This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/2da1ec-aa4b-4d94-98cb-a776e4a63e6f/1/q4rzKSXLMYHtnn01lh-3_0miwBY.roa File: q4rzKSXLMYHtnn01lh-3_0miwBY.roa (raw, json) Hash identifier: 4WFeJNY2dZdjFO09kUagttduuFT2UApeU+WXW0RnoeI= Subject key identifier: AB:8A:F3:29:25:CB:31:81:ED:9E:7D:35:96:1F:B7:FF:49:A2:C0:16 Certificate issuer: /CN=afa51165aa5036acda11fee0020e34fcc439ede6 Certificate serial: 019B7DCA6112CBAB6E8CCE5981C84165B852 Authority key identifier: AF:A5:11:65:AA:50:36:AC:DA:11:FE:E0:02:0E:34:FC:C4:39:ED:E6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r6URZapQNqzaEf7gAg40_MQ57eY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/2da1ec-aa4b-4d94-98cb-a776e4a63e6f/1/q4rzKSXLMYHtnn01lh-3_0miwBY.roa Signing time: Fri 02 Jan 2026 08:19:33 +0000 ROA not before: Fri 02 Jan 2026 08:19:33 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 25504 IP address blocks: 83.243.56.0/21 maxlen: 24 89.200.168.0/21 maxlen: 24 91.223.141.0/24 maxlen: 24 94.102.208.0/20 maxlen: 24 109.235.56.0/21 maxlen: 24 151.252.48.0/20 maxlen: 24 158.58.144.0/21 maxlen: 24 185.90.232.0/22 maxlen: 24 193.254.184.0/21 maxlen: 24 195.191.92.0/23 maxlen: 24 2001:67c:2394::/48 maxlen: 48 2a00:19e0::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/78/2da1ec-aa4b-4d94-98cb-a776e4a63e6f/1/r6URZapQNqzaEf7gAg40_MQ57eY.crl rsync://rpki.ripe.net/repository/DEFAULT/78/2da1ec-aa4b-4d94-98cb-a776e4a63e6f/1/r6URZapQNqzaEf7gAg40_MQ57eY.mft rsync://rpki.ripe.net/repository/DEFAULT/r6URZapQNqzaEf7gAg40_MQ57eY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 14:00:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:ca:61:12:cb:ab:6e:8c:ce:59:81:c8:41:65:b8:52 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=afa51165aa5036acda11fee0020e34fcc439ede6 Validity Not Before: Jan 2 08:19:33 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=ab8af32925cb3181ed9e7d35961fb7ff49a2c016 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:9e:7c:2a:93:28:70:39:a0:7b:54:ab:92:95: 42:5e:3b:68:fe:f8:91:c8:d7:34:54:be:76:94:1c: 20:86:02:d9:56:40:1e:75:90:e9:ff:d2:70:e0:39: 8f:85:78:1f:f2:2d:83:bd:e2:ad:06:11:ce:12:b8: 50:82:51:21:22:b3:71:dc:8c:92:db:10:46:86:c4: e3:5d:2c:88:b4:38:43:42:07:91:87:b5:47:bd:c6: c0:2a:ad:18:28:50:ec:d3:ad:35:ef:8c:91:3d:17: 64:a4:40:8a:55:0a:f8:29:91:4e:45:b5:f2:b3:40: f4:b4:06:29:fc:04:1d:f1:9f:5b:0c:52:f3:f5:38: b4:8d:10:db:2b:95:e9:ac:fb:e2:27:c2:56:61:9b: 38:82:05:aa:c8:13:b7:a0:84:e2:bd:02:01:c9:4b: 02:d7:2f:4f:e8:d5:62:7d:3b:26:90:84:6f:67:56: 76:5c:72:45:ca:28:b0:3a:42:32:dd:95:5f:34:88: 08:10:37:31:af:2e:0c:be:de:df:4d:d8:e2:d9:aa: a6:78:a1:27:36:f0:18:41:0e:1f:0b:66:9e:01:37: 9a:1e:a2:89:12:08:d5:50:87:f7:0b:af:34:f6:19: 6b:1b:2e:f1:0c:00:da:05:87:fa:b5:cc:64:80:c8: 1f:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AB:8A:F3:29:25:CB:31:81:ED:9E:7D:35:96:1F:B7:FF:49:A2:C0:16 X509v3 Authority Key Identifier: