This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/ql_0xOJNp7TuaGV32FSaaBX6jcI.roa File: ql_0xOJNp7TuaGV32FSaaBX6jcI.roa (raw, json) Hash identifier: dX20BsCkrKQVNXo/002VmSi8ZOL83rkct6XfgtcL38A= Subject key identifier: AA:5F:F4:C4:E2:4D:A7:B4:EE:68:65:77:D8:54:9A:68:15:FA:8D:C2 Certificate issuer: /CN=826605b4d27f13968e8794e6ef091223748817d8 Certificate serial: 019A78B548B86015B1E6FEB0C00BA0E904EC Authority key identifier: 82:66:05:B4:D2:7F:13:96:8E:87:94:E6:EF:09:12:23:74:88:17:D8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/ql_0xOJNp7TuaGV32FSaaBX6jcI.roa Signing time: Wed 12 Nov 2025 15:35:37 +0000 ROA not before: Wed 12 Nov 2025 15:35:37 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 39855 IP address blocks: 168.199.0.0/24 maxlen: 24 168.199.1.0/24 maxlen: 24 168.199.2.0/23 maxlen: 24 168.199.4.0/24 maxlen: 24 168.199.5.0/24 maxlen: 24 168.199.6.0/23 maxlen: 24 168.199.8.0/24 maxlen: 24 168.199.9.0/24 maxlen: 24 168.199.10.0/23 maxlen: 24 168.199.13.0/24 maxlen: 24 168.199.14.0/23 maxlen: 24 168.199.17.0/24 maxlen: 24 168.199.22.0/23 maxlen: 24 168.199.24.0/24 maxlen: 24 168.199.25.0/24 maxlen: 24 168.199.26.0/24 maxlen: 24 168.199.27.0/24 maxlen: 24 168.199.28.0/24 maxlen: 24 168.199.29.0/24 maxlen: 24 168.199.30.0/24 maxlen: 24 168.199.31.0/24 maxlen: 24 168.199.32.0/24 maxlen: 24 168.199.33.0/24 maxlen: 24 168.199.34.0/24 maxlen: 24 168.199.35.0/24 maxlen: 24 168.199.36.0/24 maxlen: 24 168.199.37.0/24 maxlen: 24 168.199.38.0/24 maxlen: 24 168.199.39.0/24 maxlen: 24 168.199.40.0/24 maxlen: 24 168.199.41.0/24 maxlen: 24 168.199.42.0/24 maxlen: 24 168.199.43.0/24 maxlen: 24 168.199.44.0/24 maxlen: 24 168.199.45.0/24 maxlen: 24 168.199.46.0/24 maxlen: 24 168.199.47.0/24 maxlen: 24 168.199.48.0/23 maxlen: 24 168.199.51.0/24 maxlen: 24 168.199.52.0/23 maxlen: 24 168.199.55.0/24 maxlen: 24 168.199.56.0/23 maxlen: 24 168.199.59.0/24 maxlen: 24 168.199.60.0/23 maxlen: 24 168.199.63.0/24 maxlen: 24 168.199.96.0/24 maxlen: 24 168.199.97.0/24 maxlen: 24 168.199.98.0/24 maxlen: 24 168.199.99.0/24 maxlen: 24 168.199.100.0/24 maxlen: 24 168.199.101.0/24 maxlen: 24 168.199.102.0/24 maxlen: 24 168.199.103.0/24 maxlen: 24 168.199.104.0/24 maxlen: 24 168.199.105.0/24 maxlen: 24 168.199.106.0/24 maxlen: 24 168.199.107.0/24 maxlen: 24 168.199.108.0/24 maxlen: 24 168.199.109.0/24 maxlen: 24 168.199.110.0/24 maxlen: 24 168.199.111.0/24 maxlen: 24 168.199.112.0/23 maxlen: 24 168.199.114.0/24 maxlen: 24 168.199.115.0/24 maxlen: 24 168.199.116.0/23 maxlen: 24 168.199.119.0/24 maxlen: 24 168.199.120.0/23 maxlen: 24 168.199.123.0/24 maxlen: 24 168.199.124.0/23 maxlen: 24 168.199.126.0/24 maxlen: 24 168.199.127.