This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/507a57-4a62-4b95-b1a3-b4057621bba6/1/qc8zakw3V0RAhGeUNQ4Lf3nmhfk.roa File: qc8zakw3V0RAhGeUNQ4Lf3nmhfk.roa (raw, json) Hash identifier: U7mo9lo+x6LHfNvWFqZ8GIoqRWaFgK0B32ibHtJZ8IE= Subject key identifier: A9:CF:33:6A:4C:37:57:44:40:84:67:94:35:0E:0B:7F:79:E6:85:F9 Certificate issuer: /CN=aa4d72ecdc15378be717bb4ca0971070d57649a3 Certificate serial: 019B7F15668D344DBAAE5ACF50D902B2B73F Authority key identifier: AA:4D:72:EC:DC:15:37:8B:E7:17:BB:4C:A0:97:10:70:D5:76:49:A3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qk1y7NwVN4vnF7tMoJcQcNV2SaM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/507a57-4a62-4b95-b1a3-b4057621bba6/1/qc8zakw3V0RAhGeUNQ4Lf3nmhfk.roa Signing time: Fri 02 Jan 2026 14:21:07 +0000 ROA not before: Fri 02 Jan 2026 14:21:07 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 215662 IP address blocks: 45.85.152.0/23 maxlen: 23 45.85.152.0/24 maxlen: 24 45.85.153.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/88/507a57-4a62-4b95-b1a3-b4057621bba6/1/qk1y7NwVN4vnF7tMoJcQcNV2SaM.crl rsync://rpki.ripe.net/repository/DEFAULT/88/507a57-4a62-4b95-b1a3-b4057621bba6/1/qk1y7NwVN4vnF7tMoJcQcNV2SaM.mft rsync://rpki.ripe.net/repository/DEFAULT/qk1y7NwVN4vnF7tMoJcQcNV2SaM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 23:00:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:15:66:8d:34:4d:ba:ae:5a:cf:50:d9:02:b2:b7:3f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=aa4d72ecdc15378be717bb4ca0971070d57649a3 Validity Not Before: Jan 2 14:21:07 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=a9cf336a4c37574440846794350e0b7f79e685f9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:9e:94:5f:06:c7:3b:59:60:20:7d:a7:63:15: 5b:78:7a:e2:04:7f:04:4a:ec:55:b1:34:5e:06:65: e7:fe:0a:c7:6f:4d:82:05:fd:10:1e:45:fd:bd:d9: 10:06:67:1d:f8:5a:de:65:82:c2:f8:04:e0:34:b9: 48:fb:71:07:00:b2:53:e9:e9:e7:8d:9a:c7:ca:e0: 39:cd:39:ff:83:9d:19:10:23:61:34:97:fc:97:8c: 27:e6:5c:1b:48:da:58:e8:b2:22:99:f5:6a:d7:cf: 3d:9c:b3:ef:29:cb:95:f3:31:e6:2c:03:1d:bf:41: ed:07:97:9b:0c:d2:6b:7c:6c:2f:e3:e4:5a:76:fa: 98:8b:28:69:f4:d5:18:16:55:0b:b5:a5:0a:a4:17: f1:37:76:05:54:c5:d3:58:af:d2:eb:68:07:c7:ee: 3f:17:99:b0:6b:a9:83:06:f8:a0:7a:a1:97:f7:c5: 81:ed:7d:ab:ce:ef:09:78:56:77:66:10:cc:28:58: 8b:0d:14:77:55:10:82:fe:af:45:68:8c:cf:86:94: 28:31:8c:de:97:fe:d1:33:49:24:db:24:a2:ce:35: c5:71:28:6d:0d:6b:85:45:df:14:89:74:d5:ae:f0: 45:30:66:39:72:42:cd:15:02:1d:9d:7f:9b:b4:78: 84:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A9:CF:33:6A:4C:37:57:44:40:84:67:94:35:0E:0B:7F:79:E6:85:F9 X509v3 Authority Key Identifier: keyid:AA:4D:72:EC:DC:15:37:8B:E7:17:BB:4C:A0:97:10:70:D5:76:49:A3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qk1y7NwVN4vnF7tMoJcQcNV2SaM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/507a57-4a62-4b95-b1a3-b4057621bba6/1/qc8zakw3V0RAhGeUNQ4Lf3nmhfk.