This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/hqTa81CA_5WpsqJqDXLLmFSbJfA.roa File: hqTa81CA_5WpsqJqDXLLmFSbJfA.roa (raw, json) Hash identifier: z4w5dEFit2k1Jce8ZI/zL5A6pBjGbffnx5sSkLV5Mxk= Subject key identifier: 86:A4:DA:F3:50:80:FF:95:A9:B2:A2:6A:0D:72:CB:98:54:9B:25:F0 Certificate issuer: /CN=624ad4535ac88dd534199f2a726095af71afe44e Certificate serial: 019BFC3BB6B81A1BC99B7CEC524EAF132055 Authority key identifier: 62:4A:D4:53:5A:C8:8D:D5:34:19:9F:2A:72:60:95:AF:71:AF:E4:4E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/hqTa81CA_5WpsqJqDXLLmFSbJfA.roa Signing time: Mon 26 Jan 2026 21:35:30 +0000 ROA not before: Mon 26 Jan 2026 21:35:30 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 197706 IP address blocks: 31.171.152.0/24 maxlen: 24 31.171.153.0/24 maxlen: 24 31.171.154.0/24 maxlen: 24 31.171.155.0/24 maxlen: 24 45.142.25.0/24 maxlen: 24 45.142.26.0/24 maxlen: 24 45.142.27.0/24 maxlen: 24 103.124.165.0/24 maxlen: 24 103.124.167.0/24 maxlen: 24 109.104.140.0/24 maxlen: 24 109.104.141.0/24 maxlen: 24 144.48.52.0/24 maxlen: 24 144.48.53.0/24 maxlen: 24 144.48.54.0/24 maxlen: 24 144.48.55.0/24 maxlen: 24 185.53.100.0/24 maxlen: 24 185.53.101.0/24 maxlen: 24 185.153.125.0/24 maxlen: 24 185.153.126.0/24 maxlen: 24 185.153.127.0/24 maxlen: 24 209.23.44.0/24 maxlen: 24 209.23.45.0/24 maxlen: 24 209.23.46.0/24 maxlen: 24 209.23.47.0/24 maxlen: 24 2a04:27c0::/29 maxlen: 48 2a04:27c0:fffd::/48 maxlen: 48 2a04:27c0:fffe::/48 maxlen: 48 2a09:6e40::/29 maxlen: 48 2a09:6e47::/48 maxlen: 48 2a09:6ec0::/29 maxlen: 48 2a0d:27c0::/29 maxlen: 48 2a0d:27c4::/32 maxlen: 32 2a0d:42c0::/29 maxlen: 48 2a0d:4a40::/29 maxlen: 48 2a0d:4a46::/32 maxlen: 32 2a0e:3f00::/29 maxlen: 48 2a0e:3f01::/48 maxlen: 48 2a0e:4f00::/29 maxlen: 48 2a0e:4f05::/32 maxlen: 32 2a0e:d4c0::/29 maxlen: 48 2a0f:42c0::/29 maxlen: 48 2a0f:a880::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.crl rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.mft rsync://rpki.ripe.net/repository/DEFAULT/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 21:05:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:fc:3b:b6:b8:1a:1b:c9:9b:7c:ec:52:4e:af:13:20:55 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=624ad4535ac88dd534199f2a726095af71afe44e Validity Not Before: Jan 26 21:35:30 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=86a4daf35080ff95a9b2a26a0d72cb98549b25f0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ec:02:56:d1:27:f0:ff:0a:4e:a5:49:d8:a4:1f: c3:aa:c8:10:d5:00:26:a9:30:70:73:86:ea:7a:38: 9b:8f:4c:91:57:07:ce:e2:9c:a8:a9:5b:c1:03:36: 00:67:2b:29:a8:db:d1:d0:55:b1:37:22:69:e9:f5: 84:50:c6:b4:2a:7a:40:67:43:0d:7e:9b:89:05:b8: f6:1e:89:56:c2:af:81:ca:bc:dd:8f:c5:5e:10:5d: 17:c0:f2:9c:71:fb:4b:c7:2a:9a:ef:7b:02:92:5b: 80:6e:0c:97:4a:50:b9:42:14:d7:e0:9d:69:25:fc: eb:bb:7a:1f:57:dc:97:d6:c4:4b:f0:31:79:0c:86: ff:9a:66:c1:cf:8e:55:f4:e0:b7:93:43:56:82:a6: b1:d2:4e:5a:b8:f8:9a:0c:46:d5:41:ee:42:5d:c4: 5d:f5:bb:f1:ab:2e:fa:eb:d5:24:c2:45:e4:69:a4: b3:94:fc:bb:61:85:88:55:d6:b1:f2:b8:b7:c5:61: 73:47:63:93:5e:d4:1b:09:1c:89:23:ed:ba:bc:62: 25:16:fc:d8:b2:b7:39:1f:62:10:fd:fa:59:e7:0c: 7d:27:f2:cd:9d:ed:ea:59:20:35:80:d1:90:11:06: 27:41:7d:a7:c9:49:d4:22:5b:a0:f3:57:c7:0b:b4: 84:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 86:A4:DA:F3:50:80:FF:95:A9:B2:A2:6A:0D:72:CB:98:54:9B:25:F0 