This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/3eaeb4-fb99-4993-8122-e45350414ddf/1/QMLVKgwADSsNbZRXcMe0xSA9x_A.roa File: QMLVKgwADSsNbZRXcMe0xSA9x_A.roa (raw, json) Hash identifier: Ml4zII8fhmnXo4EJyRA+v+Cfzf2PU3hifJXp1ALUjlM= Subject key identifier: 40:C2:D5:2A:0C:00:0D:2B:0D:6D:94:57:70:C7:B4:C5:20:3D:C7:F0 Certificate issuer: /CN=39704769d087d9fe8f790a6555cb4fbefcd24d38 Certificate serial: 019AF0300320C9AFCAA9475F7DC80FABC016 Authority key identifier: 39:70:47:69:D0:87:D9:FE:8F:79:0A:65:55:CB:4F:BE:FC:D2:4D:38 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OXBHadCH2f6PeQplVctPvvzSTTg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/3eaeb4-fb99-4993-8122-e45350414ddf/1/QMLVKgwADSsNbZRXcMe0xSA9x_A.roa Signing time: Fri 05 Dec 2025 20:24:29 +0000 ROA not before: Fri 05 Dec 2025 20:24:29 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 203323 IP address blocks: 2.58.58.0/24 maxlen: 24 2a09:e244:b000::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/3eaeb4-fb99-4993-8122-e45350414ddf/1/OXBHadCH2f6PeQplVctPvvzSTTg.crl rsync://rpki.ripe.net/repository/DEFAULT/52/3eaeb4-fb99-4993-8122-e45350414ddf/1/OXBHadCH2f6PeQplVctPvvzSTTg.mft rsync://rpki.ripe.net/repository/DEFAULT/OXBHadCH2f6PeQplVctPvvzSTTg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 14:01:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f0:30:03:20:c9:af:ca:a9:47:5f:7d:c8:0f:ab:c0:16 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=39704769d087d9fe8f790a6555cb4fbefcd24d38 Validity Not Before: Dec 5 20:24:29 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=40c2d52a0c000d2b0d6d945770c7b4c5203dc7f0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:78:d5:20:a9:8d:72:83:c5:ac:af:53:99:33: db:d7:79:33:c6:7a:26:32:df:f3:d4:4f:cb:08:6b: c4:40:44:d3:ac:f6:66:a6:17:a4:05:4b:c6:f2:10: 2b:da:78:a9:90:e4:b2:e0:67:c6:de:a4:c6:63:01: 1a:68:25:c7:2f:ef:4b:a8:95:0c:32:bc:bd:d8:53: b2:8d:d1:44:d4:ae:eb:39:79:50:bd:50:0c:b5:53: 39:cf:6e:f9:81:7e:c4:ea:a4:3a:6f:a4:4d:64:b5: ad:0c:96:6b:f7:77:3c:a1:86:44:8a:e6:f4:b6:39: ac:e7:6b:1c:5c:64:29:52:44:70:cf:42:8a:9f:71: 0a:92:a0:16:40:14:06:24:02:ad:17:1d:6e:55:a9: 4e:90:50:80:6a:bb:34:43:28:62:6c:34:21:c2:5e: fa:8b:3c:27:73:69:de:a8:5a:4c:c3:c2:69:19:ab: 08:0c:8c:bc:a6:60:45:50:63:8b:38:9f:a5:06:7a: fd:fe:24:59:19:6d:a5:9c:b7:7b:66:c5:b5:ea:a2: 3a:85:a3:74:f5:d4:e3:bd:94:ef:a2:6a:7d:00:9c: bb:f1:3e:eb:80:af:3d:d3:2d:88:dc:37:fe:fc:ab: 8e:ef:29:c9:24:a9:f2:bb:2c:46:00:5e:cc:84:09: 9d:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:C2:D5:2A:0C:00:0D:2B:0D:6D:94:57:70:C7:B4:C5:20:3D:C7:F0 X509v3 Authority Key Identifier: keyid:39:70:47:69:D0:87:D9:FE:8F:79:0A:65:55:CB:4F:BE:FC:D2:4D:38 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OXBHadCH2f6PeQplVctPvvzSTTg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/3eaeb4-fb99-4993-8122-e45350414ddf/1/QMLVKgwADSsNbZRXcMe0xSA9x_A.