This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/qaa7XoBjPtxB2mJtEyZIRis4744.roa File: qaa7XoBjPtxB2mJtEyZIRis4744.roa (raw, json) Hash identifier: 0IZcqVDCPsXLP5TW1CpR3jk7qNd7eimTXk9WZmMCh0w= Subject key identifier: A9:A6:BB:5E:80:63:3E:DC:41:DA:62:6D:13:26:48:46:2B:38:EF:8E Certificate issuer: /CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa Certificate serial: 019B7F1599C2B1C15262215148558F64A913 Authority key identifier: 6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/qaa7XoBjPtxB2mJtEyZIRis4744.roa Signing time: Fri 02 Jan 2026 14:21:20 +0000 ROA not before: Fri 02 Jan 2026 14:21:20 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 9121 IP address blocks: 2.17.224.0/22 maxlen: 22 2.17.228.0/22 maxlen: 22 2.17.232.0/22 maxlen: 22 2.17.236.0/22 maxlen: 22 2.20.24.0/22 maxlen: 22 2a02:26f0:c700::/48 maxlen: 48 2a02:26f0:cb00::/48 maxlen: 48 2a02:26f0:d100::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.mft rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 07:45:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:15:99:c2:b1:c1:52:62:21:51:48:55:8f:64:a9:13 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa Validity Not Before: Jan 2 14:21:20 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=a9a6bb5e80633edc41da626d132648462b38ef8e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8c:20:75:9d:7c:27:52:61:db:25:10:ad:0a:e0: 88:28:7a:56:6c:22:1e:96:9f:6b:a3:69:88:3d:00: 93:02:d2:98:3f:50:fb:9e:77:ff:53:ea:b3:3d:ab: 5f:48:f2:8f:09:f8:3a:52:95:fb:57:98:e8:23:e0: 9f:51:9f:68:b3:40:1b:e3:77:2a:55:ba:42:d0:2a: 62:3a:b6:15:a3:b9:40:b0:e1:1e:1f:3b:81:74:31: 38:28:d0:05:bf:08:55:e9:34:d4:14:d4:35:44:d5: a3:52:91:19:71:8d:fd:d3:9b:69:0b:00:5a:5f:81: a7:c6:93:4a:e6:c2:72:5c:7e:4e:79:56:88:58:b5: 2d:ce:c7:11:25:39:7f:7e:33:d3:96:73:d6:4f:b6: 31:bf:17:47:5f:2f:4e:81:90:ad:6e:18:7e:12:42: 33:e2:17:66:25:cd:21:bd:b7:94:68:6b:94:59:85: 47:26:b8:4d:6c:01:b0:95:53:39:01:44:fc:f4:03: a1:17:9f:32:9f:77:72:07:01:fa:22:c9:47:dd:b2: 30:97:2b:75:df:8f:54:c8:be:62:36:ed:f1:eb:1d: 9d:0e:52:72:0d:98:89:68:68:06:60:ea:54:26:18: f9:6a:73:a1:03:ce:6d:e4:e9:7b:78:6e:08:82:5c: b3:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A9:A6:BB:5E:80:63:3E:DC:41:DA:62:6D:13:26:48:46:2B:38:EF:8E X509v3 Authority Key Identifier: keyid:6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/qaa7XoBjPtxB2mJtEyZIRis4744.