This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/81068c-aed7-4127-88e4-62cb8aca9618/1/1QjvKCsvTR0ccDdXAfoDfJPSyJE.roa File: 1QjvKCsvTR0ccDdXAfoDfJPSyJE.roa (raw, json) Hash identifier: qPTH0R4OHCDFXj8DShsOufuFq2W68jfp5X6XHwRILiE= Subject key identifier: D5:08:EF:28:2B:2F:4D:1D:1C:70:37:57:01:FA:03:7C:93:D2:C8:91 Certificate issuer: /CN=23c02af4f58f11320af3196946e1fce9d050c906 Certificate serial: 019B77C73812D647B903357EFFA8BF7B772B Authority key identifier: 23:C0:2A:F4:F5:8F:11:32:0A:F3:19:69:46:E1:FC:E9:D0:50:C9:06 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I8Aq9PWPETIK8xlpRuH86dBQyQY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/81068c-aed7-4127-88e4-62cb8aca9618/1/1QjvKCsvTR0ccDdXAfoDfJPSyJE.roa Signing time: Thu 01 Jan 2026 04:18:23 +0000 ROA not before: Thu 01 Jan 2026 04:18:23 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 199229 IP address blocks: 185.85.144.0/22 maxlen: 22 2a05:ae80::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b3/81068c-aed7-4127-88e4-62cb8aca9618/1/I8Aq9PWPETIK8xlpRuH86dBQyQY.crl rsync://rpki.ripe.net/repository/DEFAULT/b3/81068c-aed7-4127-88e4-62cb8aca9618/1/I8Aq9PWPETIK8xlpRuH86dBQyQY.mft rsync://rpki.ripe.net/repository/DEFAULT/I8Aq9PWPETIK8xlpRuH86dBQyQY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 13:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c7:38:12:d6:47:b9:03:35:7e:ff:a8:bf:7b:77:2b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=23c02af4f58f11320af3196946e1fce9d050c906 Validity Not Before: Jan 1 04:18:23 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d508ef282b2f4d1d1c70375701fa037c93d2c891 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:c5:06:31:3e:88:1d:73:78:cb:7f:05:c4:f7: d1:14:f8:63:82:94:c6:b8:52:6f:e9:e2:c6:34:e3: 40:f4:6a:b2:cb:b6:77:14:48:40:a2:a5:65:51:ec: e9:d5:c5:ce:75:7d:c6:bc:51:64:55:94:97:69:76: 55:4b:04:9c:35:47:73:3c:bb:9d:95:45:a9:88:37: d4:77:21:b3:bf:1e:03:3c:39:15:b4:77:fe:2d:3d: 9a:a7:a7:06:4a:fd:55:78:9a:6a:b7:a4:d9:28:28: 88:a7:d6:89:0e:66:28:db:dd:85:f5:f4:1b:95:ab: 35:82:56:de:5a:d0:dc:71:59:1f:ac:0a:3f:a2:d5: 3a:50:0e:66:21:87:b2:67:b3:95:ee:2e:93:2e:89: 2e:73:98:f6:b9:f4:bf:2b:71:62:e5:b0:91:3d:b1: ed:25:61:4f:93:cc:f7:02:74:c5:32:7b:01:99:df: 26:4d:bb:39:a4:4c:dc:fd:c9:66:45:5a:bf:36:57: d5:33:ec:7e:41:67:d7:e2:ad:6b:76:89:3d:d8:94: 3f:87:1f:4c:82:76:d4:36:56:c4:91:6c:ea:09:e6: 7f:89:74:de:fb:a3:92:68:d5:93:ae:77:39:1a:8d: 40:a5:e3:92:f4:86:02:b8:5e:ec:86:a3:67:01:78: 5d:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D5:08:EF:28:2B:2F:4D:1D:1C:70:37:57:01:FA:03:7C:93:D2:C8:91 X509v3 Authority Key Identifier: keyid:23:C0:2A:F4:F5:8F:11:32:0A:F3:19:69:46:E1:FC:E9:D0:50:C9:06 