X509v3 Authority Key Identifier: keyid:62:4A:D4:53:5A:C8:8D:D5:34:19:9F:2A:72:60:95:AF:71:AF:E4:4E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/hqTa81CA_5WpsqJqDXLLmFSbJfA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.171.152.0/22 45.142.25.0-45.142.27.255 103.124.165.0/24 103.124.167.0/24 109.104.140.0/23 144.48.52.0/22 185.53.100.0/23 185.153.125.0-185.153.127.255 209.23.44.0/22 IPv6: 2a04:27c0::/29 2a09:6e40::/29 2a09:6ec0::/29 2a0d:27c0::/29 2a0d:42c0::/29 2a0d:4a40::/29 2a0e:3f00::/29 2a0e:4f00::/29 2a0e:d4c0::/29 2a0f:42c0::/29 2a0f:a880::/29 Signature Algorithm: sha256WithRSAEncryption 77:21:c2:96:36:b0:ea:f5:a0:f6:e1:7e:05:a1:7e:fa:58:50: cd:bb:4b:3f:8b:d8:96:6c:4b:f8:5e:5a:4c:fc:0d:24:08:08: b8:3a:b6:6e:df:2d:4e:bc:5d:53:cf:30:b5:92:33:f9:37:ec: 6c:7d:08:62:fe:5f:31:e4:18:cc:dd:76:05:80:a7:66:34:1f: 6e:66:25:14:48:66:05:4f:64:bd:33:39:9e:9e:35:fd:d6:a7: 01:be:fc:8f:8a:69:2d:4f:c4:86:8f:0e:b8:c1:4d:9d:b7:b2: 7d:fe:db:67:84:8d:c7:bd:7b:37:bb:23:04:79:23:ce:2c:f8: ef:02:c2:fd:18:de:0b:0b:ab:ba:f9:c7:57:15:b7:70:2b:65: 2f:10:9e:26:b0:86:90:ee:81:77:be:31:b7:15:88:ee:b8:1c: 50:4e:01:8f:12:39:84:11:1e:89:7d:9c:cd:96:b5:37:b4:38: ab:ff:d7:34:79:a6:f8:e4:be:1d:f6:29:99:fb:54:ca:cd:da: b8:34:fe:6d:e0:69:7c:0f:c6:7a:63:aa:9e:29:92:db:0e:e8: 34:95:d8:5a:84:9f:ed:da:2e:40:89:4c:3b:54:1c:1f:04:02: 96:7c:82:d2:79:f8:ec:b2:5b:e3:32:53:89:83:ba:29:e3:67: f8:0f:76:d8 -----BEGIN CERTIFICATE----- MIIFlTCCBH2gAwIBAgISAZv8O7a4GhvJm3zsUk6vEyBVMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYyNGFkNDUzNWFjODhkZDUzNDE5OWYyYTcyNjA5NWFmNzFh ZmU0NGUwHhcNMjYwMTI2MjEzNTMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4NmE0ZGFmMzUwODBmZjk1YTliMmEyNmEwZDcyY2I5ODU0OWIyNWYwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7AJW0Sfw/wpOpUnYpB/DqsgQ1QAm qTBwc4bqejibj0yRVwfO4pyoqVvBAzYAZyspqNvR0FWxNyJp6fWEUMa0KnpAZ0MN fpuJBbj2HolWwq+Byrzdj8VeEF0XwPKccftLxyqa73sCkluAbgyXSlC5QhTX4J1p Jfzru3ofV9yX1sRL8DF5DIb/mmbBz45V9OC3k0NWgqax0k5auPiaDEbVQe5CXcRd 9bvxqy7669UkwkXkaaSzlPy7YYWIVdax8ri3xWFzR2OTXtQbCRyJI+26vGIlFvzY src5H2IQ/fpZ5wx9J/LNne3qWSA1gNGQEQYnQX2nyUnUIlug81fHC7SEWwIDAQAB o4ICoTCCAp0wHQYDVR0OBBYEFIak2vNQgP+VqbKiag1yy5hUmyXwMB8GA1UdIwQY MBaAFGJK1FNayI3VNBmfKnJgla9xr+ROMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWWtyVVUxcklqZFUwR1o4cWNtQ1ZyM0d2NUU0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9hYTEwMTktNTY0Zi00YzQ2LWEyMTct ZmI1OTQ5ODA4ZGRjLzEvaHFUYTgxQ0FfNVdwc3FKcURYTExtRlNiSmZBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMC9hYTEwMTktNTY0Zi00YzQ2LWEyMTctZmI1OTQ5ODA4ZGRj LzEvWWtyVVUxcklqZFUwR1o4cWNtQ1ZyM0d2NUU0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIG2BggrBgEFBQcBBwEB/wSBpjCBozBMBAIAATBGAwQCH6uY MAwDBAAtjhkDBAItjhgDBABnfKUDBABnfKcDBAFtaIwDBAKQMDQDBAG5NWQwDAME ALmZfQMEB7mZAAMEAtEXLDBTBAIAAjBNAwUDKgQnwAMFAyoJbkADBQMqCW7AAwUD Kg0nwAMFAyoNQsADBQMqDUpAAwUDKg4/AAMFAyoOTwADBQMqDtTAAwUDKg9CwAMF AyoPqIAwDQYJKoZIhvcNAQELBQADggEBAHchwpY2sOr1oPbhfgWhfvpYUM27Sz+L 2JZsS/heWkz8DSQICLg6tm7fLU68XVPPMLWSM/k37Gx9CGL+XzHkGMzddgWAp2Y0 H25mJRRIZgVPZL0zOZ6eNf3WpwG+/I+KaS1PxIaPDrjBTZ23sn3+22eEjce9eze7 IwR5I84s+O8Cwv0Y3gsLq7r5x1cVt3ArZS8QniawhpDugXe+MbcViO64HFBOAY8S OYQRHol9nM2WtTe0OKv/1zR5pvjkvh32KZn7VMrN2rg0/m3gaXwPxnpjqp4pktsO 6DSV2FqEn+3aLkCJTDtUHB8EApZ8gtJ5+OyyW+MyU4mDuinjZ/gPdtg= -----END CERTIFICATE-----Generated at Tue Feb 10 02:22:33 2026 by rpki-client