This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/552f0d-01c2-418a-aa3c-acc4aac78d0d/1/rQp0KtrZ2vEnGo7a2SDmUAvFVx4.roa File: rQp0KtrZ2vEnGo7a2SDmUAvFVx4.roa (raw, json) Hash identifier: uy4FLHEMk8dBagqU7F42mpSaD+FcR8r9kkARIXcPG1U= Subject key identifier: AD:0A:74:2A:DA:D9:DA:F1:27:1A:8E:DA:D9:20:E6:50:0B:C5:57:1E Certificate issuer: /CN=2f88a53fcb96777f99e02df8940dd040b454cd1c Certificate serial: 019B7BA372F1C429F77913776BE0099550D5 Authority key identifier: 2F:88:A5:3F:CB:96:77:7F:99:E0:2D:F8:94:0D:D0:40:B4:54:CD:1C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L4ilP8uWd3-Z4C34lA3QQLRUzRw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/552f0d-01c2-418a-aa3c-acc4aac78d0d/1/rQp0KtrZ2vEnGo7a2SDmUAvFVx4.roa Signing time: Thu 01 Jan 2026 22:17:47 +0000 ROA not before: Thu 01 Jan 2026 22:17:47 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 49770 IP address blocks: 95.143.192.0/20 maxlen: 24 185.154.108.0/22 maxlen: 24 2a03:d780::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ce/552f0d-01c2-418a-aa3c-acc4aac78d0d/1/L4ilP8uWd3-Z4C34lA3QQLRUzRw.crl rsync://rpki.ripe.net/repository/DEFAULT/ce/552f0d-01c2-418a-aa3c-acc4aac78d0d/1/L4ilP8uWd3-Z4C34lA3QQLRUzRw.mft rsync://rpki.ripe.net/repository/DEFAULT/L4ilP8uWd3-Z4C34lA3QQLRUzRw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 31 Jan 2026 15:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a3:72:f1:c4:29:f7:79:13:77:6b:e0:09:95:50:d5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2f88a53fcb96777f99e02df8940dd040b454cd1c Validity Not Before: Jan 1 22:17:47 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=ad0a742adad9daf1271a8edad920e6500bc5571e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:b8:03:a7:52:1c:ee:29:9f:28:9f:45:19:7d: b1:25:2b:30:69:68:3f:6c:a3:41:49:02:58:b0:f0: 23:6f:9c:ff:fc:67:02:28:31:e4:0d:c8:31:bd:45: d6:a6:ca:cf:93:5c:66:c3:2f:1a:d3:9f:e6:4e:74: b3:2f:70:1e:eb:55:b9:df:71:a9:61:1f:0f:47:05: b9:97:92:69:8f:43:2c:f7:31:ba:37:ff:05:03:a9: ce:7d:a3:0b:f0:55:09:35:11:b5:f5:04:7f:af:ef: 17:08:b4:f6:19:d0:9e:93:ba:27:cb:de:2b:fa:a2: 51:39:15:cc:20:93:8b:cd:b1:05:4a:e7:61:94:c8: 86:af:a4:33:c2:27:79:68:41:4e:c6:78:17:5c:2f: 40:9c:b2:f6:40:67:a0:e1:a1:eb:01:d5:c7:f2:84: fa:65:57:f7:e7:ff:e4:2d:80:20:51:1b:ad:33:98: 4d:1c:67:ac:a3:c2:67:d0:b8:a4:1d:b3:c9:fb:93: e0:44:73:da:c8:e5:9f:b8:ab:c0:8a:45:30:10:f7: e9:55:f2:37:2b:3d:34:e7:b8:af:1a:17:c4:33:3f: b9:74:54:48:be:3c:6f:5b:3a:20:f3:a8:c6:b0:2f: 54:d1:7b:ac:46:77:dd:b0:d6:fc:50:b1:e1:0c:8b: f3:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AD:0A:74:2A:DA:D9:DA:F1:27:1A:8E:DA:D9:20:E6:50:0B:C5:57:1E X509v3 Authority Key Identifier: