This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/qz9PIkYKwP9WQn8ECobRGBHsRvQ.roa File: qz9PIkYKwP9WQn8ECobRGBHsRvQ.roa (raw, json) Hash identifier: UZfIONpLoP6LhX/7gUJb7axOulXZjtNAWJUg7Z+a+S4= Subject key identifier: AB:3F:4F:22:46:0A:C0:FF:56:42:7F:04:0A:86:D1:18:11:EC:46:F4 Certificate issuer: /CN=4b529a4d22faef23135d6eff8912266623c49255 Certificate serial: 019B7EA6BEE3EF27DDF373663BC6368078A4 Authority key identifier: 4B:52:9A:4D:22:FA:EF:23:13:5D:6E:FF:89:12:26:66:23:C4:92:55 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S1KaTSL67yMTXW7_iRImZiPEklU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/qz9PIkYKwP9WQn8ECobRGBHsRvQ.roa Signing time: Fri 02 Jan 2026 12:20:15 +0000 ROA not before: Fri 02 Jan 2026 12:20:15 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 205020 IP address blocks: 5.11.28.0/22 maxlen: 22 5.11.28.0/23 maxlen: 23 5.11.28.0/24 maxlen: 24 5.11.29.0/24 maxlen: 24 5.11.30.0/23 maxlen: 23 5.11.30.0/24 maxlen: 24 80.251.0.0/20 maxlen: 20 85.31.64.0/19 maxlen: 19 85.31.75.0/24 maxlen: 24 85.31.94.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/S1KaTSL67yMTXW7_iRImZiPEklU.crl rsync://rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/S1KaTSL67yMTXW7_iRImZiPEklU.mft rsync://rpki.ripe.net/repository/DEFAULT/S1KaTSL67yMTXW7_iRImZiPEklU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 12:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a6:be:e3:ef:27:dd:f3:73:66:3b:c6:36:80:78:a4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4b529a4d22faef23135d6eff8912266623c49255 Validity Not Before: Jan 2 12:20:15 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=ab3f4f22460ac0ff56427f040a86d11811ec46f4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:24:da:c2:4f:7c:96:3c:ea:5e:21:10:3b:24: b9:52:24:4a:de:64:22:1b:f1:b9:91:a8:79:93:b4: 7f:f0:06:13:9b:a8:8d:70:4a:8e:6a:40:d4:c2:e4: f1:c7:70:0e:b9:86:33:61:3a:fc:f2:ad:d0:f3:73: b9:01:50:0d:89:27:81:19:ea:3b:91:d8:16:8a:cf: 53:3b:79:cd:a5:af:b3:b4:11:cc:f4:19:25:92:d7: 19:64:4b:a4:37:6a:3f:cb:9b:70:53:02:40:f1:55: 3a:33:79:10:7b:aa:41:10:b5:3a:1d:56:6d:bf:7e: e2:18:10:d8:57:d8:a1:c7:32:d2:97:ca:8a:47:57: d1:41:49:bf:75:8c:96:bc:ba:df:95:cd:da:8f:42: a8:e1:77:3a:37:41:db:06:b6:ad:14:d2:bf:46:38: 01:6f:12:89:54:a9:85:cd:79:94:38:60:b9:c6:f9: 5c:30:0a:21:59:cf:ef:32:80:9e:5a:44:63:9a:ee: db:49:70:9f:11:01:80:9d:32:6a:2f:af:b5:77:47: c8:19:90:1a:74:47:96:c3:2d:a5:54:a4:b9:86:ad: 26:35:bc:82:8f:33:92:9e:2b:77:6d:d7:fe:b2:65: 0a:a9:e5:a0:88:37:cd:4b:7a:2f:ec:ba:54:48:2c: b9:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AB:3F:4F:22:46:0A:C0:FF:56:42:7F:04:0A:86:D1:18:11:EC:46:F4 X509v3 Authority Key Identifier: keyid:4B:52:9A:4D:22:FA:EF:23:13:5D:6E:FF:89:12:26:66:23:C4:92:55 