This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/3qpvQqdQ3EDcZoaGOx2riVpcq8c.roa File: 3qpvQqdQ3EDcZoaGOx2riVpcq8c.roa (raw, json) Hash identifier: qTNQamHZ5asC3z3/r7JuROMu5QHj7RNHNTAIVoifaqU= Subject key identifier: DE:AA:6F:42:A7:50:DC:40:DC:66:86:86:3B:1D:AB:89:5A:5C:AB:C7 Certificate issuer: /CN=18101772248996b87d90840c2d27d62549458173 Certificate serial: 019B7F15074C6900FAE29FF5BBB5C65EDB22 Authority key identifier: 18:10:17:72:24:89:96:B8:7D:90:84:0C:2D:27:D6:25:49:45:81:73 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GBAXciSJlrh9kIQMLSfWJUlFgXM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/3qpvQqdQ3EDcZoaGOx2riVpcq8c.roa Signing time: Fri 02 Jan 2026 14:20:43 +0000 ROA not before: Fri 02 Jan 2026 14:20:43 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 152179 IP address blocks: 45.141.170.0/23 maxlen: 24 185.179.218.0/23 maxlen: 24 188.64.104.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/GBAXciSJlrh9kIQMLSfWJUlFgXM.crl rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/GBAXciSJlrh9kIQMLSfWJUlFgXM.mft rsync://rpki.ripe.net/repository/DEFAULT/GBAXciSJlrh9kIQMLSfWJUlFgXM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 02:01:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:15:07:4c:69:00:fa:e2:9f:f5:bb:b5:c6:5e:db:22 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=18101772248996b87d90840c2d27d62549458173 Validity Not Before: Jan 2 14:20:43 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=deaa6f42a750dc40dc6686863b1dab895a5cabc7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:d7:de:b0:c7:c5:e4:ef:3c:f3:09:39:24:fe: 05:9f:ed:a0:64:d3:d2:48:9b:d8:40:f3:70:9c:e9: bd:8b:c0:c7:7a:8f:b6:49:6a:b3:0f:10:16:22:35: a3:3b:12:fd:6e:78:e4:58:d2:b1:f2:94:f3:3d:c1: 0c:ed:c8:33:43:55:40:8b:a0:08:04:43:e6:52:55: 62:33:57:09:c9:95:05:da:e6:94:08:b5:70:9e:db: a6:4c:ed:cb:09:e9:37:08:2d:e9:d3:33:d9:0d:ef: 89:01:ee:9f:2d:07:6e:4a:39:de:85:8b:42:9e:97: eb:16:56:89:3e:7d:a8:a9:05:dd:31:05:bf:0f:7e: f1:28:6c:50:20:91:be:45:d7:1a:01:de:b5:98:d9: 28:e6:fb:27:ae:f6:e7:e2:d2:ef:48:cf:a0:01:dc: 09:6e:cc:96:f1:cc:d9:96:ff:14:2e:6a:ad:44:e9: 19:45:22:d9:87:ab:9c:b9:bf:4f:7d:28:d2:c9:ff: ad:30:f1:73:f5:f2:b1:3d:50:e6:0d:5d:92:67:ca: 87:8e:97:a1:f9:b8:36:c4:2e:b0:75:b2:81:34:fe: f6:0e:27:cd:33:5b:74:58:e1:b3:ae:1a:82:a1:64: 28:3b:5b:30:a3:87:4d:aa:30:87:70:76:75:9b:85: 47:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DE:AA:6F:42:A7:50:DC:40:DC:66:86:86:3B:1D:AB:89:5A:5C:AB:C7 X509v3 Authority Key Identifier: keyid:18:10:17:72:24:89:96:B8:7D:90:84:0C:2D:27:D6:25:49:45:81:73 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GBAXciSJlrh9kIQMLSfWJUlFgXM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/3qpvQqdQ3EDcZoaGOx2riVpcq8c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/GBAXciSJlrh9kIQMLSfWJUlFgXM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.141.170.0/23 