This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/790cee-d54e-4598-8bc1-2170c5c1d3ed/1/QYAHCBRM8EgpLd4QrnaJwLlcTLc.roa File: QYAHCBRM8EgpLd4QrnaJwLlcTLc.roa (raw, json) Hash identifier: xqjfeJepdMLIOn6HjKXxzAl/Wm+IlrawB25mUwSfoiA= Subject key identifier: 41:80:07:08:14:4C:F0:48:29:2D:DE:10:AE:76:89:C0:B9:5C:4C:B7 Certificate issuer: /CN=4ddb3dcdf5e6bee09825c37bf3b8bdf28b6fb593 Certificate serial: 019B7FF282CF06D84CF264B4EDD122AE5AA5 Authority key identifier: 4D:DB:3D:CD:F5:E6:BE:E0:98:25:C3:7B:F3:B8:BD:F2:8B:6F:B5:93 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tds9zfXmvuCYJcN787i98otvtZM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/790cee-d54e-4598-8bc1-2170c5c1d3ed/1/QYAHCBRM8EgpLd4QrnaJwLlcTLc.roa Signing time: Fri 02 Jan 2026 18:22:38 +0000 ROA not before: Fri 02 Jan 2026 18:22:38 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 57494 IP address blocks: 5.129.192.0/24 maxlen: 24 5.129.207.0/24 maxlen: 24 5.129.211.0/24 maxlen: 24 5.129.212.0/24 maxlen: 24 5.129.213.0/24 maxlen: 24 5.129.215.0/24 maxlen: 24 5.129.220.0/24 maxlen: 24 5.129.221.0/24 maxlen: 24 5.129.222.0/24 maxlen: 24 5.129.223.0/24 maxlen: 24 5.129.248.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7f/790cee-d54e-4598-8bc1-2170c5c1d3ed/1/Tds9zfXmvuCYJcN787i98otvtZM.crl rsync://rpki.ripe.net/repository/DEFAULT/7f/790cee-d54e-4598-8bc1-2170c5c1d3ed/1/Tds9zfXmvuCYJcN787i98otvtZM.mft rsync://rpki.ripe.net/repository/DEFAULT/Tds9zfXmvuCYJcN787i98otvtZM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 12:00:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:f2:82:cf:06:d8:4c:f2:64:b4:ed:d1:22:ae:5a:a5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4ddb3dcdf5e6bee09825c37bf3b8bdf28b6fb593 Validity Not Before: Jan 2 18:22:38 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=41800708144cf048292dde10ae7689c0b95c4cb7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:0c:ca:15:39:cf:11:09:61:e8:91:05:c1:38: db:e8:27:ab:02:43:9c:5f:b2:38:33:7b:bb:d9:3c: 52:27:a3:39:dd:f8:8c:9a:e3:e7:ba:27:09:46:c7: 69:51:cf:fd:c6:df:48:14:7d:13:61:02:ae:79:a6: 1a:ba:72:71:96:32:62:df:68:d4:f4:69:b5:e4:ed: b1:30:14:15:e1:eb:69:6b:24:be:60:d5:a2:b5:68: 79:0b:06:33:75:a7:25:85:13:8c:80:4a:e3:68:ff: 89:cd:92:36:cc:5e:bc:72:fd:71:36:46:af:4c:e2: 2f:8e:b9:db:dd:fe:bf:c7:d5:68:ec:47:fa:89:18: c0:87:23:aa:21:ca:ce:c3:48:ce:e7:62:dd:95:f1: 63:66:32:04:f9:90:0a:dc:85:e9:a0:d1:df:66:c7: 87:bb:70:f9:05:ee:9d:4f:91:01:4f:f5:bf:06:ee: 54:7b:96:ac:a8:22:96:c7:6a:09:a4:65:3a:3f:5b: ab:97:a7:2c:e5:19:80:fc:f2:2c:8d:77:90:4e:c4: 15:63:1e:0d:40:3a:39:52:e4:93:58:fd:fe:0c:8f: 9d:0f:dc:e7:81:51:b7:f1:45:68:b6:fd:65:cb:4e: 22:7d:73:ba:74:7b:a2:05:f3:98:73:5d:98:cd:e5: 0f:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 41:80:07:08:14:4C:F0:48:29:2D:DE:10:AE:76:89:C0:B9:5C:4C:B7 X509v3 Authority Key Identifier: keyid:4D:DB:3D:CD:F5:E6:BE:E0:98:25:C3:7B:F3:B8:BD:F2:8B:6F:B5:93 