This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/0d3b13-c4a1-41c0-a839-aede3ffa4457/1/QApS9RyloD4NoDnpEa95FuDk1ZI.roa File: QApS9RyloD4NoDnpEa95FuDk1ZI.roa (raw, json) Hash identifier: CiFqNnH0ZASzXfep2jny9mXvFUeXbEdlqNdwXPVsg/I= Subject key identifier: 40:0A:52:F5:1C:A5:A0:3E:0D:A0:39:E9:11:AF:79:16:E0:E4:D5:92 Certificate issuer: /CN=658290fe9814fcb062ab71e32ec1f96da9973a33 Certificate serial: 019B7C80655F6E31D88CB9D4B78E6205C8E5 Authority key identifier: 65:82:90:FE:98:14:FC:B0:62:AB:71:E3:2E:C1:F9:6D:A9:97:3A:33 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZYKQ_pgU_LBiq3HjLsH5bamXOjM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/0d3b13-c4a1-41c0-a839-aede3ffa4457/1/QApS9RyloD4NoDnpEa95FuDk1ZI.roa Signing time: Fri 02 Jan 2026 02:19:07 +0000 ROA not before: Fri 02 Jan 2026 02:19:07 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 58005 IP address blocks: 185.38.120.0/22 maxlen: 22 2a04:6fb0::/31 maxlen: 31 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/0d3b13-c4a1-41c0-a839-aede3ffa4457/1/ZYKQ_pgU_LBiq3HjLsH5bamXOjM.crl rsync://rpki.ripe.net/repository/DEFAULT/57/0d3b13-c4a1-41c0-a839-aede3ffa4457/1/ZYKQ_pgU_LBiq3HjLsH5bamXOjM.mft rsync://rpki.ripe.net/repository/DEFAULT/ZYKQ_pgU_LBiq3HjLsH5bamXOjM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:80:65:5f:6e:31:d8:8c:b9:d4:b7:8e:62:05:c8:e5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=658290fe9814fcb062ab71e32ec1f96da9973a33 Validity Not Before: Jan 2 02:19:07 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=400a52f51ca5a03e0da039e911af7916e0e4d592 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:01:92:66:3d:0d:ad:d4:4f:63:11:e6:8f:0e: fd:e3:74:5b:a9:41:54:da:cf:16:95:68:5f:91:10: c1:d4:8e:1a:a5:2b:d5:11:38:6a:45:79:d4:d6:d4: 9e:bb:78:7f:2a:19:d7:82:59:f5:fe:09:ca:49:e3: 36:23:be:29:6e:e6:df:32:ad:7c:80:67:22:36:47: 45:43:88:35:3b:9f:7e:12:05:95:ad:5c:e5:28:03: c0:e1:93:af:33:38:fb:33:cd:72:d6:92:c4:ee:7b: 29:3b:cb:03:8a:39:0f:a1:d8:3b:34:7f:df:5e:78: c3:01:62:e6:f7:15:37:19:00:73:64:85:72:f5:39: ad:60:6c:0e:3d:43:4b:a9:72:99:36:96:a5:7b:d7: ed:39:5f:d1:e0:32:56:ae:5a:bb:ff:4a:6c:a6:3c: 4d:fd:84:1d:5b:2d:d6:40:d7:58:1f:cc:fc:14:63: 2e:72:a3:ab:d8:9f:36:55:b8:2d:20:f8:ee:52:2a: 78:f4:f9:12:32:96:02:b6:c8:a0:8c:3a:b5:9f:9e: b2:8c:d9:cc:6c:50:a5:0a:b5:e7:79:01:30:20:76: 1a:34:5c:9e:87:66:ff:bc:4d:5b:3c:c1:9d:99:41: f3:cb:bd:78:2e:21:c9:43:31:7b:32:c6:a2:d7:85: 5f:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:0A:52:F5:1C:A5:A0:3E:0D:A0:39:E9:11:AF:79:16:E0:E4:D5:92 X509v3 Authority Key Identifier: keyid:65:82:90:FE:98:14:FC:B0:62:AB:71:E3:2E:C1:F9:6D:A9:97:3A:33 