This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/645b74-d8fb-4488-bbfd-c028d91ebc9c/1/qVl9UPtcOfv2GnXxXOewgnePOCY.roa File: qVl9UPtcOfv2GnXxXOewgnePOCY.roa (raw, json) Hash identifier: Ls9yx6jQRN+6skTSMeFCiw+2fZmjJYWCP94aDC2pEzQ= Subject key identifier: A9:59:7D:50:FB:5C:39:FB:F6:1A:75:F1:5C:E7:B0:82:77:8F:38:26 Certificate issuer: /CN=2c887302d1e740f5f98481fb4b7a461696bfe5c1 Certificate serial: 019B7A5AB1D377D11506E48D5B76000C280C Authority key identifier: 2C:88:73:02:D1:E7:40:F5:F9:84:81:FB:4B:7A:46:16:96:BF:E5:C1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LIhzAtHnQPX5hIH7S3pGFpa_5cE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/645b74-d8fb-4488-bbfd-c028d91ebc9c/1/qVl9UPtcOfv2GnXxXOewgnePOCY.roa Signing time: Thu 01 Jan 2026 16:18:42 +0000 ROA not before: Thu 01 Jan 2026 16:18:42 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 25309 IP address blocks: 194.116.99.0/24 maxlen: 24 2001:7f8:23::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4a/645b74-d8fb-4488-bbfd-c028d91ebc9c/1/LIhzAtHnQPX5hIH7S3pGFpa_5cE.crl rsync://rpki.ripe.net/repository/DEFAULT/4a/645b74-d8fb-4488-bbfd-c028d91ebc9c/1/LIhzAtHnQPX5hIH7S3pGFpa_5cE.mft rsync://rpki.ripe.net/repository/DEFAULT/LIhzAtHnQPX5hIH7S3pGFpa_5cE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 10 Jan 2026 21:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5a:b1:d3:77:d1:15:06:e4:8d:5b:76:00:0c:28:0c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2c887302d1e740f5f98481fb4b7a461696bfe5c1 Validity Not Before: Jan 1 16:18:42 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=a9597d50fb5c39fbf61a75f15ce7b082778f3826 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:83:48:76:5e:58:36:e7:2e:3c:06:c4:60:1e: 35:03:ec:63:bf:6d:99:69:41:ac:9e:53:58:b1:80: 88:d8:ba:47:ca:94:df:2c:c4:e8:77:d4:a1:ed:e0: e0:23:c2:7a:33:0f:b4:c2:cb:cf:67:ee:1e:b2:9d: a4:8b:e4:d0:2c:69:ea:81:fe:9f:7c:e1:fe:fc:a0: 4b:85:fe:d9:a3:2a:b6:f1:06:d1:ad:7e:18:93:a1: eb:27:76:89:a2:fb:fe:e4:9b:73:a6:03:36:95:2f: 04:e3:57:8c:5a:94:a3:06:e3:dc:2e:26:98:7c:0e: 2d:c0:54:0d:21:f7:2c:2b:01:b6:8e:e7:59:11:4e: 23:34:a9:cd:f2:e5:56:02:58:a0:c3:7b:61:fe:51: c4:7f:84:d3:84:54:64:b4:65:02:d2:5e:03:ad:7c: 81:3b:56:98:71:89:9a:08:7f:a3:03:f5:8a:f8:5b: 60:d8:93:0b:71:71:39:32:fa:32:89:9c:55:84:37: 12:a0:28:4d:a1:e8:91:6c:48:b3:38:49:48:4c:d8: d8:62:0b:87:c8:36:2c:45:78:9c:1e:b1:f4:3f:0d: 87:ad:7b:5b:cd:0f:7b:68:8b:10:b7:fd:c6:ec:8d: f9:1f:6a:b3:98:e9:d2:66:14:7e:47:d9:e3:d2:b8: 11:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A9:59:7D:50:FB:5C:39:FB:F6:1A:75:F1:5C:E7:B0:82:77:8F:38:26 X509v3 Authority Key Identifier: