This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/QlKF7TkGhe65CsAL6DFoslTMuac.roa File: QlKF7TkGhe65CsAL6DFoslTMuac.roa (raw, json) Hash identifier: cVjDRTfgLDonetzUTDUHdR576qL3SOFEB4K/eVKenvg= Subject key identifier: 42:52:85:ED:39:06:85:EE:B9:0A:C0:0B:E8:31:68:B2:54:CC:B9:A7 Certificate issuer: /CN=6d069e19e12c104004e8b4b75f8a7789b7e11396 Certificate serial: 019B797DE77F08C5F6D1212457E633C881A3 Authority key identifier: 6D:06:9E:19:E1:2C:10:40:04:E8:B4:B7:5F:8A:77:89:B7:E1:13:96 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/QlKF7TkGhe65CsAL6DFoslTMuac.roa Signing time: Thu 01 Jan 2026 12:17:32 +0000 ROA not before: Thu 01 Jan 2026 12:17:32 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 42894 IP address blocks: 131.237.0.0/16 maxlen: 24 131.237.0.0/24 maxlen: 24 131.237.1.0/24 maxlen: 24 131.237.8.0/24 maxlen: 24 131.237.32.0/24 maxlen: 24 131.237.40.0/24 maxlen: 24 131.237.41.0/24 maxlen: 24 131.237.42.0/24 maxlen: 24 131.237.43.0/24 maxlen: 24 131.237.70.0/24 maxlen: 24 131.237.71.0/24 maxlen: 24 131.237.72.0/24 maxlen: 24 131.237.73.0/24 maxlen: 24 131.237.74.0/24 maxlen: 24 131.237.77.0/24 maxlen: 24 131.237.78.0/24 maxlen: 24 131.237.80.0/24 maxlen: 24 131.237.83.0/24 maxlen: 24 131.237.84.0/24 maxlen: 24 131.237.96.0/24 maxlen: 24 131.237.120.0/24 maxlen: 24 131.237.121.0/24 maxlen: 24 131.237.163.0/24 maxlen: 24 145.31.0.0/16 maxlen: 24 145.45.0.0/17 maxlen: 24 145.45.0.0/24 maxlen: 24 145.45.48.0/24 maxlen: 24 145.45.110.0/24 maxlen: 24 145.50.0.0/16 maxlen: 24 145.50.37.0/24 maxlen: 24 145.50.39.0/24 maxlen: 24 145.50.105.0/24 maxlen: 24 145.50.233.0/24 maxlen: 24 194.104.116.0/22 maxlen: 24 194.104.116.0/24 maxlen: 24 194.104.117.0/24 maxlen: 24 194.104.118.0/24 maxlen: 24 194.104.119.0/24 maxlen: 24 2a13:e080::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.crl rsync://rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.mft rsync://rpki.ripe.net/repository/DEFAULT/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 21 Jan 2026 03:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7d:e7:7f:08:c5:f6:d1:21:24:57:e6:33:c8:81:a3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6d069e19e12c104004e8b4b75f8a7789b7e11396 Validity Not Before: Jan 1 12:17:32 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=425285ed390685eeb90ac00be83168b254ccb9a7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:8b:19:54:f0:03:2e:32:95:83:e0:63:cf:94: 69:ad:e5:34:4b:d1:09:dc:d5:99:98:bb:68:57:ef: 29:7c:97:10:ca:96:43:90:08:fe:9b:42:37:4b:7a: 42:d2:da:be:dc:c7:a5:8e:9b:bc:cb:b4:ee:af:e2: 39:5a:7e:71:b3:8a:9c:b8:38:4f:95:45:70:44:d5: bd:fa:52:46:64:ff:3e:53:66:67:67:95:cf:8c:c6: 11:33:18:d8:18:a4:24:a1:84:b5:69:2e:83:1d:69: 03:d7:69:a1:99:68:b2:41:65:26:b5:c5:58:37:ce: 32:25:cd:3d:b7:8b:8f:c3:f5:f1:16:c4:d4:2c:6d: 7a:63:50:79:50:28:b8:04:29:3c:f7:63:59:aa:37: a5:a7:01:bf:85:18:52:df:94:0b:00:b4:db:c8:e0: 69:2b:2b:a9:ca:bd:51:0f:79:4e:0f:6b:c4:e7:38: b1:4e:f5:75:f1:37:2b:08:77:12:23:37:86:d4:d5: b3:44:66:21:57:de:3b:0a:15:f5:b8:cb:7c:c5:6e: 26:86:be:bf:22:08:23:79:b3:ac:77:c6:29:ca:93: 42:33:1b:3a:89:c4:75:f0:7f:31:28:ae:00:94:1a: 99:41:ca:a8:55:a2:8c:26:93:19:d5:24:00:01:f8: c6:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 42:52:85:ED:39:06:85:EE:B9:0A:C0:0B:E8:31:68:B2:54:CC:B9:A7 X509v3 Authority Key Identifier: keyid:6D:06:9E:19:E1:2C:10:40:04:E8:B4:B7:5F:8A:77:89:B7:E1:13:96 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/QlKF7TkGhe65CsAL6DFoslTMuac.