This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/594e08-1665-4348-80a4-3be9a66972e7/1/QS-HbfHVwOboNvSjD7qE62Hr4KA.roa File: QS-HbfHVwOboNvSjD7qE62Hr4KA.roa (raw, json) Hash identifier: hPSMDrsX6eEkfCzcrrl0uCvcB1hd9Gv6m2p+Bfe7qjw= Subject key identifier: 41:2F:87:6D:F1:D5:C0:E6:E8:36:F4:A3:0F:BA:84:EB:61:EB:E0:A0 Certificate issuer: /CN=b63f9769df97b8b9aa88bd22e9f41cc27fcf16a7 Certificate serial: 019B7EA6F4AC29C28A68A74A8E80EAF658D9 Authority key identifier: B6:3F:97:69:DF:97:B8:B9:AA:88:BD:22:E9:F4:1C:C2:7F:CF:16:A7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tj-Xad-XuLmqiL0i6fQcwn_PFqc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/594e08-1665-4348-80a4-3be9a66972e7/1/QS-HbfHVwOboNvSjD7qE62Hr4KA.roa Signing time: Fri 02 Jan 2026 12:20:29 +0000 ROA not before: Fri 02 Jan 2026 12:20:29 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 204181 IP address blocks: 2001:67c:a10::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b8/594e08-1665-4348-80a4-3be9a66972e7/1/tj-Xad-XuLmqiL0i6fQcwn_PFqc.crl rsync://rpki.ripe.net/repository/DEFAULT/b8/594e08-1665-4348-80a4-3be9a66972e7/1/tj-Xad-XuLmqiL0i6fQcwn_PFqc.mft rsync://rpki.ripe.net/repository/DEFAULT/tj-Xad-XuLmqiL0i6fQcwn_PFqc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a6:f4:ac:29:c2:8a:68:a7:4a:8e:80:ea:f6:58:d9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b63f9769df97b8b9aa88bd22e9f41cc27fcf16a7 Validity Not Before: Jan 2 12:20:29 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=412f876df1d5c0e6e836f4a30fba84eb61ebe0a0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:69:d6:56:85:b4:bb:18:75:12:17:ae:ad:31: 1d:1f:c1:56:6b:c4:3a:84:72:fc:56:b1:84:61:d8: e4:e8:e6:1f:3f:bc:ac:ec:8e:49:1d:af:3a:c3:6e: cb:d8:46:0f:77:98:84:bb:5b:1a:48:4f:28:a8:d0: 30:c0:f8:3e:03:45:dd:2e:52:54:96:fa:e8:69:cb: 69:ed:c5:55:2f:86:28:27:cb:0c:fd:d5:6f:de:8b: 04:b4:15:60:85:41:d3:a3:23:7f:f3:e6:e3:63:91: df:3e:70:1a:2f:87:56:d3:bf:63:6d:c6:16:06:71: fb:94:8b:d0:0b:f4:b3:46:32:37:d8:85:72:29:77: 3b:ac:57:00:13:f2:6a:84:15:7a:d9:16:c0:ad:88: 4d:d2:22:55:85:53:67:f4:b8:18:9f:4f:f5:54:c4: 7a:4d:da:57:65:39:c6:b9:ac:21:73:df:57:3f:d9: aa:ec:af:6f:3e:6a:94:0e:e5:b1:5f:a6:e7:8f:fa: 0a:c1:c5:28:5c:24:f3:f3:b0:dc:47:5d:17:4b:16: 7b:b0:a2:3e:db:b9:dd:97:88:48:8e:bc:3e:ca:51: 7a:9e:60:c6:46:f8:43:4e:e8:5a:1f:11:f7:2f:57: 71:95:3f:c4:29:30:42:fc:ce:6d:cf:7c:48:20:37: 86:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 41:2F:87:6D:F1:D5:C0:E6:E8:36:F4:A3:0F:BA:84:EB:61:EB:E0:A0 X509v3 Authority Key Identifier: keyid:B6:3F:97:69:DF:97:B8:B9:AA:88:BD:22:E9:F4:1C:C2:7F:CF:16:A7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tj-Xad-XuLmqiL0i6fQcwn_PFqc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/594e08-1665-4348-80a4-3be9a66972e7/1/QS-HbfHVwOboNvSjD7qE62Hr4KA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/594e08-1665-4348-80a4-3be9a66972e7/1/tj-Xad-XuLmqiL0i6fQcwn_PFqc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:67c:a10::/48 