This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/c9aa81-5bfd-4535-9606-941cc6a7bad9/1/BQMAZ1-GEH5r12U7WPk6XQ_xa2o.roa File: BQMAZ1-GEH5r12U7WPk6XQ_xa2o.roa (raw, json) Hash identifier: hON2VcGx2tnVP3W4DtWqeENmyb4FIH7O20nZquH7iUI= Subject key identifier: 05:03:00:67:5F:86:10:7E:6B:D7:65:3B:58:F9:3A:5D:0F:F1:6B:6A Certificate issuer: /CN=17526ccac4f9064e058549b30172c84439787fbc Certificate serial: 019B7B35B4F09383B85C661229B6F1EF06B9 Authority key identifier: 17:52:6C:CA:C4:F9:06:4E:05:85:49:B3:01:72:C8:44:39:78:7F:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F1JsysT5Bk4FhUmzAXLIRDl4f7w.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/c9aa81-5bfd-4535-9606-941cc6a7bad9/1/BQMAZ1-GEH5r12U7WPk6XQ_xa2o.roa Signing time: Thu 01 Jan 2026 20:17:55 +0000 ROA not before: Thu 01 Jan 2026 20:17:55 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 10010 IP address blocks: 45.90.85.0/24 maxlen: 24 45.90.86.0/24 maxlen: 24 45.90.87.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/c9aa81-5bfd-4535-9606-941cc6a7bad9/1/F1JsysT5Bk4FhUmzAXLIRDl4f7w.crl rsync://rpki.ripe.net/repository/DEFAULT/35/c9aa81-5bfd-4535-9606-941cc6a7bad9/1/F1JsysT5Bk4FhUmzAXLIRDl4f7w.mft rsync://rpki.ripe.net/repository/DEFAULT/F1JsysT5Bk4FhUmzAXLIRDl4f7w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 15:22:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:35:b4:f0:93:83:b8:5c:66:12:29:b6:f1:ef:06:b9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=17526ccac4f9064e058549b30172c84439787fbc Validity Not Before: Jan 1 20:17:55 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=050300675f86107e6bd7653b58f93a5d0ff16b6a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:b1:29:c1:ce:7d:a5:4f:ba:4d:62:33:ed:70: d0:2c:44:17:a5:7e:61:33:3e:3f:9f:33:5b:e4:23: ce:b9:63:4e:12:96:e0:d7:5f:c8:02:a7:b6:4f:2b: 38:91:e6:6b:3d:72:43:a3:c1:82:a9:eb:71:7d:6f: 5a:1e:ef:d3:37:55:33:50:6e:04:3b:df:d7:0f:c9: b1:38:b3:2f:30:cb:4e:ef:e9:6f:a5:b9:94:4e:ed: 96:29:2f:58:2c:4c:6f:cc:20:2e:3c:32:8a:d3:63: 5f:89:ba:f2:93:fc:4c:25:62:a0:0b:e7:44:84:0e: a1:cb:51:bb:6e:14:2a:a8:fb:d5:ea:8b:37:b9:20: c2:23:46:64:05:4c:b5:be:25:f3:36:74:17:4c:47: 88:47:3a:3c:19:63:ed:bc:42:4f:9a:ac:dd:f8:fe: 3f:42:0e:79:35:a6:04:cd:f7:09:d3:68:b9:62:b9: cf:c7:fa:31:e4:82:75:98:ad:23:b4:62:26:00:4e: f8:6c:10:c4:06:dc:4d:70:58:90:b9:f9:04:0e:c1: 6c:18:84:a5:5a:28:24:c1:53:cf:72:0b:46:0c:aa: 55:10:81:1f:2e:bb:7b:8f:44:7c:e1:14:39:79:24: f2:44:40:5a:e6:9d:07:17:1b:af:df:18:94:67:12: 44:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 05:03:00:67:5F:86:10:7E:6B:D7:65:3B:58:F9:3A:5D:0F:F1:6B:6A X509v3 Authority Key Identifier: keyid:17:52:6C:CA:C4:F9:06:4E:05:85:49:B3:01:72:C8:44:39:78:7F:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F1JsysT5Bk4FhUmzAXLIRDl4f7w.