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 131.237.0.0/16 145.31.0.0/16 145.45.0.0/17 145.50.0.0/16 194.104.116.0/22 IPv6: 2a13:e080::/32 Signature Algorithm: sha256WithRSAEncryption 87:79:34:51:31:4e:88:56:f8:c5:6b:60:a4:49:2b:d2:72:ef: b3:d2:45:26:2c:ac:9c:81:c1:80:b1:cd:d9:6d:17:78:fc:88: ce:3f:63:6b:bd:47:e6:9c:63:aa:cc:79:4c:f8:52:f8:50:8c: a0:59:bb:46:53:d2:86:2b:c3:ea:ed:a4:6e:62:f8:c3:4f:ab: 2e:a0:09:e8:88:d0:bf:10:bb:56:59:20:44:a7:56:06:06:25: 36:69:42:27:ec:9a:88:29:35:90:ec:5b:21:01:c8:a5:a4:58: c7:f0:be:2b:c9:f1:a7:ae:45:a7:0b:2b:33:69:e5:3c:15:10: 10:c6:42:8e:f9:16:bc:c4:a6:24:7c:15:9b:c9:d1:51:02:2a: 77:34:d0:a1:78:40:97:15:a3:32:24:25:e4:5c:08:e7:29:2f: 37:ba:38:ef:45:5a:3c:61:2c:3f:90:ed:d6:b8:6c:f3:16:e5: 0e:4a:8b:51:68:71:aa:95:97:ce:95:01:4e:fd:3b:de:f2:8b: f1:d7:8e:df:e0:eb:9c:ff:2b:fd:0a:f7:61:dc:fb:8b:22:02: d9:f4:43:c5:97:04:50:b4:88:f9:dc:6f:6d:f4:ec:35:e8:70: 4d:2a:fc:e6:7e:d1:48:c3:4e:14:0f:26:06:3c:35:2a:1d:85: 54:1b:7b:48 -----BEGIN CERTIFICATE----- MIIFITCCBAmgAwIBAgISAZt5fed/CMX20SEkV+YzyIGjMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZkMDY5ZTE5ZTEyYzEwNDAwNGU4YjRiNzVmOGE3Nzg5Yjdl MTEzOTYwHhcNMjYwMTAxMTIxNzMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0MjUyODVlZDM5MDY4NWVlYjkwYWMwMGJlODMxNjhiMjU0Y2NiOWE3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoosZVPADLjKVg+Bjz5RpreU0S9EJ 3NWZmLtoV+8pfJcQypZDkAj+m0I3S3pC0tq+3Meljpu8y7Tur+I5Wn5xs4qcuDhP lUVwRNW9+lJGZP8+U2ZnZ5XPjMYRMxjYGKQkoYS1aS6DHWkD12mhmWiyQWUmtcVY N84yJc09t4uPw/XxFsTULG16Y1B5UCi4BCk892NZqjelpwG/hRhS35QLALTbyOBp Kyupyr1RD3lOD2vE5zixTvV18TcrCHcSIzeG1NWzRGYhV947ChX1uMt8xW4mhr6/ IggjebOsd8YpypNCMxs6icR18H8xKK4AlBqZQcqoVaKMJpMZ1SQAAfjGxwIDAQAB o4ICLTCCAikwHQYDVR0OBBYEFEJShe05BoXuuQrAC+gxaLJUzLmnMB8GA1UdIwQY MBaAFG0GnhnhLBBABOi0t1+Kd4m34ROWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYlFhZUdlRXNFRUFFNkxTM1g0cDNpYmZoRTVZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9jZjY0ZjYtMDc4OS00M2UzLWJkNmIt N2JmZjI5NmM2YjAyLzEvUWxLRjdUa0doZTY1Q3NBTDZERm9zbFRNdWFjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mYi9jZjY0ZjYtMDc4OS00M2UzLWJkNmItN2JmZjI5NmM2YjAy LzEvYlFhZUdlRXNFRUFFNkxTM1g0cDNpYmZoRTVZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAhBAIAATAbAwMAg+0DAwCR HwMEB5EtAAMDAJEyAwQCwmh0MA0EAgACMAcDBQAqE+CAMA0GCSqGSIb3DQEBCwUA A4IBAQCHeTRRMU6IVvjFa2CkSSvScu+z0kUmLKycgcGAsc3ZbRd4/IjOP2NrvUfm nGOqzHlM+FL4UIygWbtGU9KGK8Pq7aRuYvjDT6suoAnoiNC/ELtWWSBEp1YGBiU2 aUIn7JqIKTWQ7FshAcilpFjH8L4ryfGnrkWnCyszaeU8FRAQxkKO+Ra8xKYkfBWb ydFRAip3NNCheECXFaMyJCXkXAjnKS83ujjvRVo8YSw/kO3WuGzzFuUOSotRaHGq lZfOlQFO/Tve8ovx147f4Ouc/yv9Cvdh3PuLIgLZ9EPFlwRQtIj53G9t9Ow16HBN KvzmftFIw04UDyYGPDUqHYVUG3tI -----END CERTIFICATE-----Generated at Tue Jan 20 07:56:31 2026 by rpki-client