This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/5f6566-8160-4394-875f-a7ead8ab1273/1/QBlYbj346qzHUv19Z-I6ndDq6qo.roa File: QBlYbj346qzHUv19Z-I6ndDq6qo.roa (raw, json) Hash identifier: VEZ9eyiW7HYhsOu44s2MXlQaK3GSzzboX5o0voLYcrI= Subject key identifier: 40:19:58:6E:3D:F8:EA:AC:C7:52:FD:7D:67:E2:3A:9D:D0:EA:EA:AA Certificate issuer: /CN=b14658fcab37032dfea96ef0ae68dc9deff6d705 Certificate serial: 019B79101BF334F66C3739723098CD242A7E Authority key identifier: B1:46:58:FC:AB:37:03:2D:FE:A9:6E:F0:AE:68:DC:9D:EF:F6:D7:05 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sUZY_Ks3Ay3-qW7wrmjcne_21wU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/5f6566-8160-4394-875f-a7ead8ab1273/1/QBlYbj346qzHUv19Z-I6ndDq6qo.roa Signing time: Thu 01 Jan 2026 10:17:37 +0000 ROA not before: Thu 01 Jan 2026 10:17:37 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 38919 IP address blocks: 89.190.140.0/22 maxlen: 22 185.92.68.0/22 maxlen: 22 185.132.108.0/22 maxlen: 22 2a05:f080::/29 maxlen: 29 2a0e:f800::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/5f6566-8160-4394-875f-a7ead8ab1273/1/sUZY_Ks3Ay3-qW7wrmjcne_21wU.crl rsync://rpki.ripe.net/repository/DEFAULT/55/5f6566-8160-4394-875f-a7ead8ab1273/1/sUZY_Ks3Ay3-qW7wrmjcne_21wU.mft rsync://rpki.ripe.net/repository/DEFAULT/sUZY_Ks3Ay3-qW7wrmjcne_21wU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 13 Jan 2026 07:01:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:10:1b:f3:34:f6:6c:37:39:72:30:98:cd:24:2a:7e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b14658fcab37032dfea96ef0ae68dc9deff6d705 Validity Not Before: Jan 1 10:17:37 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=4019586e3df8eaacc752fd7d67e23a9dd0eaeaaa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:8f:4a:d7:32:eb:b4:70:ee:65:c4:19:ac:fa: e1:a1:e3:37:04:73:eb:be:0e:ad:e0:fb:30:bf:71: 34:1a:93:74:be:fa:37:92:e0:48:62:4f:75:68:ad: de:69:34:3d:34:9e:79:fe:16:2b:f4:56:ce:89:33: ab:32:60:50:3a:6c:bc:02:42:00:84:86:ff:f0:c1: e4:0d:23:8f:71:4e:9f:a3:22:b3:ea:5b:98:0c:02: 08:93:f8:6d:21:59:47:5b:9f:04:88:46:c4:d8:9e: 6e:96:2b:09:df:fe:82:d0:cf:26:c1:0f:30:d0:7c: 6b:8d:9c:35:26:30:18:38:2c:0f:5f:41:e1:28:2f: 07:8b:64:32:61:ce:51:9a:f8:a3:22:43:63:b0:f0: 40:bb:3d:dd:84:3c:26:76:6c:b4:59:43:de:f0:fa: f7:9f:90:12:98:90:6b:de:3b:e6:13:9a:f5:18:08: 32:0c:08:32:06:f0:62:0f:c1:f1:b9:8b:81:b5:ea: 82:21:94:ca:c8:d4:75:0d:cf:04:d9:bc:d7:96:9b: 95:96:d2:9c:27:ed:83:1e:8f:60:76:d9:0f:b1:f1: 53:bd:c5:33:32:dc:f3:dc:be:6a:3e:d4:70:17:03: 52:42:76:93:b1:34:cc:ca:b5:68:00:b3:5c:ae:31: 24:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:19:58:6E:3D:F8:EA:AC:C7:52:FD:7D:67:E2:3A:9D:D0:EA:EA:AA X509v3 Authority Key Identifier: keyid:B1:46:58:FC:AB:37:03:2D:FE:A9:6E:F0:AE:68:DC:9D:EF:F6:D7:05 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sUZY_Ks3Ay3-qW7wrmjcne_21wU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/5f6566-8160-4394-875f-a7ead8ab1273/1/QBlYbj346qzHUv19Z-I6ndDq6qo.