This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/c79635-bec4-4fb5-892c-fa26ec39faba/1/kSqnJudP1pAwQZ-smOra_DXvmqo.roa File: kSqnJudP1pAwQZ-smOra_DXvmqo.roa (raw, json) Hash identifier: MWXJ230azqqoaYeTEJboZO3ZCTU5ujgS6o/oqGqK34I= Subject key identifier: 91:2A:A7:26:E7:4F:D6:90:30:41:9F:AC:98:EA:DA:FC:35:EF:9A:AA Certificate issuer: /CN=413ffa106ae3fee6be87bac06a87ba57ed1c1140 Certificate serial: 019B7C1116875C60280A262EF2E6290CC84F Authority key identifier: 41:3F:FA:10:6A:E3:FE:E6:BE:87:BA:C0:6A:87:BA:57:ED:1C:11:40 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QT_6EGrj_ua-h7rAaoe6V-0cEUA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/c79635-bec4-4fb5-892c-fa26ec39faba/1/kSqnJudP1pAwQZ-smOra_DXvmqo.roa Signing time: Fri 02 Jan 2026 00:17:33 +0000 ROA not before: Fri 02 Jan 2026 00:17:33 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 60621 IP address blocks: 185.14.196.0/22 maxlen: 22 185.14.196.0/24 maxlen: 24 185.14.197.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b3/c79635-bec4-4fb5-892c-fa26ec39faba/1/QT_6EGrj_ua-h7rAaoe6V-0cEUA.crl rsync://rpki.ripe.net/repository/DEFAULT/b3/c79635-bec4-4fb5-892c-fa26ec39faba/1/QT_6EGrj_ua-h7rAaoe6V-0cEUA.mft rsync://rpki.ripe.net/repository/DEFAULT/QT_6EGrj_ua-h7rAaoe6V-0cEUA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:00:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:11:16:87:5c:60:28:0a:26:2e:f2:e6:29:0c:c8:4f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=413ffa106ae3fee6be87bac06a87ba57ed1c1140 Validity Not Before: Jan 2 00:17:33 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=912aa726e74fd69030419fac98eadafc35ef9aaa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:59:27:d7:23:45:7b:bc:73:af:6b:ca:00:96: 00:4e:70:c5:9c:57:b6:e0:33:fe:02:70:43:59:2a: a1:8c:8b:b6:35:0b:d1:0d:9e:c4:fc:08:a8:64:a9: 2c:a0:f7:b7:9b:6c:dc:e6:54:1f:8e:70:87:19:20: 0b:38:7e:fb:83:4e:c3:cf:67:3c:0b:23:a9:aa:8c: b3:bc:1d:59:c7:c7:2d:8c:c2:d5:d5:8d:d4:f1:4f: e1:02:e1:55:96:1e:95:29:fc:26:e0:c6:be:58:3d: 4d:a7:71:2f:88:bf:a5:60:26:6a:5d:ae:57:23:52: 04:cc:d6:a4:c9:08:9a:dd:fe:3f:d0:d6:f2:19:ad: 75:3b:58:e5:9f:b3:68:92:66:df:17:60:44:8e:e0: 7e:fb:76:94:ed:3e:20:d0:b8:da:94:31:0e:8b:6d: 11:45:b3:c2:3c:9c:85:d1:b9:92:db:d8:5e:93:2c: 75:76:dc:e5:db:54:bc:e9:40:29:4a:33:90:ca:ce: 2b:1b:d1:72:8d:05:5c:88:24:96:37:c4:c5:be:d5: 50:49:aa:53:4f:93:cc:65:13:3e:c1:46:4d:6c:c7: 7d:8d:f4:19:d6:d5:06:20:dd:14:73:dd:ba:58:53: 77:05:cf:c5:55:47:62:9e:c8:dc:5f:b6:e0:7d:1c: 00:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 91:2A:A7:26:E7:4F:D6:90:30:41:9F:AC:98:EA:DA:FC:35:EF:9A:AA X509v3 Authority Key Identifier: keyid:41:3F:FA:10:6A:E3:FE:E6:BE:87:BA:C0:6A:87:BA:57:ED:1C:11:40 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QT_6EGrj_ua-h7rAaoe6V-0cEUA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/c79635-bec4-4fb5-892c-fa26ec39faba/1/kSqnJudP1pAwQZ-smOra_DXvmqo.