This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/QL2-FGl2h6aGNuzGku1sE9aygbA.roa File: QL2-FGl2h6aGNuzGku1sE9aygbA.roa (raw, json) Hash identifier: ev/CjUVj7euzoaLtj2dLBdzImiyK6PbPHCZIgLvFCZM= Subject key identifier: 40:BD:BE:14:69:76:87:A6:86:36:EC:C6:92:ED:6C:13:D6:B2:81:B0 Certificate issuer: /CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f Certificate serial: 019B7910A07851F5DDDE5912D5E93642CE5E Authority key identifier: B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/QL2-FGl2h6aGNuzGku1sE9aygbA.roa Signing time: Thu 01 Jan 2026 10:18:11 +0000 ROA not before: Thu 01 Jan 2026 10:18:11 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 206300 IP address blocks: 2a12:bec4:1bd0::/44 maxlen: 44 2a12:bec4:1bd0::/48 maxlen: 48 2a12:bec4:1bd1::/48 maxlen: 48 2a12:bec4:1bd2::/48 maxlen: 48 2a12:bec4:1bd3::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.mft rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 12 Jan 2026 00:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:10:a0:78:51:f5:dd:de:59:12:d5:e9:36:42:ce:5e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f Validity Not Before: Jan 1 10:18:11 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=40bdbe14697687a68636ecc692ed6c13d6b281b0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:28:45:7b:f5:e9:63:49:a8:51:8b:18:2f:85: 7a:b8:44:af:a8:65:6b:d8:8b:bd:6b:b6:79:66:ff: d8:80:4f:93:01:dc:8f:b0:a1:3b:74:e9:c9:ab:45: 7e:d9:e4:f6:14:ce:93:45:16:4a:5b:f5:f8:d5:dd: 9d:b5:62:af:d7:92:eb:77:e4:63:79:31:f0:aa:e1: 9b:68:aa:b5:e8:f0:c1:fc:22:2c:f4:27:c3:6f:20: 3e:33:4c:2b:f6:64:59:b1:68:43:fd:c2:7f:07:06: 39:dd:41:f9:c1:de:d0:cd:11:3c:ff:69:8d:5d:74: 4c:d5:76:70:4f:6a:47:63:6b:a4:7b:3a:85:43:4b: 27:ee:6c:44:68:0c:58:ff:05:fa:b3:a3:7c:70:d5: f4:8d:ec:f0:e4:4e:33:6d:ee:d4:0b:8b:1f:72:11: 86:67:7a:3a:d8:84:9e:de:a2:9f:b0:64:1b:ac:04: f4:f1:56:e9:23:18:88:b3:4f:31:7e:ee:09:55:68: 9c:76:0a:91:46:b8:21:a6:fa:3f:29:1c:16:b6:1c: 03:57:48:04:2f:81:a8:b9:d6:5c:bb:23:6d:1e:44: 4f:46:b6:4a:9f:af:ee:62:7b:9a:9e:13:25:b6:85: 5c:8d:4d:f3:2c:f7:68:3a:4d:3c:62:4a:65:96:d1: 57:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:BD:BE:14:69:76:87:A6:86:36:EC:C6:92:ED:6C:13:D6:B2:81:B0 X509v3 Authority Key Identifier: keyid:B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/QL2-FGl2h6aGNuzGku1sE9aygbA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a12:bec4:1bd0::/44 Signature Algorithm: sha256WithRSAEncryption 36:c7:de:f1:4f:41:b2:86:7f:cf:c3:38:1b:78:f3:97:ce:1f: 5d:97:c9:e4:bb:79:46:68:79:8a:f5:80:a2:a6:91:82:ff:0c: c8:39:b4:74:11:03:7e:64:8c:ef:34:37:22:6a:c4:e7:65:14: e6:1d:38:83:dc:03:a6:79:8b:af:d9:69:88:db:70:c2:53:50: 59:64:19:9c:65:e9:9a:92:2c:03:76:35:ca:79:f7:36:d9:cd: 90:ec:8f:20:67:04:c5:54:15:c5:4f:93:ab:a4:ed:d3:c0:a3: e7:ea:ca:11:75:16:e5:1c:df:2d:fb:61:e0:9a:c2:49:62:42: 39:ce:07:10:36:03:e9:95:d3:37:5b:e5:0c:3d:b8:bf:8a:3c: 38:78:7a:98:26:fb:d9:89:43:13:d1:c3:9d:86:04:a4:6b:c0: eb:8a:79:33:75:ae:7c:da:37:0b:a3:87:c1:6a:73:f6:ac:85: cb:25:bb:5f:74:0c:f0:0e:33:09:1d:11:09:d1:4d:f9:0d:77: 60:d2:3c:0d:2c:51:2b:b5:eb:b0:51:49:7b:32:c3:d1:f2:6b: 73:29:63:67:9b:fc:86:70:1c:15:aa:dd:4c:59:a9:25:7e:19: 88:b4:f8:a6:3a:6d:22:76:b7:96:f8:97:81:d5:c2:d8:d5:96: 88:0a:73:c1 -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt5EKB4UfXd3lkS1ek2Qs5eMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIzN2UyMTVhNDE1ZWQ3YjVkZTRiNmRjMTJmMmY3Yjc3NTBj M2Q2NmYwHhcNMjYwMTAxMTAxODExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0MGJkYmUxNDY5NzY4N2E2ODYzNmVjYzY5MmVkNmMxM2Q2YjI4MWIwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsChFe/XpY0moUYsYL4V6uESvqGVr 2Iu9a7Z5Zv/YgE+TAdyPsKE7dOnJq0V+2eT2FM6TRRZKW/X41d2dtWKv15Lrd+Rj eTHwquGbaKq16PDB/CIs9CfDbyA+M0wr9mRZsWhD/cJ/BwY53UH5wd7QzRE8/2mN XXRM1XZwT2pHY2ukezqFQ0sn7mxEaAxY/wX6s6N8cNX0jezw5E4zbe7UC4sfchGG Z3o62ISe3qKfsGQbrAT08VbpIxiIs08xfu4JVWicdgqRRrghpvo/KRwWthwDV0gE L4GoudZcuyNtHkRPRrZKn6/uYnuanhMltoVcjU3zLPdoOk08YkplltFXkwIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFEC9vhRpdoemhjbsxpLtbBPWsoGwMB8GA1UdIwQY MBaAFLN+IVpBXte13kttwS8ve3dQw9ZvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQt NTUzNjljZjUwN2VlLzEvUUwyLUZHbDJoNmFHTnV6R2t1MXNFOWF5Z2JBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQtNTUzNjljZjUwN2Vl LzEvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhK+xBvQ MA0GCSqGSIb3DQEBCwUAA4IBAQA2x97xT0Gyhn/PwzgbePOXzh9dl8nku3lGaHmK 9YCippGC/wzIObR0EQN+ZIzvNDciasTnZRTmHTiD3AOmeYuv2WmI23DCU1BZZBmc ZemakiwDdjXKefc22c2Q7I8gZwTFVBXFT5OrpO3TwKPn6soRdRblHN8t+2HgmsJJ YkI5zgcQNgPpldM3W+UMPbi/ijw4eHqYJvvZiUMT0cOdhgSka8Drinkzda582jcL o4fBanP2rIXLJbtfdAzwDjMJHREJ0U35DXdg0jwNLFErteuwUUl7MsPR8mtzKWNn m/yGcBwVqt1MWaklfhmItPimOm0idreW+JeB1cLY1ZaICnPB -----END CERTIFICATE-----Generated at Sun Jan 11 07:31:23 2026 by rpki-client