This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/qoJxh9RoMci9r1884qksasXONeQ.roa File: qoJxh9RoMci9r1884qksasXONeQ.roa (raw, json) Hash identifier: b1P5hF2MWBN0Il3GucTyqyanvw/mWve+jbkBZTYW4xQ= Subject key identifier: AA:82:71:87:D4:68:31:C8:BD:AF:5F:3C:E2:A9:2C:6A:C5:CE:35:E4 Certificate issuer: /CN=91d0c78c309a3e99dc9ab74f2cdc0484859e7530 Certificate serial: 019B77C6ED09DB17CE1993313EB748A2B7F7 Authority key identifier: 91:D0:C7:8C:30:9A:3E:99:DC:9A:B7:4F:2C:DC:04:84:85:9E:75:30 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kdDHjDCaPpncmrdPLNwEhIWedTA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/qoJxh9RoMci9r1884qksasXONeQ.roa Signing time: Thu 01 Jan 2026 04:18:04 +0000 ROA not before: Thu 01 Jan 2026 04:18:04 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 198584 IP address blocks: 45.135.192.0/24 maxlen: 24 45.135.195.0/24 maxlen: 24 45.153.33.0/24 maxlen: 24 92.246.87.0/24 maxlen: 24 195.62.32.0/24 maxlen: 24 2a10:ca80::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/kdDHjDCaPpncmrdPLNwEhIWedTA.crl rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/kdDHjDCaPpncmrdPLNwEhIWedTA.mft rsync://rpki.ripe.net/repository/DEFAULT/kdDHjDCaPpncmrdPLNwEhIWedTA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c6:ed:09:db:17:ce:19:93:31:3e:b7:48:a2:b7:f7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=91d0c78c309a3e99dc9ab74f2cdc0484859e7530 Validity Not Before: Jan 1 04:18:04 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=aa827187d46831c8bdaf5f3ce2a92c6ac5ce35e4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:d9:24:f1:76:06:3d:e1:b6:1f:37:7d:63:c9: 06:e8:81:d4:fb:f1:23:98:28:b8:de:7d:6e:af:e9: 55:ad:86:f3:07:74:c4:60:d3:e1:02:3f:37:cc:13: 71:9b:77:b5:23:d3:89:c4:14:11:a7:a8:d3:f9:19: 0d:cc:0e:64:83:b1:5c:9e:e9:11:2a:5b:bb:99:6b: 31:bd:69:83:c9:2b:ea:cf:ca:ff:0d:d3:46:ad:5b: 6b:31:ec:83:e9:bd:0a:d1:3a:89:55:a7:c1:42:5e: b0:f3:78:05:fe:dc:9a:9b:ba:8d:02:a9:4e:a5:8f: 43:b1:63:77:f6:eb:11:53:ba:d4:c0:10:39:2b:06: 8c:40:be:65:1a:69:58:fc:76:89:9b:06:1a:62:cc: 8e:2c:0b:06:53:d5:e4:89:ec:7b:56:b9:78:aa:9c: b6:fe:c7:03:d4:f6:55:3d:ac:10:a5:91:10:97:ba: 11:43:e3:43:4a:5c:19:45:dc:93:ee:d6:52:f8:6a: d3:61:c0:41:04:98:cb:8c:00:91:3e:ff:34:96:71: ca:31:5c:bd:6f:2e:59:03:04:04:c1:e4:37:9d:d9: 6b:8b:47:64:51:48:3e:7e:ea:84:96:2e:68:6c:81: 58:c2:9a:26:1a:22:d5:a2:f2:46:ae:66:0f:e5:3f: 2f:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AA:82:71:87:D4:68:31:C8:BD:AF:5F:3C:E2:A9:2C:6A:C5:CE:35:E4 X509v3 Authority Key Identifier: keyid:91:D0:C7:8C:30:9A:3E:99:DC:9A:B7:4F:2C:DC:04:84:85:9E:75:30 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kdDHjDCaPpncmrdPLNwEhIWedTA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/qoJxh9RoMci9r1884qksasXONeQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/kdDHjDCaPpncmrdPLNwEhIWedTA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.135.192.0/24 