This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/1b4708-eef9-49de-b887-f32069ec4ee5/1/Q7BJcsQY7_3P4zXrcrrE9sBxSmk.roa File: Q7BJcsQY7_3P4zXrcrrE9sBxSmk.roa (raw, json) Hash identifier: toO4RVQNKW7VmbI8kxFH7ZrhAHouGuOO2lQDDPuxpqY= Subject key identifier: 43:B0:49:72:C4:18:EF:FD:CF:E3:35:EB:72:BA:C4:F6:C0:71:4A:69 Certificate issuer: /CN=57c1fe8083646749816ad3fa64098345fb61e9f5 Certificate serial: 019B775919BE402BDCCA5B18D180BC64D7BB Authority key identifier: 57:C1:FE:80:83:64:67:49:81:6A:D3:FA:64:09:83:45:FB:61:E9:F5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V8H-gINkZ0mBatP6ZAmDRfth6fU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/1b4708-eef9-49de-b887-f32069ec4ee5/1/Q7BJcsQY7_3P4zXrcrrE9sBxSmk.roa Signing time: Thu 01 Jan 2026 02:18:06 +0000 ROA not before: Thu 01 Jan 2026 02:18:06 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 6461 IP address blocks: 91.229.222.0/23 maxlen: 24 146.255.104.0/21 maxlen: 24 164.138.80.0/21 maxlen: 24 185.16.224.0/22 maxlen: 24 185.47.216.0/22 maxlen: 24 185.56.40.0/22 maxlen: 24 2a04:3c0::/29 maxlen: 29 2a04:d840::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b6/1b4708-eef9-49de-b887-f32069ec4ee5/1/V8H-gINkZ0mBatP6ZAmDRfth6fU.crl rsync://rpki.ripe.net/repository/DEFAULT/b6/1b4708-eef9-49de-b887-f32069ec4ee5/1/V8H-gINkZ0mBatP6ZAmDRfth6fU.mft rsync://rpki.ripe.net/repository/DEFAULT/V8H-gINkZ0mBatP6ZAmDRfth6fU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 18:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:59:19:be:40:2b:dc:ca:5b:18:d1:80:bc:64:d7:bb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=57c1fe8083646749816ad3fa64098345fb61e9f5 Validity Not Before: Jan 1 02:18:06 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=43b04972c418effdcfe335eb72bac4f6c0714a69 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:1b:a1:31:13:3d:15:12:20:7e:8f:bd:cc:c6: f4:05:b2:9d:19:64:a0:dc:6d:f2:c0:69:aa:ed:db: 43:7f:2f:99:9e:74:35:10:73:90:b6:c7:dc:6a:66: 32:23:c1:8b:b5:84:49:b2:3d:e5:8b:8d:55:01:22: 52:0b:e8:7f:88:66:c2:00:05:f1:86:cb:9b:f1:03: 20:eb:a3:2f:5d:e6:94:2b:d3:5c:0c:a2:3c:e0:b0: 32:94:b3:cc:27:e0:e3:80:72:80:f8:31:14:1a:81: cd:47:c2:ee:e2:29:60:4d:2f:6b:77:06:a2:42:99: 85:a7:0b:3e:af:eb:47:02:3c:b5:60:e8:e5:c3:b9: b0:8c:a1:1c:8a:aa:dc:e4:85:15:69:a1:7b:40:a2: 88:73:51:f3:3b:43:bc:00:08:b0:93:c9:51:3e:2d: f2:a7:da:ba:56:8c:4b:7a:d0:8b:e1:57:16:3b:4c: fd:97:8a:f9:8c:ad:0b:d1:de:f5:1b:a4:d2:92:14: a3:12:9b:4c:17:a4:28:98:3b:bc:a5:9f:66:3f:80: 02:fb:94:47:f7:59:0f:12:3c:bf:10:27:3c:4d:55: 81:5e:e1:f9:18:de:a6:e0:23:17:00:51:07:38:0d: 95:b3:19:58:e3:16:3b:2d:44:db:32:1c:38:b9:b9: a2:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 43:B0:49:72:C4:18:EF:FD:CF:E3:35:EB:72:BA:C4:F6:C0:71:4A:69 X509v3 Authority Key Identifier: keyid:57:C1:FE:80:83:64:67:49:81:6A:D3:FA:64:09:83:45:FB:61:E9:F5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V8H-gINkZ0mBatP6ZAmDRfth6fU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/1b4708-eef9-49de-b887-f32069ec4ee5/1/Q7BJcsQY7_3P4zXrcrrE9sBxSmk.