This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/04fef8-d2df-4f7a-92b4-7f970a3af9cd/1/q4XekdpB8TJEjFPDt8ccc_PZPoY.roa File: q4XekdpB8TJEjFPDt8ccc_PZPoY.roa (raw, json) Hash identifier: PjKWv/0KNDEM4pTyCe/55FuN+l88tsgTGIft6oTHhlE= Subject key identifier: AB:85:DE:91:DA:41:F1:32:44:8C:53:C3:B7:C7:1C:73:F3:D9:3E:86 Certificate issuer: /CN=2c96946c501ddf48696da2cf110fdceb286fac98 Certificate serial: 019B7CED8F0B325DBADBAA3FF3779C947F5E Authority key identifier: 2C:96:94:6C:50:1D:DF:48:69:6D:A2:CF:11:0F:DC:EB:28:6F:AC:98 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LJaUbFAd30hpbaLPEQ_c6yhvrJg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/04fef8-d2df-4f7a-92b4-7f970a3af9cd/1/q4XekdpB8TJEjFPDt8ccc_PZPoY.roa Signing time: Fri 02 Jan 2026 04:18:21 +0000 ROA not before: Fri 02 Jan 2026 04:18:21 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 42836 IP address blocks: 185.223.86.0/23 maxlen: 24 195.66.90.0/24 maxlen: 24 2001:67c:20c8::/48 maxlen: 64 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/04fef8-d2df-4f7a-92b4-7f970a3af9cd/1/LJaUbFAd30hpbaLPEQ_c6yhvrJg.crl rsync://rpki.ripe.net/repository/DEFAULT/a2/04fef8-d2df-4f7a-92b4-7f970a3af9cd/1/LJaUbFAd30hpbaLPEQ_c6yhvrJg.mft rsync://rpki.ripe.net/repository/DEFAULT/LJaUbFAd30hpbaLPEQ_c6yhvrJg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 20:39:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:ed:8f:0b:32:5d:ba:db:aa:3f:f3:77:9c:94:7f:5e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2c96946c501ddf48696da2cf110fdceb286fac98 Validity Not Before: Jan 2 04:18:21 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=ab85de91da41f132448c53c3b7c71c73f3d93e86 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:70:17:b4:c5:5d:73:51:8a:b6:c1:84:4d:01: 8e:cf:1c:06:2e:df:53:6e:09:ab:30:3a:20:5e:7d: f7:36:f4:32:8b:9a:84:fa:88:07:01:44:64:68:75: a4:33:35:5d:c2:a8:b1:0b:29:4e:b8:7e:cd:c0:51: 86:e5:c6:ee:69:9c:86:5d:f2:37:d2:84:1c:92:b5: e1:89:62:49:50:e6:ce:ca:d8:42:0f:b6:64:cd:71: 49:fd:07:51:33:5f:df:4e:c5:db:31:57:59:de:55: f1:d1:e7:7b:ff:dd:c3:ea:50:6e:40:8e:73:7d:70: 1b:74:ee:99:f9:f5:1c:73:e0:fb:da:12:94:fc:0e: 3b:03:3d:54:63:60:36:ff:9f:95:b9:d1:38:1c:26: 2d:04:82:6e:70:06:1d:4a:c4:09:02:58:87:7f:6c: 3a:74:60:5c:80:5e:4e:b1:1b:81:81:b8:a6:60:5c: a9:76:29:77:42:50:72:2f:b3:76:86:b0:7a:e8:18: a4:65:27:ba:d1:ab:db:5d:d5:f8:ab:31:cb:0c:1a: 84:4f:15:32:e0:c0:35:f8:41:07:89:a9:fc:ba:44: e1:11:09:25:ed:e3:32:08:17:b9:af:c2:e5:9a:b1: be:15:86:8e:36:9e:1c:9d:fe:93:71:31:3c:9d:33: 66:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AB:85:DE:91:DA:41:F1:32:44:8C:53:C3:B7:C7:1C:73:F3:D9:3E:86 X509v3 Authority Key Identifier: keyid:2C:96:94:6C:50:1D:DF:48:69:6D:A2:CF:11:0F:DC:EB:28:6F:AC:98 