This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/QKbqYAZoMLxxQoZjQyyIVGemNyI.roa File: QKbqYAZoMLxxQoZjQyyIVGemNyI.roa (raw, json) Hash identifier: tiqdB8QX7m+6TFy6L7vHeuHm9oaoK9fubunWYy0x0pE= Subject key identifier: 40:A6:EA:60:06:68:30:BC:71:42:86:63:43:2C:88:54:67:A6:37:22 Certificate issuer: /CN=279dbfdf4c20bdae8d6118566ece76444e46d171 Certificate serial: 019B7F149B979C2860A87366BF17AE4FB59A Authority key identifier: 27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/QKbqYAZoMLxxQoZjQyyIVGemNyI.roa Signing time: Fri 02 Jan 2026 14:20:15 +0000 ROA not before: Fri 02 Jan 2026 14:20:15 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 4589 IP address blocks: 217.114.113.0/24 maxlen: 24 217.114.127.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.mft rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 06:01:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:14:9b:97:9c:28:60:a8:73:66:bf:17:ae:4f:b5:9a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=279dbfdf4c20bdae8d6118566ece76444e46d171 Validity Not Before: Jan 2 14:20:15 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=40a6ea60066830bc71428663432c885467a63722 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:00:d1:a4:26:9a:c1:8c:ee:e7:6b:60:69:0c: 7c:34:ef:64:03:93:78:ac:14:dc:41:eb:25:5c:07: f0:70:35:c8:90:63:b5:dc:68:8b:b6:c3:ab:ed:d6: 53:7f:9c:7c:c1:33:00:42:f2:cb:2d:3a:64:eb:a6: fd:2b:f7:c2:fe:50:22:44:41:bd:4f:66:d4:3a:24: 77:d9:e8:99:11:89:76:65:4b:6c:be:eb:59:01:6b: f8:73:aa:40:e5:e1:ce:42:80:4f:68:18:0e:91:a3: 11:28:e6:f5:b1:6f:89:66:e2:4f:8c:04:d9:bd:d2: e2:8f:26:39:f1:82:ff:65:87:5c:30:7f:23:2d:81: 43:1d:ae:03:75:dd:a8:6f:82:0d:f4:67:7e:85:41: 70:49:9c:3b:2e:27:89:47:b4:0f:8e:61:bf:0e:07: 7d:19:5c:2a:20:6e:a9:36:9d:2e:59:19:1b:af:de: b8:82:53:ee:40:c2:96:26:cd:ef:09:23:cf:ee:3b: 10:93:fe:b0:a3:e4:b3:12:c3:f5:00:22:40:2c:c1: f8:6f:d8:af:d4:0d:fc:92:21:c2:b1:30:52:8d:22: 81:fc:1f:21:0a:24:10:0a:fb:41:c0:b3:fa:19:d7: 6c:b7:cb:0d:45:6c:75:5e:3e:46:c4:42:ee:60:cb: c2:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:A6:EA:60:06:68:30:BC:71:42:86:63:43:2C:88:54:67:A6:37:22 X509v3 Authority Key Identifier: keyid:27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/QKbqYAZoMLxxQoZjQyyIVGemNyI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 217.114.113.0/24 217.114.127.0/24 Signature Algorithm: sha256WithRSAEncryption bc:c4:4b:c5:95:80:1a:db:47:0b:de:7e:b5:4f:e8:8b:73:7c: ef:e2:3f:8c:bb:0e:21:c1:c7:8b:bd:1c:68:9f:39:48:27:78: 03:aa:d3:95:4f:9d:21:da:ac:53:9a:31:ac:3c:86:56:fa:a1: d7:3c:8f:ee:d1:04:c4:6e:e5:07:59:42:39:db:ad:5b:2b:32: 20:5e:04:47:c4:c9:90:37:77:16:7e:fd:84:75:85:4c:07:9d: 70:de:5d:4c:b0:5c:17:58:63:09:6a:d9:c0:eb:98:d2:52:24: 97:2f:41:fd:95:36:cb:14:53:11:bf:a1:f8:ac:88:f1:87:09: ed:15:db:c0:4a:3a:e7:81:43:ab:1c:e3:9d:e2:c2:16:36:1f: 94:87:3e:c5:6b:af:b5:68:d5:7e:fb:ea:05:21:5a:5e:4e:07: 62:66:19:fa:38:fb:f4:ad:e4:57:7a:0b:5f:4b:b7:a4:ce:7c: 47:65:b7:d7:8a:9e:31:dd:57:e5:c8:f2:c1:fc:24:b3:eb:f2: 00:bf:0d:53:0c:51:66:ca:90:29:02:67:09:29:93:2c:0e:e9: 49:2d:04:70:0b:32:f4:66:7e:98:03:a9:51:6e:2d:ad:f9:3b: ed:1b:c3:d0:b9:c4:5a:e9:0a:25:79:8e:fa:95:72:18:89:f6: db:3c:2e:3f -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt/FJuXnChgqHNmvxeuT7WaMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI3OWRiZmRmNGMyMGJkYWU4ZDYxMTg1NjZlY2U3NjQ0NGU0 NmQxNzEwHhcNMjYwMTAyMTQyMDE1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0MGE2ZWE2MDA2NjgzMGJjNzE0Mjg2NjM0MzJjODg1NDY3YTYzNzIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwADRpCaawYzu52tgaQx8NO9kA5N4 rBTcQeslXAfwcDXIkGO13GiLtsOr7dZTf5x8wTMAQvLLLTpk66b9K/fC/lAiREG9 T2bUOiR32eiZEYl2ZUtsvutZAWv4c6pA5eHOQoBPaBgOkaMRKOb1sW+JZuJPjATZ vdLijyY58YL/ZYdcMH8jLYFDHa4Ddd2ob4IN9Gd+hUFwSZw7LieJR7QPjmG/Dgd9 GVwqIG6pNp0uWRkbr964glPuQMKWJs3vCSPP7jsQk/6wo+SzEsP1ACJALMH4b9iv 1A38kiHCsTBSjSKB/B8hCiQQCvtBwLP6Gddst8sNRWx1Xj5GxELuYMvCfQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFECm6mAGaDC8cUKGY0MsiFRnpjciMB8GA1UdIwQY MBaAFCedv99MIL2ujWEYVm7OdkRORtFxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEt MGNmMTA5M2Q0NTQ4LzEvUUticVlBWm9NTHh4UW9aalF5eUlWR2VtTnlJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEtMGNmMTA5M2Q0NTQ4 LzEvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQA2XJxAwQA 2XJ/MA0GCSqGSIb3DQEBCwUAA4IBAQC8xEvFlYAa20cL3n61T+iLc3zv4j+Muw4h wceLvRxonzlIJ3gDqtOVT50h2qxTmjGsPIZW+qHXPI/u0QTEbuUHWUI5261bKzIg XgRHxMmQN3cWfv2EdYVMB51w3l1MsFwXWGMJatnA65jSUiSXL0H9lTbLFFMRv6H4 rIjxhwntFdvASjrngUOrHOOd4sIWNh+Uhz7Fa6+1aNV+++oFIVpeTgdiZhn6OPv0 reRXegtfS7ekznxHZbfXip4x3VflyPLB/CSz6/IAvw1TDFFmypApAmcJKZMsDulJ LQRwCzL0Zn6YA6lRbi2t+TvtG8PQucRa6QoleY76lXIYifbbPC4/ -----END CERTIFICATE-----Generated at Sun Jan 25 12:23:05 2026 by rpki-client