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/88/507a57-4a62-4b95-b1a3-b4057621bba6/1/qk1y7NwVN4vnF7tMoJcQcNV2SaM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.85.152.0/23 Signature Algorithm: sha256WithRSAEncryption 22:75:08:2a:27:55:36:87:40:1a:de:85:03:01:fc:df:5f:96: 8b:9a:38:3b:1d:21:97:b2:66:32:16:10:86:fa:20:1c:a3:e7: 37:b0:14:50:f0:e1:1e:f2:88:e7:12:bb:52:79:fe:c7:f2:25: 16:b5:a9:18:91:8c:9a:e8:70:a6:26:27:c1:80:27:18:61:c3: 85:f2:dd:d5:49:6a:ef:52:09:14:8d:c6:04:2d:6d:b6:18:73: de:a7:83:83:33:71:94:c5:a1:9b:92:a1:9c:09:b3:c7:32:3a: 49:20:2e:96:bc:36:9e:d1:ed:2d:66:2e:a0:00:83:65:b7:c1: a0:c9:dd:9c:f3:02:db:49:f1:dd:9a:e4:47:0d:47:3b:b3:d4: ac:59:11:a1:a3:9f:67:ab:50:bc:49:f6:97:d7:e5:74:c3:33: 59:68:2b:24:91:02:92:8f:14:b6:b5:8a:87:f5:c3:38:a1:ec: ca:14:62:18:d0:12:cf:5c:88:08:b6:d3:af:6d:58:9a:fd:cd: 43:26:b5:90:a1:f9:7d:9f:85:a6:35:f2:2c:95:0e:88:9f:5f: aa:9c:fa:4e:10:cb:98:31:ed:49:b6:be:ed:29:a4:3e:75:cf: ad:eb:68:2f:76:2d:33:84:a2:e8:c8:43:0d:6f:05:be:c9:2d: 21:f0:61:19 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt/FWaNNE26rlrPUNkCsrc/MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFhNGQ3MmVjZGMxNTM3OGJlNzE3YmI0Y2EwOTcxMDcwZDU3 NjQ5YTMwHhcNMjYwMTAyMTQyMTA3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhOWNmMzM2YTRjMzc1NzQ0NDA4NDY3OTQzNTBlMGI3Zjc5ZTY4NWY5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyZ6UXwbHO1lgIH2nYxVbeHriBH8E SuxVsTReBmXn/grHb02CBf0QHkX9vdkQBmcd+FreZYLC+ATgNLlI+3EHALJT6enn jZrHyuA5zTn/g50ZECNhNJf8l4wn5lwbSNpY6LIimfVq1889nLPvKcuV8zHmLAMd v0HtB5ebDNJrfGwv4+RadvqYiyhp9NUYFlULtaUKpBfxN3YFVMXTWK/S62gHx+4/ F5mwa6mDBvigeqGX98WB7X2rzu8JeFZ3ZhDMKFiLDRR3VRCC/q9FaIzPhpQoMYze l/7RM0kk2ySizjXFcShtDWuFRd8UiXTVrvBFMGY5ckLNFQIdnX+btHiEEwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFKnPM2pMN1dEQIRnlDUOC3955oX5MB8GA1UdIwQY MBaAFKpNcuzcFTeL5xe7TKCXEHDVdkmjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcWsxeTdOd1ZONHZuRjd0TW9KY1FjTlYyU2FNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC81MDdhNTctNGE2Mi00Yjk1LWIxYTMt YjQwNTc2MjFiYmE2LzEvcWM4emFrdzNWMFJBaEdlVU5RNExmM25taGZrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84OC81MDdhNTctNGE2Mi00Yjk1LWIxYTMtYjQwNTc2MjFiYmE2 LzEvcWsxeTdOd1ZONHZuRjd0TW9KY1FjTlYyU2FNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLVWYMA0G CSqGSIb3DQEBCwUAA4IBAQAidQgqJ1U2h0Aa3oUDAfzfX5aLmjg7HSGXsmYyFhCG +iAco+c3sBRQ8OEe8ojnErtSef7H8iUWtakYkYya6HCmJifBgCcYYcOF8t3VSWrv UgkUjcYELW22GHPep4ODM3GUxaGbkqGcCbPHMjpJIC6WvDae0e0tZi6gAINlt8Gg yd2c8wLbSfHdmuRHDUc7s9SsWRGho59nq1C8SfaX1+V0wzNZaCskkQKSjxS2tYqH 9cM4oezKFGIY0BLPXIgIttOvbVia/c1DJrWQofl9n4WmNfIslQ6In1+qnPpOEMuY Me1Jtr7tKaQ+dc+t62gvdi0zhKLoyEMNbwW+yS0h8GEZ -----END CERTIFICATE-----Generated at Tue Jan 27 09:56:51 2026 by rpki-client