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S1KaTSL67yMTXW7_iRImZiPEklU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/qz9PIkYKwP9WQn8ECobRGBHsRvQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/S1KaTSL67yMTXW7_iRImZiPEklU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.11.28.0/22 80.251.0.0/20 85.31.64.0/19 Signature Algorithm: sha256WithRSAEncryption ab:06:89:99:ad:b4:08:0f:7d:a4:0a:89:da:db:c9:4e:01:2c: fe:bf:94:1e:de:9f:0a:f7:e3:ae:ff:1d:c5:27:66:95:e7:b0: 9b:7e:f6:ca:c8:92:1b:f7:e8:80:9d:d3:02:46:0d:6e:4c:48: 52:a6:41:ff:e6:df:0d:12:d4:fa:79:e1:c9:29:72:78:5f:89: 8b:6d:c6:37:37:48:bd:78:60:9e:53:14:82:ed:e4:65:03:0a: e0:1c:d3:e4:88:c2:6c:db:45:87:30:5d:7a:39:85:6d:c0:e6: 28:b4:0c:ac:db:ff:5e:68:73:fc:ba:40:60:4e:36:08:6c:5b: 79:f5:8a:dc:42:26:1c:97:0a:83:52:87:39:cb:55:ab:70:e5: 28:03:1d:50:ec:f8:f6:0b:7d:20:d1:e1:5e:de:2d:ef:70:85: ad:e8:62:12:96:ca:5d:56:b0:e1:b8:69:32:70:7d:4f:c7:3b: 2c:b5:d3:4e:3b:0f:21:ef:f5:21:7e:61:44:2a:ae:4a:66:1e: 68:19:a5:86:aa:eb:79:67:cd:ce:2e:9a:12:de:c4:1a:a1:ca: 17:be:22:a7:a5:da:e8:fb:0c:22:6a:c5:b6:99:74:01:7e:6e: bc:e0:92:de:36:ea:c7:ce:a3:7d:2c:a2:d3:24:dd:7f:8a:5b: a3:46:30:6d -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt+pr7j7yfd83NmO8Y2gHikMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRiNTI5YTRkMjJmYWVmMjMxMzVkNmVmZjg5MTIyNjY2MjNj NDkyNTUwHhcNMjYwMTAyMTIyMDE1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhYjNmNGYyMjQ2MGFjMGZmNTY0MjdmMDQwYTg2ZDExODExZWM0NmY0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwSTawk98ljzqXiEQOyS5UiRK3mQi G/G5kah5k7R/8AYTm6iNcEqOakDUwuTxx3AOuYYzYTr88q3Q83O5AVANiSeBGeo7 kdgWis9TO3nNpa+ztBHM9BklktcZZEukN2o/y5twUwJA8VU6M3kQe6pBELU6HVZt v37iGBDYV9ihxzLSl8qKR1fRQUm/dYyWvLrflc3aj0Ko4Xc6N0HbBratFNK/RjgB bxKJVKmFzXmUOGC5xvlcMAohWc/vMoCeWkRjmu7bSXCfEQGAnTJqL6+1d0fIGZAa dEeWwy2lVKS5hq0mNbyCjzOSnit3bdf+smUKqeWgiDfNS3ov7LpUSCy5xwIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFKs/TyJGCsD/VkJ/BAqG0RgR7Eb0MB8GA1UdIwQY MBaAFEtSmk0i+u8jE11u/4kSJmYjxJJVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUzFLYVRTTDY3eU1UWFc3X2lSSW1aaVBFa2xVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy8xZDliMDUtZWM2MS00YzMzLWEwOTct MzZhZTc2ZWU5ODNlLzEvcXo5UElrWUt3UDlXUW44RUNvYlJHQkhzUnZRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMy8xZDliMDUtZWM2MS00YzMzLWEwOTctMzZhZTc2ZWU5ODNl LzEvUzFLYVRTTDY3eU1UWFc3X2lSSW1aaVBFa2xVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCBQscAwQE UPsAAwQFVR9AMA0GCSqGSIb3DQEBCwUAA4IBAQCrBomZrbQID32kCona28lOASz+ v5Qe3p8K9+Ou/x3FJ2aV57CbfvbKyJIb9+iAndMCRg1uTEhSpkH/5t8NEtT6eeHJ KXJ4X4mLbcY3N0i9eGCeUxSC7eRlAwrgHNPkiMJs20WHMF16OYVtwOYotAys2/9e aHP8ukBgTjYIbFt59YrcQiYclwqDUoc5y1WrcOUoAx1Q7Pj2C30g0eFe3i3vcIWt 6GISlspdVrDhuGkycH1PxzsstdNOOw8h7/UhfmFEKq5KZh5oGaWGqut5Z83OLpoS 3sQaocoXviKnpdro+wwiasW2mXQBfm684JLeNurHzqN9LKLTJN1/ilujRjBt -----END CERTIFICATE-----Generated at Fri Jan 2 18:03:35 2026 by rpki-client