This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/qh8wS6EGxifxl4T4JNg91aDfgC4.roa File: qh8wS6EGxifxl4T4JNg91aDfgC4.roa (raw, json) Hash identifier: 4r1kaM/mNX9SM0VeY7w/rEQgEQ6/0WhXucowQgUWOks= Subject key identifier: AA:1F:30:4B:A1:06:C6:27:F1:97:84:F8:24:D8:3D:D5:A0:DF:80:2E Certificate issuer: /CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e Certificate serial: 019B9DB2DC6004F2E4E22ED0A7E94AB0F0D5 Authority key identifier: 06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/qh8wS6EGxifxl4T4JNg91aDfgC4.roa Signing time: Thu 08 Jan 2026 13:01:43 +0000 ROA not before: Thu 08 Jan 2026 13:01:43 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 29802 IP address blocks: 213.220.14.0/24 maxlen: 24 213.220.18.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.crl rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.mft rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 16:17:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:9d:b2:dc:60:04:f2:e4:e2:2e:d0:a7:e9:4a:b0:f0:d5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e Validity Not Before: Jan 8 13:01:43 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=aa1f304ba106c627f19784f824d83dd5a0df802e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:bf:36:7d:3f:28:3d:4d:22:7e:4b:1b:63:58: ef:cf:33:46:8a:01:56:0d:91:a9:ae:f7:6b:c1:4a: 10:88:f4:3e:ee:93:33:a1:4f:0f:cd:e7:72:e9:ae: e4:e3:b1:04:fb:8b:a4:0f:c1:8a:00:63:18:73:6d: 32:62:e8:e3:f8:73:8f:9b:42:de:52:b1:b8:7f:c2: e8:2d:a4:a3:42:6d:fe:6f:6c:59:28:d5:03:1e:92: 18:e0:2f:bb:a8:19:e6:c9:7c:c2:6a:2c:eb:c6:3c: f9:c9:38:e7:56:66:38:b7:8c:ce:57:17:fb:95:d5: e4:c3:c7:a0:00:c2:e9:5a:52:45:3a:02:29:72:4d: 15:11:73:3f:88:17:95:e8:b6:d5:3d:e4:bb:d9:c3: 4a:2d:70:6f:2f:b2:41:d3:8d:36:c3:51:7b:27:f2: 98:8e:58:ce:a0:10:71:b5:8a:71:05:bc:93:ce:ad: 11:d3:fa:e3:71:53:bb:72:26:36:48:4c:f1:d2:4e: 91:59:c0:f5:fe:ae:9d:c4:d2:64:dd:07:c0:3d:b9: 95:33:f2:75:24:e1:32:a0:3e:c2:ea:ec:de:64:4c: 60:bd:fb:8b:8e:f1:3b:d8:02:41:f4:ef:bd:4d:52: d7:fa:a3:ff:e7:3d:e7:35:e9:7e:06:ac:a0:35:bc: c3:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AA:1F:30:4B:A1:06:C6:27:F1:97:84:F8:24:D8:3D:D5:A0:DF:80:2E X509v3 Authority Key Identifier: keyid:06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/qh8wS6EGxifxl4T4JNg91aDfgC4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 213.220.14.0/24 213.220.18.0/24 Signature Algorithm: sha256WithRSAEncryption 70:72:15:08:f4:23:dd:00:bf:a1:73:8b:3f:9a:f9:10:fd:5e: c4:3e:95:88:fd:9f:14:25:25:f2:86:44:7b:b2:40:1e:bd:aa: d6:e4:2c:10:1c:bc:35:d4:60:04:2d:31:8f:68:9e:b3:03:af: 50:f0:92:24:16:51:77:e4:a3:3c:77:7f:63:9a:7b:c6:47:da: 28:94:e7:9c:5b:dc:0e:cb:49:63:a5:a7:a9:92:c4:d0:f2:ae: 8a:e8:02:04:1a:40:56:55:86:fa:3a:6e:44:9d:d5:c1:24:a7: ce:10:f0:17:c3:69:d2:47:75:4a:72:e5:ce:97:6e:4f:3e:b8: 2c:48:0d:64:2d:60:26:90:c4:31:85:5b:9e:c8:e3:15:46:93: 28:61:31:41:44:d1:fc:1e:32:dd:34:a3:99:82:aa:93:96:48: 5b:3a:3e:89:c6:99:68:d4:7b:4f:e6:cc:02:49:00:81:28:ae: 91:b2:52:34:9c:d6:5f:7e:ca:a8:4f:73:14:6a:56:95:81:32: cf:f5:3d:9c:ba:1a:9c:69:03:ed:b6:38:50:5e:8d:cb:c8:81: 67:e9:95:0f:ec:bd:6f:69:03:1f:6a:1b:75:5a:71:7f:40:50: 00:ba:9a:59:57:14:94:eb:db:91:d6:31:93:bd:80:6e:d8:d4: 36:d6:ae:b7 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZudstxgBPLk4i7Qp+lKsPDVMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA2NzFkY2M3YTlhYzczNTFjNzFlMGJjMjI3OGNmNDVmZDAy MGFlMmUwHhcNMjYwMTA4MTMwMTQzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhYTFmMzA0YmExMDZjNjI3ZjE5Nzg0ZjgyNGQ4M2RkNWEwZGY4MDJlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArb82fT8oPU0ifksbY1jvzzNGigFW DZGprvdrwUoQiPQ+7pMzoU8Pzedy6a7k47EE+4ukD8GKAGMYc20yYujj+HOPm0Le UrG4f8LoLaSjQm3+b2xZKNUDHpIY4C+7qBnmyXzCaizrxjz5yTjnVmY4t4zOVxf7 ldXkw8egAMLpWlJFOgIpck0VEXM/iBeV6LbVPeS72cNKLXBvL7JB0402w1F7J/KY jljOoBBxtYpxBbyTzq0R0/rjcVO7ciY2SEzx0k6RWcD1/q6dxNJk3QfAPbmVM/J1 JOEyoD7C6uzeZExgvfuLjvE72AJB9O+9TVLX+qP/5z3nNel+BqygNbzDRQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFKofMEuhBsYn8ZeE+CTYPdWg34AuMB8GA1UdIwQY MBaAFAZx3MeprHNRxx4LwieM9F/QIK4uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGIt MWRkZWM0Y2NlMjRjLzEvcWg4d1M2RUd4aWZ4bDRUNEpOZzkxYURmZ0M0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGItMWRkZWM0Y2NlMjRj LzEvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQA1dwOAwQA 1dwSMA0GCSqGSIb3DQEBCwUAA4IBAQBwchUI9CPdAL+hc4s/mvkQ/V7EPpWI/Z8U JSXyhkR7skAevarW5CwQHLw11GAELTGPaJ6zA69Q8JIkFlF35KM8d39jmnvGR9oo lOecW9wOy0ljpaepksTQ8q6K6AIEGkBWVYb6Om5EndXBJKfOEPAXw2nSR3VKcuXO l25PPrgsSA1kLWAmkMQxhVueyOMVRpMoYTFBRNH8HjLdNKOZgqqTlkhbOj6Jxplo 1HtP5swCSQCBKK6RslI0nNZffsqoT3MUalaVgTLP9T2cuhqcaQPttjhQXo3LyIFn 6ZUP7L1vaQMfaht1WnF/QFAAuppZVxSU69uR1jGTvYBu2NQ21q63 -----END CERTIFICATE-----Generated at Tue Jan 20 02:49:06 2026 by rpki-client