Signature Algorithm: sha256WithRSAEncryption 33:53:b3:ad:0c:8f:a4:cc:2c:e6:00:d6:04:e4:fd:33:f6:af: 46:a7:dc:57:03:d1:b6:15:b2:b9:cc:8f:cb:e4:54:31:dd:ca: 4a:b0:0c:5a:ee:49:46:62:0c:f7:8c:7e:3d:93:da:e5:9d:20: 64:d5:26:be:37:a6:30:0a:01:18:11:68:39:a5:79:03:69:84: bc:62:97:aa:67:5b:ee:db:b8:e3:ba:2b:bd:ca:b7:65:a3:dd: 6e:0d:a2:2f:3e:bb:de:50:54:e1:07:f1:03:b8:dc:69:61:3a: 64:94:b1:93:22:56:67:3e:85:d0:ef:8c:4d:86:a4:48:e9:b3: e1:a9:f9:9f:ec:e8:54:48:0c:4b:2e:ad:56:2e:82:64:bd:14: 40:10:5d:79:96:fa:b6:99:b0:1c:7c:23:dc:5e:da:32:32:01: 74:31:7a:5d:18:a7:b7:49:b0:2d:5b:8d:52:91:10:6f:25:0a: 67:f1:37:02:55:47:49:02:d3:39:d4:d7:34:49:0a:13:46:eb: f1:fd:e1:03:9a:aa:ae:fe:23:c1:2a:ea:5b:6a:08:46:44:bc: ed:25:28:7a:a1:b3:1d:09:b4:6d:42:73:85:ef:c6:c9:c9:07: 7b:b2:19:e1:b9:30:47:29:65:eb:0e:7c:44:d8:14:e7:be:0a: 1b:f2:71:d0 -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt+pvSsKcKKaKdKjoDq9ljZMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI2M2Y5NzY5ZGY5N2I4YjlhYTg4YmQyMmU5ZjQxY2MyN2Zj ZjE2YTcwHhcNMjYwMTAyMTIyMDI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0MTJmODc2ZGYxZDVjMGU2ZTgzNmY0YTMwZmJhODRlYjYxZWJlMGEwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApmnWVoW0uxh1EheurTEdH8FWa8Q6 hHL8VrGEYdjk6OYfP7ys7I5JHa86w27L2EYPd5iEu1saSE8oqNAwwPg+A0XdLlJU lvroactp7cVVL4YoJ8sM/dVv3osEtBVghUHToyN/8+bjY5HfPnAaL4dW079jbcYW BnH7lIvQC/SzRjI32IVyKXc7rFcAE/JqhBV62RbArYhN0iJVhVNn9LgYn0/1VMR6 TdpXZTnGuawhc99XP9mq7K9vPmqUDuWxX6bnj/oKwcUoXCTz87DcR10XSxZ7sKI+ 27ndl4hIjrw+ylF6nmDGRvhDTuhaHxH3L1dxlT/EKTBC/M5tz3xIIDeGmQIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFEEvh23x1cDm6Db0ow+6hOth6+CgMB8GA1UdIwQY MBaAFLY/l2nfl7i5qoi9Iun0HMJ/zxanMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdGotWGFkLVh1TG1xaUwwaTZmUWN3bl9QRnFjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC81OTRlMDgtMTY2NS00MzQ4LTgwYTQt M2JlOWE2Njk3MmU3LzEvUVMtSGJmSFZ3T2JvTnZTakQ3cUU2MkhyNEtBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iOC81OTRlMDgtMTY2NS00MzQ4LTgwYTQtM2JlOWE2Njk3MmU3 LzEvdGotWGFkLVh1TG1xaUwwaTZmUWN3bl9QRnFjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAoQ MA0GCSqGSIb3DQEBCwUAA4IBAQAzU7OtDI+kzCzmANYE5P0z9q9Gp9xXA9G2FbK5 zI/L5FQx3cpKsAxa7klGYgz3jH49k9rlnSBk1Sa+N6YwCgEYEWg5pXkDaYS8Ypeq Z1vu27jjuiu9yrdlo91uDaIvPrveUFThB/EDuNxpYTpklLGTIlZnPoXQ74xNhqRI 6bPhqfmf7OhUSAxLLq1WLoJkvRRAEF15lvq2mbAcfCPcXtoyMgF0MXpdGKe3SbAt W41SkRBvJQpn8TcCVUdJAtM51Nc0SQoTRuvx/eEDmqqu/iPBKupbaghGRLztJSh6 obMdCbRtQnOF78bJyQd7shnhuTBHKWXrDnxE2BTnvgob8nHQ -----END CERTIFICATE-----Generated at Tue Feb 10 00:03:43 2026 by rpki-client