This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/b028b6-4782-4c7f-b6a2-87eb448e92ed/1/kQ4krfBNFrAm-Gpj-NcPo1I8HJU.roa File: kQ4krfBNFrAm-Gpj-NcPo1I8HJU.roa (raw, json) Hash identifier: xcXCXacGDJEJdBJRjIljHRys5jK6kgJsyEmuOcySy58= Subject key identifier: 91:0E:24:AD:F0:4D:16:B0:26:F8:6A:63:F8:D7:0F:A3:52:3C:1C:95 Certificate issuer: /CN=6a4abe8a8fa378951afa6859735bbe6b18148b57 Certificate serial: 019B7F8561375B0C926A89D88047CAF5AA2F Authority key identifier: 6A:4A:BE:8A:8F:A3:78:95:1A:FA:68:59:73:5B:BE:6B:18:14:8B:57 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/akq-io-jeJUa-mhZc1u-axgUi1c.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/b028b6-4782-4c7f-b6a2-87eb448e92ed/1/kQ4krfBNFrAm-Gpj-NcPo1I8HJU.roa Signing time: Fri 02 Jan 2026 16:23:26 +0000 ROA not before: Fri 02 Jan 2026 16:23:26 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 203367 IP address blocks: 185.137.84.0/22 maxlen: 22 2a07:2c0::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d7/b028b6-4782-4c7f-b6a2-87eb448e92ed/1/akq-io-jeJUa-mhZc1u-axgUi1c.crl rsync://rpki.ripe.net/repository/DEFAULT/d7/b028b6-4782-4c7f-b6a2-87eb448e92ed/1/akq-io-jeJUa-mhZc1u-axgUi1c.mft rsync://rpki.ripe.net/repository/DEFAULT/akq-io-jeJUa-mhZc1u-axgUi1c.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 13:00:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:85:61:37:5b:0c:92:6a:89:d8:80:47:ca:f5:aa:2f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6a4abe8a8fa378951afa6859735bbe6b18148b57 Validity Not Before: Jan 2 16:23:26 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=910e24adf04d16b026f86a63f8d70fa3523c1c95 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:62:a4:4d:f6:a7:da:1e:7d:9c:07:ea:1a:70: 53:7e:35:57:be:d4:d3:2c:f9:9e:a5:d0:5c:e6:45: f4:2a:b4:f3:58:e9:0e:b1:c5:f5:1b:03:39:71:54: ff:88:d6:3c:62:8f:4f:9d:56:ae:7b:da:d9:db:20: 20:d6:81:85:1e:48:23:95:2f:cc:74:26:e8:3c:c3: 1a:ba:81:06:af:a8:de:13:2c:5a:0a:d3:35:69:b7: 18:d3:ce:8b:56:f9:5a:a3:4d:01:8e:a7:62:85:89: 39:bf:a8:18:8d:a1:46:cf:3e:17:dd:ac:ca:23:4f: 6f:f7:e7:da:6c:c8:91:98:57:96:5b:e3:51:77:60: 9f:b1:7e:07:98:39:26:87:80:21:43:c6:d8:df:18: e8:ec:ce:c2:da:4d:8b:ce:5d:b8:78:2c:dd:2f:35: 26:86:37:70:6d:ce:2b:33:e5:1f:18:60:84:ed:06: 2c:cb:2a:38:f2:df:f1:8f:56:ae:8a:62:01:80:16: 1d:af:13:42:1d:f0:17:fe:2a:a8:86:f4:33:0d:00: 1d:f7:fc:a6:31:72:c4:2a:8e:a0:20:7f:20:e6:b4: 40:77:03:79:4c:08:e2:91:98:6e:68:78:bb:cd:fe: dc:de:7e:4b:49:63:e8:d5:56:8d:b2:fa:71:0c:0a: 68:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 91:0E:24:AD:F0:4D:16:B0:26:F8:6A:63:F8:D7:0F:A3:52:3C:1C:95 X509v3 Authority Key Identifier: keyid:6A:4A:BE:8A:8F:A3:78:95:1A:FA:68:59:73:5B:BE:6B:18:14:8B:57 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/akq-io-jeJUa-mhZc1u-axgUi1c.