This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/df3a15-2e49-4d8e-855a-1c2758651efa/1/QHQB5R-_IHEKwwGTKDoZ2Ksm3ts.roa File: QHQB5R-_IHEKwwGTKDoZ2Ksm3ts.roa (raw, json) Hash identifier: RSCo2PpN2aVf+mUteSJphpe4hoO5sJZI7c95rlwWbrM= Subject key identifier: 40:74:01:E5:1F:BF:20:71:0A:C3:01:93:28:3A:19:D8:AB:26:DE:DB Certificate issuer: /CN=971c78b305fb49cbd4005d4427c1f62c6a455a68 Certificate serial: 019B7B36006F0AC8C2406B0B0567D22AB116 Authority key identifier: 97:1C:78:B3:05:FB:49:CB:D4:00:5D:44:27:C1:F6:2C:6A:45:5A:68 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lxx4swX7ScvUAF1EJ8H2LGpFWmg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/df3a15-2e49-4d8e-855a-1c2758651efa/1/QHQB5R-_IHEKwwGTKDoZ2Ksm3ts.roa Signing time: Thu 01 Jan 2026 20:18:15 +0000 ROA not before: Thu 01 Jan 2026 20:18:15 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 51405 IP address blocks: 85.208.4.0/22 maxlen: 24 2a09:8840::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ef/df3a15-2e49-4d8e-855a-1c2758651efa/1/lxx4swX7ScvUAF1EJ8H2LGpFWmg.crl rsync://rpki.ripe.net/repository/DEFAULT/ef/df3a15-2e49-4d8e-855a-1c2758651efa/1/lxx4swX7ScvUAF1EJ8H2LGpFWmg.mft rsync://rpki.ripe.net/repository/DEFAULT/lxx4swX7ScvUAF1EJ8H2LGpFWmg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 20:00:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:36:00:6f:0a:c8:c2:40:6b:0b:05:67:d2:2a:b1:16 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=971c78b305fb49cbd4005d4427c1f62c6a455a68 Validity Not Before: Jan 1 20:18:15 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=407401e51fbf20710ac30193283a19d8ab26dedb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:25:6b:10:99:86:a1:11:38:d2:bf:77:fc:a2: 3f:54:0d:54:3b:73:44:ad:db:eb:cd:36:86:66:66: 7f:f0:0d:c7:4c:5b:43:ef:d4:de:56:96:59:6f:fc: aa:ad:7f:31:a3:f8:79:c7:7c:e7:d8:af:e7:55:da: 2d:b4:2e:ef:26:e5:67:fb:fe:90:40:1e:74:01:7d: 8d:c1:56:90:4e:89:71:65:e9:d1:73:30:a5:ee:36: 7f:4e:ce:e1:ea:99:3a:e2:3d:9b:77:83:87:69:2d: 83:74:0e:5e:c0:1a:c6:60:d7:47:75:d6:ec:08:a3: 62:e5:0d:1a:00:30:07:aa:7b:2f:ab:bf:4e:9c:d3: 79:a3:c8:57:7d:9c:a6:2b:d7:d3:5e:6a:29:f7:c2: 23:75:09:3c:33:bb:79:81:4b:76:64:29:07:74:0f: e4:e8:11:23:17:74:dd:63:9a:fc:bf:f2:61:50:d3: 20:0b:23:f2:79:3a:3f:f3:91:f0:2a:cb:12:ff:39: a7:40:c7:7c:0f:93:97:d8:14:c3:dd:22:92:8f:83: 82:55:60:a7:9c:26:f0:f0:b2:01:18:30:13:13:37: d2:29:f9:5a:02:ab:da:a5:98:95:bc:6f:59:b5:49: 5a:a6:c4:3f:aa:28:45:7c:c5:6c:1b:33:b2:bf:67: 8f:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:74:01:E5:1F:BF:20:71:0A:C3:01:93:28:3A:19:D8:AB:26:DE:DB X509v3 Authority Key Identifier: keyid:97:1C:78:B3:05:FB:49:CB:D4:00:5D:44:27:C1:F6:2C:6A:45:5A:68 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lxx4swX7ScvUAF1EJ8H2LGpFWmg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/df3a15-2e49-4d8e-855a-1c2758651efa/1/QHQB5R-_IHEKwwGTKDoZ2Ksm3ts.