:b7:0e:28:38:6c:2d:8c:e6:b8:5f: a1:09:96:a7:5d:24:88:1b:c6:67:2b:bf:fa:5a:b4: 1e:b6:88:44:80:a5:84:66:e2:48:a5:69:e4:54:de: 9e:06:32:ba:91:c4:02:d7:59:32:4b:f5:04:38:91: 09:bc:6c:e0:8b:41:10:b9:e7:d8:32:c2:99:bf:36: ef:62:d5:fb:f4:eb:ac:4b:f2:8f:97:d9:f0:57:34: 3e:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:11:AB:98:EE:C4:BF:D2:62:E5:4B:43:4D:BB:06:2F:E1:D1:CF:4F X509v3 Authority Key Identifier: keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/QBGrmO7Ev9Ji5UtDTbsGL-HRz08.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.86.20.0/22 95.214.152.0/22 Signature Algorithm: sha256WithRSAEncryption 2e:4e:a1:25:e2:3e:06:39:5a:3b:8c:d6:c3:19:bf:89:64:c0: 03:85:67:5a:d3:d2:9c:ec:5b:e5:fd:60:69:07:e0:9f:fe:6d: 5b:2c:a8:fd:61:6a:00:c7:56:5b:52:cf:cf:28:b1:2f:dc:9b: ab:17:2f:a9:08:97:28:5f:bc:55:9d:2e:b9:ea:00:34:c3:c8: bf:02:c8:3b:8b:ec:fc:54:c4:11:27:4b:2a:ae:8d:bd:63:ce: 76:39:32:78:b9:01:97:1c:e8:3c:40:29:60:70:52:d0:71:6b: 75:58:3e:6e:8b:92:06:e1:58:2f:35:8b:21:c8:b7:9c:ab:b1: 6e:e4:ec:bb:00:c2:d3:9a:2a:9b:a7:0c:6e:0b:c8:6e:1a:ee: d7:56:1c:13:aa:e8:6e:16:97:48:58:05:2b:ce:10:c2:be:42: 03:86:f8:e5:91:6b:49:42:f0:ee:cf:77:2c:13:76:83:a7:97: e0:d0:94:af:fe:5b:d0:8f:b4:cc:3c:1b:2d:ca:fa:a8:31:c5: e6:8b:42:e8:54:d7:0e:12:34:d1:4a:c6:43:71:22:d3:a8:e5: ec:64:ce:99:ae:b4:ef:77:27:e5:18:d9:07:b0:1b:1a:92:1f: 40:e2:98:b2:55:6f:14:72:31:2a:a1:44:cc:95:07:47:52:e3: b9:5a:7f:24 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt/hU2q0eAZMxwJxpiXDZtyMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3 MWE5YTgwHhcNMjYwMTAyMTYyMzIxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0MDExYWI5OGVlYzRiZmQyNjJlNTRiNDM0ZGJiMDYyZmUxZDFjZjRmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6FB4lTglGt6h+0dTDZ1gQcYWUdUk /ObvHkMKocG8PSYFsWMFJAzmXaoBO1XqYv1uBZHfvfttyRpKMg+0+KzLAtsTbCXQ gyE6PHmCN8k527MFD/8XlKewzSId4FW5x40pe12EJUOOIx7V9eyk66TH2XT+6Jma W2epVnCdPElUEgAhXyEqxIGVbM38+0W6IENhOUa+Ywr/fT/m2EAlwVdsqFapVZn+ 3xEnb7cOKDhsLYzmuF+hCZanXSSIG8ZnK7/6WrQetohEgKWEZuJIpWnkVN6eBjK6 kcQC11kyS/UEOJEJvGzgi0EQuefYMsKZvzbvYtX79OusS/KPl9nwVzQ+qwIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFEARq5juxL/SYuVLQ027Bi/h0c9PMB8GA1UdIwQY MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt M2FjOWU1NmMzMDg5LzEvUUJHcm1PN0V2OUppNVV0RFRic0dMLUhSejA4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5 LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLVYUAwQC X9aYMA0GCSqGSIb3DQEBCwUAA4IBAQAuTqEl4j4GOVo7jNbDGb+JZMADhWda09Kc 7Fvl/WBpB+Cf/m1bLKj9YWoAx1ZbUs/PKLEv3JurFy+pCJcoX7xVnS656gA0w8i/ Asg7i+z8VMQRJ0sqro29Y852OTJ4uQGXHOg8QClgcFLQcWt1WD5ui5IG4VgvNYsh yLecq7Fu5Oy7AMLTmiqbpwxuC8huGu7XVhwTquhuFpdIWAUrzhDCvkIDhvjlkWtJ QvDuz3csE3aDp5fg0JSv/lvQj7TMPBstyvqoMcXmi0LoVNcOEjTRSsZDcSLTqOXs ZM6ZrrTvdyflGNkHsBsakh9A4piyVW8UcjEqoUTMlQdHUuO5Wn8k -----END CERTIFICATE-----Generated at Sun Jan 25 22:50:47 2026 by rpki-client