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZYKQ_pgU_LBiq3HjLsH5bamXOjM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d3b13-c4a1-41c0-a839-aede3ffa4457/1/QApS9RyloD4NoDnpEa95FuDk1ZI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d3b13-c4a1-41c0-a839-aede3ffa4457/1/ZYKQ_pgU_LBiq3HjLsH5bamXOjM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.38.120.0/22 IPv6: 2a04:6fb0::/31 Signature Algorithm: sha256WithRSAEncryption 35:3a:f3:9e:cc:b9:a5:2f:a8:06:f3:45:7f:e2:16:8a:f7:c1: 05:ad:de:76:73:24:37:2c:0c:9a:53:92:76:88:1c:af:75:3f: 24:79:88:8b:7d:34:26:c8:f1:b0:78:fc:ce:2d:56:4a:78:b0: 41:57:8a:18:c9:89:59:8a:e3:93:58:26:ca:a5:3d:86:94:83: 20:e9:be:7f:e8:65:f9:16:ee:9f:75:30:a8:c9:e9:e9:3b:f7: 90:75:d7:76:8e:48:e6:df:c8:45:64:55:fa:ba:80:ef:37:30: 97:10:2e:5d:a2:6f:13:aa:0b:c7:77:b2:73:33:e6:84:ac:65: 7a:d2:eb:0d:01:b8:30:1f:11:d9:44:68:16:cb:8b:b2:02:df: 8b:4a:cd:ec:c1:bf:ec:24:4e:49:04:e9:5d:af:77:07:28:75: 61:11:fd:66:08:e0:cd:61:f9:c2:9a:97:f2:c5:b9:51:47:78: 00:56:62:94:e9:fa:cb:16:91:da:c0:d1:58:d2:0f:51:a0:c1: ec:f3:10:f4:76:26:38:1d:c3:fa:85:63:2d:f6:83:65:c7:32: 70:bd:12:5d:6b:54:e1:10:3a:11:f8:e9:04:14:ba:68:8a:7e: 8c:0e:5b:62:60:9a:5a:2f:74:33:2b:7b:72:8f:4d:21:53:a9: a4:94:1f:21 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt8gGVfbjHYjLnUt45iBcjlMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY1ODI5MGZlOTgxNGZjYjA2MmFiNzFlMzJlYzFmOTZkYTk5 NzNhMzMwHhcNMjYwMTAyMDIxOTA3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0MDBhNTJmNTFjYTVhMDNlMGRhMDM5ZTkxMWFmNzkxNmUwZTRkNTkyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5AGSZj0NrdRPYxHmjw7943RbqUFU 2s8WlWhfkRDB1I4apSvVEThqRXnU1tSeu3h/KhnXgln1/gnKSeM2I74pbubfMq18 gGciNkdFQ4g1O59+EgWVrVzlKAPA4ZOvMzj7M81y1pLE7nspO8sDijkPodg7NH/f XnjDAWLm9xU3GQBzZIVy9TmtYGwOPUNLqXKZNpale9ftOV/R4DJWrlq7/0pspjxN /YQdWy3WQNdYH8z8FGMucqOr2J82VbgtIPjuUip49PkSMpYCtsigjDq1n56yjNnM bFClCrXneQEwIHYaNFyeh2b/vE1bPMGdmUHzy714LiHJQzF7Msai14VfGwIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFEAKUvUcpaA+DaA56RGveRbg5NWSMB8GA1UdIwQY MBaAFGWCkP6YFPywYqtx4y7B+W2plzozMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWllLUV9wZ1VfTEJpcTNIakxzSDViYW1YT2pNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8wZDNiMTMtYzRhMS00MWMwLWE4Mzkt YWVkZTNmZmE0NDU3LzEvUUFwUzlSeWxvRDROb0RucEVhOTVGdURrMVpJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Ny8wZDNiMTMtYzRhMS00MWMwLWE4MzktYWVkZTNmZmE0NDU3 LzEvWllLUV9wZ1VfTEJpcTNIakxzSDViYW1YT2pNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuSZ4MA0E AgACMAcDBQEqBG+wMA0GCSqGSIb3DQEBCwUAA4IBAQA1OvOezLmlL6gG80V/4haK 98EFrd52cyQ3LAyaU5J2iByvdT8keYiLfTQmyPGwePzOLVZKeLBBV4oYyYlZiuOT WCbKpT2GlIMg6b5/6GX5Fu6fdTCoyenpO/eQddd2jkjm38hFZFX6uoDvNzCXEC5d om8TqgvHd7JzM+aErGV60usNAbgwHxHZRGgWy4uyAt+LSs3swb/sJE5JBOldr3cH KHVhEf1mCODNYfnCmpfyxblRR3gAVmKU6frLFpHawNFY0g9RoMHs8xD0diY4HcP6 hWMt9oNlxzJwvRJda1ThEDoR+OkEFLpoin6MDltiYJpaL3QzK3tyj00hU6mklB8h -----END CERTIFICATE-----Generated at Mon Feb 9 18:22:31 2026 by rpki-client