This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/e4ca56-1386-432c-96cb-65a9a4dfad9e/1/BqKXTfV1zxu7JcLG72Zso4SHOOg.roa File: BqKXTfV1zxu7JcLG72Zso4SHOOg.roa (raw, json) Hash identifier: T8VlSosgzu97SNLjSfAlphc7hdN+zQvpmKY8/+PTx/s= Subject key identifier: 06:A2:97:4D:F5:75:CF:1B:BB:25:C2:C6:EF:66:6C:A3:84:87:38:E8 Certificate issuer: /CN=afb00b29396e78033edbacafef9850b1b0e35323 Certificate serial: 019B78A280D5661E73AC8786F591D45508DD Authority key identifier: AF:B0:0B:29:39:6E:78:03:3E:DB:AC:AF:EF:98:50:B1:B0:E3:53:23 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r7ALKTlueAM-26yv75hQsbDjUyM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/e4ca56-1386-432c-96cb-65a9a4dfad9e/1/BqKXTfV1zxu7JcLG72Zso4SHOOg.roa Signing time: Thu 01 Jan 2026 08:17:54 +0000 ROA not before: Thu 01 Jan 2026 08:17:54 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 206911 IP address blocks: 185.171.108.0/24 maxlen: 24 185.171.109.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/e4ca56-1386-432c-96cb-65a9a4dfad9e/1/r7ALKTlueAM-26yv75hQsbDjUyM.crl rsync://rpki.ripe.net/repository/DEFAULT/fa/e4ca56-1386-432c-96cb-65a9a4dfad9e/1/r7ALKTlueAM-26yv75hQsbDjUyM.mft rsync://rpki.ripe.net/repository/DEFAULT/r7ALKTlueAM-26yv75hQsbDjUyM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a2:80:d5:66:1e:73:ac:87:86:f5:91:d4:55:08:dd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=afb00b29396e78033edbacafef9850b1b0e35323 Validity Not Before: Jan 1 08:17:54 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=06a2974df575cf1bbb25c2c6ef666ca3848738e8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:6b:9f:9b:f2:f0:ff:c7:c2:05:45:4f:51:ad: 8a:66:c2:bd:e9:30:28:3d:cb:77:05:29:0e:45:23: fb:1e:4d:7f:cf:69:bc:2b:26:47:08:92:3d:02:e5: 19:e5:d6:73:ed:43:7b:5e:ca:ae:52:f5:aa:c0:0c: 0a:3b:e5:f2:47:29:d2:85:89:11:e7:33:59:04:62: a8:b6:ff:5c:60:d1:fc:56:f0:ff:df:ae:9f:f9:01: 81:cd:8b:dd:4a:32:c8:29:b1:9c:69:1b:b0:10:e5: d2:03:25:c1:eb:1e:4b:cc:b2:b1:69:d4:94:02:70: b1:14:20:2d:21:13:93:ce:a8:77:b4:87:b0:a0:0a: c1:74:6c:62:bf:d7:82:23:57:e0:3c:bd:05:02:aa: 47:3a:20:3f:89:74:2b:db:f0:1c:f1:10:b4:51:6e: e6:9f:cf:59:e9:21:0e:a1:7e:b4:9d:9d:b7:55:f2: ae:93:43:f2:85:56:53:0f:81:e0:d9:d1:74:f1:3e: b5:dd:2c:d9:70:47:3d:3c:06:65:1a:4f:50:2e:7b: 0e:af:89:5b:d5:28:55:c0:b7:3c:c4:42:b8:57:34: f5:d9:6f:5b:f4:80:d8:ed:4c:a6:78:49:ec:f8:49: a3:53:ed:3f:76:ea:da:2a:f8:43:09:36:7d:34:3a: 0c:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 06:A2:97:4D:F5:75:CF:1B:BB:25:C2:C6:EF:66:6C:A3:84:87:38:E8 X509v3 Authority Key Identifier: keyid:AF:B0:0B:29:39:6E:78:03:3E:DB:AC:AF:EF:98:50:B1:B0:E3:53:23 