45.135.195.0/24 45.153.33.0/24 92.246.87.0/24 195.62.32.0/24 IPv6: 2a10:ca80::/48 Signature Algorithm: sha256WithRSAEncryption 69:06:e8:23:73:9e:e8:f6:ab:4f:bb:c3:17:3a:ee:29:8a:2d: b8:01:4f:8c:86:4f:dd:9b:4e:d9:3b:ea:c9:ff:1a:0c:24:ff: 3f:01:bf:a8:0c:0c:e8:17:68:92:7f:1e:78:cb:34:1b:2b:13: bf:8a:fd:fb:c3:08:95:e2:fb:9c:25:4f:e8:04:96:37:9e:af: 9a:eb:46:4a:61:c1:e0:05:60:74:c3:40:a8:b3:23:2a:d1:59: bb:6f:d3:21:06:fa:4a:34:2b:b5:78:45:53:0e:07:7a:57:97: ce:e3:40:c9:c8:a1:55:4f:ad:a1:5c:95:10:10:d7:c5:be:d4: 0b:4e:83:2f:5a:11:5b:67:09:ab:bb:88:60:6a:4a:7c:67:77: 05:6e:35:52:ac:ca:a8:7f:49:3e:da:78:4c:bb:fd:2a:8b:c1: 67:f9:22:7d:9c:ce:5b:38:fd:2a:41:04:3f:f3:e7:42:12:7d: de:6e:77:02:ef:b0:28:85:3a:9c:69:44:e8:fe:29:d5:35:b5: 9e:92:24:92:ab:c4:88:4f:1b:30:4b:2d:f8:f8:3f:b7:3e:d2: 97:b8:57:88:3f:d7:49:ee:3b:99:98:c3:e1:7a:7f:cb:e8:33: 55:63:2e:bd:e7:89:50:56:8d:d0:83:31:e4:13:dc:7b:36:fc: 7d:e0:cb:80 -----BEGIN CERTIFICATE----- MIIFJjCCBA6gAwIBAgISAZt3xu0J2xfOGZMxPrdIorf3MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkxZDBjNzhjMzA5YTNlOTlkYzlhYjc0ZjJjZGMwNDg0ODU5 ZTc1MzAwHhcNMjYwMTAxMDQxODA0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhYTgyNzE4N2Q0NjgzMWM4YmRhZjVmM2NlMmE5MmM2YWM1Y2UzNWU0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxdkk8XYGPeG2Hzd9Y8kG6IHU+/Ej mCi43n1ur+lVrYbzB3TEYNPhAj83zBNxm3e1I9OJxBQRp6jT+RkNzA5kg7FcnukR Klu7mWsxvWmDySvqz8r/DdNGrVtrMeyD6b0K0TqJVafBQl6w83gF/tyam7qNAqlO pY9DsWN39usRU7rUwBA5KwaMQL5lGmlY/HaJmwYaYsyOLAsGU9Xkiex7Vrl4qpy2 /scD1PZVPawQpZEQl7oRQ+NDSlwZRdyT7tZS+GrTYcBBBJjLjACRPv80lnHKMVy9 by5ZAwQEweQ3ndlri0dkUUg+fuqEli5obIFYwpomGiLVovJGrmYP5T8vowIDAQAB o4ICMjCCAi4wHQYDVR0OBBYEFKqCcYfUaDHIva9fPOKpLGrFzjXkMB8GA1UdIwQY MBaAFJHQx4wwmj6Z3Jq3TyzcBISFnnUwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva2RESGpEQ2FQcG5jbXJkUExOd0VoSVdlZFRBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS8yOTNhMmYtMzk5Ny00OTdmLTllZjEt NDg1MmM4ZmY4YWYyLzEvcW9KeGg5Um9NY2k5cjE4ODRxa3Nhc1hPTmVRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zOS8yOTNhMmYtMzk5Ny00OTdmLTllZjEtNDg1MmM4ZmY4YWYy LzEva2RESGpEQ2FQcG5jbXJkUExOd0VoSVdlZFRBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAkBAIAATAeAwQALYfAAwQA LYfDAwQALZkhAwQAXPZXAwQAwz4gMA8EAgACMAkDBwAqEMqAAAAwDQYJKoZIhvcN AQELBQADggEBAGkG6CNznuj2q0+7wxc67imKLbgBT4yGT92bTtk76sn/Ggwk/z8B v6gMDOgXaJJ/HnjLNBsrE7+K/fvDCJXi+5wlT+gEljeer5rrRkphweAFYHTDQKiz IyrRWbtv0yEG+ko0K7V4RVMOB3pXl87jQMnIoVVPraFclRAQ18W+1AtOgy9aEVtn Cau7iGBqSnxndwVuNVKsyqh/ST7aeEy7/SqLwWf5In2czls4/SpBBD/z50ISfd5u dwLvsCiFOpxpROj+KdU1tZ6SJJKrxIhPGzBLLfj4P7c+0pe4V4g/10nuO5mYw+F6 f8voM1VjLr3niVBWjdCDMeQT3Hs2/H3gy4A= -----END CERTIFICATE-----Generated at Sun Jan 25 17:43:15 2026 by rpki-client