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/1b4708-eef9-49de-b887-f32069ec4ee5/1/V8H-gINkZ0mBatP6ZAmDRfth6fU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.229.222.0/23 146.255.104.0/21 164.138.80.0/21 185.16.224.0/22 185.47.216.0/22 185.56.40.0/22 IPv6: 2a04:3c0::/29 2a04:d840::/29 Signature Algorithm: sha256WithRSAEncryption 61:ac:e9:4b:12:24:da:45:ba:fa:fd:91:c8:25:18:54:7c:12: 2e:07:be:be:23:10:f7:13:41:24:cd:32:52:64:e3:75:64:f1: bd:10:c7:b3:59:f6:2d:28:eb:87:99:fa:1c:62:2d:ec:d5:86: b8:31:f3:05:49:92:71:d6:05:44:6e:8c:b1:dc:8d:85:3b:09: 64:97:ba:83:d2:65:f4:b3:dc:4a:ed:78:17:fa:d7:f8:38:88: 1d:08:18:89:a4:51:c5:b5:06:cd:4c:2f:fa:d5:35:f5:87:62: ba:e9:5f:51:fa:63:d5:37:5a:b5:5a:3e:d3:c1:3d:fe:ae:89: e1:cd:c6:4c:69:c8:ed:01:64:3f:e6:b9:e1:a0:3a:9e:5f:9f: 83:22:41:7d:94:36:1a:69:36:2b:36:b5:50:84:de:6c:05:84: 28:3c:e3:aa:71:13:15:d1:85:98:3e:87:69:20:75:ef:4d:48: 4c:89:1b:9b:1c:a8:8f:5b:ba:dc:e6:73:d6:f2:6d:75:51:0b: 6d:81:bd:df:d5:d8:a0:93:7d:22:b9:ac:60:1b:9c:6f:db:b4: b4:45:a4:08:b6:4d:12:14:4e:06:2a:ed:cd:ad:10:b7:e0:7d: 05:d6:40:3e:33:27:f9:38:b0:54:45:94:04:37:8c:38:4c:14: 62:8c:3a:75 -----BEGIN CERTIFICATE----- MIIFMTCCBBmgAwIBAgISAZt3WRm+QCvcylsY0YC8ZNe7MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDU3YzFmZTgwODM2NDY3NDk4MTZhZDNmYTY0MDk4MzQ1ZmI2 MWU5ZjUwHhcNMjYwMTAxMDIxODA2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0M2IwNDk3MmM0MThlZmZkY2ZlMzM1ZWI3MmJhYzRmNmMwNzE0YTY5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsBuhMRM9FRIgfo+9zMb0BbKdGWSg 3G3ywGmq7dtDfy+ZnnQ1EHOQtsfcamYyI8GLtYRJsj3li41VASJSC+h/iGbCAAXx hsub8QMg66MvXeaUK9NcDKI84LAylLPMJ+DjgHKA+DEUGoHNR8Lu4ilgTS9rdwai QpmFpws+r+tHAjy1YOjlw7mwjKEciqrc5IUVaaF7QKKIc1HzO0O8AAiwk8lRPi3y p9q6VoxLetCL4VcWO0z9l4r5jK0L0d71G6TSkhSjEptMF6QomDu8pZ9mP4AC+5RH 91kPEjy/ECc8TVWBXuH5GN6m4CMXAFEHOA2VsxlY4xY7LUTbMhw4ubmiFQIDAQAB o4ICPTCCAjkwHQYDVR0OBBYEFEOwSXLEGO/9z+M163K6xPbAcUppMB8GA1UdIwQY MBaAFFfB/oCDZGdJgWrT+mQJg0X7Yen1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVjhILWdJTmtaMG1CYXRQNlpBbURSZnRoNmZVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi8xYjQ3MDgtZWVmOS00OWRlLWI4ODct ZjMyMDY5ZWM0ZWU1LzEvUTdCSmNzUVk3XzNQNHpYcmNyckU5c0J4U21rLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iNi8xYjQ3MDgtZWVmOS00OWRlLWI4ODctZjMyMDY5ZWM0ZWU1 LzEvVjhILWdJTmtaMG1CYXRQNlpBbURSZnRoNmZVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAqBAIAATAkAwQBW+XeAwQD kv9oAwQDpIpQAwQCuRDgAwQCuS/YAwQCuTgoMBQEAgACMA4DBQMqBAPAAwUDKgTY QDANBgkqhkiG9w0BAQsFAAOCAQEAYazpSxIk2kW6+v2RyCUYVHwSLge+viMQ9xNB JM0yUmTjdWTxvRDHs1n2LSjrh5n6HGIt7NWGuDHzBUmScdYFRG6MsdyNhTsJZJe6 g9Jl9LPcSu14F/rX+DiIHQgYiaRRxbUGzUwv+tU19YdiuulfUfpj1TdatVo+08E9 /q6J4c3GTGnI7QFkP+a54aA6nl+fgyJBfZQ2Gmk2Kza1UITebAWEKDzjqnETFdGF mD6HaSB1701ITIkbmxyoj1u63OZz1vJtdVELbYG939XYoJN9IrmsYBucb9u0tEWk CLZNEhROBirtza0Qt+B9BdZAPjMn+TiwVEWUBDeMOEwUYow6dQ== -----END CERTIFICATE-----Generated at Tue Jan 20 01:21:54 2026 by rpki-client