This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/mqdHYhz0Pyz0gLKVIMIL_Z-czrs.roa File: mqdHYhz0Pyz0gLKVIMIL_Z-czrs.roa (raw, json) Hash identifier: K4H2GuxG7Ubiry1UvE1TUv+8BBv7p1l6vF4HsthTNEg= Subject key identifier: 9A:A7:47:62:1C:F4:3F:2C:F4:80:B2:95:20:C2:0B:FD:9F:9C:CE:BB Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf Certificate serial: 019B7C1369815777BA1A986EF7628C4811EC Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/mqdHYhz0Pyz0gLKVIMIL_Z-czrs.roa Signing time: Fri 02 Jan 2026 00:20:05 +0000 ROA not before: Fri 02 Jan 2026 00:20:05 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 29802 IP address blocks: 176.125.248.0/24 maxlen: 24 185.210.232.0/24 maxlen: 24 185.210.235.0/24 maxlen: 24 185.214.102.0/24 maxlen: 24 185.225.0.0/24 maxlen: 24 185.225.2.0/24 maxlen: 24 185.251.231.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.mft rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 19:40:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:13:69:81:57:77:ba:1a:98:6e:f7:62:8c:48:11:ec Signature Algorithm: sha256WithRSAEncryption Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf Validity Not Before: Jan 2 00:20:05 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=9aa747621cf43f2cf480b29520c20bfd9f9ccebb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:2f:27:cd:c9:26:23:b8:82:d4:94:a9:5a:90: de:e9:99:2b:60:91:43:96:e7:b4:87:b9:a1:e0:1b: 0b:b8:7a:e4:31:6e:6b:78:79:e5:d3:8a:93:14:69: d1:9e:ee:1b:4e:33:aa:21:9f:77:f7:d1:46:13:41: b2:af:60:ab:11:38:f1:3a:a0:a4:fc:57:d5:0c:65: f1:ab:2d:d9:4c:37:34:f4:54:93:17:d5:59:1c:3b: 3f:4e:d1:2e:fa:05:16:c8:34:75:55:e2:62:f3:a6: 4a:5d:24:47:bd:55:8f:7b:e3:d1:ec:c3:5f:a9:d6: bb:97:eb:c1:b9:98:1f:34:e8:2f:dd:9b:42:34:ba: 18:00:12:b1:2b:13:bd:1d:9d:c0:e8:45:1b:7d:66: 1a:d5:05:5e:7f:9e:f8:22:f8:8e:28:1c:2a:3a:ea: 4d:4e:9e:c4:1f:37:e7:a5:ba:c4:3a:2a:51:18:83: 5c:3e:46:31:f7:fa:90:c8:59:81:29:9d:c7:52:0d: 8d:39:65:a7:1b:e1:2c:b4:85:1d:c3:2c:d0:ef:21: b6:e0:a6:ec:ac:f5:bc:0b:e2:4e:86:c1:0c:0e:28: 7c:cc:6f:d2:d7:fa:3a:aa:86:69:93:a3:7a:ef:34: 6c:0c:e2:21:b7:bd:4b:e5:90:39:45:be:aa:12:92: 3d:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9A:A7:47:62:1C:F4:3F:2C:F4:80:B2:95:20:C2:0B:FD:9F:9C:CE:BB X509v3 Authority Key Identifier: keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/mqdHYhz0Pyz0gLKVIMIL_Z-czrs.