This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/QHyMXzRpY79TSI5ErCSD6tj6Ocw.roa File: QHyMXzRpY79TSI5ErCSD6tj6Ocw.roa (raw, json) Hash identifier: BWQGmwoOMlvewCbObDq4CJcmSEL6GFX//gAeLk6lb8w= Subject key identifier: 40:7C:8C:5F:34:69:63:BF:53:48:8E:44:AC:24:83:EA:D8:FA:39:CC Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10 Certificate serial: 019AE83269733A8ABF70B7160B1CCE1423A5 Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/QHyMXzRpY79TSI5ErCSD6tj6Ocw.roa Signing time: Thu 04 Dec 2025 07:10:09 +0000 ROA not before: Thu 04 Dec 2025 07:10:09 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 6079 IP address blocks: 88.209.194.0/24 maxlen: 24 88.209.216.0/24 maxlen: 24 92.52.219.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.mft rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 10:00:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:e8:32:69:73:3a:8a:bf:70:b7:16:0b:1c:ce:14:23:a5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10 Validity Not Before: Dec 4 07:10:09 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=407c8c5f346963bf53488e44ac2483ead8fa39cc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:17:ce:78:9d:cc:c8:bf:a1:5d:e0:e5:09:4b: df:0d:c6:e0:9d:60:67:f7:f7:a4:70:eb:71:22:0b: f6:e5:11:a9:f6:f0:40:6c:4f:b7:03:ff:e6:45:c2: 9e:97:76:8a:d9:18:19:43:06:ec:7f:da:a3:38:78: 38:e7:d7:40:b9:54:c1:e8:5a:96:58:00:c8:31:5b: fd:45:9d:1e:d1:41:0e:f7:8d:4c:2f:05:de:0f:5d: f2:46:80:89:28:69:5b:0c:09:2e:b5:e5:4b:64:44: 1e:53:97:cc:c4:22:73:07:5b:c7:ac:6f:ae:18:b7: 3b:6d:6b:fd:51:7d:a7:6d:b8:22:4e:7b:2c:a6:59: e2:57:81:88:de:4f:10:c5:a4:45:0f:e4:3b:c3:bc: b6:8d:c9:c8:1c:a5:f5:b7:9b:79:04:35:02:74:24: f1:b8:3a:50:00:65:87:14:a3:29:5e:3f:56:89:6f: 20:e7:68:59:0b:c3:3f:5b:05:d2:53:ae:f6:ba:1c: b2:f0:b5:f4:23:42:21:c0:f3:20:88:34:d1:bd:0d: 8d:9b:e3:cc:42:24:0a:cc:bb:54:f0:93:dd:27:40: cc:bc:0e:ea:81:11:2c:c0:06:a5:f5:d1:bf:c6:9c: 56:0a:4b:05:6a:4d:99:dd:ed:a9:38:65:6f:19:13: a3:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:7C:8C:5F:34:69:63:BF:53:48:8E:44:AC:24:83:EA:D8:FA:39:CC X509v3 Authority Key Identifier: keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/QHyMXzRpY79TSI5ErCSD6tj6Ocw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 88.209.194.0/24 88.209.216.0/24 92.52.219.0/24 Signature Algorithm: sha256WithRSAEncryption 7d:09:ce:23:ce:04:0a:57:df:ca:38:f9:bd:10:2e:27:34:12: 09:0d:ea:c0:73:7c:ec:20:73:a1:fa:a9:fb:40:c1:03:bf:cc: 8a:99:f3:7f:2e:ca:16:58:44:8f:39:06:72:60:a7:b1:1d:07: 00:f4:90:fa:60:1d:b9:db:d0:64:88:82:12:bb:1c:54:ec:31: a6:64:75:46:65:9f:d4:39:fa:96:65:da:f1:54:38:81:03:97: 41:ec:a9:ee:5e:56:d1:15:c3:2c:37:bf:a3:d5:82:17:46:40: 87:b0:89:81:6e:65:0c:fa:ca:cc:f5:04:9a:aa:e6:a1:97:92: 33:af:4e:7d:5b:21:44:76:24:6f:61:5a:b3:7d:00:f0:be:af: f6:40:9f:69:59:30:fb:a5:ca:ba:ea:20:b3:49:b3:b2:9a:4c: 95:a8:7c:9b:42:cb:4d:7f:f6:32:8d:0c:4c:b8:a6:f5:c9:f8: e0:46:71:05:b1:c9:f7:77:30:7b:af:ef:2e:f7:1a:0f:f8:6f: 55:59:92:f3:69:d8:35:c2:79:5c:ca:4d:be:be:68:0f:67:fd: 93:cd:e7:7e:a9:32:d2:01:d4:24:be:04:dd:10:ec:c5:37:59: cf:f9:a4:64:69:98:6e:a4:61:60:bb:2f:1e:a0:f8:f4:22:95: c0:f6:fa:a8 -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZroMmlzOoq/cLcWCxzOFCOlMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx MWRhMTAwHhcNMjUxMjA0MDcxMDA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0MDdjOGM1ZjM0Njk2M2JmNTM0ODhlNDRhYzI0ODNlYWQ4ZmEzOWNjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApxfOeJ3MyL+hXeDlCUvfDcbgnWBn 9/ekcOtxIgv25RGp9vBAbE+3A//mRcKel3aK2RgZQwbsf9qjOHg459dAuVTB6FqW WADIMVv9RZ0e0UEO941MLwXeD13yRoCJKGlbDAkuteVLZEQeU5fMxCJzB1vHrG+u GLc7bWv9UX2nbbgiTnssplniV4GI3k8QxaRFD+Q7w7y2jcnIHKX1t5t5BDUCdCTx uDpQAGWHFKMpXj9WiW8g52hZC8M/WwXSU672uhyy8LX0I0IhwPMgiDTRvQ2Nm+PM QiQKzLtU8JPdJ0DMvA7qgREswAal9dG/xpxWCksFak2Z3e2pOGVvGROj8wIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFEB8jF80aWO/U0iORKwkg+rY+jnMMB8GA1UdIwQY MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt N2U0ZDZmNmY2ZTY2LzEvUUh5TVh6UnBZNzlUU0k1RXJDU0Q2dGo2T2N3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2 LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWNHCAwQA WNHYAwQAXDTbMA0GCSqGSIb3DQEBCwUAA4IBAQB9Cc4jzgQKV9/KOPm9EC4nNBIJ DerAc3zsIHOh+qn7QMEDv8yKmfN/LsoWWESPOQZyYKexHQcA9JD6YB2529BkiIIS uxxU7DGmZHVGZZ/UOfqWZdrxVDiBA5dB7KnuXlbRFcMsN7+j1YIXRkCHsImBbmUM +srM9QSaquahl5Izr059WyFEdiRvYVqzfQDwvq/2QJ9pWTD7pcq66iCzSbOymkyV qHybQstNf/YyjQxMuKb1yfjgRnEFscn3dzB7r+8u9xoP+G9VWZLzadg1wnlcyk2+ vmgPZ/2Tzed+qTLSAdQkvgTdEOzFN1nP+aRkaZhupGFguy8eoPj0IpXA9vqo -----END CERTIFICATE-----Generated at Fri Dec 5 12:24:22 2025 by rpki-client