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I8Aq9PWPETIK8xlpRuH86dBQyQY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/81068c-aed7-4127-88e4-62cb8aca9618/1/1QjvKCsvTR0ccDdXAfoDfJPSyJE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/81068c-aed7-4127-88e4-62cb8aca9618/1/I8Aq9PWPETIK8xlpRuH86dBQyQY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.85.144.0/22 IPv6: 2a05:ae80::/29 Signature Algorithm: sha256WithRSAEncryption 2a:db:da:bc:dd:5c:af:72:d6:74:99:e0:77:d2:e5:19:9b:83: 89:be:4e:83:c5:25:f8:b8:b4:e6:e0:d3:ae:eb:31:f7:f2:18: 20:7a:37:67:3e:47:45:89:3c:1a:66:4a:84:a2:13:4f:26:dc: 86:06:f6:3d:9d:88:0a:65:b1:b4:68:7c:68:84:e5:73:41:77: 1d:71:ec:be:60:41:c4:17:01:1d:83:ea:07:87:63:75:48:32: 62:f1:eb:91:16:ca:49:04:a8:9d:28:3e:e2:9d:07:69:58:00: e7:51:e9:1c:ae:38:28:2e:b8:07:4b:d9:03:6b:db:1f:9f:9b: c4:fd:21:95:03:de:b0:d1:81:b4:37:fa:3e:79:0b:0f:da:19: 67:be:f5:d1:d6:e5:d2:80:64:ca:ae:fc:24:1b:19:8f:15:06: 0a:91:a3:c7:d6:59:c4:da:db:cb:bb:dd:bf:9b:60:88:d1:49: 43:50:3f:6f:23:71:d5:04:7e:e1:24:a2:9d:9f:29:fa:94:d9: a6:b5:fe:4e:67:0c:da:23:aa:5f:13:59:c3:dc:49:1c:77:d8: 73:90:35:8a:73:2e:cb:d6:7f:3d:f4:4c:39:a7:0d:4d:83:4b: 68:7a:8b:16:ac:cd:64:63:f0:3a:37:6b:74:15:d6:ae:cf:dd: 66:e4:8b:2d -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt3xzgS1ke5AzV+/6i/e3crMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIzYzAyYWY0ZjU4ZjExMzIwYWYzMTk2OTQ2ZTFmY2U5ZDA1 MGM5MDYwHhcNMjYwMTAxMDQxODIzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkNTA4ZWYyODJiMmY0ZDFkMWM3MDM3NTcwMWZhMDM3YzkzZDJjODkxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqsUGMT6IHXN4y38FxPfRFPhjgpTG uFJv6eLGNONA9Gqyy7Z3FEhAoqVlUezp1cXOdX3GvFFkVZSXaXZVSwScNUdzPLud lUWpiDfUdyGzvx4DPDkVtHf+LT2ap6cGSv1VeJpqt6TZKCiIp9aJDmYo292F9fQb las1glbeWtDccVkfrAo/otU6UA5mIYeyZ7OV7i6TLokuc5j2ufS/K3Fi5bCRPbHt JWFPk8z3AnTFMnsBmd8mTbs5pEzc/clmRVq/NlfVM+x+QWfX4q1rdok92JQ/hx9M gnbUNlbEkWzqCeZ/iXTe+6OSaNWTrnc5Go1ApeOS9IYCuF7shqNnAXhdXQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFNUI7ygrL00dHHA3VwH6A3yT0siRMB8GA1UdIwQY MBaAFCPAKvT1jxEyCvMZaUbh/OnQUMkGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSThBcTlQV1BFVElLOHhscFJ1SDg2ZEJReVFZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy84MTA2OGMtYWVkNy00MTI3LTg4ZTQt NjJjYjhhY2E5NjE4LzEvMVFqdktDc3ZUUjBjY0RkWEFmb0RmSlBTeUpFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMy84MTA2OGMtYWVkNy00MTI3LTg4ZTQtNjJjYjhhY2E5NjE4 LzEvSThBcTlQV1BFVElLOHhscFJ1SDg2ZEJReVFZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuVWQMA0E AgACMAcDBQMqBa6AMA0GCSqGSIb3DQEBCwUAA4IBAQAq29q83VyvctZ0meB30uUZ m4OJvk6DxSX4uLTm4NOu6zH38hggejdnPkdFiTwaZkqEohNPJtyGBvY9nYgKZbG0 aHxohOVzQXcdcey+YEHEFwEdg+oHh2N1SDJi8euRFspJBKidKD7inQdpWADnUekc rjgoLrgHS9kDa9sfn5vE/SGVA96w0YG0N/o+eQsP2hlnvvXR1uXSgGTKrvwkGxmP FQYKkaPH1lnE2tvLu92/m2CI0UlDUD9vI3HVBH7hJKKdnyn6lNmmtf5OZwzaI6pf E1nD3Ekcd9hzkDWKcy7L1n899Ew5pw1Ng0toeosWrM1kY/A6N2t0Fdauz91m5Ist -----END CERTIFICATE-----Generated at Mon Feb 9 22:36:44 2026 by rpki-client