This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/e28103-a0fb-4227-bcb1-e497d40f4e2a/1/BQzh2z0KThYiq9nldvTFN7xr1hY.roa File: BQzh2z0KThYiq9nldvTFN7xr1hY.roa (raw, json) Hash identifier: kQeadxjS7hkE7Ea7E7epq7OwwMLIVC/GLGRRKCK52Bc= Subject key identifier: 05:0C:E1:DB:3D:0A:4E:16:22:AB:D9:E5:76:F4:C5:37:BC:6B:D6:16 Certificate issuer: /CN=d4e2896897a9721678e684693993a5a884903364 Certificate serial: 019B7E37E31E134F1C30E4886B4C8ADA0A8B Authority key identifier: D4:E2:89:68:97:A9:72:16:78:E6:84:69:39:93:A5:A8:84:90:33:64 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1OKJaJepchZ45oRpOZOlqISQM2Q.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/e28103-a0fb-4227-bcb1-e497d40f4e2a/1/BQzh2z0KThYiq9nldvTFN7xr1hY.roa Signing time: Fri 02 Jan 2026 10:19:10 +0000 ROA not before: Fri 02 Jan 2026 10:19:10 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 197922 IP address blocks: 86.104.252.0/23 maxlen: 23 86.105.212.0/23 maxlen: 23 86.105.254.0/24 maxlen: 24 86.105.255.0/24 maxlen: 24 86.107.189.0/24 maxlen: 24 86.107.190.0/24 maxlen: 24 89.38.238.0/23 maxlen: 23 91.229.20.0/24 maxlen: 24 91.236.239.0/24 maxlen: 24 91.236.254.0/24 maxlen: 24 91.236.255.0/24 maxlen: 24 93.113.206.0/23 maxlen: 23 93.115.96.0/23 maxlen: 23 93.118.32.0/22 maxlen: 22 185.13.36.0/24 maxlen: 24 185.13.37.0/24 maxlen: 24 185.13.38.0/24 maxlen: 24 185.13.39.0/24 maxlen: 24 185.41.152.0/22 maxlen: 22 188.213.24.0/22 maxlen: 22 188.213.28.0/22 maxlen: 22 188.213.140.0/22 maxlen: 22 188.214.25.0/24 maxlen: 24 2a03:75c0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a8/e28103-a0fb-4227-bcb1-e497d40f4e2a/1/1OKJaJepchZ45oRpOZOlqISQM2Q.crl rsync://rpki.ripe.net/repository/DEFAULT/a8/e28103-a0fb-4227-bcb1-e497d40f4e2a/1/1OKJaJepchZ45oRpOZOlqISQM2Q.mft rsync://rpki.ripe.net/repository/DEFAULT/1OKJaJepchZ45oRpOZOlqISQM2Q.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 21:05:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:37:e3:1e:13:4f:1c:30:e4:88:6b:4c:8a:da:0a:8b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d4e2896897a9721678e684693993a5a884903364 Validity Not Before: Jan 2 10:19:10 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=050ce1db3d0a4e1622abd9e576f4c537bc6bd616 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:67:e5:bb:5c:a0:a7:bd:0b:16:51:c0:11:32: 7a:38:4f:06:29:5a:00:2e:66:02:1a:42:9a:f9:59: 18:3d:03:a9:c8:a6:c2:73:43:c5:8d:87:59:0d:60: c7:2c:23:91:d8:41:eb:27:da:18:9b:0f:d9:a9:14: 61:7d:4d:ba:94:a4:9e:30:64:b4:e2:dc:b9:56:8e: 0c:4c:ed:51:74:c5:48:b8:97:15:31:53:61:d8:c1: 9e:50:33:28:44:5e:d2:f2:ae:07:b1:b9:9f:bc:ee: a2:e6:ca:a5:87:47:cb:38:ab:af:d3:33:17:8a:15: ae:94:91:11:d2:64:c2:14:c7:d2:e5:a7:0d:b9:ca: a8:f7:c1:4c:43:ee:bc:3a:d1:30:7b:38:0c:49:64: 32:68:d1:5e:01:10:5b:f4:ef:44:94:60:c0:d9:ab: 24:e6:11:d9:79:53:ba:8d:b4:2c:ef:34:bf:2c:86: 16:6e:ac:e0:13:03:26:c6:5b:a3:d3:75:6f:6d:aa: 8c:51:6d:b0:e3:e2:60:67:4c:6c:3f:ab:40:c0:b7: fb:58:f5:e9:03:8a:4b:ee:a3:83:48:0c:26:9d:6b: d8:2c:a6:a0:a4:be:62:3d:73:cf:be:ba:98:d8:ba: a2:0d:3b:a5:85:23:84:cd:68:17:ad:c1:4f:b7:e7: 7d:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 05:0C:E1:DB:3D:0A:4E:16:22:AB:D9:E5:76:F4:C5:37:BC:6B:D6:16 X509v3 Authority Key Identifier: keyid:D4:E2:89:68:97:A9:72:16:78:E6:84:69:39:93:A5:A8:84:90:33:64 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1OKJaJepchZ45oRpOZOlqISQM2Q.