This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/7f0d3c-bbd9-4fee-b60b-c465d8902c1b/1/BQKL8EXCPvyOQg1ICU181HzsTLY.roa File: BQKL8EXCPvyOQg1ICU181HzsTLY.roa (raw, json) Hash identifier: MQTZW+TVECgfYFhuLaoeF6hUd6ELHRAnYHxRk4WvfLE= Subject key identifier: 05:02:8B:F0:45:C2:3E:FC:8E:42:0D:48:09:4D:7C:D4:7C:EC:4C:B6 Certificate issuer: /CN=c5e172872eb7bef0965df13b0fc5d65e75370a19 Certificate serial: 019B7BA344892D3F3449BEDF9AE60B8CBA32 Authority key identifier: C5:E1:72:87:2E:B7:BE:F0:96:5D:F1:3B:0F:C5:D6:5E:75:37:0A:19 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xeFyhy63vvCWXfE7D8XWXnU3Chk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/7f0d3c-bbd9-4fee-b60b-c465d8902c1b/1/BQKL8EXCPvyOQg1ICU181HzsTLY.roa Signing time: Thu 01 Jan 2026 22:17:36 +0000 ROA not before: Thu 01 Jan 2026 22:17:36 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 60351 IP address blocks: 37.77.200.0/24 maxlen: 24 37.77.201.0/24 maxlen: 24 37.77.202.0/24 maxlen: 24 37.77.203.0/24 maxlen: 24 37.77.204.0/24 maxlen: 24 37.77.205.0/24 maxlen: 24 37.77.206.0/24 maxlen: 24 37.77.207.0/24 maxlen: 24 185.21.164.0/22 maxlen: 22 2a00:8140::/36 maxlen: 36 2a00:8140:1000::/36 maxlen: 36 2a00:8140:f000::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/7f0d3c-bbd9-4fee-b60b-c465d8902c1b/1/xeFyhy63vvCWXfE7D8XWXnU3Chk.crl rsync://rpki.ripe.net/repository/DEFAULT/1e/7f0d3c-bbd9-4fee-b60b-c465d8902c1b/1/xeFyhy63vvCWXfE7D8XWXnU3Chk.mft rsync://rpki.ripe.net/repository/DEFAULT/xeFyhy63vvCWXfE7D8XWXnU3Chk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:01:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a3:44:89:2d:3f:34:49:be:df:9a:e6:0b:8c:ba:32 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c5e172872eb7bef0965df13b0fc5d65e75370a19 Validity Not Before: Jan 1 22:17:36 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=05028bf045c23efc8e420d48094d7cd47cec4cb6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:8f:91:e9:dc:ec:70:66:b5:62:de:4e:59:ff: 83:92:53:44:7f:c4:43:30:fe:db:bd:01:31:82:cd: 4b:c0:51:83:b9:c7:b3:a7:de:98:ae:5e:8d:0b:40: 2a:2e:7d:23:e2:7e:95:f0:eb:9c:d6:8b:d5:92:55: 13:df:67:11:3c:b8:25:af:04:cd:b8:7c:01:98:ff: ce:20:50:b9:e4:91:7a:3c:09:77:fb:3d:15:f6:53: e8:1b:90:80:b4:44:40:8d:a9:49:a4:37:12:9d:c4: 3a:1b:6e:81:48:74:9b:b2:9b:b5:c9:d7:fe:ee:49: 50:78:de:73:79:00:31:a6:55:c3:d5:82:23:e4:5e: ae:60:c3:74:51:2e:9c:eb:8e:97:01:3f:03:63:19: 8b:7e:5a:85:52:f4:8d:39:ae:8b:3a:54:fa:a7:f2: 65:05:e8:a8:fd:45:25:78:cf:4f:ab:a2:d3:70:d8: b5:e6:92:0a:34:ba:5a:e8:1a:54:f6:51:d3:ef:4a: 3a:16:dc:1e:5a:94:05:69:e6:b5:5d:98:e9:84:99: 1f:5c:c8:63:24:3f:28:eb:1b:ad:b9:dc:03:d4:58: f0:f4:92:9c:a7:83:3d:7b:04:4a:79:5f:d7:b6:23: 66:5c:0e:58:6f:b8:2f:56:2b:70:00:00:cb:96:cb: f9:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 05:02:8B:F0:45:C2:3E:FC:8E:42:0D:48:09:4D:7C:D4:7C:EC:4C:B6 X509v3 Authority Key Identifier: keyid:C5:E1:72:87:2E:B7:BE:F0:96:5D:F1:3B:0F:C5:D6:5E:75:37:0A:19 