This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/a01f82-9193-4199-95a8-83ae5d9c832f/1/QPbL87CmRT1ll0u9cNfWuv1QlyA.roa File: QPbL87CmRT1ll0u9cNfWuv1QlyA.roa (raw, json) Hash identifier: 8Z1WQs/0Meh/R2Q6A9r9cYWb2lmAvHlCtOd8UxHsBvk= Subject key identifier: 40:F6:CB:F3:B0:A6:45:3D:65:97:4B:BD:70:D7:D6:BA:FD:50:97:20 Certificate issuer: /CN=a59ac8323ebb6be20fae89d098ca24138f8c9005 Certificate serial: 019B7D5AFDFE6C4399A9E2D153E16F6F999C Authority key identifier: A5:9A:C8:32:3E:BB:6B:E2:0F:AE:89:D0:98:CA:24:13:8F:8C:90:05 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pZrIMj67a-IPronQmMokE4-MkAU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/a01f82-9193-4199-95a8-83ae5d9c832f/1/QPbL87CmRT1ll0u9cNfWuv1QlyA.roa Signing time: Fri 02 Jan 2026 06:17:53 +0000 ROA not before: Fri 02 Jan 2026 06:17:53 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 34663 IP address blocks: 85.159.96.0/21 maxlen: 21 185.94.120.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/a01f82-9193-4199-95a8-83ae5d9c832f/1/pZrIMj67a-IPronQmMokE4-MkAU.crl rsync://rpki.ripe.net/repository/DEFAULT/42/a01f82-9193-4199-95a8-83ae5d9c832f/1/pZrIMj67a-IPronQmMokE4-MkAU.mft rsync://rpki.ripe.net/repository/DEFAULT/pZrIMj67a-IPronQmMokE4-MkAU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 21 Jan 2026 03:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5a:fd:fe:6c:43:99:a9:e2:d1:53:e1:6f:6f:99:9c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a59ac8323ebb6be20fae89d098ca24138f8c9005 Validity Not Before: Jan 2 06:17:53 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=40f6cbf3b0a6453d65974bbd70d7d6bafd509720 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:81:ee:cf:cf:10:42:1c:67:fe:90:48:7d:cc: 1b:cb:cf:61:ae:40:2b:7a:65:01:c1:cc:cb:20:1e: b2:32:82:f7:ec:e4:0f:3d:5d:34:02:8a:37:55:84: d2:e5:5e:08:2d:45:52:c7:1a:57:db:7b:31:74:c0: 7b:6d:6b:f3:4b:19:32:d3:57:8f:5b:29:6f:4b:5e: b1:18:74:c9:54:bd:f7:c3:f0:08:4f:e9:2e:e8:c5: 53:dd:6d:38:ce:ab:87:97:b9:64:ba:c9:b6:d9:90: 18:25:50:63:36:b4:ed:56:66:16:92:fa:0f:e4:62: 0c:ff:58:b2:2b:12:e6:0f:34:79:b3:dc:4a:63:ea: 3d:66:5b:52:5f:38:f3:9b:41:db:41:f4:13:e7:00: 29:6b:aa:3f:00:7c:6b:77:8a:56:78:b6:87:b4:49: 25:fd:1a:fb:32:74:e2:88:e0:35:f3:c1:0f:e2:0b: 52:54:0b:14:69:27:e0:d9:0a:62:09:e3:c1:c6:be: 0b:53:13:2b:3e:bc:98:ea:af:1b:f6:af:0a:dd:69: bc:28:12:3f:cd:4a:89:a6:32:f6:ab:94:25:8b:48: a9:7c:53:e1:a0:66:f2:12:d5:98:01:11:c0:97:2e: b2:7c:3a:49:3f:24:1e:31:1f:cb:06:59:b7:58:55: 12:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:F6:CB:F3:B0:A6:45:3D:65:97:4B:BD:70:D7:D6:BA:FD:50:97:20 X509v3 Authority Key Identifier: keyid:A5:9A:C8:32:3E:BB:6B:E2:0F:AE:89:D0:98:CA:24:13:8F:8C:90:05 