This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/05b0d2-16ba-4d71-a218-43e6bff9a25e/1/q4RgQKh4FjWPPdfMlG4zXkJsFEo.roa File: q4RgQKh4FjWPPdfMlG4zXkJsFEo.roa (raw, json) Hash identifier: Vm7yPN+7IJFmydBdmDtFdAkyNaUk3WMpe/OgH6j9q6A= Subject key identifier: AB:84:60:40:A8:78:16:35:8F:3D:D7:CC:94:6E:33:5E:42:6C:14:4A Certificate issuer: /CN=4593b9ac0a486b0037765d605c8b1c8104046f0a Certificate serial: 019AA0DA22A68FAAEE4C55809D92A1651CBB Authority key identifier: 45:93:B9:AC:0A:48:6B:00:37:76:5D:60:5C:8B:1C:81:04:04:6F:0A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RZO5rApIawA3dl1gXIscgQQEbwo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/05b0d2-16ba-4d71-a218-43e6bff9a25e/1/q4RgQKh4FjWPPdfMlG4zXkJsFEo.roa Signing time: Thu 20 Nov 2025 10:40:41 +0000 ROA not before: Thu 20 Nov 2025 10:40:41 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 205634 IP address blocks: 144.124.223.0/24 maxlen: 24 158.94.213.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/05b0d2-16ba-4d71-a218-43e6bff9a25e/1/RZO5rApIawA3dl1gXIscgQQEbwo.crl rsync://rpki.ripe.net/repository/DEFAULT/41/05b0d2-16ba-4d71-a218-43e6bff9a25e/1/RZO5rApIawA3dl1gXIscgQQEbwo.mft rsync://rpki.ripe.net/repository/DEFAULT/RZO5rApIawA3dl1gXIscgQQEbwo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 11:00:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:a0:da:22:a6:8f:aa:ee:4c:55:80:9d:92:a1:65:1c:bb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4593b9ac0a486b0037765d605c8b1c8104046f0a Validity Not Before: Nov 20 10:40:41 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=ab846040a87816358f3dd7cc946e335e426c144a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:41:08:30:82:60:cc:cb:d0:f3:c3:bf:28:81: 51:71:16:fe:8b:66:77:81:18:d9:19:8d:c0:8f:22: 38:1f:2d:c5:ca:0e:42:a4:c8:48:ff:77:0a:0b:f4: 95:77:11:58:9c:f5:9e:84:b1:f5:c9:a0:01:82:21: 2b:8c:7b:ad:e3:a3:1f:6a:d8:bd:d6:71:4d:a9:52: 85:2b:91:a3:bb:37:00:1d:dc:34:7c:25:86:08:f9: 63:be:98:25:1b:91:be:d1:a3:66:9e:9d:25:65:77: a2:2e:9e:ed:be:71:12:41:88:5e:94:3e:87:fd:11: 9d:54:68:d8:e2:db:76:d6:88:8c:5f:4d:15:fd:d3: ea:3b:11:a2:6f:71:47:6d:c1:13:96:87:0c:ea:65: 2e:16:b8:16:94:cc:9b:d2:6d:c4:8a:af:e5:ca:9a: 58:ec:12:ca:1b:9e:3a:c7:06:b5:a7:76:ed:2e:9c: e5:5b:2e:9a:50:81:4c:de:5d:99:a2:e8:27:84:47: c7:31:7a:98:aa:a3:1b:a5:63:65:1c:8f:f4:f0:1f: 34:c9:cd:28:71:80:8d:62:e0:5a:6e:75:a5:0c:8a: 02:31:6a:17:a1:65:d7:38:77:34:66:1c:0d:d6:93: 63:f0:b5:77:46:bd:e8:d0:20:31:4e:eb:8b:3e:ae: bc:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AB:84:60:40:A8:78:16:35:8F:3D:D7:CC:94:6E:33:5E:42:6C:14:4A X509v3 Authority Key Identifier: keyid:45:93:B9:AC:0A:48:6B:00:37:76:5D:60:5C:8B:1C:81:04:04:6F:0A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RZO5rApIawA3dl1gXIscgQQEbwo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/05b0d2-16ba-4d71-a218-43e6bff9a25e/1/q4RgQKh4FjWPPdfMlG4zXkJsFEo.