This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/21d663-6874-489c-ab9e-d9ca03e66ffb/1/sQXNrRfabqEAqxGuf8P5f2NecXw.roa File: sQXNrRfabqEAqxGuf8P5f2NecXw.roa (raw, json) Hash identifier: 2PpXo8MephsPJxKEGzhYMR57A346BOGMuHA13iu9pZo= Subject key identifier: B1:05:CD:AD:17:DA:6E:A1:00:AB:11:AE:7F:C3:F9:7F:63:5E:71:7C Certificate issuer: /CN=ba1cef6f9e9edc45e3cd28ef4025197952d460e9 Certificate serial: 019B7FF28CEE689FB012955DE62B4AE76928 Authority key identifier: BA:1C:EF:6F:9E:9E:DC:45:E3:CD:28:EF:40:25:19:79:52:D4:60:E9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uhzvb56e3EXjzSjvQCUZeVLUYOk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/21d663-6874-489c-ab9e-d9ca03e66ffb/1/sQXNrRfabqEAqxGuf8P5f2NecXw.roa Signing time: Fri 02 Jan 2026 18:22:40 +0000 ROA not before: Fri 02 Jan 2026 18:22:40 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 60111 IP address blocks: 185.143.252.0/22 maxlen: 22 2a07:39c0::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c4/21d663-6874-489c-ab9e-d9ca03e66ffb/1/uhzvb56e3EXjzSjvQCUZeVLUYOk.crl rsync://rpki.ripe.net/repository/DEFAULT/c4/21d663-6874-489c-ab9e-d9ca03e66ffb/1/uhzvb56e3EXjzSjvQCUZeVLUYOk.mft rsync://rpki.ripe.net/repository/DEFAULT/uhzvb56e3EXjzSjvQCUZeVLUYOk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:f2:8c:ee:68:9f:b0:12:95:5d:e6:2b:4a:e7:69:28 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ba1cef6f9e9edc45e3cd28ef4025197952d460e9 Validity Not Before: Jan 2 18:22:40 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=b105cdad17da6ea100ab11ae7fc3f97f635e717c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:81:c1:4d:aa:e7:94:f5:4e:20:91:62:5d:49: 05:96:c2:46:db:3a:92:c9:f9:2f:8c:12:37:b0:51: 64:8b:f9:f2:36:5a:75:ec:c9:2e:3f:5b:ef:a3:39: c5:21:b2:71:e6:74:d8:be:38:ee:f3:cf:b8:90:56: 94:19:bb:10:96:d8:0c:a9:fc:27:04:b9:38:e3:13: 24:53:b0:35:a2:83:e5:c4:b7:66:18:a1:a9:69:bf: 80:56:2b:d4:02:a4:9d:15:d0:c5:3a:70:38:c7:8c: 0f:8b:47:6d:a7:40:95:3d:c3:cd:be:0f:d2:ab:ad: 36:7d:a6:1a:f8:7f:42:02:bd:bf:f7:b7:3d:c4:fe: 1b:75:f0:aa:27:2f:cd:6e:26:91:d0:3a:ef:b4:c3: 28:e3:64:92:66:7c:f2:1a:02:98:0b:ae:fa:ac:43: 64:97:28:c3:95:5f:98:61:62:da:c2:20:72:f4:82: 18:b6:1c:37:d1:7d:eb:84:8d:6f:9f:5a:f7:94:b0: 72:9e:95:11:6a:8f:1c:1b:81:ee:61:64:fd:0f:14: 06:8f:68:ff:5a:1d:25:70:a1:c4:e2:78:5d:5c:f1: 71:92:0b:73:66:db:39:16:90:60:30:ef:53:a9:32: aa:3e:20:c3:89:29:c3:c1:19:66:88:c3:8a:39:32: 5a:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B1:05:CD:AD:17:DA:6E:A1:00:AB:11:AE:7F:C3:F9:7F:63:5E:71:7C X509v3 Authority Key Identifier: keyid:BA:1C:EF:6F:9E:9E:DC:45:E3:CD:28:EF:40:25:19:79:52:D4:60:E9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uhzvb56e3EXjzSjvQCUZeVLUYOk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/21d663-6874-489c-ab9e-d9ca03e66ffb/1/sQXNrRfabqEAqxGuf8P5f2NecXw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/21d663-6874-489c-ab9e-d9ca03e66ffb/1/uhzvb56e3EXjzSjvQCUZeVLUYOk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.143.252.0/22 