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 2.17.224.0/20 2.20.24.0/22 IPv6: 2a02:26f0:c700::/48 2a02:26f0:cb00::/48 2a02:26f0:d100::/48 Signature Algorithm: sha256WithRSAEncryption 97:9b:c5:aa:aa:97:59:97:12:9a:a4:79:07:40:e3:02:7d:79: dc:a3:8d:4a:6d:59:aa:90:63:b8:bb:db:f6:62:8b:90:3e:3b: 69:17:01:81:b5:97:35:67:0a:e7:89:fc:2b:27:a1:f4:c2:62: 9b:71:a9:94:c6:9c:27:98:9e:12:e8:9c:f9:40:36:c6:18:05: 13:e6:ad:2c:68:b6:f5:82:34:6e:7d:12:17:ba:26:6d:51:7f: d3:84:84:51:25:5f:1d:9d:9e:29:fb:cb:2c:ce:50:32:33:0f: 43:3d:9f:57:fb:a1:b1:47:e1:81:41:90:16:8d:d0:f5:00:6a: 9d:69:4d:5f:78:3b:17:80:9d:15:d4:5a:e4:28:7e:b6:e2:b5: 29:2c:96:22:c6:fd:2d:86:10:8a:49:6e:86:bd:eb:e0:e2:1e: f4:88:e9:66:01:55:71:ea:1c:0e:83:fc:ef:4a:a9:41:04:5f: 84:0e:86:ca:d4:96:42:1a:a3:1d:15:41:1b:99:90:63:2c:80: b4:17:c9:ba:7d:26:23:08:c0:20:b2:ac:b7:d3:c8:55:a6:15: f4:e7:a0:23:c0:ac:1e:ad:5a:63:27:c1:d7:9e:a8:d9:4f:64: 33:ba:ce:c1:ce:f2:4f:89:00:4e:1f:2a:70:b1:eb:19:6f:e1: b4:70:1d:5b -----BEGIN CERTIFICATE----- MIIFJjCCBA6gAwIBAgISAZt/FZnCscFSYiFRSFWPZKkTMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZiNWZjYmJlYTQ4OTM3YTQ0MmJhYmRiMzMwMjEzMmM0YmM5 YmQ2YWEwHhcNMjYwMTAyMTQyMTIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhOWE2YmI1ZTgwNjMzZWRjNDFkYTYyNmQxMzI2NDg0NjJiMzhlZjhlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjCB1nXwnUmHbJRCtCuCIKHpWbCIe lp9ro2mIPQCTAtKYP1D7nnf/U+qzPatfSPKPCfg6UpX7V5joI+CfUZ9os0Ab43cq VbpC0CpiOrYVo7lAsOEeHzuBdDE4KNAFvwhV6TTUFNQ1RNWjUpEZcY3905tpCwBa X4GnxpNK5sJyXH5OeVaIWLUtzscRJTl/fjPTlnPWT7YxvxdHXy9OgZCtbhh+EkIz 4hdmJc0hvbeUaGuUWYVHJrhNbAGwlVM5AUT89AOhF58yn3dyBwH6IslH3bIwlyt1 349UyL5iNu3x6x2dDlJyDZiJaGgGYOpUJhj5anOhA85t5Ol7eG4IglyzRQIDAQAB o4ICMjCCAi4wHQYDVR0OBBYEFKmmu16AYz7cQdpibRMmSEYrOO+OMB8GA1UdIwQY MBaAFGtfy76kiTekQrq9szAhMsS8m9aqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQt ODhkMWNhYzllNGYxLzEvcWFhN1hvQmpQdHhCMm1KdEV5WklSaXM0NzQ0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQtODhkMWNhYzllNGYx LzEvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzASBAIAATAMAwQEAhHgAwQC AhQYMCEEAgACMBsDBwAqAibwxwADBwAqAibwywADBwAqAibw0QAwDQYJKoZIhvcN AQELBQADggEBAJebxaqql1mXEpqkeQdA4wJ9edyjjUptWaqQY7i72/Zii5A+O2kX AYG1lzVnCueJ/CsnofTCYptxqZTGnCeYnhLonPlANsYYBRPmrSxotvWCNG59Ehe6 Jm1Rf9OEhFElXx2dnin7yyzOUDIzD0M9n1f7obFH4YFBkBaN0PUAap1pTV94OxeA nRXUWuQofrbitSksliLG/S2GEIpJboa96+DiHvSI6WYBVXHqHA6D/O9KqUEEX4QO hsrUlkIaox0VQRuZkGMsgLQXybp9JiMIwCCyrLfTyFWmFfTnoCPArB6tWmMnwdee qNlPZDO6zsHO8k+JAE4fKnCx6xlv4bRwHVs= -----END CERTIFICATE-----Generated at Wed Jan 21 10:28:43 2026 by rpki-client