This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/d2d9f3-8d56-481c-8bc4-7c8f3fecdb2c/1/QvWAgIyFSp81QP1TU8EGOihTFps.roa File: QvWAgIyFSp81QP1TU8EGOihTFps.roa (raw, json) Hash identifier: 0pRqWv7OjhSbMQbgWqXrmBArFyxBxLPUemQb9GCiO7A= Subject key identifier: 42:F5:80:80:8C:85:4A:9F:35:40:FD:53:53:C1:06:3A:28:53:16:9B Certificate issuer: /CN=b025bac132e479a28df33573dd1096a9b7b78d32 Certificate serial: 019B7AC8EF37BE6C3E9AFF9C985A6CC6F2E5 Authority key identifier: B0:25:BA:C1:32:E4:79:A2:8D:F3:35:73:DD:10:96:A9:B7:B7:8D:32 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sCW6wTLkeaKN8zVz3RCWqbe3jTI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/d2d9f3-8d56-481c-8bc4-7c8f3fecdb2c/1/QvWAgIyFSp81QP1TU8EGOihTFps.roa Signing time: Thu 01 Jan 2026 18:19:07 +0000 ROA not before: Thu 01 Jan 2026 18:19:07 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 203489 IP address blocks: 185.132.68.0/22 maxlen: 22 185.214.0.0/22 maxlen: 22 2a0b:91c0::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7e/d2d9f3-8d56-481c-8bc4-7c8f3fecdb2c/1/sCW6wTLkeaKN8zVz3RCWqbe3jTI.crl rsync://rpki.ripe.net/repository/DEFAULT/7e/d2d9f3-8d56-481c-8bc4-7c8f3fecdb2c/1/sCW6wTLkeaKN8zVz3RCWqbe3jTI.mft rsync://rpki.ripe.net/repository/DEFAULT/sCW6wTLkeaKN8zVz3RCWqbe3jTI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 12:01:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:c8:ef:37:be:6c:3e:9a:ff:9c:98:5a:6c:c6:f2:e5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b025bac132e479a28df33573dd1096a9b7b78d32 Validity Not Before: Jan 1 18:19:07 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=42f580808c854a9f3540fd5353c1063a2853169b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:e5:14:91:f0:4e:04:de:88:7a:aa:c1:45:af: 45:c3:15:5a:df:6c:f4:5f:af:37:d3:4c:93:44:f2: c3:0e:6b:ee:72:49:20:63:1f:c8:40:34:40:2c:df: 86:4e:af:a8:98:83:8f:79:61:4a:cb:5b:1f:51:37: 5c:6e:56:48:15:3e:bc:48:dd:c2:7c:37:93:af:c5: 84:12:09:81:83:fb:5e:37:31:b0:c5:52:c4:27:5d: c3:4f:83:66:27:22:25:95:64:cf:9b:1d:2c:95:40: 59:c7:98:67:a8:98:74:8e:0a:2e:89:01:c5:0f:da: 57:9b:86:9f:09:62:89:e5:5f:4a:ca:4a:52:b8:f3: 72:e4:a7:0a:41:ce:72:28:3c:0b:54:8d:bd:60:38: 50:c1:58:5c:4d:21:1f:af:8c:2d:7d:5b:e2:f6:77: 4c:c9:ba:29:eb:11:74:88:3c:47:de:2d:18:c4:98: 70:8f:7b:da:d9:c2:77:93:2a:20:56:2a:a9:7a:53: 0d:cf:5f:a8:93:5c:90:4e:4f:36:f5:84:3b:c0:b8: e2:d5:8d:70:21:8a:30:2d:f3:30:23:5b:2c:62:8f: cc:63:39:b4:45:b0:a7:ce:63:7f:48:b7:71:b2:9a: 0b:62:8b:df:d4:5d:de:32:d2:c1:11:bb:bb:35:d0: 0a:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 42:F5:80:80:8C:85:4A:9F:35:40:FD:53:53:C1:06:3A:28:53:16:9B X509v3 Authority Key Identifier: keyid:B0:25:BA:C1:32:E4:79:A2:8D:F3:35:73:DD:10:96:A9:B7:B7:8D:32 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sCW6wTLkeaKN8zVz3RCWqbe3jTI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/d2d9f3-8d56-481c-8bc4-7c8f3fecdb2c/1/QvWAgIyFSp81QP1TU8EGOihTFps.