This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/5d5f93-ac5a-41e3-80c3-0c67217cc96b/1/q2pIOgbHKqsp-vuIUpYVaJX6Ib0.roa File: q2pIOgbHKqsp-vuIUpYVaJX6Ib0.roa (raw, json) Hash identifier: Db8REEvZSQ5trpAzSV1gkLTz5aVmUoY2anxA/9+mQtI= Subject key identifier: AB:6A:48:3A:06:C7:2A:AB:29:FA:FB:88:52:96:15:68:95:FA:21:BD Certificate issuer: /CN=8536146119b044539082e326cca903200b8d4b1a Certificate serial: 019A9756C57F89F344838250F375FC3CB40A Authority key identifier: 85:36:14:61:19:B0:44:53:90:82:E3:26:CC:A9:03:20:0B:8D:4B:1A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hTYUYRmwRFOQguMmzKkDIAuNSxo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/5d5f93-ac5a-41e3-80c3-0c67217cc96b/1/q2pIOgbHKqsp-vuIUpYVaJX6Ib0.roa Signing time: Tue 18 Nov 2025 14:20:37 +0000 ROA not before: Tue 18 Nov 2025 14:20:37 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 212552 IP address blocks: 91.216.104.0/24 maxlen: 24 91.228.186.0/24 maxlen: 24 141.98.210.0/24 maxlen: 24 146.19.130.0/24 maxlen: 24 185.110.191.0/24 maxlen: 24 185.221.237.0/24 maxlen: 24 185.231.59.0/24 maxlen: 24 193.163.201.0/24 maxlen: 24 194.146.123.0/24 maxlen: 24 217.197.97.0/24 maxlen: 24 2a14:7981::/32 maxlen: 32 2a14:7981:467::/48 maxlen: 48 2a14:7981:470::/48 maxlen: 48 2a14:7981:471::/48 maxlen: 48 2a14:7981:472::/48 maxlen: 48 2a14:7981:473::/48 maxlen: 48 2a14:7981:2002::/48 maxlen: 48 2a14:7981:3008::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/46/5d5f93-ac5a-41e3-80c3-0c67217cc96b/1/hTYUYRmwRFOQguMmzKkDIAuNSxo.crl rsync://rpki.ripe.net/repository/DEFAULT/46/5d5f93-ac5a-41e3-80c3-0c67217cc96b/1/hTYUYRmwRFOQguMmzKkDIAuNSxo.mft rsync://rpki.ripe.net/repository/DEFAULT/hTYUYRmwRFOQguMmzKkDIAuNSxo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 04 Dec 2025 05:00:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:97:56:c5:7f:89:f3:44:83:82:50:f3:75:fc:3c:b4:0a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8536146119b044539082e326cca903200b8d4b1a Validity Not Before: Nov 18 14:20:37 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=ab6a483a06c72aab29fafb885296156895fa21bd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:6b:56:db:5d:e0:50:1b:e6:de:5a:93:d6:0f: d2:43:8e:9e:37:58:76:21:23:8b:eb:8d:a7:2a:99: 5c:f3:76:34:90:ed:12:f5:0f:cc:e6:83:7f:c3:3c: cc:7d:b9:21:bf:b5:21:85:83:6b:6f:70:b3:6b:07: 6a:1e:55:65:a8:c6:7a:7d:7e:5b:2f:86:29:51:fb: c0:2b:d5:50:8c:34:1a:03:21:f4:e6:81:38:4f:86: 0d:be:d2:59:b6:3b:f0:b1:aa:c1:3c:e0:01:e2:94: f9:72:d7:00:8b:9a:22:ba:c3:d9:bb:6d:8b:13:3c: 61:a2:5d:a8:93:f9:08:fd:d5:19:a5:fe:92:f8:ac: c2:a6:b7:72:a0:55:3d:dc:eb:ab:f5:1b:f6:8a:64: 43:6e:34:24:81:3b:e2:54:39:98:60:84:eb:c0:df: 56:28:7c:7f:ca:ee:b3:1c:1d:ac:55:1c:aa:c9:bf: 8f:8c:24:d8:ee:42:0b:fc:75:ca:97:1c:2e:95:64: c8:1f:44:8c:46:0b:ec:1a:22:83:e7:59:48:26:cc: fb:a2:55:ff:f5:72:81:d0:4a:46:91:54:00:6c:71: e1:45:06:f6:68:d3:2c:e1:9e:59:ac:55:58:81:b0: 31:eb:7e:39:ab:a5:78:d5:08:d3:e9:c0:1d:1f:0d: a6:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AB:6A:48:3A:06:C7:2A:AB:29:FA:FB:88:52:96:15:68:95:FA:21:BD X509v3 Authority Key Identifier: