This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/QS2YfmJsmgaN4NK2AXvh-V9gXVA.roa File: QS2YfmJsmgaN4NK2AXvh-V9gXVA.roa (raw, json) Hash identifier: 5ZLCC0mXDbdajebs22UeArfWPlsHeHgp/0frCCZOu78= Subject key identifier: 41:2D:98:7E:62:6C:9A:06:8D:E0:D2:B6:01:7B:E1:F9:5F:60:5D:50 Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4 Certificate serial: 019B7CEE34E57E1907269AFC85E51A2CF301 Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/QS2YfmJsmgaN4NK2AXvh-V9gXVA.roa Signing time: Fri 02 Jan 2026 04:19:04 +0000 ROA not before: Fri 02 Jan 2026 04:19:04 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 7029 IP address blocks: 82.163.68.0/22 maxlen: 24 149.126.88.0/22 maxlen: 24 185.86.142.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.mft rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 18 Jan 2026 22:00:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:ee:34:e5:7e:19:07:26:9a:fc:85:e5:1a:2c:f3:01 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4 Validity Not Before: Jan 2 04:19:04 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=412d987e626c9a068de0d2b6017be1f95f605d50 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:ce:d9:3c:b2:b2:bd:14:29:7c:be:a6:c6:a3: ba:a2:cf:c3:8e:94:e6:31:7a:4d:1f:90:17:d2:39: fc:99:ae:9b:cd:9e:f5:cc:cc:59:b5:89:db:3d:82: a5:2b:a6:d6:65:36:69:06:11:cd:e3:f6:d7:12:ef: 6b:1c:13:fb:7a:83:84:77:ae:ea:a0:33:23:00:43: 02:b7:d4:af:58:bf:34:4d:45:86:6a:07:76:c0:f2: 63:cb:90:8d:63:8c:e7:0e:39:9c:d7:6c:32:81:b0: 96:fd:bc:23:77:08:4c:71:2e:2a:e7:bd:9a:f1:80: e1:f4:8b:4c:ab:9a:40:ae:d7:37:28:09:35:a4:b5: f8:44:25:c1:83:21:5f:80:d5:f6:bf:73:8f:7d:1d: 78:ad:f0:40:d0:91:c7:5b:d3:ae:10:6f:e7:f1:7f: e5:04:93:a2:f3:0c:c7:5f:bf:07:c7:30:59:24:5f: 88:c8:8f:90:b1:ff:e4:e9:bc:78:a9:96:e2:15:a2: 0a:63:89:33:df:e0:41:48:cb:ce:59:21:2d:8a:fe: 2a:6a:aa:11:7d:81:dd:3b:b1:c4:ba:2c:95:0d:b9: 44:1c:52:04:f0:3b:57:e0:fe:63:01:98:6c:8a:0c: 22:30:6f:80:60:cd:dc:8a:58:79:44:d2:85:c8:e5: 80:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 41:2D:98:7E:62:6C:9A:06:8D:E0:D2:B6:01:7B:E1:F9:5F:60:5D:50 X509v3 Authority Key Identifier: keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/QS2YfmJsmgaN4NK2AXvh-V9gXVA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 82.163.68.0/22 149.126.88.0/22 185.86.142.0/23 Signature Algorithm: sha256WithRSAEncryption a2:51:b6:e7:df:e3:43:01:f8:f3:72:13:0a:95:bf:ba:63:f7: 38:a2:43:c3:f0:48:70:91:a2:6a:2e:a2:f6:8e:58:d2:87:2c: 3a:86:31:5f:5b:c7:71:6f:36:31:2f:c4:e5:78:0a:97:0e:8f: 38:9f:9a:99:0e:ae:ab:41:c1:94:fe:13:07:02:77:fa:3f:0f: 34:d6:01:00:ba:ad:52:57:48:90:e2:90:35:c3:b0:ec:81:41: 5f:fd:b4:7e:37:98:06:3f:2b:04:d0:62:0d:12:05:13:f2:38: ac:79:f6:f0:eb:f1:b7:a2:53:16:17:05:85:86:7e:e7:ff:d2: a7:70:e1:24:35:4c:c0:5d:77:3b:79:05:8c:1f:50:b7:b8:12: 0e:5c:c6:93:8a:e6:5c:77:56:d6:d0:8b:22:5d:33:38:a8:b9: f0:7b:19:45:96:93:d9:dd:30:ea:11:b3:86:60:59:68:2d:eb: 02:bf:f9:43:64:b1:77:bd:b4:55:45:5e:14:48:4d:cb:8d:df: 00:67:ac:7f:52:05:07:3d:6f:1c:37:f8:e0:d2:c8:2d:d3:cf: 46:44:ae:56:3a:8e:92:49:ca:02:fb:6d:d9:f2:61:87:66:ef: 56:fe:d6:f2:8f:fb:58:03:fd:4e:2c:3e:6d:81:83:fc:d5:29: 78:48:e6:63 -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt87jTlfhkHJpr8heUaLPMBMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2 N2IxZTQwHhcNMjYwMTAyMDQxOTA0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0MTJkOTg3ZTYyNmM5YTA2OGRlMGQyYjYwMTdiZTFmOTVmNjA1ZDUwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoM7ZPLKyvRQpfL6mxqO6os/DjpTm MXpNH5AX0jn8ma6bzZ71zMxZtYnbPYKlK6bWZTZpBhHN4/bXEu9rHBP7eoOEd67q oDMjAEMCt9SvWL80TUWGagd2wPJjy5CNY4znDjmc12wygbCW/bwjdwhMcS4q572a 8YDh9ItMq5pArtc3KAk1pLX4RCXBgyFfgNX2v3OPfR14rfBA0JHHW9OuEG/n8X/l BJOi8wzHX78HxzBZJF+IyI+Qsf/k6bx4qZbiFaIKY4kz3+BBSMvOWSEtiv4qaqoR fYHdO7HEuiyVDblEHFIE8DtX4P5jAZhsigwiMG+AYM3cilh5RNKFyOWA1wIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFEEtmH5ibJoGjeDStgF74flfYF1QMB8GA1UdIwQY MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut ODk3MTRhN2U4ZDU4LzEvUVMyWWZtSnNtZ2FONE5LMkFYdmgtVjlnWFZBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4 LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCUqNEAwQC lX5YAwQBuVaOMA0GCSqGSIb3DQEBCwUAA4IBAQCiUbbn3+NDAfjzchMKlb+6Y/c4 okPD8EhwkaJqLqL2jljShyw6hjFfW8dxbzYxL8TleAqXDo84n5qZDq6rQcGU/hMH Anf6Pw801gEAuq1SV0iQ4pA1w7DsgUFf/bR+N5gGPysE0GINEgUT8jisefbw6/G3 olMWFwWFhn7n/9KncOEkNUzAXXc7eQWMH1C3uBIOXMaTiuZcd1bW0IsiXTM4qLnw exlFlpPZ3TDqEbOGYFloLesCv/lDZLF3vbRVRV4USE3Ljd8AZ6x/UgUHPW8cN/jg 0sgt089GRK5WOo6SScoC+23Z8mGHZu9W/tbyj/tYA/1OLD5tgYP81Sl4SOZj -----END CERTIFICATE-----Generated at Sun Jan 18 08:53:50 2026 by rpki-client