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pZrIMj67a-IPronQmMokE4-MkAU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/a01f82-9193-4199-95a8-83ae5d9c832f/1/QPbL87CmRT1ll0u9cNfWuv1QlyA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/42/a01f82-9193-4199-95a8-83ae5d9c832f/1/pZrIMj67a-IPronQmMokE4-MkAU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 85.159.96.0/21 185.94.120.0/22 Signature Algorithm: sha256WithRSAEncryption cd:76:f0:e3:ad:25:32:62:49:4d:cc:63:9d:91:be:f1:6c:20: ee:57:bf:99:f6:91:92:21:78:08:d3:5e:2a:4b:ed:fc:81:38: 4e:fa:d3:1b:74:a4:7d:39:5f:9f:8d:d8:ad:6f:53:55:6b:24: d7:de:74:7f:0b:0c:71:96:08:de:22:5e:4f:7f:a5:f6:18:cc: 5e:05:e4:49:c5:3e:0d:07:f2:bd:da:1b:e4:a2:b0:0e:5e:92: 89:59:40:70:2e:c1:ae:23:72:ae:64:d6:86:df:05:a8:71:84: 2b:52:2c:67:fb:e9:09:6a:e7:4f:f3:a3:29:08:0c:59:79:3b: 4b:c2:19:f7:98:58:e1:93:dd:80:d0:b0:2b:d0:de:98:d0:7d: 61:ac:cf:56:15:99:d8:9c:57:da:d0:f4:0d:07:61:4c:45:5d: a9:97:99:3f:f5:35:d4:59:41:ed:ff:04:fc:6c:e4:c0:f3:3d: bf:b6:35:a1:d2:a9:67:9f:bb:37:f1:4a:01:bf:ca:02:c8:35: 67:4d:a4:a8:46:4a:5d:47:1d:84:0b:5b:17:51:42:0d:7f:1f: f1:0f:20:c8:95:cf:ef:16:61:8e:3b:43:f8:b5:0e:76:97:55: 67:39:2b:19:05:d1:9e:8d:e9:71:7b:07:23:ce:77:e1:f2:4a: d8:6a:c9:a0 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt9Wv3+bEOZqeLRU+Fvb5mcMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE1OWFjODMyM2ViYjZiZTIwZmFlODlkMDk4Y2EyNDEzOGY4 YzkwMDUwHhcNMjYwMTAyMDYxNzUzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0MGY2Y2JmM2IwYTY0NTNkNjU5NzRiYmQ3MGQ3ZDZiYWZkNTA5NzIwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuYHuz88QQhxn/pBIfcwby89hrkAr emUBwczLIB6yMoL37OQPPV00Aoo3VYTS5V4ILUVSxxpX23sxdMB7bWvzSxky01eP WylvS16xGHTJVL33w/AIT+ku6MVT3W04zquHl7lkusm22ZAYJVBjNrTtVmYWkvoP 5GIM/1iyKxLmDzR5s9xKY+o9ZltSXzjzm0HbQfQT5wApa6o/AHxrd4pWeLaHtEkl /Rr7MnTiiOA188EP4gtSVAsUaSfg2QpiCePBxr4LUxMrPryY6q8b9q8K3Wm8KBI/ zUqJpjL2q5Qli0ipfFPhoGbyEtWYARHAly6yfDpJPyQeMR/LBlm3WFUSOQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFED2y/OwpkU9ZZdLvXDX1rr9UJcgMB8GA1UdIwQY MBaAFKWayDI+u2viD66J0JjKJBOPjJAFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcFpySU1qNjdhLUlQcm9uUW1Nb2tFNC1Na0FVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9hMDFmODItOTE5My00MTk5LTk1YTgt ODNhZTVkOWM4MzJmLzEvUVBiTDg3Q21SVDFsbDB1OWNOZld1djFRbHlBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Mi9hMDFmODItOTE5My00MTk5LTk1YTgtODNhZTVkOWM4MzJm LzEvcFpySU1qNjdhLUlQcm9uUW1Nb2tFNC1Na0FVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDVZ9gAwQC uV54MA0GCSqGSIb3DQEBCwUAA4IBAQDNdvDjrSUyYklNzGOdkb7xbCDuV7+Z9pGS IXgI014qS+38gThO+tMbdKR9OV+fjditb1NVayTX3nR/CwxxlgjeIl5Pf6X2GMxe BeRJxT4NB/K92hvkorAOXpKJWUBwLsGuI3KuZNaG3wWocYQrUixn++kJaudP86Mp CAxZeTtLwhn3mFjhk92A0LAr0N6Y0H1hrM9WFZnYnFfa0PQNB2FMRV2pl5k/9TXU WUHt/wT8bOTA8z2/tjWh0qlnn7s38UoBv8oCyDVnTaSoRkpdRx2EC1sXUUINfx/x DyDIlc/vFmGOO0P4tQ52l1VnOSsZBdGejelxewcjznfh8krYasmg -----END CERTIFICATE-----Generated at Tue Jan 20 08:02:40 2026 by rpki-client