keyid:AF:A5:11:65:AA:50:36:AC:DA:11:FE:E0:02:0E:34:FC:C4:39:ED:E6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r6URZapQNqzaEf7gAg40_MQ57eY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/2da1ec-aa4b-4d94-98cb-a776e4a63e6f/1/q4rzKSXLMYHtnn01lh-3_0miwBY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/78/2da1ec-aa4b-4d94-98cb-a776e4a63e6f/1/r6URZapQNqzaEf7gAg40_MQ57eY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 83.243.56.0/21 89.200.168.0/21 91.223.141.0/24 94.102.208.0/20 109.235.56.0/21 151.252.48.0/20 158.58.144.0/21 185.90.232.0/22 193.254.184.0/21 195.191.92.0/23 IPv6: 2001:67c:2394::/48 2a00:19e0::/29 Signature Algorithm: sha256WithRSAEncryption ae:a7:e7:c2:ed:da:a7:30:26:8d:16:40:60:9f:2f:fd:3a:cb: 28:85:a2:f8:4c:57:09:52:2b:1f:2b:d0:52:70:de:6f:84:ba: 44:bc:37:9f:78:6e:9a:ba:62:e5:f5:fe:bd:5e:0b:fb:db:5c: 37:45:73:d6:6a:e0:a5:15:b0:2c:7a:89:f0:ec:93:59:f2:54: e8:cf:cd:52:22:42:88:3b:46:66:00:c0:6f:5c:a4:79:21:15: 5d:9c:99:8f:62:53:13:65:4a:7c:05:7e:14:3d:3d:fb:26:e0: 59:f2:4c:63:5b:c2:1f:49:74:73:09:61:26:88:eb:a6:30:cb: e0:fb:3b:ff:40:f7:e0:9e:cb:dc:97:ce:20:1c:ef:3f:e6:7d: f1:ed:68:a5:a6:3a:eb:2b:d8:de:bd:25:a9:2c:e4:6c:81:5b: 8c:51:0c:31:3d:b3:9b:f8:39:c7:fd:e1:ad:8e:43:c3:36:b1: 48:27:08:4a:3c:63:94:da:b5:9c:94:28:7f:f7:f3:d5:c9:12: 0f:34:30:20:ce:0a:ff:a2:9d:ff:81:67:2a:da:36:23:a6:ce: 51:ba:6f:7d:be:f6:aa:87:b7:da:f6:b0:ef:75:8a:e1:59:ec: 92:88:b4:84:7a:3c:46:ee:70:4b:be:e5:c6:a4:90:78:cf:29: 94:d8:8d:89 -----BEGIN CERTIFICATE----- MIIFSzCCBDOgAwIBAgISAZt9ymESy6tujM5ZgchBZbhSMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFmYTUxMTY1YWE1MDM2YWNkYTExZmVlMDAyMGUzNGZjYzQz OWVkZTYwHhcNMjYwMTAyMDgxOTMzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhYjhhZjMyOTI1Y2IzMTgxZWQ5ZTdkMzU5NjFmYjdmZjQ5YTJjMDE2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsZ58KpMocDmge1SrkpVCXjto/viR yNc0VL52lBwghgLZVkAedZDp/9Jw4DmPhXgf8i2DveKtBhHOErhQglEhIrNx3IyS 2xBGhsTjXSyItDhDQgeRh7VHvcbAKq0YKFDs060174yRPRdkpECKVQr4KZFORbXy s0D0tAYp/AQd8Z9bDFLz9Ti0jRDbK5XprPviJ8JWYZs4ggWqyBO3oITivQIByUsC 1y9P6NVifTsmkIRvZ1Z2XHJFyiiwOkIy3ZVfNIgIEDcxry4Mvt7fTdji2aqmeKEn NvAYQQ4fC2aeATeaHqKJEgjVUIf3C6809hlrGy7xDADaBYf6tcxkgMgfkwIDAQAB o4ICVzCCAlMwHQYDVR0OBBYEFKuK8yklyzGB7Z59NZYft/9JosAWMB8GA1UdIwQY MBaAFK+lEWWqUDas2hH+4AIONPzEOe3mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcjZVUlphcFFOcXphRWY3Z0FnNDBfTVE1N2VZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC8yZGExZWMtYWE0Yi00ZDk0LTk4Y2It YTc3NmU0YTYzZTZmLzEvcTRyektTWExNWUh0bm4wMWxoLTNfMG1pd0JZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83OC8yZGExZWMtYWE0Yi00ZDk0LTk4Y2ItYTc3NmU0YTYzZTZm LzEvcjZVUlphcFFOcXphRWY3Z0FnNDBfTVE1N2VZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBCBAIAATA8AwQDU/M4AwQD WcioAwQAW9+NAwQEXmbQAwQDbes4AwQEl/wwAwQDnjqQAwQCuVroAwQDwf64AwQB w79cMBYEAgACMBADBwAgAQZ8I5QDBQMqABngMA0GCSqGSIb3DQEBCwUAA4IBAQCu p+fC7dqnMCaNFkBgny/9OssohaL4TFcJUisfK9BScN5vhLpEvDefeG6aumLl9f69 Xgv721w3RXPWauClFbAseonw7JNZ8lToz81SIkKIO0ZmAMBvXKR5IRVdnJmPYlMT ZUp8BX4UPT37JuBZ8kxjW8IfSXRzCWEmiOumMMvg+zv/QPfgnsvcl84gHO8/5n3x 7WilpjrrK9jevSWpLORsgVuMUQwxPbOb+DnH/eGtjkPDNrFIJwhKPGOU2rWclCh/ 9/PVyRIPNDAgzgr/op3/gWcq2jYjps5Rum99vvaqh7fa9rDvdYrhWeySiLSEejxG 7nBLvuXGpJB4zymU2I2J -----END CERTIFICATE-----Generated at Mon Feb 9 21:25:15 2026 by rpki-client