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/e28103-a0fb-4227-bcb1-e497d40f4e2a/1/BQzh2z0KThYiq9nldvTFN7xr1hY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/e28103-a0fb-4227-bcb1-e497d40f4e2a/1/1OKJaJepchZ45oRpOZOlqISQM2Q.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 86.104.252.0/23 86.105.212.0/23 86.105.254.0/23 86.107.189.0-86.107.190.255 89.38.238.0/23 91.229.20.0/24 91.236.239.0/24 91.236.254.0/23 93.113.206.0/23 93.115.96.0/23 93.118.32.0/22 185.13.36.0/22 185.41.152.0/22 188.213.24.0/21 188.213.140.0/22 188.214.25.0/24 IPv6: 2a03:75c0::/32 Signature Algorithm: sha256WithRSAEncryption 42:92:77:a6:79:19:c6:01:bf:36:9d:bf:5b:07:d9:5e:b9:a3: 12:5e:74:28:0f:b6:b6:19:c0:c7:5b:ea:f1:8a:c7:51:00:5f: e3:55:81:14:62:b8:8e:3d:ca:57:b5:37:88:40:ae:73:a1:81: 20:aa:38:e5:ea:3d:6b:f8:bd:cc:01:6e:ba:d1:d1:7a:88:87: 6c:08:8d:ec:73:26:48:d6:9e:a0:af:6a:55:c0:cb:54:de:d3: ef:54:cb:11:45:50:f4:b0:94:8a:61:2f:b0:52:6b:8c:61:f2: 1a:d8:f0:9f:14:64:95:74:41:8a:76:4e:f7:e5:5c:16:e7:5f: 90:10:61:6c:76:e6:b9:b1:04:ae:91:17:0e:c6:21:78:b6:94: 4d:5c:a6:fa:ea:44:a7:28:9c:9b:50:d6:0d:c9:89:ba:5e:5a: 0f:31:34:b0:db:44:04:6a:1b:d2:40:f8:dd:c3:b0:d4:83:8c: af:4f:54:d1:c7:67:06:63:0b:b8:a2:07:9a:a7:b1:51:d1:9a: d3:d8:6c:e6:a3:4c:85:04:e2:9d:8e:4b:5b:e2:4e:32:85:01: 23:fd:37:6d:d0:d2:d7:95:46:61:8f:32:b4:e4:3f:14:46:68: ea:0d:45:0a:3d:a7:26:3c:f7:bf:cf:5b:fb:5b:1f:68:1a:7b: a0:d3:37:20 -----BEGIN CERTIFICATE----- MIIFcDCCBFigAwIBAgISAZt+N+MeE08cMOSIa0yK2gqLMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ0ZTI4OTY4OTdhOTcyMTY3OGU2ODQ2OTM5OTNhNWE4ODQ5 MDMzNjQwHhcNMjYwMTAyMTAxOTEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwNTBjZTFkYjNkMGE0ZTE2MjJhYmQ5ZTU3NmY0YzUzN2JjNmJkNjE2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvmflu1ygp70LFlHAETJ6OE8GKVoA LmYCGkKa+VkYPQOpyKbCc0PFjYdZDWDHLCOR2EHrJ9oYmw/ZqRRhfU26lKSeMGS0 4ty5Vo4MTO1RdMVIuJcVMVNh2MGeUDMoRF7S8q4HsbmfvO6i5sqlh0fLOKuv0zMX ihWulJER0mTCFMfS5acNucqo98FMQ+68OtEwezgMSWQyaNFeARBb9O9ElGDA2ask 5hHZeVO6jbQs7zS/LIYWbqzgEwMmxluj03VvbaqMUW2w4+JgZ0xsP6tAwLf7WPXp A4pL7qODSAwmnWvYLKagpL5iPXPPvrqY2LqiDTulhSOEzWgXrcFPt+d97wIDAQAB o4ICfDCCAngwHQYDVR0OBBYEFAUM4ds9Ck4WIqvZ5Xb0xTe8a9YWMB8GA1UdIwQY MBaAFNTiiWiXqXIWeOaEaTmTpaiEkDNkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMU9LSmFKZXBjaFo0NW9ScE9aT2xxSVNRTTJRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9lMjgxMDMtYTBmYi00MjI3LWJjYjEt ZTQ5N2Q0MGY0ZTJhLzEvQlF6aDJ6MEtUaFlpcTlubGR2VEZON3hyMWhZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hOC9lMjgxMDMtYTBmYi00MjI3LWJjYjEtZTQ5N2Q0MGY0ZTJh LzEvMU9LSmFKZXBjaFo0NW9ScE9aT2xxSVNRTTJRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIGRBggrBgEFBQcBBwEB/wSBgTB/MG4EAgABMGgDBAFWaPwD BAFWadQDBAFWaf4wDAMEAFZrvQMEAFZrvgMEAVkm7gMEAFvlFAMEAFvs7wMEAVvs /gMEAV1xzgMEAV1zYAMEAl12IAMEArkNJAMEArkpmAMEA7zVGAMEArzVjAMEALzW GTANBAIAAjAHAwUAKgN1wDANBgkqhkiG9w0BAQsFAAOCAQEAQpJ3pnkZxgG/Np2/ WwfZXrmjEl50KA+2thnAx1vq8YrHUQBf41WBFGK4jj3KV7U3iECuc6GBIKo45eo9 a/i9zAFuutHReoiHbAiN7HMmSNaeoK9qVcDLVN7T71TLEUVQ9LCUimEvsFJrjGHy GtjwnxRklXRBinZO9+VcFudfkBBhbHbmubEErpEXDsYheLaUTVym+upEpyicm1DW DcmJul5aDzE0sNtEBGob0kD43cOw1IOMr09U0cdnBmMLuKIHmqexUdGa09hs5qNM hQTinY5LW+JOMoUBI/03bdDS15VGYY8ytOQ/FEZo6g1FCj2nJjz3v89b+1sfaBp7 oNM3IA== -----END CERTIFICATE-----Generated at Tue Feb 10 02:33:33 2026 by rpki-client