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.crl rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.mft rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 30 Nov 2025 16:18:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:78:b5:48:b8:60:15:b1:e6:fe:b0:c0:0b:a0:e9:04:ec Signature Algorithm: sha256WithRSAEncryption Issuer: CN=826605b4d27f13968e8794e6ef091223748817d8 Validity Not Before: Nov 12 15:35:37 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=aa5ff4c4e24da7b4ee686577d8549a6815fa8dc2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:c6:9f:67:b9:d2:18:99:ed:4b:2b:98:e9:ea: 41:95:eb:6f:83:75:53:3a:02:fd:eb:b5:47:ff:f4: ec:c6:29:b3:86:14:8b:0e:d2:d5:9f:ee:11:c8:c4: 94:16:3f:d3:d0:ef:b1:f9:a9:61:ce:22:79:53:94: 17:d3:60:92:0a:c0:11:36:64:6e:17:47:15:b1:1b: 6d:72:86:75:29:4d:0e:ce:80:f2:15:3f:51:d2:15: 9c:89:77:29:9d:77:2e:53:08:53:2c:f2:50:98:5c: 0a:02:c0:1b:64:c4:16:49:41:0b:83:be:01:1e:7c: 03:99:c6:8c:9d:fb:c9:e8:db:8b:1b:d3:28:7f:32: 92:1a:b4:a5:27:7f:43:53:60:81:f8:00:a0:38:55: 26:8a:8e:69:b1:65:83:e4:35:b7:43:e5:f6:f5:cf: cd:26:f1:b9:08:e7:ad:2d:fc:79:a7:39:ca:72:d2: 1f:e2:eb:a1:39:5e:ec:3a:f6:44:6d:22:6c:8c:0c: 86:a8:3e:c8:c0:43:e7:bb:4d:17:27:0d:40:fc:4a: b9:83:d3:b0:f4:b5:8e:4d:63:6d:b3:0b:05:0d:a9: f4:03:6e:79:21:f7:2d:e4:9c:f4:ca:34:0b:b7:1f: 14:ea:a6:62:3a:84:47:cc:7b:43:49:7e:d3:01:53: 0b:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AA:5F:F4:C4:E2:4D:A7:B4:EE:68:65:77:D8:54:9A:68:15:FA:8D:C2 X509v3 Authority Key Identifier: keyid:82:66:05:B4:D2:7F:13:96:8E:87:94:E6:EF:09:12:23:74:88:17:D8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/ql_0xOJNp7TuaGV32FSaaBX6jcI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 168.199.0.0-168.199.11.255 168.199.13.0-168.199.15.255 168.199.17.0/24 168.199.22.0-168.199.49.255 168.199.51.0-168.199.53.255 168.199.55.0-168.199.57.255 168.199.59.0-168.199.61.255 168.199.63.0/24 168.199.96.0-168.199.117.255 168.199.119.0-168.199.121.255 168.199.123.0-168.199.127.255 Signature Algorithm: sha256WithRSAEncryption 4e:2d:53:58:03:ca:a4:67:47:db:da:96:91:6e:82:c8:7c:2b: 5c:1a:23:3b:8b:c9:57:6b:4e:93:12:e4:ec:f3:82:da:a8:55: 66:70:7b:11:c8:f8:14:b0:99:df:32:81:27:eb:58:2b:79:40: c9:80:44:3b:fe:54:f5:bc:1e:8e:0a:51:3a:71:48:a2:67:bd: 