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/c9aa81-5bfd-4535-9606-941cc6a7bad9/1/BQMAZ1-GEH5r12U7WPk6XQ_xa2o.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/35/c9aa81-5bfd-4535-9606-941cc6a7bad9/1/F1JsysT5Bk4FhUmzAXLIRDl4f7w.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.90.85.0-45.90.87.255 Signature Algorithm: sha256WithRSAEncryption 3c:a6:68:89:92:79:0d:27:17:22:9c:0b:e8:d5:69:11:cc:29: cf:d4:b5:1c:af:23:82:20:0c:41:ba:6b:6a:93:dd:5b:bb:87: 4e:fd:c2:bb:d3:1d:ab:e1:f5:8b:b4:65:6b:7f:6c:71:92:28: 7f:e0:82:2c:e8:ea:ee:69:83:a2:b5:7e:72:4c:fb:73:71:98: 0e:fb:0b:1c:ed:80:af:e0:8e:1f:9d:b3:90:b5:43:1f:2c:02: b7:c7:38:6c:fe:08:b5:59:f9:8e:7f:93:bc:e9:c2:c0:e7:f2: aa:7e:a7:45:9f:19:64:b3:fb:64:b2:ea:93:f4:6e:68:12:74: be:44:17:0b:73:d6:d1:52:95:9d:f6:d9:bb:1d:b2:f3:ce:1c: f6:b7:d7:97:67:5d:47:5d:b7:d5:da:64:18:80:d2:16:56:10: 52:88:01:75:9f:7b:04:6f:08:aa:ed:25:81:d8:05:41:60:8f: 26:1f:d1:5d:11:bf:91:d2:22:ee:77:43:65:cb:41:da:25:ba: 5b:4d:b9:f3:8e:25:0c:ac:db:fd:0b:9e:58:24:63:a3:f9:3d: 24:01:56:d0:38:9f:eb:60:3b:54:44:af:67:52:87:2a:78:bd: f2:f3:27:09:dd:27:f0:a5:7f:a4:42:bd:fa:f0:34:df:b1:1b: 90:56:38:53 -----BEGIN CERTIFICATE----- MIIFBTCCA+2gAwIBAgISAZt7NbTwk4O4XGYSKbbx7wa5MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDE3NTI2Y2NhYzRmOTA2NGUwNTg1NDliMzAxNzJjODQ0Mzk3 ODdmYmMwHhcNMjYwMTAxMjAxNzU1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwNTAzMDA2NzVmODYxMDdlNmJkNzY1M2I1OGY5M2E1ZDBmZjE2YjZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqbEpwc59pU+6TWIz7XDQLEQXpX5h Mz4/nzNb5CPOuWNOEpbg11/IAqe2Tys4keZrPXJDo8GCqetxfW9aHu/TN1UzUG4E O9/XD8mxOLMvMMtO7+lvpbmUTu2WKS9YLExvzCAuPDKK02Nfibryk/xMJWKgC+dE hA6hy1G7bhQqqPvV6os3uSDCI0ZkBUy1viXzNnQXTEeIRzo8GWPtvEJPmqzd+P4/ Qg55NaYEzfcJ02i5YrnPx/ox5IJ1mK0jtGImAE74bBDEBtxNcFiQufkEDsFsGISl WigkwVPPcgtGDKpVEIEfLrt7j0R84RQ5eSTyREBa5p0HFxuv3xiUZxJEdwIDAQAB o4ICETCCAg0wHQYDVR0OBBYEFAUDAGdfhhB+a9dlO1j5Ol0P8WtqMB8GA1UdIwQY MBaAFBdSbMrE+QZOBYVJswFyyEQ5eH+8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRjFKc3lzVDVCazRGaFVtekFYTElSRGw0Zjd3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9jOWFhODEtNWJmZC00NTM1LTk2MDYt OTQxY2M2YTdiYWQ5LzEvQlFNQVoxLUdFSDVyMTJVN1dQazZYUV94YTJvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNS9jOWFhODEtNWJmZC00NTM1LTk2MDYtOTQxY2M2YTdiYWQ5 LzEvRjFKc3lzVDVCazRGaFVtekFYTElSRGw0Zjd3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAAtWlUD BAMtWlAwDQYJKoZIhvcNAQELBQADggEBADymaImSeQ0nFyKcC+jVaRHMKc/UtRyv I4IgDEG6a2qT3Vu7h079wrvTHavh9Yu0ZWt/bHGSKH/ggizo6u5pg6K1fnJM+3Nx mA77CxztgK/gjh+ds5C1Qx8sArfHOGz+CLVZ+Y5/k7zpwsDn8qp+p0WfGWSz+2Sy 6pP0bmgSdL5EFwtz1tFSlZ322bsdsvPOHPa315dnXUddt9XaZBiA0hZWEFKIAXWf ewRvCKrtJYHYBUFgjyYf0V0Rv5HSIu53Q2XLQdolultNufOOJQys2/0LnlgkY6P5 PSQBVtA4n+tgO1REr2dShyp4vfLzJwndJ/Clf6RCvfrwNN+xG5BWOFM= -----END CERTIFICATE-----Generated at Wed Jan 21 19:35:13 2026 by rpki-client