185.179.218.0/23 188.64.104.0/22 Signature Algorithm: sha256WithRSAEncryption 72:e6:f5:5d:e4:fa:32:95:20:2f:cf:61:c2:d0:6e:4f:9b:90: cd:4c:e5:8a:a4:be:f1:1f:b0:a0:8e:5b:49:a6:f4:13:5e:d9: 02:4c:e5:d0:fe:18:e0:0e:f8:f7:4a:65:7e:ff:9d:01:76:58: 19:1c:46:2f:e7:e9:dd:06:80:77:d5:8d:4a:b8:84:a6:63:2d: b6:ec:fb:1b:52:f0:d7:a7:43:77:5b:7b:81:84:69:53:87:b2: 07:1b:50:3a:00:ca:f2:4a:9f:7c:19:11:ae:c1:c8:50:94:58: 5d:73:6e:f6:c5:f8:13:99:56:15:c2:01:18:d3:01:6b:6c:f3: 9f:54:3e:65:69:53:b3:80:76:00:a9:fb:e7:75:3d:0c:a1:11: a8:bb:c9:98:9e:9d:ff:58:a1:39:4a:90:5f:c3:d2:f6:30:5b: ee:fe:c2:ca:db:56:37:5a:de:6f:15:29:4e:a0:0c:24:c8:f0: b3:76:8b:3a:93:92:d9:bb:30:6d:36:63:b9:20:2f:e0:bb:c9: 70:33:a8:ed:5d:0f:5b:19:63:c1:ba:56:ff:18:b3:ed:93:10: dd:d1:24:11:ff:61:99:e6:89:2e:6f:0e:33:5b:b5:1a:51:c1: 85:9e:16:02:71:1a:f1:cd:45:2d:e6:30:71:87:13:20:bc:cd: 17:c0:12:a4 -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt/FQdMaQD64p/1u7XGXtsiMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDE4MTAxNzcyMjQ4OTk2Yjg3ZDkwODQwYzJkMjdkNjI1NDk0 NTgxNzMwHhcNMjYwMTAyMTQyMDQzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkZWFhNmY0MmE3NTBkYzQwZGM2Njg2ODYzYjFkYWI4OTVhNWNhYmM3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw9fesMfF5O888wk5JP4Fn+2gZNPS SJvYQPNwnOm9i8DHeo+2SWqzDxAWIjWjOxL9bnjkWNKx8pTzPcEM7cgzQ1VAi6AI BEPmUlViM1cJyZUF2uaUCLVwntumTO3LCek3CC3p0zPZDe+JAe6fLQduSjnehYtC npfrFlaJPn2oqQXdMQW/D37xKGxQIJG+RdcaAd61mNko5vsnrvbn4tLvSM+gAdwJ bsyW8czZlv8ULmqtROkZRSLZh6ucub9PfSjSyf+tMPFz9fKxPVDmDV2SZ8qHjpeh +bg2xC6wdbKBNP72DifNM1t0WOGzrhqCoWQoO1swo4dNqjCHcHZ1m4VHIQIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFN6qb0KnUNxA3GaGhjsdq4laXKvHMB8GA1UdIwQY MBaAFBgQF3IkiZa4fZCEDC0n1iVJRYFzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvR0JBWGNpU0pscmg5a0lRTUxTZldKVWxGZ1hNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8yMGE1YTUtMGJhMi00MDUyLWJlYjQt M2NjODVhZDNjMTkwLzEvM3FwdlFxZFEzRURjWm9hR094MnJpVnBjcThjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84MS8yMGE1YTUtMGJhMi00MDUyLWJlYjQtM2NjODVhZDNjMTkw LzEvR0JBWGNpU0pscmg5a0lRTUxTZldKVWxGZ1hNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBLY2qAwQB ubPaAwQCvEBoMA0GCSqGSIb3DQEBCwUAA4IBAQBy5vVd5PoylSAvz2HC0G5Pm5DN TOWKpL7xH7CgjltJpvQTXtkCTOXQ/hjgDvj3SmV+/50BdlgZHEYv5+ndBoB31Y1K uISmYy227PsbUvDXp0N3W3uBhGlTh7IHG1A6AMrySp98GRGuwchQlFhdc272xfgT mVYVwgEY0wFrbPOfVD5laVOzgHYAqfvndT0MoRGou8mYnp3/WKE5SpBfw9L2MFvu /sLK21Y3Wt5vFSlOoAwkyPCzdos6k5LZuzBtNmO5IC/gu8lwM6jtXQ9bGWPBulb/ GLPtkxDd0SQR/2GZ5okubw4zW7UaUcGFnhYCcRrxzUUt5jBxhxMgvM0XwBKk -----END CERTIFICATE-----Generated at Mon Jan 19 11:18:01 2026 by rpki-client