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/b028b6-4782-4c7f-b6a2-87eb448e92ed/1/kQ4krfBNFrAm-Gpj-NcPo1I8HJU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/b028b6-4782-4c7f-b6a2-87eb448e92ed/1/akq-io-jeJUa-mhZc1u-axgUi1c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.137.84.0/22 IPv6: 2a07:2c0::/29 Signature Algorithm: sha256WithRSAEncryption 3d:47:58:11:2c:41:90:f4:4d:ea:21:92:c2:b2:3b:a8:d4:7c: 2a:48:b0:09:54:08:6f:33:35:aa:d8:0c:df:2b:c7:77:87:aa: ce:16:fb:09:f0:3c:a6:67:c7:38:39:35:2d:92:38:12:c4:ec: 96:1e:8e:bc:04:c5:00:e4:79:40:5f:36:77:77:75:c4:6c:7b: 02:58:04:4f:f7:a8:e6:10:b5:ef:1e:e6:16:0d:4f:3e:93:7a: 71:0d:f5:97:13:7b:3f:ef:a7:9c:35:e1:65:16:b4:5f:1c:59: 89:be:ec:f1:cb:36:46:36:bf:bd:16:fa:70:81:c3:d7:8b:2a: 7a:fb:4c:84:a3:02:27:eb:55:53:58:09:4c:4b:87:54:24:41: e3:64:3e:ab:21:31:02:9b:47:20:5a:8e:05:c4:2b:3e:6f:2a: 29:a9:b2:92:fd:57:d1:a2:62:c0:f5:b1:74:28:f1:67:f7:51: 21:be:b5:3f:bf:6d:59:e0:8a:dd:ff:68:ec:71:eb:d7:86:34: 4d:2e:e2:9c:cb:c1:fb:83:f1:ae:87:e9:48:ca:72:c2:10:44: ae:3f:5c:ed:72:59:77:ae:e3:6f:b5:7a:35:3f:f7:95:e9:a7: ca:c8:e4:32:18:b7:90:16:92:c0:38:7a:d8:da:f7:7a:d8:b3: f2:4b:d1:f2 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt/hWE3WwySaonYgEfK9aovMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZhNGFiZThhOGZhMzc4OTUxYWZhNjg1OTczNWJiZTZiMTgx NDhiNTcwHhcNMjYwMTAyMTYyMzI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5MTBlMjRhZGYwNGQxNmIwMjZmODZhNjNmOGQ3MGZhMzUyM2MxYzk1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2GKkTfan2h59nAfqGnBTfjVXvtTT LPmepdBc5kX0KrTzWOkOscX1GwM5cVT/iNY8Yo9PnVaue9rZ2yAg1oGFHkgjlS/M dCboPMMauoEGr6jeEyxaCtM1abcY086LVvlao00BjqdihYk5v6gYjaFGzz4X3azK I09v9+fabMiRmFeWW+NRd2CfsX4HmDkmh4AhQ8bY3xjo7M7C2k2Lzl24eCzdLzUm hjdwbc4rM+UfGGCE7QYsyyo48t/xj1auimIBgBYdrxNCHfAX/iqohvQzDQAd9/ym MXLEKo6gIH8g5rRAdwN5TAjikZhuaHi7zf7c3n5LSWPo1VaNsvpxDApowQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFJEOJK3wTRawJvhqY/jXD6NSPByVMB8GA1UdIwQY MBaAFGpKvoqPo3iVGvpoWXNbvmsYFItXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYWtxLWlvLWplSlVhLW1oWmMxdS1heGdVaTFjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy9iMDI4YjYtNDc4Mi00YzdmLWI2YTIt ODdlYjQ0OGU5MmVkLzEva1E0a3JmQk5GckFtLUdwai1OY1BvMUk4SEpVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kNy9iMDI4YjYtNDc4Mi00YzdmLWI2YTItODdlYjQ0OGU5MmVk LzEvYWtxLWlvLWplSlVhLW1oWmMxdS1heGdVaTFjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuYlUMA0E AgACMAcDBQMqBwLAMA0GCSqGSIb3DQEBCwUAA4IBAQA9R1gRLEGQ9E3qIZLCsjuo 1HwqSLAJVAhvMzWq2AzfK8d3h6rOFvsJ8DymZ8c4OTUtkjgSxOyWHo68BMUA5HlA XzZ3d3XEbHsCWARP96jmELXvHuYWDU8+k3pxDfWXE3s/76ecNeFlFrRfHFmJvuzx yzZGNr+9FvpwgcPXiyp6+0yEowIn61VTWAlMS4dUJEHjZD6rITECm0cgWo4FxCs+ byopqbKS/VfRomLA9bF0KPFn91EhvrU/v21Z4Ird/2jscevXhjRNLuKcy8H7g/Gu h+lIynLCEESuP1ztcll3ruNvtXo1P/eV6afKyOQyGLeQFpLAOHrY2vd62LPyS9Hy -----END CERTIFICATE-----Generated at Mon Feb 9 20:09:40 2026 by rpki-client