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tds9zfXmvuCYJcN787i98otvtZM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/790cee-d54e-4598-8bc1-2170c5c1d3ed/1/QYAHCBRM8EgpLd4QrnaJwLlcTLc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/790cee-d54e-4598-8bc1-2170c5c1d3ed/1/Tds9zfXmvuCYJcN787i98otvtZM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.129.192.0/24 5.129.207.0/24 5.129.211.0-5.129.213.255 5.129.215.0/24 5.129.220.0/22 5.129.248.0/24 Signature Algorithm: sha256WithRSAEncryption 10:ff:8a:89:87:2d:63:26:df:db:9d:b7:3c:17:4e:23:5e:7b: 6d:ed:da:25:b5:62:ad:be:9b:0f:77:7c:ca:5d:57:3b:5a:de: 47:63:1b:48:96:64:6a:c2:6b:e6:87:91:c8:03:6e:9d:11:cd: f5:5e:98:5d:a3:48:70:47:30:e8:94:a5:59:51:26:3c:f3:db: 57:16:f8:e6:b1:78:a7:de:52:a9:94:bf:ea:4d:56:02:15:98: 18:5d:7c:a3:b7:22:37:18:11:c3:77:8a:cd:a1:c5:8b:e0:ad: 60:36:05:88:fd:90:5a:94:26:b6:6b:d6:aa:11:44:c2:43:31: 91:c5:c2:ec:8e:e1:fb:17:7b:a1:fc:90:dc:e3:06:bb:df:55: 9f:df:ed:e1:94:26:03:97:df:d6:e5:a7:a4:a1:be:60:26:5b: 1e:a7:ea:18:6b:0e:ef:a4:20:bb:a0:38:88:3d:32:65:18:88: 26:0d:7b:61:6c:e7:81:40:f3:90:1e:fa:ba:3f:d9:9d:06:5e: e5:8d:77:ac:81:02:be:11:ae:d0:27:3a:bc:1f:ea:ff:b8:c8: f1:63:24:3a:f4:30:bd:b5:ed:36:95:e5:04:eb:98:a6:d9:59: af:e6:32:a7:69:17:26:98:49:03:18:4a:a8:91:ad:13:50:7f: 9c:3b:1d:b3 -----BEGIN CERTIFICATE----- MIIFIzCCBAugAwIBAgISAZt/8oLPBthM8mS07dEirlqlMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRkZGIzZGNkZjVlNmJlZTA5ODI1YzM3YmYzYjhiZGYyOGI2 ZmI1OTMwHhcNMjYwMTAyMTgyMjM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0MTgwMDcwODE0NGNmMDQ4MjkyZGRlMTBhZTc2ODljMGI5NWM0Y2I3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvgzKFTnPEQlh6JEFwTjb6CerAkOc X7I4M3u72TxSJ6M53fiMmuPnuicJRsdpUc/9xt9IFH0TYQKueaYaunJxljJi32jU 9Gm15O2xMBQV4etpayS+YNWitWh5CwYzdaclhROMgErjaP+JzZI2zF68cv1xNkav TOIvjrnb3f6/x9Vo7Ef6iRjAhyOqIcrOw0jO52LdlfFjZjIE+ZAK3IXpoNHfZseH u3D5Be6dT5EBT/W/Bu5Ue5asqCKWx2oJpGU6P1url6cs5RmA/PIsjXeQTsQVYx4N QDo5UuSTWP3+DI+dD9zngVG38UVotv1ly04ifXO6dHuiBfOYc12YzeUPVwIDAQAB o4ICLzCCAiswHQYDVR0OBBYEFEGABwgUTPBIKS3eEK52icC5XEy3MB8GA1UdIwQY MBaAFE3bPc315r7gmCXDe/O4vfKLb7WTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVGRzOXpmWG12dUNZSmNONzg3aTk4b3R2dFpNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi83OTBjZWUtZDU0ZS00NTk4LThiYzEt MjE3MGM1YzFkM2VkLzEvUVlBSENCUk04RWdwTGQ0UXJuYUp3TGxjVExjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83Zi83OTBjZWUtZDU0ZS00NTk4LThiYzEtMjE3MGM1YzFkM2Vk LzEvVGRzOXpmWG12dUNZSmNONzg3aTk4b3R2dFpNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQABYHAAwQA BYHPMAwDBAAFgdMDBAEFgdQDBAAFgdcDBAIFgdwDBAAFgfgwDQYJKoZIhvcNAQEL BQADggEBABD/iomHLWMm39udtzwXTiNee23t2iW1Yq2+mw93fMpdVzta3kdjG0iW ZGrCa+aHkcgDbp0RzfVemF2jSHBHMOiUpVlRJjzz21cW+OaxeKfeUqmUv+pNVgIV mBhdfKO3IjcYEcN3is2hxYvgrWA2BYj9kFqUJrZr1qoRRMJDMZHFwuyO4fsXe6H8 kNzjBrvfVZ/f7eGUJgOX39blp6ShvmAmWx6n6hhrDu+kILugOIg9MmUYiCYNe2Fs 54FA85Ae+ro/2Z0GXuWNd6yBAr4RrtAnOrwf6v+4yPFjJDr0ML217TaV5QTrmKbZ Wa/mMqdpFyaYSQMYSqiRrRNQf5w7HbM= -----END CERTIFICATE-----Generated at Wed Jan 21 16:57:13 2026 by rpki-client