This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/d1f172-2def-4797-805f-b494664724ad/1/qLhFmr4T7lmhKT8keUmQGB3IPPk.roa File: qLhFmr4T7lmhKT8keUmQGB3IPPk.roa (raw, json) Hash identifier: 2UcGL5CSyZb5XFh4zJbKoqd+DUw15c/cw5GBlQgBwdA= Subject key identifier: A8:B8:45:9A:BE:13:EE:59:A1:29:3F:24:79:49:90:18:1D:C8:3C:F9 Certificate issuer: /CN=3def11bb8a8d480a0313e1f218a66bdf4e95f627 Certificate serial: 019B7FF1FC9453B5EF373EC5B7AD0760C2A0 Authority key identifier: 3D:EF:11:BB:8A:8D:48:0A:03:13:E1:F2:18:A6:6B:DF:4E:95:F6:27 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Pe8Ru4qNSAoDE-HyGKZr306V9ic.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/d1f172-2def-4797-805f-b494664724ad/1/qLhFmr4T7lmhKT8keUmQGB3IPPk.roa Signing time: Fri 02 Jan 2026 18:22:03 +0000 ROA not before: Fri 02 Jan 2026 18:22:03 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 9121 IP address blocks: 62.248.0.0/17 maxlen: 24 78.160.0.0/11 maxlen: 24 81.212.0.0/14 maxlen: 24 85.96.0.0/12 maxlen: 24 88.224.0.0/11 maxlen: 24 95.0.0.0/12 maxlen: 24 176.52.176.0/22 maxlen: 24 194.54.32.0/19 maxlen: 24 195.174.0.0/15 maxlen: 24 212.156.0.0/16 maxlen: 24 212.174.0.0/15 maxlen: 24 2a01:358::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f6/d1f172-2def-4797-805f-b494664724ad/1/Pe8Ru4qNSAoDE-HyGKZr306V9ic.crl rsync://rpki.ripe.net/repository/DEFAULT/f6/d1f172-2def-4797-805f-b494664724ad/1/Pe8Ru4qNSAoDE-HyGKZr306V9ic.mft rsync://rpki.ripe.net/repository/DEFAULT/Pe8Ru4qNSAoDE-HyGKZr306V9ic.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 03:01:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:f1:fc:94:53:b5:ef:37:3e:c5:b7:ad:07:60:c2:a0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3def11bb8a8d480a0313e1f218a66bdf4e95f627 Validity Not Before: Jan 2 18:22:03 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=a8b8459abe13ee59a1293f24794990181dc83cf9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:c2:33:4d:1d:7f:5f:f5:e1:da:54:d9:55:eb: 5a:1f:49:13:f5:a5:98:67:18:34:b0:5a:c3:8f:27: 7a:27:0b:f3:02:04:14:a3:3b:1a:f6:60:d8:4a:94: 0a:8a:ca:38:cb:92:1d:3e:c0:0d:47:26:a4:30:00: ba:31:71:a5:42:a2:6e:a6:f2:05:db:b3:ca:4d:1b: 14:64:cf:80:ff:da:24:45:13:69:58:fa:2f:ae:7a: d3:d3:86:f2:53:0b:4d:84:d3:71:f4:35:8c:9f:00: 49:fd:be:52:8b:a1:53:dc:60:3d:90:d8:3c:a0:e2: 7a:cc:2d:53:f6:5d:75:64:f9:6e:74:30:b1:34:b7: e1:29:05:02:66:0d:0b:c4:07:bf:c8:0c:1f:c2:9c: bb:93:13:2c:9a:10:27:c6:24:a5:fb:fa:9d:0a:de: fc:e9:c2:44:c8:4f:04:e4:43:03:f8:30:45:9b:61: 35:74:e4:87:4c:33:93:3a:b8:25:c8:c2:22:5c:bd: 5c:22:03:02:83:70:20:28:ab:80:d1:78:a5:27:44: 35:2b:67:bd:c7:1d:da:ab:9e:41:97:f1:33:8b:34: c1:fc:4a:8a:bc:ee:a0:e7:3e:8a:45:76:0a:b8:16: da:35:74:4b:03:bd:b0:34:e3:77:df:13:89:8b:46: 1a:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A8:B8:45:9A:BE:13:EE:59:A1:29:3F:24:79:49:90:18:1D:C8:3C:F9 X509v3 Authority Key Identifier: keyid:3D:EF:11:BB:8A:8D:48:0A:03:13:E1:F2:18:A6:6B:DF:4E:95:F6:27 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pe8Ru4qNSAoDE-HyGKZr306V9ic.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/d1f172-2def-4797-805f-b494664724ad/1/qLhFmr4T7lmhKT8keUmQGB3IPPk.