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xeFyhy63vvCWXfE7D8XWXnU3Chk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/7f0d3c-bbd9-4fee-b60b-c465d8902c1b/1/BQKL8EXCPvyOQg1ICU181HzsTLY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/7f0d3c-bbd9-4fee-b60b-c465d8902c1b/1/xeFyhy63vvCWXfE7D8XWXnU3Chk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 37.77.200.0/21 185.21.164.0/22 IPv6: 2a00:8140::/35 2a00:8140:f000::/36 Signature Algorithm: sha256WithRSAEncryption c1:99:e9:bc:55:25:45:cb:91:d6:a2:64:22:18:c1:86:af:e2: 15:86:0f:b5:69:40:a9:ed:57:fe:95:b4:c5:91:fb:9e:a0:ae: b4:4a:64:dd:cb:bb:de:3f:b6:93:61:b4:ce:a7:94:df:fd:5e: 0e:c7:9e:e6:8e:dc:92:bc:6b:82:1b:7a:49:8f:7e:73:5c:2e: cc:59:1c:67:32:95:1a:c9:09:a8:58:e2:31:ec:9c:09:dd:d0: e1:3f:3d:de:ce:dc:3c:59:7a:4a:c8:60:59:a6:d9:65:34:0c: 01:0d:c7:fc:17:67:b8:83:f6:59:cb:0d:10:e9:93:b8:ef:d1: 2c:68:85:d2:a4:7b:fb:3d:e1:2b:86:af:81:b4:2c:d1:dc:37: 11:3d:9a:81:a6:d3:94:0b:95:f0:eb:f8:9e:f5:97:33:1b:e4: e5:f0:95:1a:e1:38:72:1e:c0:ad:25:16:cb:38:30:97:e9:21: 09:22:7e:57:bb:a9:f1:77:5c:9f:59:02:b8:67:4b:88:b0:9f: 7a:8d:4e:ef:ee:f2:79:1a:f3:60:89:c2:dd:ec:f2:aa:91:99: c9:b4:fb:cf:24:9d:41:7d:dc:23:16:1e:05:7a:85:ee:6f:45: 94:09:13:04:c4:d9:e0:4b:8e:a5:59:02:83:7a:de:65:06:d2: 08:3f:6a:4e -----BEGIN CERTIFICATE----- MIIFGzCCBAOgAwIBAgISAZt7o0SJLT80Sb7fmuYLjLoyMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM1ZTE3Mjg3MmViN2JlZjA5NjVkZjEzYjBmYzVkNjVlNzUz NzBhMTkwHhcNMjYwMTAxMjIxNzM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwNTAyOGJmMDQ1YzIzZWZjOGU0MjBkNDgwOTRkN2NkNDdjZWM0Y2I2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAno+R6dzscGa1Yt5OWf+DklNEf8RD MP7bvQExgs1LwFGDucezp96Yrl6NC0AqLn0j4n6V8Ouc1ovVklUT32cRPLglrwTN uHwBmP/OIFC55JF6PAl3+z0V9lPoG5CAtERAjalJpDcSncQ6G26BSHSbspu1ydf+ 7klQeN5zeQAxplXD1YIj5F6uYMN0US6c646XAT8DYxmLflqFUvSNOa6LOlT6p/Jl Beio/UUleM9Pq6LTcNi15pIKNLpa6BpU9lHT70o6FtweWpQFaea1XZjphJkfXMhj JD8o6xutudwD1Fjw9JKcp4M9ewRKeV/XtiNmXA5Yb7gvVitwAADLlsv5AQIDAQAB o4ICJzCCAiMwHQYDVR0OBBYEFAUCi/BFwj78jkINSAlNfNR87Ey2MB8GA1UdIwQY MBaAFMXhcocut77wll3xOw/F1l51NwoZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveGVGeWh5NjN2dkNXWGZFN0Q4WFdYblUzQ2hrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS83ZjBkM2MtYmJkOS00ZmVlLWI2MGIt YzQ2NWQ4OTAyYzFiLzEvQlFLTDhFWENQdnlPUWcxSUNVMTgxSHpzVExZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xZS83ZjBkM2MtYmJkOS00ZmVlLWI2MGItYzQ2NWQ4OTAyYzFi LzEveGVGeWh5NjN2dkNXWGZFN0Q4WFdYblUzQ2hrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQDJU3IAwQC uRWkMBYEAgACMBADBgUqAIFAAAMGBCoAgUDwMA0GCSqGSIb3DQEBCwUAA4IBAQDB mem8VSVFy5HWomQiGMGGr+IVhg+1aUCp7Vf+lbTFkfueoK60SmTdy7veP7aTYbTO p5Tf/V4Ox57mjtySvGuCG3pJj35zXC7MWRxnMpUayQmoWOIx7JwJ3dDhPz3eztw8 WXpKyGBZptllNAwBDcf8F2e4g/ZZyw0Q6ZO479EsaIXSpHv7PeErhq+BtCzR3DcR PZqBptOUC5Xw6/ie9ZczG+Tl8JUa4ThyHsCtJRbLODCX6SEJIn5Xu6nxd1yfWQK4 Z0uIsJ96jU7v7vJ5GvNgicLd7PKqkZnJtPvPJJ1BfdwjFh4FeoXub0WUCRMExNng S46lWQKDet5lBtIIP2pO -----END CERTIFICATE-----Generated at Sun Jan 25 19:59:27 2026 by rpki-client