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/52/3eaeb4-fb99-4993-8122-e45350414ddf/1/OXBHadCH2f6PeQplVctPvvzSTTg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 2.58.58.0/24 IPv6: 2a09:e244:b000::/36 Signature Algorithm: sha256WithRSAEncryption a6:22:7c:33:5b:e8:c2:c0:92:a8:b1:5a:5a:65:6a:f0:be:66: a9:9c:4d:cc:01:c1:0b:81:30:21:29:f3:b9:a3:5c:ce:aa:99: 37:41:f1:65:6a:cd:9e:f4:aa:78:25:d8:c5:93:54:70:69:c1: 8f:e2:0c:f2:f2:1b:d1:9e:54:28:70:2e:8d:01:0d:f6:5f:f7: 48:e3:05:16:31:d2:7f:d9:ff:19:60:4d:f0:10:0c:39:54:b9: 45:a2:0a:f9:5d:0b:4d:b0:7b:09:ce:a5:99:54:82:b8:bb:f8: f7:3d:03:89:a8:b8:32:43:c1:99:ca:9e:70:fc:ac:c0:4e:07: 1c:29:c7:cf:e7:9d:7c:93:29:ae:b6:3e:dc:d2:06:09:96:da: 96:63:28:d2:f8:98:fd:ed:05:d3:4b:6b:c7:28:a0:ce:a1:7d: 48:40:a6:f7:39:ff:c3:02:87:76:59:da:9b:15:d0:45:22:ab: 65:da:cc:04:44:c1:d8:9b:83:a8:cd:43:fd:50:6a:2e:2d:d7: 1f:59:2a:86:df:22:af:41:33:aa:5e:b6:c8:90:8d:f5:30:c7: 42:8a:e1:eb:b6:e9:cb:9c:a7:3c:89:10:89:ba:40:c1:e9:29: c7:c6:23:db:de:d1:aa:9d:b6:0c:12:53:37:d3:60:79:b8:4b: 43:0c:7a:13 -----BEGIN CERTIFICATE----- MIIFDTCCA/WgAwIBAgISAZrwMAMgya/KqUdffcgPq8AWMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM5NzA0NzY5ZDA4N2Q5ZmU4Zjc5MGE2NTU1Y2I0ZmJlZmNk MjRkMzgwHhcNMjUxMjA1MjAyNDI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0MGMyZDUyYTBjMDAwZDJiMGQ2ZDk0NTc3MGM3YjRjNTIwM2RjN2YwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3njVIKmNcoPFrK9TmTPb13kzxnom Mt/z1E/LCGvEQETTrPZmphekBUvG8hAr2nipkOSy4GfG3qTGYwEaaCXHL+9LqJUM Mry92FOyjdFE1K7rOXlQvVAMtVM5z275gX7E6qQ6b6RNZLWtDJZr93c8oYZEiub0 tjms52scXGQpUkRwz0KKn3EKkqAWQBQGJAKtFx1uValOkFCAars0QyhibDQhwl76 izwnc2neqFpMw8JpGasIDIy8pmBFUGOLOJ+lBnr9/iRZGW2lnLd7ZsW16qI6haN0 9dTjvZTvomp9AJy78T7rgK890y2I3Df+/KuO7ynJJKnyuyxGAF7MhAmddwIDAQAB o4ICGTCCAhUwHQYDVR0OBBYEFEDC1SoMAA0rDW2UV3DHtMUgPcfwMB8GA1UdIwQY MBaAFDlwR2nQh9n+j3kKZVXLT7780k04MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT1hCSGFkQ0gyZjZQZVFwbFZjdFB2dnpTVFRnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8zZWFlYjQtZmI5OS00OTkzLTgxMjIt ZTQ1MzUwNDE0ZGRmLzEvUU1MVktnd0FEU3NOYlpSWGNNZTB4U0E5eF9BLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Mi8zZWFlYjQtZmI5OS00OTkzLTgxMjItZTQ1MzUwNDE0ZGRm LzEvT1hCSGFkQ0gyZjZQZVFwbFZjdFB2dnpTVFRnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQAAjo6MA4E AgACMAgDBgQqCeJEsDANBgkqhkiG9w0BAQsFAAOCAQEApiJ8M1vowsCSqLFaWmVq 8L5mqZxNzAHBC4EwISnzuaNczqqZN0HxZWrNnvSqeCXYxZNUcGnBj+IM8vIb0Z5U KHAujQEN9l/3SOMFFjHSf9n/GWBN8BAMOVS5RaIK+V0LTbB7Cc6lmVSCuLv49z0D iai4MkPBmcqecPyswE4HHCnHz+edfJMprrY+3NIGCZbalmMo0viY/e0F00trxyig zqF9SECm9zn/wwKHdlnamxXQRSKrZdrMBETB2JuDqM1D/VBqLi3XH1kqht8ir0Ez ql62yJCN9TDHQorh67bpy5ynPIkQibpAwekpx8Yj297Rqp22DBJTN9NgebhLQwx6 Ew== -----END CERTIFICATE-----Generated at Mon Dec 15 22:43:40 2025 by rpki-client