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/d1f172-2def-4797-805f-b494664724ad/1/Pe8Ru4qNSAoDE-HyGKZr306V9ic.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 62.248.0.0/17 78.160.0.0/11 81.212.0.0/14 85.96.0.0/12 88.224.0.0/11 95.0.0.0/12 176.52.176.0/22 194.54.32.0/19 195.174.0.0/15 212.156.0.0/16 212.174.0.0/15 IPv6: 2a01:358::/29 Signature Algorithm: sha256WithRSAEncryption 03:b3:e9:3d:2a:e2:27:8d:37:a5:c5:75:1d:61:0b:1a:2d:6d: 4f:24:6c:42:27:52:9c:0f:3f:7f:d4:96:ca:85:62:e2:43:57: 33:44:c9:10:6c:50:ce:74:0f:6d:11:85:d6:e5:c4:67:2f:01: 63:52:1e:18:a4:55:af:b8:ea:e6:a5:dc:9a:03:ac:23:5f:60: a3:1b:10:86:0b:dd:4e:1d:ca:ed:6b:a8:1c:65:f9:c8:9b:79: 71:95:62:39:e1:42:24:b2:30:21:dd:58:8e:c8:30:69:ba:53: a5:a8:56:7d:97:72:88:5f:6b:21:d6:14:6a:c8:f3:82:7c:e6: 81:bd:ed:83:1c:fe:56:a8:2c:05:e1:29:ff:2d:84:9a:31:12: dd:68:32:da:5f:ad:22:92:d3:af:5f:9a:af:c6:1b:84:32:0e: bb:fa:d1:8d:0f:e3:35:97:b1:9f:10:fa:a1:f4:2d:6a:23:4a: bb:c7:ac:4f:96:52:fc:84:4a:50:31:59:95:32:6d:f4:f6:b5: 8e:97:b8:9f:c1:ca:c8:96:c5:a5:4b:cd:cc:2d:2c:68:8e:db: b2:14:5d:da:9d:53:93:41:de:42:74:07:9a:8f:f7:a6:d6:6c: 77:0d:e4:06:59:14:43:47:76:68:88:81:95:05:d8:8c:e6:2c: 4d:85:25:53 -----BEGIN CERTIFICATE----- MIIFQDCCBCigAwIBAgISAZt/8fyUU7XvNz7Ft60HYMKgMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNkZWYxMWJiOGE4ZDQ4MGEwMzEzZTFmMjE4YTY2YmRmNGU5 NWY2MjcwHhcNMjYwMTAyMTgyMjAzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhOGI4NDU5YWJlMTNlZTU5YTEyOTNmMjQ3OTQ5OTAxODFkYzgzY2Y5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlsIzTR1/X/Xh2lTZVetaH0kT9aWY Zxg0sFrDjyd6JwvzAgQUozsa9mDYSpQKiso4y5IdPsANRyakMAC6MXGlQqJupvIF 27PKTRsUZM+A/9okRRNpWPovrnrT04byUwtNhNNx9DWMnwBJ/b5Si6FT3GA9kNg8 oOJ6zC1T9l11ZPludDCxNLfhKQUCZg0LxAe/yAwfwpy7kxMsmhAnxiSl+/qdCt78 6cJEyE8E5EMD+DBFm2E1dOSHTDOTOrglyMIiXL1cIgMCg3AgKKuA0XilJ0Q1K2e9 xx3aq55Bl/EzizTB/EqKvO6g5z6KRXYKuBbaNXRLA72wNON33xOJi0YajQIDAQAB o4ICTDCCAkgwHQYDVR0OBBYEFKi4RZq+E+5ZoSk/JHlJkBgdyDz5MB8GA1UdIwQY MBaAFD3vEbuKjUgKAxPh8hima99OlfYnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUGU4UnU0cU5TQW9ERS1IeUdLWnIzMDZWOWljLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9kMWYxNzItMmRlZi00Nzk3LTgwNWYt YjQ5NDY2NDcyNGFkLzEvcUxoRm1yNFQ3bG1oS1Q4a2VVbVFHQjNJUFBrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mNi9kMWYxNzItMmRlZi00Nzk3LTgwNWYtYjQ5NDY2NDcyNGFk LzEvUGU4UnU0cU5TQW9ERS1IeUdLWnIzMDZWOWljLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMGIGCCsGAQUFBwEHAQH/BFMwUTBABAIAATA6AwQHPvgAAwMF TqADAwJR1AMDBFVgAwMFWOADAwRfAAMEArA0sAMEBcI2IAMDAcOuAwMA1JwDAwHU rjANBAIAAjAHAwUDKgEDWDANBgkqhkiG9w0BAQsFAAOCAQEAA7PpPSriJ403pcV1 HWELGi1tTyRsQidSnA8/f9SWyoVi4kNXM0TJEGxQznQPbRGF1uXEZy8BY1IeGKRV r7jq5qXcmgOsI19goxsQhgvdTh3K7WuoHGX5yJt5cZViOeFCJLIwId1YjsgwabpT pahWfZdyiF9rIdYUasjzgnzmgb3tgxz+VqgsBeEp/y2EmjES3Wgy2l+tIpLTr1+a r8YbhDIOu/rRjQ/jNZexnxD6ofQtaiNKu8esT5ZS/IRKUDFZlTJt9Pa1jpe4n8HK yJbFpUvNzC0saI7bshRd2p1Tk0HeQnQHmo/3ptZsdw3kBlkUQ0d2aIiBlQXYjOYs TYUlUw== -----END CERTIFICATE-----Generated at Wed Jan 21 13:19:09 2026 by rpki-client