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r7ALKTlueAM-26yv75hQsbDjUyM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/e4ca56-1386-432c-96cb-65a9a4dfad9e/1/BqKXTfV1zxu7JcLG72Zso4SHOOg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/e4ca56-1386-432c-96cb-65a9a4dfad9e/1/r7ALKTlueAM-26yv75hQsbDjUyM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.171.108.0/23 Signature Algorithm: sha256WithRSAEncryption ab:74:35:ea:2c:e1:b9:25:45:3a:2b:d3:94:1d:a8:21:3e:10: b1:63:68:f6:cd:d7:03:eb:cc:02:2e:b4:4c:f3:d3:93:d3:a5: f3:7c:1b:1f:58:ef:45:93:65:5c:3a:b2:50:10:f7:78:7a:57: 15:a0:8f:f4:dd:e3:8f:4e:5d:f4:3f:4f:74:d0:2b:3f:d7:b5: 33:e9:8e:99:fc:59:19:fa:e6:c4:2d:a2:26:b4:ab:4b:c6:79: 7b:98:73:ed:58:c3:0d:4b:fb:0b:d9:ed:53:c4:05:a7:31:e9: 4a:01:2f:df:7d:d4:c9:3c:f2:11:09:7e:2b:b8:d0:1b:f8:ee: 22:a1:b7:a2:43:cb:50:0f:9f:63:21:14:a3:23:58:98:a5:c0: 88:1b:82:8e:c1:86:1b:1a:68:a9:3b:d4:14:98:77:0b:12:1f: 9f:8c:ed:da:1d:5f:08:f3:cd:95:90:a5:cd:b7:31:cd:6f:3e: ab:82:2f:96:3a:eb:d1:06:5d:fa:6c:9e:ff:81:ec:4a:bc:e2: bc:15:6a:92:fc:5b:57:3a:b6:f1:a6:ef:6e:fa:0f:3c:2f:57: f3:7c:df:bd:7d:7a:f6:0d:87:76:a1:60:62:34:a9:ec:46:ce: a2:a1:9d:b4:84:88:73:d0:ee:12:28:49:43:02:7b:c3:f7:90: 24:9d:4c:61 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt4ooDVZh5zrIeG9ZHUVQjdMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFmYjAwYjI5Mzk2ZTc4MDMzZWRiYWNhZmVmOTg1MGIxYjBl MzUzMjMwHhcNMjYwMTAxMDgxNzU0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwNmEyOTc0ZGY1NzVjZjFiYmIyNWMyYzZlZjY2NmNhMzg0ODczOGU4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Gufm/Lw/8fCBUVPUa2KZsK96TAo Pct3BSkORSP7Hk1/z2m8KyZHCJI9AuUZ5dZz7UN7XsquUvWqwAwKO+XyRynShYkR 5zNZBGKotv9cYNH8VvD/366f+QGBzYvdSjLIKbGcaRuwEOXSAyXB6x5LzLKxadSU AnCxFCAtIROTzqh3tIewoArBdGxiv9eCI1fgPL0FAqpHOiA/iXQr2/Ac8RC0UW7m n89Z6SEOoX60nZ23VfKuk0PyhVZTD4Hg2dF08T613SzZcEc9PAZlGk9QLnsOr4lb 1ShVwLc8xEK4VzT12W9b9IDY7UymeEns+EmjU+0/duraKvhDCTZ9NDoMQwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFAail031dc8buyXCxu9mbKOEhzjoMB8GA1UdIwQY MBaAFK+wCyk5bngDPtusr++YULGw41MjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcjdBTEtUbHVlQU0tMjZ5djc1aFFzYkRqVXlNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9lNGNhNTYtMTM4Ni00MzJjLTk2Y2It NjVhOWE0ZGZhZDllLzEvQnFLWFRmVjF6eHU3SmNMRzcyWnNvNFNIT09nLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mYS9lNGNhNTYtMTM4Ni00MzJjLTk2Y2ItNjVhOWE0ZGZhZDll LzEvcjdBTEtUbHVlQU0tMjZ5djc1aFFzYkRqVXlNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuatsMA0G CSqGSIb3DQEBCwUAA4IBAQCrdDXqLOG5JUU6K9OUHaghPhCxY2j2zdcD68wCLrRM 89OT06XzfBsfWO9Fk2VcOrJQEPd4elcVoI/03eOPTl30P0900Cs/17Uz6Y6Z/FkZ +ubELaImtKtLxnl7mHPtWMMNS/sL2e1TxAWnMelKAS/ffdTJPPIRCX4ruNAb+O4i obeiQ8tQD59jIRSjI1iYpcCIG4KOwYYbGmipO9QUmHcLEh+fjO3aHV8I882VkKXN tzHNbz6rgi+WOuvRBl36bJ7/gexKvOK8FWqS/FtXOrbxpu9u+g88L1fzfN+9fXr2 DYd2oWBiNKnsRs6ioZ20hIhz0O4SKElDAnvD95AknUxh -----END CERTIFICATE-----Generated at Mon Feb 9 22:37:06 2026 by rpki-client