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/d2d9f3-8d56-481c-8bc4-7c8f3fecdb2c/1/sCW6wTLkeaKN8zVz3RCWqbe3jTI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.132.68.0/22 185.214.0.0/22 IPv6: 2a0b:91c0::/29 Signature Algorithm: sha256WithRSAEncryption 28:c2:58:fc:ed:f3:99:d1:d4:2d:e7:97:19:65:21:76:67:98: 7d:6e:b6:47:c8:01:d6:c6:bd:6b:cc:54:4e:10:29:80:65:ee: be:26:ae:59:d9:67:39:b9:c3:4c:c4:87:40:ff:bf:2d:cd:a4: 08:ac:35:45:67:98:53:5e:b0:b0:42:e3:bd:01:cf:36:8f:3f: a4:bd:f0:4e:05:a4:97:03:8f:3a:14:c6:1e:81:18:6c:f2:8f: cb:57:f0:36:59:89:6a:d8:6b:c9:ac:c9:3d:e0:cf:29:b7:30: bc:df:0c:5d:41:9b:f1:97:e9:01:36:4f:44:9c:3e:82:59:5b: 0c:d0:bc:3a:b2:08:9b:8a:0c:18:38:a8:0f:8b:9b:73:27:e7: 1e:56:45:be:b6:4e:6e:5a:3d:39:37:9a:81:c6:a2:26:65:d8: 0f:5c:f1:ea:08:63:b8:8d:78:67:b7:a8:c4:8f:14:8b:4b:50: a6:03:eb:a2:67:97:ae:22:81:aa:a7:a4:8e:0c:e8:73:5a:d9: 12:54:65:94:d9:11:0e:e6:4a:62:fd:e4:e4:47:b6:01:67:2d: d2:48:0a:43:56:fc:a1:c1:36:79:0b:af:05:91:95:2c:9c:ba: c0:8e:0e:80:6f:11:d1:d8:ac:6a:cd:e6:10:89:c1:ad:32:bf: 19:c2:3b:dd -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt6yO83vmw+mv+cmFpsxvLlMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIwMjViYWMxMzJlNDc5YTI4ZGYzMzU3M2RkMTA5NmE5Yjdi NzhkMzIwHhcNMjYwMTAxMTgxOTA3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0MmY1ODA4MDhjODU0YTlmMzU0MGZkNTM1M2MxMDYzYTI4NTMxNjliMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAueUUkfBOBN6IeqrBRa9FwxVa32z0 X68300yTRPLDDmvuckkgYx/IQDRALN+GTq+omIOPeWFKy1sfUTdcblZIFT68SN3C fDeTr8WEEgmBg/teNzGwxVLEJ13DT4NmJyIllWTPmx0slUBZx5hnqJh0jgouiQHF D9pXm4afCWKJ5V9KykpSuPNy5KcKQc5yKDwLVI29YDhQwVhcTSEfr4wtfVvi9ndM ybop6xF0iDxH3i0YxJhwj3va2cJ3kyogViqpelMNz1+ok1yQTk829YQ7wLji1Y1w IYowLfMwI1ssYo/MYzm0RbCnzmN/SLdxspoLYovf1F3eMtLBEbu7NdAK+QIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFEL1gICMhUqfNUD9U1PBBjooUxabMB8GA1UdIwQY MBaAFLAlusEy5HmijfM1c90Qlqm3t40yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvc0NXNndUTGtlYUtOOHpWejNSQ1dxYmUzalRJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS9kMmQ5ZjMtOGQ1Ni00ODFjLThiYzQt N2M4ZjNmZWNkYjJjLzEvUXZXQWdJeUZTcDgxUVAxVFU4RUdPaWhURnBzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83ZS9kMmQ5ZjMtOGQ1Ni00ODFjLThiYzQtN2M4ZjNmZWNkYjJj LzEvc0NXNndUTGtlYUtOOHpWejNSQ1dxYmUzalRJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuYREAwQC udYAMA0EAgACMAcDBQMqC5HAMA0GCSqGSIb3DQEBCwUAA4IBAQAowlj87fOZ0dQt 55cZZSF2Z5h9brZHyAHWxr1rzFROECmAZe6+Jq5Z2Wc5ucNMxIdA/78tzaQIrDVF Z5hTXrCwQuO9Ac82jz+kvfBOBaSXA486FMYegRhs8o/LV/A2WYlq2GvJrMk94M8p tzC83wxdQZvxl+kBNk9EnD6CWVsM0Lw6sgibigwYOKgPi5tzJ+ceVkW+tk5uWj05 N5qBxqImZdgPXPHqCGO4jXhnt6jEjxSLS1CmA+uiZ5euIoGqp6SODOhzWtkSVGWU 2REO5kpi/eTkR7YBZy3SSApDVvyhwTZ5C68FkZUsnLrAjg6AbxHR2KxqzeYQicGt Mr8Zwjvd -----END CERTIFICATE-----Generated at Mon Jan 26 18:19:30 2026 by rpki-client