keyid:85:36:14:61:19:B0:44:53:90:82:E3:26:CC:A9:03:20:0B:8D:4B:1A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hTYUYRmwRFOQguMmzKkDIAuNSxo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d5f93-ac5a-41e3-80c3-0c67217cc96b/1/q2pIOgbHKqsp-vuIUpYVaJX6Ib0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d5f93-ac5a-41e3-80c3-0c67217cc96b/1/hTYUYRmwRFOQguMmzKkDIAuNSxo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.216.104.0/24 91.228.186.0/24 141.98.210.0/24 146.19.130.0/24 185.110.191.0/24 185.221.237.0/24 185.231.59.0/24 193.163.201.0/24 194.146.123.0/24 217.197.97.0/24 IPv6: 2a14:7981::/32 Signature Algorithm: sha256WithRSAEncryption 86:36:f3:a2:89:7f:28:4b:eb:16:16:66:69:49:53:5d:35:15: d2:21:32:5f:03:bb:fa:36:88:e8:df:16:70:79:12:b3:e4:ef: 28:f3:a1:ba:3d:fe:c2:38:6c:c6:3f:10:70:a1:d0:93:cd:47: 8d:32:7a:95:dd:1d:d1:6d:11:7f:59:d3:f7:c8:ef:3e:38:49: 71:66:d5:75:fb:9a:90:da:08:76:fe:03:82:70:13:b1:09:63: 43:06:74:6d:a8:c8:10:b8:0e:c4:70:5f:0a:99:09:ab:e0:5a: 74:13:6a:84:a4:b5:5e:ee:2a:72:91:3a:16:2f:c1:08:4f:df: 44:cb:66:f8:f0:a3:c6:e9:31:a3:b8:9d:53:17:fa:13:b6:72: b8:1e:e1:67:a4:c7:95:ee:4d:af:ad:f9:d0:58:74:68:ef:34: 1b:12:13:f5:5e:80:dd:c1:f5:4e:3e:94:06:ec:3e:72:71:6c: 25:bb:1e:24:c1:91:6e:31:c3:95:18:5f:3e:1f:ed:01:d0:40: fd:e3:3b:a4:9e:ce:da:6c:c7:b8:57:40:53:f8:0f:57:c6:80: 75:98:af:90:c2:71:c9:70:cd:d1:3d:a2:26:1d:19:a6:10:7e: af:bb:17:6a:77:02:b2:2f:34:66:49:f4:cd:a5:1b:a0:15:2c: 95:73:1b:1c -----BEGIN CERTIFICATE----- MIIFQjCCBCqgAwIBAgISAZqXVsV/ifNEg4JQ83X8PLQKMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg1MzYxNDYxMTliMDQ0NTM5MDgyZTMyNmNjYTkwMzIwMGI4 ZDRiMWEwHhcNMjUxMTE4MTQyMDM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhYjZhNDgzYTA2YzcyYWFiMjlmYWZiODg1Mjk2MTU2ODk1ZmEyMWJkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo2tW213gUBvm3lqT1g/SQ46eN1h2 ISOL642nKplc83Y0kO0S9Q/M5oN/wzzMfbkhv7UhhYNrb3CzawdqHlVlqMZ6fX5b L4YpUfvAK9VQjDQaAyH05oE4T4YNvtJZtjvwsarBPOAB4pT5ctcAi5oiusPZu22L Ezxhol2ok/kI/dUZpf6S+KzCprdyoFU93Our9Rv2imRDbjQkgTviVDmYYITrwN9W KHx/yu6zHB2sVRyqyb+PjCTY7kIL/HXKlxwulWTIH0SMRgvsGiKD51lIJsz7olX/ 9XKB0EpGkVQAbHHhRQb2aNMs4Z5ZrFVYgbAx6345q6V41QjT6cAdHw2mXwIDAQAB o4ICTjCCAkowHQYDVR0OBBYEFKtqSDoGxyqrKfr7iFKWFWiV+iG9MB8GA1UdIwQY MBaAFIU2FGEZsERTkILjJsypAyALjUsaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaFRZVVlSbXdSRk9RZ3VNbXpLa0RJQXVOU3hvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni81ZDVmOTMtYWM1YS00MWUzLTgwYzMt MGM2NzIxN2NjOTZiLzEvcTJwSU9nYkhLcXNwLXZ1SVVwWVZhSlg2SWIwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Ni81ZDVmOTMtYWM1YS00MWUzLTgwYzMtMGM2NzIxN2NjOTZi LzEvaFRZVVlSbXdSRk9RZ3VNbXpLa0RJQXVOU3hvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzBCBAIAATA8AwQAW9hoAwQA W+S6AwQAjWLSAwQAkhOCAwQAuW6/AwQAud3tAwQAuec7AwQAwaPJAwQAwpJ7AwQA 2cVhMA0EAgACMAcDBQAqFHmBMA0GCSqGSIb3DQEBCwUAA4IBAQCGNvOiiX8oS+sW FmZpSVNdNRXSITJfA7v6Nojo3xZweRKz5O8o86G6Pf7COGzGPxBwodCTzUeNMnqV 3R3RbRF/WdP3yO8+OElxZtV1+5qQ2gh2/gOCcBOxCWNDBnRtqMgQuA7EcF8KmQmr 4Fp0E2qEpLVe7ipykToWL8EIT99Ey2b48KPG6TGjuJ1TF/oTtnK4HuFnpMeV7k2v rfnQWHRo7zQbEhP1XoDdwfVOPpQG7D5ycWwlux4kwZFuMcOVGF8+H+0B0ED94zuk ns7abMe4V0BT+A9XxoB1mK+QwnHJcM3RPaImHRmmEH6vuxdqdwKyLzRmSfTNpRug FSyVcxsc -----END CERTIFICATE-----Generated at Wed Dec 3 08:59:25 2025 by rpki-client