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/df3a15-2e49-4d8e-855a-1c2758651efa/1/lxx4swX7ScvUAF1EJ8H2LGpFWmg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 85.208.4.0/22 IPv6: 2a09:8840::/29 Signature Algorithm: sha256WithRSAEncryption 15:08:a9:95:62:eb:5e:c8:f5:91:d9:84:63:6c:32:15:9c:02: 5a:9d:de:e6:5b:82:6b:34:d6:5f:1c:f1:25:7e:ef:c8:3e:0b: be:e2:3e:9b:a1:c4:b9:13:bb:2a:92:6e:3f:60:f2:5f:b6:2b: 51:b7:17:72:6e:98:e9:8f:24:77:00:f4:bf:39:8b:72:9e:ce: 99:7f:33:e8:2d:83:ed:a1:5c:e7:86:da:cc:7c:28:34:9e:27: a3:cc:54:56:48:4d:a2:73:2f:dd:6a:73:8c:13:58:9c:0f:f2: ba:6f:d1:80:44:77:e1:05:93:79:0b:16:1f:65:d9:23:ff:6b: 34:58:98:ae:44:7a:b7:f8:05:09:c2:06:3e:0f:4e:63:8a:f9: 75:82:de:11:1b:d7:0a:3d:c6:05:8f:12:d4:75:27:b3:62:58: af:84:cf:2f:1a:27:69:38:44:03:df:f6:7f:c3:65:7d:74:d9: d9:dc:5b:64:04:04:99:8e:ee:21:fd:60:c1:ed:3e:f9:b0:21: 41:89:ef:e1:a3:bc:ca:a9:fa:66:1c:85:f2:b9:06:e6:e4:0f: 8a:b8:7b:98:95:c7:f4:42:24:86:8b:ed:8d:c1:83:ff:7b:3d: d3:50:b0:46:99:fc:d9:c9:76:6d:5f:9f:7d:ca:a9:da:39:76: 5e:fb:7c:24 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt7NgBvCsjCQGsLBWfSKrEWMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk3MWM3OGIzMDVmYjQ5Y2JkNDAwNWQ0NDI3YzFmNjJjNmE0 NTVhNjgwHhcNMjYwMTAxMjAxODE1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0MDc0MDFlNTFmYmYyMDcxMGFjMzAxOTMyODNhMTlkOGFiMjZkZWRiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuSVrEJmGoRE40r93/KI/VA1UO3NE rdvrzTaGZmZ/8A3HTFtD79TeVpZZb/yqrX8xo/h5x3zn2K/nVdottC7vJuVn+/6Q QB50AX2NwVaQTolxZenRczCl7jZ/Ts7h6pk64j2bd4OHaS2DdA5ewBrGYNdHddbs CKNi5Q0aADAHqnsvq79OnNN5o8hXfZymK9fTXmop98IjdQk8M7t5gUt2ZCkHdA/k 6BEjF3TdY5r8v/JhUNMgCyPyeTo/85HwKssS/zmnQMd8D5OX2BTD3SKSj4OCVWCn nCbw8LIBGDATEzfSKflaAqvapZiVvG9ZtUlapsQ/qihFfMVsGzOyv2ePqwIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFEB0AeUfvyBxCsMBkyg6GdirJt7bMB8GA1UdIwQY MBaAFJcceLMF+0nL1ABdRCfB9ixqRVpoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbHh4NHN3WDdTY3ZVQUYxRUo4SDJMR3BGV21nLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9kZjNhMTUtMmU0OS00ZDhlLTg1NWEt MWMyNzU4NjUxZWZhLzEvUUhRQjVSLV9JSEVLd3dHVEtEb1oyS3NtM3RzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lZi9kZjNhMTUtMmU0OS00ZDhlLTg1NWEtMWMyNzU4NjUxZWZh LzEvbHh4NHN3WDdTY3ZVQUYxRUo4SDJMR3BGV21nLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCVdAEMA0E AgACMAcDBQMqCYhAMA0GCSqGSIb3DQEBCwUAA4IBAQAVCKmVYuteyPWR2YRjbDIV nAJand7mW4JrNNZfHPElfu/IPgu+4j6bocS5E7sqkm4/YPJftitRtxdybpjpjyR3 APS/OYtyns6ZfzPoLYPtoVznhtrMfCg0niejzFRWSE2icy/danOME1icD/K6b9GA RHfhBZN5CxYfZdkj/2s0WJiuRHq3+AUJwgY+D05jivl1gt4RG9cKPcYFjxLUdSez YlivhM8vGidpOEQD3/Z/w2V9dNnZ3FtkBASZju4h/WDB7T75sCFBie/ho7zKqfpm HIXyuQbm5A+KuHuYlcf0QiSGi+2NwYP/ez3TULBGmfzZyXZtX599yqnaOXZe+3wk -----END CERTIFICATE-----Generated at Tue Feb 10 01:13:17 2026 by rpki-client