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/55/5f6566-8160-4394-875f-a7ead8ab1273/1/sUZY_Ks3Ay3-qW7wrmjcne_21wU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 89.190.140.0/22 185.92.68.0/22 185.132.108.0/22 IPv6: 2a05:f080::/29 2a0e:f800::/29 Signature Algorithm: sha256WithRSAEncryption 8f:41:05:d5:11:de:46:a3:dc:80:4e:d6:43:a8:05:13:96:1d: 23:5a:28:b2:4d:57:b2:be:56:2d:10:a5:07:1d:dc:e7:14:0b: 7e:7c:9a:34:3f:71:b2:67:3f:0b:ea:9f:6f:12:e4:bf:dd:87: 75:79:ba:0c:ee:25:82:17:81:79:22:54:23:7c:5a:00:1e:3f: f8:7e:e7:53:1e:d1:70:86:94:86:c9:b2:03:2c:0c:09:16:2c: 82:f0:88:e8:f6:64:fa:da:de:12:38:fe:7d:72:b1:6f:da:58: 88:fb:4f:19:c7:37:26:88:3c:87:4a:09:8e:53:9c:57:44:f7: be:c7:4f:31:11:54:b0:6b:b7:5e:ed:90:25:bb:59:51:53:7a: 22:73:24:26:26:27:ef:20:10:7b:99:09:88:34:36:ff:8a:88: fe:4b:3c:12:6f:52:19:e6:c5:64:dd:c8:a8:fe:0b:ef:29:3f: f8:4b:61:66:47:d3:5b:1a:0d:38:6b:7b:2e:fc:e3:d1:c0:f5: 4a:12:8d:c7:42:eb:09:9a:53:71:a8:8b:02:30:9f:bf:f5:c8: ab:1a:cf:5f:22:a4:88:54:4d:74:87:9a:54:1f:6e:af:0d:53: 2e:41:a8:04:9d:80:e5:6d:a6:ee:b7:a7:8e:5f:0c:6f:ac:4e: 08:cf:5b:14 -----BEGIN CERTIFICATE----- MIIFHzCCBAegAwIBAgISAZt5EBvzNPZsNzlyMJjNJCp+MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIxNDY1OGZjYWIzNzAzMmRmZWE5NmVmMGFlNjhkYzlkZWZm NmQ3MDUwHhcNMjYwMTAxMTAxNzM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0MDE5NTg2ZTNkZjhlYWFjYzc1MmZkN2Q2N2UyM2E5ZGQwZWFlYWFhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Y9K1zLrtHDuZcQZrPrhoeM3BHPr vg6t4Pswv3E0GpN0vvo3kuBIYk91aK3eaTQ9NJ55/hYr9FbOiTOrMmBQOmy8AkIA hIb/8MHkDSOPcU6foyKz6luYDAIIk/htIVlHW58EiEbE2J5ulisJ3/6C0M8mwQ8w 0HxrjZw1JjAYOCwPX0HhKC8Hi2QyYc5RmvijIkNjsPBAuz3dhDwmdmy0WUPe8Pr3 n5ASmJBr3jvmE5r1GAgyDAgyBvBiD8HxuYuBteqCIZTKyNR1Dc8E2bzXlpuVltKc J+2DHo9gdtkPsfFTvcUzMtzz3L5qPtRwFwNSQnaTsTTMyrVoALNcrjEkswIDAQAB o4ICKzCCAicwHQYDVR0OBBYEFEAZWG49+Oqsx1L9fWfiOp3Q6uqqMB8GA1UdIwQY MBaAFLFGWPyrNwMt/qlu8K5o3J3v9tcFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvc1VaWV9LczNBeTMtcVc3d3JtamNuZV8yMXdVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS81ZjY1NjYtODE2MC00Mzk0LTg3NWYt YTdlYWQ4YWIxMjczLzEvUUJsWWJqMzQ2cXpIVXYxOVotSTZuZERxNnFvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81NS81ZjY1NjYtODE2MC00Mzk0LTg3NWYtYTdlYWQ4YWIxMjcz LzEvc1VaWV9LczNBeTMtcVc3d3JtamNuZV8yMXdVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQCWb6MAwQC uVxEAwQCuYRsMBQEAgACMA4DBQMqBfCAAwUDKg74ADANBgkqhkiG9w0BAQsFAAOC AQEAj0EF1RHeRqPcgE7WQ6gFE5YdI1oosk1Xsr5WLRClBx3c5xQLfnyaND9xsmc/ C+qfbxLkv92HdXm6DO4lgheBeSJUI3xaAB4/+H7nUx7RcIaUhsmyAywMCRYsgvCI 6PZk+treEjj+fXKxb9pYiPtPGcc3Jog8h0oJjlOcV0T3vsdPMRFUsGu3Xu2QJbtZ UVN6InMkJiYn7yAQe5kJiDQ2/4qI/ks8Em9SGebFZN3IqP4L7yk/+EthZkfTWxoN OGt7Lvzj0cD1ShKNx0LrCZpTcaiLAjCfv/XIqxrPXyKkiFRNdIeaVB9urw1TLkGo BJ2A5W2m7renjl8Mb6xOCM9bFA== -----END CERTIFICATE-----Generated at Mon Jan 12 16:09:17 2026 by rpki-client