keyid:2C:88:73:02:D1:E7:40:F5:F9:84:81:FB:4B:7A:46:16:96:BF:E5:C1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LIhzAtHnQPX5hIH7S3pGFpa_5cE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/645b74-d8fb-4488-bbfd-c028d91ebc9c/1/qVl9UPtcOfv2GnXxXOewgnePOCY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/645b74-d8fb-4488-bbfd-c028d91ebc9c/1/LIhzAtHnQPX5hIH7S3pGFpa_5cE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 194.116.99.0/24 IPv6: 2001:7f8:23::/48 Signature Algorithm: sha256WithRSAEncryption 66:72:df:fe:ff:77:56:cf:19:00:35:91:c4:ff:d1:67:ff:39: 5f:d2:62:0a:19:28:37:0d:96:89:af:37:c4:7b:e2:0b:b3:90: f6:1a:d6:8e:57:d8:6c:65:24:bf:c5:85:40:bd:bb:82:4f:39: 7e:80:d2:14:58:01:6d:04:0d:f6:6b:e7:6b:5d:e8:78:d7:ab: 41:64:54:2d:8b:73:dd:e3:a2:f7:19:1b:13:dc:4f:24:09:3e: 72:8d:89:cf:31:51:a6:a5:06:9b:6e:cd:1c:a5:b1:5c:71:81: 61:bf:47:17:fa:de:6a:90:42:c4:ef:26:27:7d:dc:31:21:6f: 59:c7:03:6c:b5:a0:b9:54:1f:2c:ad:da:b2:c7:44:f6:5c:71: cc:4b:a4:86:f4:8f:90:11:6b:b9:6a:fb:cc:3a:f2:28:37:3b: f0:4b:97:2d:bb:fe:83:67:ed:44:d5:ca:ed:ae:0a:74:32:c7: 10:7b:e9:c5:6c:b6:b3:8e:a3:8b:35:bf:ad:9c:e0:b6:4e:5d: e2:45:54:d4:93:b0:61:ea:08:3b:a9:2f:72:a7:87:3c:62:2c: 5b:0a:5a:a4:1c:b5:21:10:cb:ac:e7:48:cb:bb:e0:99:ea:43: 19:c4:ee:46:35:c2:a2:9e:77:5b:0f:77:22:de:ab:76:33:16: 6d:27:2b:4c -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgISAZt6WrHTd9EVBuSNW3YADCgMMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJjODg3MzAyZDFlNzQwZjVmOTg0ODFmYjRiN2E0NjE2OTZi ZmU1YzEwHhcNMjYwMTAxMTYxODQyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhOTU5N2Q1MGZiNWMzOWZiZjYxYTc1ZjE1Y2U3YjA4Mjc3OGYzODI2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwoNIdl5YNucuPAbEYB41A+xjv22Z aUGsnlNYsYCI2LpHypTfLMTod9Sh7eDgI8J6Mw+0wsvPZ+4esp2ki+TQLGnqgf6f fOH+/KBLhf7Zoyq28QbRrX4Yk6HrJ3aJovv+5JtzpgM2lS8E41eMWpSjBuPcLiaY fA4twFQNIfcsKwG2judZEU4jNKnN8uVWAligw3th/lHEf4TThFRktGUC0l4DrXyB O1aYcYmaCH+jA/WK+Ftg2JMLcXE5MvoyiZxVhDcSoChNoeiRbEizOElITNjYYguH yDYsRXicHrH0Pw2HrXtbzQ97aIsQt/3G7I35H2qzmOnSZhR+R9nj0rgRMQIDAQAB o4ICGjCCAhYwHQYDVR0OBBYEFKlZfVD7XDn79hp18VznsIJ3jzgmMB8GA1UdIwQY MBaAFCyIcwLR50D1+YSB+0t6RhaWv+XBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTEloekF0SG5RUFg1aElIN1MzcEdGcGFfNWNFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS82NDViNzQtZDhmYi00NDg4LWJiZmQt YzAyOGQ5MWViYzljLzEvcVZsOVVQdGNPZnYyR25YeFhPZXdnbmVQT0NZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80YS82NDViNzQtZDhmYi00NDg4LWJiZmQtYzAyOGQ5MWViYzlj LzEvTEloekF0SG5RUFg1aElIN1MzcEdGcGFfNWNFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwnRjMA8E AgACMAkDBwAgAQf4ACMwDQYJKoZIhvcNAQELBQADggEBAGZy3/7/d1bPGQA1kcT/ 0Wf/OV/SYgoZKDcNlomvN8R74guzkPYa1o5X2GxlJL/FhUC9u4JPOX6A0hRYAW0E DfZr52td6HjXq0FkVC2Lc93jovcZGxPcTyQJPnKNic8xUaalBptuzRylsVxxgWG/ Rxf63mqQQsTvJid93DEhb1nHA2y1oLlUHyyt2rLHRPZcccxLpIb0j5ARa7lq+8w6 8ig3O/BLly27/oNn7UTVyu2uCnQyxxB76cVstrOOo4s1v62c4LZOXeJFVNSTsGHq CDupL3KnhzxiLFsKWqQctSEQy6znSMu74JnqQxnE7kY1wqKed1sPdyLeq3YzFm0n K0w= -----END CERTIFICATE-----Generated at Sat Jan 10 06:59:44 2026 by rpki-client