This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/171cea-3d78-4513-ad49-5a905af507c3/1/qnjLVFZSC8QuCgUVZZ1JmtnnXaw.roa File: qnjLVFZSC8QuCgUVZZ1JmtnnXaw.roa (raw, json) Hash identifier: lrJX4lxCpvRoWetP9MnMhWnZa9fTVg282FGtglUa7z4= Subject key identifier: AA:78:CB:54:56:52:0B:C4:2E:0A:05:15:65:9D:49:9A:D9:E7:5D:AC Certificate issuer: /CN=b6ed9b5cb4b64866c383dee4576bff3ff875242d Certificate serial: 019B7C114CFEAF4142C550948EB75CBB6CBB Authority key identifier: B6:ED:9B:5C:B4:B6:48:66:C3:83:DE:E4:57:6B:FF:3F:F8:75:24:2D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tu2bXLS2SGbDg97kV2v_P_h1JC0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/171cea-3d78-4513-ad49-5a905af507c3/1/qnjLVFZSC8QuCgUVZZ1JmtnnXaw.roa Signing time: Fri 02 Jan 2026 00:17:47 +0000 ROA not before: Fri 02 Jan 2026 00:17:47 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 41694 IP address blocks: 91.220.172.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/171cea-3d78-4513-ad49-5a905af507c3/1/tu2bXLS2SGbDg97kV2v_P_h1JC0.crl rsync://rpki.ripe.net/repository/DEFAULT/14/171cea-3d78-4513-ad49-5a905af507c3/1/tu2bXLS2SGbDg97kV2v_P_h1JC0.mft rsync://rpki.ripe.net/repository/DEFAULT/tu2bXLS2SGbDg97kV2v_P_h1JC0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:11:4c:fe:af:41:42:c5:50:94:8e:b7:5c:bb:6c:bb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b6ed9b5cb4b64866c383dee4576bff3ff875242d Validity Not Before: Jan 2 00:17:47 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=aa78cb5456520bc42e0a0515659d499ad9e75dac Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:f8:5d:8a:7e:b8:d6:ae:4e:a0:6e:22:b5:af: 1e:83:c5:f4:f1:aa:f0:0c:85:7e:b6:20:6a:25:da: ea:7b:1a:b0:00:83:63:93:ec:4b:7d:8b:35:3f:fd: ac:1f:24:93:6d:d7:3b:23:7e:15:34:ba:e0:ea:8a: 88:80:6b:47:68:19:3c:e2:46:47:7f:5f:ca:5c:c6: 13:ba:3d:11:3b:98:0b:a0:bd:d6:7a:53:65:c1:2d: 25:5e:af:fa:56:bc:4d:17:82:13:9a:40:35:66:c5: 56:54:5a:45:63:3c:65:d0:30:32:7f:89:eb:a4:05: c2:49:fd:23:bd:c3:cb:a3:f8:13:6b:38:9c:fe:16: d0:2c:23:eb:cd:d4:39:ad:ff:39:37:7b:46:e8:3d: ac:b2:72:98:5e:5a:22:08:6f:73:5c:c1:09:49:50: ef:07:eb:53:35:aa:cc:75:dc:73:b1:a9:64:5a:18: 0b:6d:4f:e1:44:1a:4f:30:aa:98:37:34:60:06:94: eb:6c:37:19:99:1a:a4:fa:40:9c:28:b7:27:ed:5c: 2f:87:3f:69:06:bf:7c:f7:64:94:46:32:20:ca:1f: 2a:d3:d0:da:8b:24:d0:18:09:3e:0f:5f:9b:63:7d: 5d:d5:79:43:aa:59:4e:30:ac:cc:d6:3e:21:c2:2f: 50:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AA:78:CB:54:56:52:0B:C4:2E:0A:05:15:65:9D:49:9A:D9:E7:5D:AC X509v3 Authority Key Identifier: keyid:B6:ED:9B:5C:B4:B6:48:66:C3:83:DE:E4:57:6B:FF:3F:F8:75:24:2D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tu2bXLS2SGbDg97kV2v_P_h1JC0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/171cea-3d78-4513-ad49-5a905af507c3/1/qnjLVFZSC8QuCgUVZZ1JmtnnXaw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/14/171cea-3d78-4513-ad49-5a905af507c3/1/tu2bXLS2SGbDg97kV2v_P_h1JC0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.220.172.0/24 