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/41/05b0d2-16ba-4d71-a218-43e6bff9a25e/1/RZO5rApIawA3dl1gXIscgQQEbwo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 144.124.223.0/24 158.94.213.0/24 Signature Algorithm: sha256WithRSAEncryption 67:c4:1e:3b:b6:0c:e6:c9:3d:40:3b:d1:6e:82:db:bd:1e:a2: c6:d4:a4:d5:09:75:26:97:9c:3d:27:05:36:1b:ef:10:94:54: 3b:04:36:5f:42:d6:de:8f:bb:a6:e6:d1:54:e0:ba:ad:3d:4e: d4:78:53:bf:02:7c:8e:1f:44:28:f6:41:06:84:d7:15:d2:53: 2f:48:5f:06:73:46:14:f1:eb:ec:9b:30:68:79:39:07:44:76: 48:c0:b4:01:38:44:da:82:57:51:5c:79:fa:88:20:fb:86:4f: e6:3e:86:2b:67:56:79:71:48:90:50:3b:42:23:2a:df:8b:1e: 8f:8f:e9:35:15:94:aa:80:c9:ef:06:c8:b0:9f:15:04:a1:d1: be:e9:c7:b8:17:f0:79:2c:8d:25:30:d7:bd:5c:59:0e:5d:38: 4e:d0:45:b9:c5:89:4d:82:83:8f:04:29:81:9f:8e:52:c1:03: 73:c9:cf:ab:9e:6d:53:ef:17:3c:ec:61:aa:6e:e9:36:14:c4: 2a:a9:ea:df:f4:83:37:c6:bf:af:6b:e3:94:6d:31:f3:7f:f5: d8:3a:21:58:4f:91:85:7d:f1:58:cb:ac:a7:ed:27:48:50:c3: 00:09:ef:9d:87:aa:4f:07:c6:32:b7:2c:5e:49:28:1a:7e:37: 91:94:87:96 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZqg2iKmj6ruTFWAnZKhZRy7MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQ1OTNiOWFjMGE0ODZiMDAzNzc2NWQ2MDVjOGIxYzgxMDQw NDZmMGEwHhcNMjUxMTIwMTA0MDQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhYjg0NjA0MGE4NzgxNjM1OGYzZGQ3Y2M5NDZlMzM1ZTQyNmMxNDRhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtUEIMIJgzMvQ88O/KIFRcRb+i2Z3 gRjZGY3AjyI4Hy3Fyg5CpMhI/3cKC/SVdxFYnPWehLH1yaABgiErjHut46Mfati9 1nFNqVKFK5GjuzcAHdw0fCWGCPljvpglG5G+0aNmnp0lZXeiLp7tvnESQYhelD6H /RGdVGjY4tt21oiMX00V/dPqOxGib3FHbcETlocM6mUuFrgWlMyb0m3Eiq/lyppY 7BLKG546xwa1p3btLpzlWy6aUIFM3l2ZougnhEfHMXqYqqMbpWNlHI/08B80yc0o cYCNYuBabnWlDIoCMWoXoWXXOHc0ZhwN1pNj8LV3Rr3o0CAxTuuLPq68iwIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFKuEYECoeBY1jz3XzJRuM15CbBRKMB8GA1UdIwQY MBaAFEWTuawKSGsAN3ZdYFyLHIEEBG8KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUlpPNXJBcElhd0EzZGwxZ1hJc2NnUVFFYndvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS8wNWIwZDItMTZiYS00ZDcxLWEyMTgt NDNlNmJmZjlhMjVlLzEvcTRSZ1FLaDRGaldQUGRmTWxHNHpYa0pzRkVvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80MS8wNWIwZDItMTZiYS00ZDcxLWEyMTgtNDNlNmJmZjlhMjVl LzEvUlpPNXJBcElhd0EzZGwxZ1hJc2NnUVFFYndvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAkHzfAwQA nl7VMA0GCSqGSIb3DQEBCwUAA4IBAQBnxB47tgzmyT1AO9Fugtu9HqLG1KTVCXUm l5w9JwU2G+8QlFQ7BDZfQtbej7um5tFU4LqtPU7UeFO/AnyOH0Qo9kEGhNcV0lMv SF8Gc0YU8evsmzBoeTkHRHZIwLQBOETagldRXHn6iCD7hk/mPoYrZ1Z5cUiQUDtC Iyrfix6Pj+k1FZSqgMnvBsiwnxUEodG+6ce4F/B5LI0lMNe9XFkOXThO0EW5xYlN goOPBCmBn45SwQNzyc+rnm1T7xc87GGqbuk2FMQqqerf9IM3xr+va+OUbTHzf/XY OiFYT5GFffFYy6yn7SdIUMMACe+dh6pPB8YytyxeSSgafjeRlIeW -----END CERTIFICATE-----Generated at Fri Dec 5 19:47:30 2025 by rpki-client