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/c79635-bec4-4fb5-892c-fa26ec39faba/1/QT_6EGrj_ua-h7rAaoe6V-0cEUA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.14.196.0/22 Signature Algorithm: sha256WithRSAEncryption 89:ba:5a:0b:4c:4c:4f:69:65:52:8c:e6:22:ea:bf:09:17:31: 37:4f:e2:6f:59:b6:34:1d:27:10:c7:2f:fa:7f:fe:09:92:a6: 32:f7:73:91:fe:ba:6d:2c:2e:fc:77:62:b0:c7:ad:53:f1:22: c9:63:b3:20:4d:0c:65:f8:1b:fe:26:c5:09:9d:83:2f:7c:53: 7f:4d:17:98:04:e3:96:dd:2b:64:77:ed:2f:c3:7d:f1:af:03: d9:c5:d7:59:4f:17:df:c6:a2:7b:0b:26:78:43:08:49:fb:8d: 8f:7c:2a:a0:49:52:12:4d:07:3d:37:b9:19:4f:6a:85:be:5c: 34:53:33:bf:d0:f0:4b:f4:aa:27:62:93:b0:57:5b:6a:73:e7: b2:f8:3f:ec:2e:e9:5b:fd:54:e1:4c:18:eb:2d:fb:b3:ea:9c: c6:3b:02:ae:8f:c6:49:01:31:21:1b:27:d7:73:20:67:aa:24: de:9b:20:10:91:57:06:9c:8b:62:8c:6b:a8:06:96:7a:f2:42: bb:4d:2c:c2:a0:89:7d:43:52:14:01:da:01:95:dc:fa:21:56: 89:b3:3a:ae:8d:96:a8:c4:8c:6f:c3:de:3e:11:62:2c:89:92: 0f:ce:bb:0d:c3:b4:64:67:13:2e:8c:dc:02:db:c6:e0:43:61: 7a:de:c5:34 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt8ERaHXGAoCiYu8uYpDMhPMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQxM2ZmYTEwNmFlM2ZlZTZiZTg3YmFjMDZhODdiYTU3ZWQx YzExNDAwHhcNMjYwMTAyMDAxNzMzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5MTJhYTcyNmU3NGZkNjkwMzA0MTlmYWM5OGVhZGFmYzM1ZWY5YWFhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz1kn1yNFe7xzr2vKAJYATnDFnFe2 4DP+AnBDWSqhjIu2NQvRDZ7E/AioZKksoPe3m2zc5lQfjnCHGSALOH77g07Dz2c8 CyOpqoyzvB1Zx8ctjMLV1Y3U8U/hAuFVlh6VKfwm4Ma+WD1Np3EviL+lYCZqXa5X I1IEzNakyQia3f4/0NbyGa11O1jln7NokmbfF2BEjuB++3aU7T4g0LjalDEOi20R RbPCPJyF0bmS29hekyx1dtzl21S86UApSjOQys4rG9FyjQVciCSWN8TFvtVQSapT T5PMZRM+wUZNbMd9jfQZ1tUGIN0Uc926WFN3Bc/FVUdinsjcX7bgfRwAiwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFJEqpybnT9aQMEGfrJjq2vw175qqMB8GA1UdIwQY MBaAFEE/+hBq4/7mvoe6wGqHulftHBFAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUVRfNkVHcmpfdWEtaDdyQWFvZTZWLTBjRVVBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9jNzk2MzUtYmVjNC00ZmI1LTg5MmMt ZmEyNmVjMzlmYWJhLzEva1Nxbkp1ZFAxcEF3UVotc21PcmFfRFh2bXFvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMy9jNzk2MzUtYmVjNC00ZmI1LTg5MmMtZmEyNmVjMzlmYWJh LzEvUVRfNkVHcmpfdWEtaDdyQWFvZTZWLTBjRVVBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuQ7EMA0G CSqGSIb3DQEBCwUAA4IBAQCJuloLTExPaWVSjOYi6r8JFzE3T+JvWbY0HScQxy/6 f/4JkqYy93OR/rptLC78d2Kwx61T8SLJY7MgTQxl+Bv+JsUJnYMvfFN/TReYBOOW 3Stkd+0vw33xrwPZxddZTxffxqJ7CyZ4QwhJ+42PfCqgSVISTQc9N7kZT2qFvlw0 UzO/0PBL9KonYpOwV1tqc+ey+D/sLulb/VThTBjrLfuz6pzGOwKuj8ZJATEhGyfX cyBnqiTemyAQkVcGnItijGuoBpZ68kK7TSzCoIl9Q1IUAdoBldz6IVaJszqujZao xIxvw94+EWIsiZIPzrsNw7RkZxMujNwC28bgQ2F63sU0 -----END CERTIFICATE-----Generated at Mon Feb 9 22:16:23 2026 by rpki-client