This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/qgnJ6rleR1BLD9l4jRYO4wkNgPA.roa File: qgnJ6rleR1BLD9l4jRYO4wkNgPA.roa (raw, json) Hash identifier: B+h7D3nmEJYVvQZsDHrV2hBfqxIy+VQ4OQ8EgALC36k= Subject key identifier: AA:09:C9:EA:B9:5E:47:50:4B:0F:D9:78:8D:16:0E:E3:09:0D:80:F0 Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa Certificate serial: 019B7E37A62D868F89A090B3FB6E0BB44444 Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/qgnJ6rleR1BLD9l4jRYO4wkNgPA.roa Signing time: Fri 02 Jan 2026 10:18:54 +0000 ROA not before: Fri 02 Jan 2026 10:18:54 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 208757 IP address blocks: 91.239.220.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.mft rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 16:02:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:37:a6:2d:86:8f:89:a0:90:b3:fb:6e:0b:b4:44:44 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa Validity Not Before: Jan 2 10:18:54 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=aa09c9eab95e47504b0fd9788d160ee3090d80f0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:b9:0d:3f:16:38:f2:85:c8:e4:63:67:14:90: 1e:ec:ed:2d:e1:48:41:d4:2c:c9:ed:d1:fb:a6:f2: 00:b9:8a:0c:e3:9f:e4:f5:dd:bb:13:08:e0:38:80: b9:a4:48:c1:a4:88:f7:0a:a9:fe:1d:54:c2:87:98: d6:94:10:66:fc:4f:cf:c2:9d:bd:ba:cd:40:ab:17: 10:c1:c8:ba:53:cb:d7:58:9c:07:60:e6:a8:4e:0a: a3:84:15:c3:e7:c0:22:6e:07:eb:cf:ec:e1:b3:3d: d6:96:35:82:46:35:f0:86:37:2e:43:27:31:b4:ef: 1f:57:0e:d2:78:7e:83:1d:8c:4e:1e:3b:93:ad:ed: 5d:7c:51:39:f7:51:99:9e:63:f9:24:2d:ee:3a:0d: 4e:47:90:ed:88:7b:45:b4:ce:c0:b3:c9:f1:f6:7c: 54:68:64:58:d3:28:5d:9e:6b:de:a8:a0:0e:a0:5c: 13:10:57:85:94:93:9a:cb:2b:3b:7f:a5:73:db:ce: 59:a9:b4:42:6b:29:69:0d:cd:c8:67:22:eb:c2:c0: 6c:33:19:41:54:7b:b4:0f:76:3f:6d:c7:82:bb:ab: b1:86:28:13:c6:52:89:07:5f:19:5c:6b:a4:02:2b: a9:98:fa:18:b1:7f:e9:8c:20:eb:ad:09:7c:75:67: 30:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AA:09:C9:EA:B9:5E:47:50:4B:0F:D9:78:8D:16:0E:E3:09:0D:80:F0 X509v3 Authority Key Identifier: keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/qgnJ6rleR1BLD9l4jRYO4wkNgPA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.239.220.0/23 Signature Algorithm: sha256WithRSAEncryption 2a:8d:9c:9f:54:2f:db:d6:80:10:c4:a5:97:3a:20:c2:ea:52: 84:55:5a:51:3a:20:94:c5:c0:ef:a7:81:00:4a:a8:0c:79:fa: d4:ba:33:95:d0:87:92:61:5a:15:c1:22:26:9d:58:01:fa:8f: 9b:da:9b:19:b6:d2:bb:b3:c4:bb:28:bb:96:81:b7:ae:dc:12: 85:9b:54:af:43:37:3a:3a:cd:fa:b9:e0:e9:7f:60:51:58:58: 56:7f:fc:13:17:99:0d:2e:37:63:95:96:24:9a:bd:02:7b:7b: 36:24:63:0b:2a:21:8e:c5:21:18:cf:89:e8:13:0f:f1:e5:0a: fa:0c:e9:b9:fb:e5:b9:b1:2e:5c:fc:a1:2c:90:16:f3:47:34: fa:08:13:fd:9d:65:21:1d:50:98:3a:ab:d3:fb:b4:a1:cb:a9: 90:3c:63:d6:61:18:29:de:b3:31:e7:39:5c:8c:a7:99:59:68: bd:d0:67:e7:75:9e:2a:e3:bc:55:ed:96:ea:63:97:ee:d8:ae: c2:b7:56:f4:48:5f:55:77:13:f4:53:24:37:a3:19:08:18:e2: 24:22:de:0d:ce:aa:93:e9:6f:ab:54:a0:a6:3d:14:9c:2f:e1: a2:52:8a:26:19:6e:c3:ed:e5:7b:82:47:60:55:36:8f:cc:b3: 28:ca:ba:ca -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt+N6Ytho+JoJCz+24LtEREMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy MjRkYWEwHhcNMjYwMTAyMTAxODU0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhYTA5YzllYWI5NWU0NzUwNGIwZmQ5Nzg4ZDE2MGVlMzA5MGQ4MGYwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1bkNPxY48oXI5GNnFJAe7O0t4UhB 1CzJ7dH7pvIAuYoM45/k9d27EwjgOIC5pEjBpIj3Cqn+HVTCh5jWlBBm/E/Pwp29 us1AqxcQwci6U8vXWJwHYOaoTgqjhBXD58Aibgfrz+zhsz3WljWCRjXwhjcuQycx tO8fVw7SeH6DHYxOHjuTre1dfFE591GZnmP5JC3uOg1OR5DtiHtFtM7As8nx9nxU aGRY0yhdnmveqKAOoFwTEFeFlJOayys7f6Vz285ZqbRCaylpDc3IZyLrwsBsMxlB VHu0D3Y/bceCu6uxhigTxlKJB18ZXGukAiupmPoYsX/pjCDrrQl8dWcwDQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFKoJyeq5XkdQSw/ZeI0WDuMJDYDwMB8GA1UdIwQY MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt ZGMwNmRkODA1OTYwLzEvcWduSjZybGVSMUJMRDlsNGpSWU80d2tOZ1BBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW+/cMA0G CSqGSIb3DQEBCwUAA4IBAQAqjZyfVC/b1oAQxKWXOiDC6lKEVVpROiCUxcDvp4EA SqgMefrUujOV0IeSYVoVwSImnVgB+o+b2psZttK7s8S7KLuWgbeu3BKFm1SvQzc6 Os36ueDpf2BRWFhWf/wTF5kNLjdjlZYkmr0Ce3s2JGMLKiGOxSEYz4noEw/x5Qr6 DOm5++W5sS5c/KEskBbzRzT6CBP9nWUhHVCYOqvT+7Shy6mQPGPWYRgp3rMx5zlc jKeZWWi90GfndZ4q47xV7ZbqY5fu2K7Ct1b0SF9VdxP0UyQ3oxkIGOIkIt4NzqqT 6W+rVKCmPRScL+GiUoomGW7D7eV7gkdgVTaPzLMoyrrK -----END CERTIFICATE-----Generated at Mon Jan 19 20:00:54 2026 by rpki-client