keyid:2F:88:A5:3F:CB:96:77:7F:99:E0:2D:F8:94:0D:D0:40:B4:54:CD:1C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L4ilP8uWd3-Z4C34lA3QQLRUzRw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/552f0d-01c2-418a-aa3c-acc4aac78d0d/1/rQp0KtrZ2vEnGo7a2SDmUAvFVx4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/552f0d-01c2-418a-aa3c-acc4aac78d0d/1/L4ilP8uWd3-Z4C34lA3QQLRUzRw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 95.143.192.0/20 185.154.108.0/22 IPv6: 2a03:d780::/32 Signature Algorithm: sha256WithRSAEncryption 5d:90:67:63:5e:15:21:53:f0:08:d0:04:a0:be:97:15:d8:92: ec:67:7c:7e:05:2a:26:de:7e:41:b2:a3:a0:25:98:67:0f:72: 5b:f7:09:25:8f:c6:02:69:83:3e:ff:29:46:4d:f3:42:60:08: 4b:f0:b0:8f:33:44:de:5e:61:dc:c6:95:8c:5b:a8:fa:25:0e: f9:90:0a:d9:dc:78:4a:06:7b:a5:8f:b6:3a:a6:f3:08:09:17: 56:71:98:1c:90:f3:e9:2f:55:23:36:0c:04:cc:a4:77:62:1e: a0:a7:d7:41:eb:b1:38:15:50:04:20:19:a7:5a:16:73:c8:67: 4c:ff:51:4f:f1:e7:54:14:c5:55:a9:c6:75:6e:53:bd:78:76: 99:de:8a:3b:22:1c:b3:ec:e1:78:e6:50:e0:34:65:15:98:8a: e7:3d:f8:64:de:ac:1f:0a:6c:4f:16:c5:3b:50:97:49:26:94: c9:c4:32:91:7c:59:94:b0:9c:70:5d:05:88:e3:8c:61:3c:0f: 7c:bc:93:54:1c:ba:ac:5c:a0:95:90:2d:ab:a6:97:c5:7a:8f: b2:0d:f6:9b:08:fa:62:a1:a6:d2:90:b3:9f:43:eb:47:97:68: 7d:d8:b2:c9:36:bb:ee:92:a8:72:9a:fe:2f:19:1f:79:2c:f2: d7:10:11:ca -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt7o3LxxCn3eRN3a+AJlVDVMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJmODhhNTNmY2I5Njc3N2Y5OWUwMmRmODk0MGRkMDQwYjQ1 NGNkMWMwHhcNMjYwMTAxMjIxNzQ3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhZDBhNzQyYWRhZDlkYWYxMjcxYThlZGFkOTIwZTY1MDBiYzU1NzFlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAprgDp1Ic7imfKJ9FGX2xJSswaWg/ bKNBSQJYsPAjb5z//GcCKDHkDcgxvUXWpsrPk1xmwy8a05/mTnSzL3Ae61W533Gp YR8PRwW5l5Jpj0Ms9zG6N/8FA6nOfaML8FUJNRG19QR/r+8XCLT2GdCek7ony94r +qJRORXMIJOLzbEFSudhlMiGr6Qzwid5aEFOxngXXC9AnLL2QGeg4aHrAdXH8oT6 ZVf35//kLYAgURutM5hNHGeso8Jn0LikHbPJ+5PgRHPayOWfuKvAikUwEPfpVfI3 Kz0057ivGhfEMz+5dFRIvjxvWzog86jGsC9U0XusRnfdsNb8ULHhDIvzIQIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFK0KdCra2drxJxqO2tkg5lALxVceMB8GA1UdIwQY MBaAFC+IpT/Llnd/meAt+JQN0EC0VM0cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTDRpbFA4dVdkMy1aNEMzNGxBM1FRTFJVelJ3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS81NTJmMGQtMDFjMi00MThhLWFhM2Mt YWNjNGFhYzc4ZDBkLzEvclFwMEt0cloydkVuR283YTJTRG1VQXZGVng0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jZS81NTJmMGQtMDFjMi00MThhLWFhM2MtYWNjNGFhYzc4ZDBk LzEvTDRpbFA4dVdkMy1aNEMzNGxBM1FRTFJVelJ3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEX4/AAwQC uZpsMA0EAgACMAcDBQAqA9eAMA0GCSqGSIb3DQEBCwUAA4IBAQBdkGdjXhUhU/AI 0ASgvpcV2JLsZ3x+BSom3n5BsqOgJZhnD3Jb9wklj8YCaYM+/ylGTfNCYAhL8LCP M0TeXmHcxpWMW6j6JQ75kArZ3HhKBnulj7Y6pvMICRdWcZgckPPpL1UjNgwEzKR3 Yh6gp9dB67E4FVAEIBmnWhZzyGdM/1FP8edUFMVVqcZ1blO9eHaZ3oo7Ihyz7OF4 5lDgNGUVmIrnPfhk3qwfCmxPFsU7UJdJJpTJxDKRfFmUsJxwXQWI44xhPA98vJNU HLqsXKCVkC2rppfFeo+yDfabCPpioabSkLOfQ+tHl2h92LLJNrvukqhymv4vGR95 LPLXEBHK -----END CERTIFICATE-----Generated at Fri Jan 30 22:48:44 2026 by rpki-client