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 176.125.248.0/24 185.210.232.0/24 185.210.235.0/24 185.214.102.0/24 185.225.0.0/24 185.225.2.0/24 185.251.231.0/24 Signature Algorithm: sha256WithRSAEncryption b3:62:2f:66:c1:ba:78:97:61:e5:6f:55:50:c5:8e:f9:f8:62: 46:5c:a6:10:1f:79:3d:a6:fb:fd:3f:cf:8b:13:3c:d6:70:6d: 2d:3f:04:39:4f:34:cc:71:06:ca:a6:df:8d:0c:79:f3:03:c3: 66:07:53:5d:3c:ba:e6:20:dc:15:a7:6e:61:23:c8:78:20:83: 84:7d:5c:5e:ff:3d:f2:78:ea:dc:64:ac:ea:75:93:86:46:68: f1:08:73:af:e5:84:c8:25:81:27:ac:ea:33:88:a0:a9:56:50: f2:ff:c1:02:6c:a2:b6:2c:e3:3b:45:d9:72:a2:fa:fb:1e:d3: 1d:2e:75:a2:49:9b:d0:ec:c5:d1:6d:c8:6a:cb:56:db:82:e0: 56:d0:3a:5a:25:6e:73:c4:ff:6d:cb:21:6a:5d:c4:f2:3d:05: dd:29:d4:ca:63:8e:14:1f:be:78:7d:d6:b5:c0:64:6e:ec:73: 26:c9:af:88:53:87:42:ba:e0:c8:d0:27:8a:f9:92:3f:2e:67: e3:89:db:32:bb:c9:4e:84:f3:95:fd:f3:cb:0c:b4:cb:f9:92: 0c:17:b3:79:65:67:63:be:5a:8d:92:a4:7d:32:47:ab:fb:e8: 50:cf:df:4c:8e:d5:9f:b2:24:7a:3a:5d:53:1e:d0:51:0a:be: a2:c4:29:4f -----BEGIN CERTIFICATE----- MIIFITCCBAmgAwIBAgISAZt8E2mBV3e6Gphu92KMSBHsMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx MTRjYWYwHhcNMjYwMTAyMDAyMDA1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5YWE3NDc2MjFjZjQzZjJjZjQ4MGIyOTUyMGMyMGJmZDlmOWNjZWJiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0y8nzckmI7iC1JSpWpDe6ZkrYJFD lue0h7mh4BsLuHrkMW5reHnl04qTFGnRnu4bTjOqIZ9399FGE0Gyr2CrETjxOqCk /FfVDGXxqy3ZTDc09FSTF9VZHDs/TtEu+gUWyDR1VeJi86ZKXSRHvVWPe+PR7MNf qda7l+vBuZgfNOgv3ZtCNLoYABKxKxO9HZ3A6EUbfWYa1QVef574IviOKBwqOupN Tp7EHzfnpbrEOipRGINcPkYx9/qQyFmBKZ3HUg2NOWWnG+EstIUdwyzQ7yG24Kbs rPW8C+JOhsEMDih8zG/S1/o6qoZpk6N67zRsDOIht71L5ZA5Rb6qEpI9XQIDAQAB o4ICLTCCAikwHQYDVR0OBBYEFJqnR2Ic9D8s9ICylSDCC/2fnM67MB8GA1UdIwQY MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt YjQzNDJiYTkxYWJjLzEvbXFkSFloejBQeXowZ0xLVklNSUxfWi1jenJzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAsH34AwQA udLoAwQAudLrAwQAudZmAwQAueEAAwQAueECAwQAufvnMA0GCSqGSIb3DQEBCwUA A4IBAQCzYi9mwbp4l2Hlb1VQxY75+GJGXKYQH3k9pvv9P8+LEzzWcG0tPwQ5TzTM cQbKpt+NDHnzA8NmB1NdPLrmINwVp25hI8h4IIOEfVxe/z3yeOrcZKzqdZOGRmjx CHOv5YTIJYEnrOoziKCpVlDy/8ECbKK2LOM7Rdlyovr7HtMdLnWiSZvQ7MXRbchq y1bbguBW0DpaJW5zxP9tyyFqXcTyPQXdKdTKY44UH754fda1wGRu7HMmya+IU4dC uuDI0CeK+ZI/Lmfjidsyu8lOhPOV/fPLDLTL+ZIMF7N5ZWdjvlqNkqR9Mker++hQ z99MjtWfsiR6Ol1THtBRCr6ixClP -----END CERTIFICATE-----Generated at Fri Jan 2 23:47:28 2026 by rpki-client