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LJaUbFAd30hpbaLPEQ_c6yhvrJg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/04fef8-d2df-4f7a-92b4-7f970a3af9cd/1/q4XekdpB8TJEjFPDt8ccc_PZPoY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/04fef8-d2df-4f7a-92b4-7f970a3af9cd/1/LJaUbFAd30hpbaLPEQ_c6yhvrJg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.223.86.0/23 195.66.90.0/24 IPv6: 2001:67c:20c8::/48 Signature Algorithm: sha256WithRSAEncryption 9d:6e:d0:9b:df:fc:77:00:b9:a3:bf:37:c2:87:c7:85:73:c9: a2:5c:01:8e:ff:e4:f7:20:32:24:c0:27:29:01:c1:9d:2e:c9: 2e:db:dd:74:21:83:32:6b:35:08:88:99:2f:ef:f6:69:ae:f0: 13:ea:a5:ff:31:25:25:c4:c4:47:31:d8:e3:f8:14:17:83:8c: 8c:10:88:99:fb:b3:16:aa:b9:ad:e9:e4:31:37:1e:b3:05:b5: d8:da:87:24:01:40:e1:0f:72:aa:90:a6:ec:e4:f6:d0:3a:bb: 07:02:89:46:1e:24:32:70:b6:b4:4d:c4:a9:8e:64:1b:a7:08: b4:bb:3b:f9:76:36:9f:2a:e9:a9:cf:26:9a:fa:d0:00:02:29: f5:b2:ba:2e:6c:0d:f8:72:c8:01:41:52:79:78:0a:1d:99:9f: a0:f7:64:9e:3c:aa:d9:7c:3a:1f:b6:eb:cf:79:b6:77:1c:11: 65:07:e5:95:30:ba:73:59:9f:9b:c8:e0:fa:82:6c:e0:8d:61: 66:64:ba:c3:fe:9a:e3:04:f1:80:f7:28:e3:39:98:b9:fd:bc: a4:72:84:85:c2:2e:34:94:cd:f1:8b:82:23:91:c1:31:fd:2b: 1e:42:af:6d:8f:dd:77:7a:e3:d4:2c:45:55:70:7e:05:27:0e: 80:b1:6d:dd -----BEGIN CERTIFICATE----- MIIFFDCCA/ygAwIBAgISAZt87Y8LMl2626o/83eclH9eMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJjOTY5NDZjNTAxZGRmNDg2OTZkYTJjZjExMGZkY2ViMjg2 ZmFjOTgwHhcNMjYwMTAyMDQxODIxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhYjg1ZGU5MWRhNDFmMTMyNDQ4YzUzYzNiN2M3MWM3M2YzZDkzZTg2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr3AXtMVdc1GKtsGETQGOzxwGLt9T bgmrMDogXn33NvQyi5qE+ogHAURkaHWkMzVdwqixCylOuH7NwFGG5cbuaZyGXfI3 0oQckrXhiWJJUObOythCD7ZkzXFJ/QdRM1/fTsXbMVdZ3lXx0ed7/93D6lBuQI5z fXAbdO6Z+fUcc+D72hKU/A47Az1UY2A2/5+VudE4HCYtBIJucAYdSsQJAliHf2w6 dGBcgF5OsRuBgbimYFypdil3QlByL7N2hrB66BikZSe60avbXdX4qzHLDBqETxUy 4MA1+EEHian8ukThEQkl7eMyCBe5r8LlmrG+FYaONp4cnf6TcTE8nTNmAQIDAQAB o4ICIDCCAhwwHQYDVR0OBBYEFKuF3pHaQfEyRIxTw7fHHHPz2T6GMB8GA1UdIwQY MBaAFCyWlGxQHd9IaW2izxEP3Osob6yYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTEphVWJGQWQzMGhwYmFMUEVRX2M2eWh2ckpnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi8wNGZlZjgtZDJkZi00ZjdhLTkyYjQt N2Y5NzBhM2FmOWNkLzEvcTRYZWtkcEI4VEpFakZQRHQ4Y2NjX1BaUG9ZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hMi8wNGZlZjgtZDJkZi00ZjdhLTkyYjQtN2Y5NzBhM2FmOWNk LzEvTEphVWJGQWQzMGhwYmFMUEVRX2M2eWh2ckpnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQBud9WAwQA w0JaMA8EAgACMAkDBwAgAQZ8IMgwDQYJKoZIhvcNAQELBQADggEBAJ1u0Jvf/HcA uaO/N8KHx4VzyaJcAY7/5PcgMiTAJykBwZ0uyS7b3XQhgzJrNQiImS/v9mmu8BPq pf8xJSXExEcx2OP4FBeDjIwQiJn7sxaqua3p5DE3HrMFtdjahyQBQOEPcqqQpuzk 9tA6uwcCiUYeJDJwtrRNxKmOZBunCLS7O/l2Np8q6anPJpr60AACKfWyui5sDfhy yAFBUnl4Ch2Zn6D3ZJ48qtl8Oh+26895tnccEWUH5ZUwunNZn5vI4PqCbOCNYWZk usP+muME8YD3KOM5mLn9vKRyhIXCLjSUzfGLgiORwTH9Kx5Cr22P3Xd649QsRVVw fgUnDoCxbd0= -----END CERTIFICATE-----Generated at Tue Jan 27 05:32:50 2026 by rpki-client