92:cb:ff:30:4e:cc:d1:f4:b7:9e:db:f8:37:f4:0f:9b:2b:1f: 3c:31:fe:c0:a7:3c:da:2a:1e:84:59:ae:7d:bd:cc:fc:b6:13: 93:4f:8a:25:21:26:5e:4d:f5:7d:82:2b:fd:64:c8:4c:f5:3b: 83:a9:5e:88:8e:d2:0c:c7:a2:5a:1d:75:6d:a0:e6:91:b9:69: 2c:0d:66:19:20:ae:db:bc:43:68:ca:5d:4d:9e:4c:2b:d7:66: 73:f5:fb:93:f7:f0:bc:38:1c:65:64:62:8b:57:56:fa:ce:51: b8:6b:15:4c:eb:63:dc:a1:51:e7:e4:60:a1:d2:01:0f:97:f7: b8:a9:3a:d9:0b:68:6b:00:b0:b8:19:db:ac:c5:9d:37:90:66: aa:45:cc:b9:a7:fb:08:69:46:55:a9:1c:2b:20:86:d1:37:9f: 1c:c6:b8:c0:50:42:5c:eb:b0:30:9c:f3:60:4b:d6:b8:13:d1: f1:10:9e:c2 -----BEGIN CERTIFICATE----- MIIFhTCCBG2gAwIBAgISAZp4tUi4YBWx5v6wwAug6QTsMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDgyNjYwNWI0ZDI3ZjEzOTY4ZTg3OTRlNmVmMDkxMjIzNzQ4 ODE3ZDgwHhcNMjUxMTEyMTUzNTM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhYTVmZjRjNGUyNGRhN2I0ZWU2ODY1NzdkODU0OWE2ODE1ZmE4ZGMyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs8afZ7nSGJntSyuY6epBletvg3VT OgL967VH//TsximzhhSLDtLVn+4RyMSUFj/T0O+x+alhziJ5U5QX02CSCsARNmRu F0cVsRttcoZ1KU0OzoDyFT9R0hWciXcpnXcuUwhTLPJQmFwKAsAbZMQWSUELg74B HnwDmcaMnfvJ6NuLG9MofzKSGrSlJ39DU2CB+ACgOFUmio5psWWD5DW3Q+X29c/N JvG5COetLfx5pznKctIf4uuhOV7sOvZEbSJsjAyGqD7IwEPnu00XJw1A/Eq5g9Ow 9LWOTWNtswsFDan0A255Ifct5Jz0yjQLtx8U6qZiOoRHzHtDSX7TAVMLqwIDAQAB o4ICkTCCAo0wHQYDVR0OBBYEFKpf9MTiTae07mhld9hUmmgV+o3CMB8GA1UdIwQY MBaAFIJmBbTSfxOWjoeU5u8JEiN0iBfYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZ21ZRnROSl9FNWFPaDVUbTd3a1NJM1NJRjlnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9mYmNjMzItMzNjOC00MWZmLTg5ZmEt MmQxOTE4YmExYzBlLzEvcWxfMHhPSk5wN1R1YUdWMzJGU2FhQlg2amNJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Ny9mYmNjMzItMzNjOC00MWZmLTg5ZmEtMmQxOTE4YmExYzBl LzEvZ21ZRnROSl9FNWFPaDVUbTd3a1NJM1NJRjlnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIGmBggrBgEFBQcBBwEB/wSBljCBkzCBkAQCAAEwgYkwCwMD AKjHAwQCqMcIMAwDBACoxw0DBASoxwADBACoxxEwDAMEAajHFgMEAajHMDAMAwQA qMczAwQBqMc0MAwDBACoxzcDBAGoxzgwDAMEAKjHOwMEAajHPAMEAKjHPzAMAwQF qMdgAwQBqMd0MAwDBACox3cDBAGox3gwDAMEAKjHewMEB6jHADANBgkqhkiG9w0B AQsFAAOCAQEATi1TWAPKpGdH29qWkW6CyHwrXBojO4vJV2tOkxLk7POC2qhVZnB7 Ecj4FLCZ3zKBJ+tYK3lAyYBEO/5U9bwejgpROnFIome9ksv/ME7M0fS3ntv4N/QP mysfPDH+wKc82ioehFmufb3M/LYTk0+KJSEmXk31fYIr/WTITPU7g6leiI7SDMei Wh11baDmkblpLA1mGSCu27xDaMpdTZ5MK9dmc/X7k/fwvDgcZWRii1dW+s5RuGsV TOtj3KFR5+RgodIBD5f3uKk62QtoawCwuBnbrMWdN5BmqkXMuaf7CGlGVakcKyCG 0TefHMa4wFBCXOuwMJzzYEvWuBPR8RCewg== -----END CERTIFICATE-----Generated at Sat Nov 29 23:18:25 2025 by rpki-client