Signature Algorithm: sha256WithRSAEncryption 3a:b8:5d:a5:a5:cb:b8:cc:e2:4e:2a:1e:87:b6:50:74:9c:d7: 8e:91:be:92:d5:a1:f2:d5:78:42:a1:76:36:4a:3d:0c:4f:f3: 26:6c:2f:66:bf:8a:ee:ca:ca:f2:99:39:5c:e0:0d:8b:f2:b1: 11:a4:a8:16:1a:9a:0a:9b:e4:6e:78:2c:b3:70:67:9b:d1:0a: 92:07:8b:0a:5a:ab:73:01:42:3c:d0:23:34:ff:86:01:5f:55: 95:c0:65:af:ad:4d:02:5e:f7:aa:9f:ac:03:9a:2f:40:6a:cb: dc:32:80:a9:36:1f:4f:c7:c5:ea:6d:08:d1:7a:62:85:e0:78: cf:ad:7d:14:14:94:f8:4e:81:18:4d:16:3d:03:87:a1:a2:1f: 3e:07:fd:0f:95:a0:a2:66:b4:a2:bf:dd:91:ae:8b:0a:73:8e: 97:b2:51:86:98:c6:4c:ca:1b:07:39:87:5f:3a:3f:cf:4a:a9: 5f:ba:97:19:ee:c3:15:c4:23:65:28:08:18:a5:87:60:c2:6b: 2e:82:e9:6c:0f:d7:84:9c:70:3e:60:c6:66:e9:bb:3a:a3:cb: 91:28:0a:12:c2:5b:64:bc:83:49:25:a5:d3:9d:20:89:6a:fe: 85:cd:4c:12:c0:31:84:70:56:50:c9:9e:5e:e7:3a:e5:1f:df: db:cf:22:6b -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt8EUz+r0FCxVCUjrdcu2y7MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI2ZWQ5YjVjYjRiNjQ4NjZjMzgzZGVlNDU3NmJmZjNmZjg3 NTI0MmQwHhcNMjYwMTAyMDAxNzQ3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhYTc4Y2I1NDU2NTIwYmM0MmUwYTA1MTU2NTlkNDk5YWQ5ZTc1ZGFjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvPhdin641q5OoG4ita8eg8X08arw DIV+tiBqJdrqexqwAINjk+xLfYs1P/2sHySTbdc7I34VNLrg6oqIgGtHaBk84kZH f1/KXMYTuj0RO5gLoL3WelNlwS0lXq/6VrxNF4ITmkA1ZsVWVFpFYzxl0DAyf4nr pAXCSf0jvcPLo/gTazic/hbQLCPrzdQ5rf85N3tG6D2ssnKYXloiCG9zXMEJSVDv B+tTNarMddxzsalkWhgLbU/hRBpPMKqYNzRgBpTrbDcZmRqk+kCcKLcn7Vwvhz9p Br9892SURjIgyh8q09DaiyTQGAk+D1+bY31d1XlDqllOMKzM1j4hwi9QhwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFKp4y1RWUgvELgoFFWWdSZrZ512sMB8GA1UdIwQY MBaAFLbtm1y0tkhmw4Pe5Fdr/z/4dSQtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdHUyYlhMUzJTR2JEZzk3a1Yydl9QX2gxSkMwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xNzFjZWEtM2Q3OC00NTEzLWFkNDkt NWE5MDVhZjUwN2MzLzEvcW5qTFZGWlNDOFF1Q2dVVlpaMUptdG5uWGF3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNC8xNzFjZWEtM2Q3OC00NTEzLWFkNDktNWE5MDVhZjUwN2Mz LzEvdHUyYlhMUzJTR2JEZzk3a1Yydl9QX2gxSkMwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9ysMA0G CSqGSIb3DQEBCwUAA4IBAQA6uF2lpcu4zOJOKh6HtlB0nNeOkb6S1aHy1XhCoXY2 Sj0MT/MmbC9mv4ruysrymTlc4A2L8rERpKgWGpoKm+RueCyzcGeb0QqSB4sKWqtz AUI80CM0/4YBX1WVwGWvrU0CXveqn6wDmi9AasvcMoCpNh9Px8XqbQjRemKF4HjP rX0UFJT4ToEYTRY9A4ehoh8+B/0PlaCiZrSiv92RrosKc46XslGGmMZMyhsHOYdf Oj/PSqlfupcZ7sMVxCNlKAgYpYdgwmsugulsD9eEnHA+YMZm6bs6o8uRKAoSwltk vINJJaXTnSCJav6FzUwSwDGEcFZQyZ5e5zrlH9/bzyJr -----END CERTIFICATE-----Generated at Sun Jan 25 23:04:36 2026 by rpki-client