IPv6: 2a07:39c0::/29 Signature Algorithm: sha256WithRSAEncryption 15:3f:81:e0:8d:9b:07:85:d9:a7:85:9f:fb:82:98:46:06:24: a7:57:6a:34:cc:fc:ab:91:9f:c4:af:d0:9e:4b:71:97:5e:10: 7a:74:1e:80:97:91:87:7e:5c:f3:54:4b:1b:1a:17:da:17:49: f1:3c:91:fa:b6:e9:14:d6:fb:67:7b:a7:fb:81:39:08:5c:1e: 24:75:36:ac:6c:6d:7c:43:89:96:65:20:ae:09:77:90:41:ff: 77:bb:b1:ab:98:87:18:ed:83:79:67:ed:3d:50:a5:be:17:a5: ff:47:a8:b7:e6:e2:67:bc:1c:97:d8:a3:a8:ac:92:7b:da:c8: fb:9a:d7:f9:04:ae:b8:bb:40:7b:9e:ec:2a:a7:a1:a1:31:2e: f7:eb:50:75:f7:92:df:4b:ec:be:4e:05:6a:7f:a1:9c:3b:2d: 89:cb:c7:ad:6c:48:e7:20:79:29:1c:37:54:8e:a0:c1:ec:96: 75:4d:08:14:29:85:c5:f9:75:50:44:62:55:80:59:46:03:c2: 81:09:f4:6c:6a:d5:a6:f4:16:bb:a5:5a:1e:eb:93:06:4b:da: 43:fe:73:1a:ba:1e:ba:58:c2:c0:53:9d:31:e8:ef:8e:17:18: c4:1c:a3:d6:90:7f:5e:26:da:fe:3d:a3:25:fc:26:fe:2a:6c: 56:de:32:f0 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt/8ozuaJ+wEpVd5itK52koMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGJhMWNlZjZmOWU5ZWRjNDVlM2NkMjhlZjQwMjUxOTc5NTJk NDYwZTkwHhcNMjYwMTAyMTgyMjQwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiMTA1Y2RhZDE3ZGE2ZWExMDBhYjExYWU3ZmMzZjk3ZjYzNWU3MTdjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt4HBTarnlPVOIJFiXUkFlsJG2zqS yfkvjBI3sFFki/nyNlp17MkuP1vvoznFIbJx5nTYvjju88+4kFaUGbsQltgMqfwn BLk44xMkU7A1ooPlxLdmGKGpab+AVivUAqSdFdDFOnA4x4wPi0dtp0CVPcPNvg/S q602faYa+H9CAr2/97c9xP4bdfCqJy/NbiaR0DrvtMMo42SSZnzyGgKYC676rENk lyjDlV+YYWLawiBy9IIYthw30X3rhI1vn1r3lLBynpURao8cG4HuYWT9DxQGj2j/ Wh0lcKHE4nhdXPFxkgtzZts5FpBgMO9TqTKqPiDDiSnDwRlmiMOKOTJayQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFLEFza0X2m6hAKsRrn/D+X9jXnF8MB8GA1UdIwQY MBaAFLoc72+entxF480o70AlGXlS1GDpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdWh6dmI1NmUzRVhqelNqdlFDVVplVkxVWU9rLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC8yMWQ2NjMtNjg3NC00ODljLWFiOWUt ZDljYTAzZTY2ZmZiLzEvc1FYTnJSZmFicUVBcXhHdWY4UDVmMk5lY1h3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jNC8yMWQ2NjMtNjg3NC00ODljLWFiOWUtZDljYTAzZTY2ZmZi LzEvdWh6dmI1NmUzRVhqelNqdlFDVVplVkxVWU9rLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuY/8MA0E AgACMAcDBQMqBznAMA0GCSqGSIb3DQEBCwUAA4IBAQAVP4HgjZsHhdmnhZ/7gphG BiSnV2o0zPyrkZ/Er9CeS3GXXhB6dB6Al5GHflzzVEsbGhfaF0nxPJH6tukU1vtn e6f7gTkIXB4kdTasbG18Q4mWZSCuCXeQQf93u7GrmIcY7YN5Z+09UKW+F6X/R6i3 5uJnvByX2KOorJJ72sj7mtf5BK64u0B7nuwqp6GhMS7361B195LfS+y+TgVqf6Gc Oy2Jy8etbEjnIHkpHDdUjqDB7JZ1TQgUKYXF+XVQRGJVgFlGA8KBCfRsatWm9Ba7 pVoe65MGS9pD/nMauh66WMLAU50x6O+OFxjEHKPWkH9eJtr+PaMl/Cb+KmxW3jLw -----END CERTIFICATE-----Generated at Mon Feb 9 22:59:26 2026 by rpki-client