This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/b8ea5b-3dd4-4374-a793-c5e6d23f8b09/1/SQTwMRoxF7FRyK6nUUWbCz4A9eo.roa File: SQTwMRoxF7FRyK6nUUWbCz4A9eo.roa (raw, json) Hash identifier: uliL74kF/+emKLIjlFsJMg/YLv06A/SZL5XAxmC6u0o= Subject key identifier: 49:04:F0:31:1A:31:17:B1:51:C8:AE:A7:51:45:9B:0B:3E:00:F5:EA Certificate issuer: /CN=e5a1b36552f9daccb92ac5c3b44b426d643749e2 Certificate serial: 019B7910B09C153D36CB51B5BA0747EABA2F Authority key identifier: E5:A1:B3:65:52:F9:DA:CC:B9:2A:C5:C3:B4:4B:42:6D:64:37:49:E2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5aGzZVL52sy5KsXDtEtCbWQ3SeI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/b8ea5b-3dd4-4374-a793-c5e6d23f8b09/1/SQTwMRoxF7FRyK6nUUWbCz4A9eo.roa Signing time: Thu 01 Jan 2026 10:18:15 +0000 ROA not before: Thu 01 Jan 2026 10:18:15 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 24651 IP address blocks: 46.23.32.0/20 maxlen: 32 77.93.0.0/19 maxlen: 32 82.193.64.0/19 maxlen: 32 82.193.67.0/24 maxlen: 27 82.193.67.0/27 maxlen: 27 82.193.83.0/24 maxlen: 32 83.99.128.0/17 maxlen: 32 83.99.167.0/24 maxlen: 24 83.99.167.0/26 maxlen: 27 85.158.72.0/21 maxlen: 24 89.221.112.0/20 maxlen: 24 89.221.121.0/24 maxlen: 24 89.221.122.0/23 maxlen: 23 89.221.122.0/24 maxlen: 24 89.221.123.0/24 maxlen: 24 89.221.124.0/23 maxlen: 24 89.221.124.0/24 maxlen: 24 89.221.125.0/24 maxlen: 24 89.221.126.0/23 maxlen: 24 89.221.127.0/24 maxlen: 24 109.73.96.0/20 maxlen: 32 185.31.44.0/22 maxlen: 32 185.75.236.0/22 maxlen: 32 185.141.52.0/22 maxlen: 32 188.92.16.0/21 maxlen: 32 188.92.16.0/24 maxlen: 32 195.130.205.0/24 maxlen: 24 212.142.64.0/18 maxlen: 32 217.195.48.0/20 maxlen: 32 2a01:4e0::/29 maxlen: 29 2a01:4e0::/32 maxlen: 32 2a01:4e1:460:1::/64 maxlen: 64 2a01:4e1:cc1::/64 maxlen: 64 2a01:4e1:1745::/64 maxlen: 64 2a04:4e00::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/b8ea5b-3dd4-4374-a793-c5e6d23f8b09/1/5aGzZVL52sy5KsXDtEtCbWQ3SeI.crl rsync://rpki.ripe.net/repository/DEFAULT/40/b8ea5b-3dd4-4374-a793-c5e6d23f8b09/1/5aGzZVL52sy5KsXDtEtCbWQ3SeI.mft rsync://rpki.ripe.net/repository/DEFAULT/5aGzZVL52sy5KsXDtEtCbWQ3SeI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:10:b0:9c:15:3d:36:cb:51:b5:ba:07:47:ea:ba:2f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e5a1b36552f9daccb92ac5c3b44b426d643749e2 Validity Not Before: Jan 1 10:18:15 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=4904f0311a3117b151c8aea751459b0b3e00f5ea Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:ba:b1:6e:9b:73:53:3e:25:5c:42:70:37:01: 9f:81:53:d2:e2:b1:a9:1a:58:7d:06:5d:98:db:2b: 02:f7:39:b6:d0:9d:96:b8:ed:4d:07:7b:f0:74:f2: 13:90:36:ad:f3:18:7c:9c:ad:97:8b:ab:a1:f0:af: 4b:a9:50:b8:e3:0d:0b:bb:31:ea:44:26:c1:8d:60: ae:df:78:10:4a:9f:d8:d7:8f:f7:6d:bd:b6:ec:10: 5b:b4:ef:35:14:68:d4:69:4c:28:92:79:51:c3:ff: 55:f3:2c:ce:89:15:93:dd:f5:8e:24:78:7a:75:ee: 6a:ba:e9:22:69:f9:2e:c0:25:38:6b:20:c9:4b:51: 10:d5:ee:e7:73:f0:d4:b1:b4:47:6a:d9:bc:73:a3: b6:b7:51:8a:73:e6:53:ed:42:86:89:41:01:fa:ed: cc:ef:d7:d5:7f:43:9b:6b:7d:56:7f:5b:52:43:f7: 0a:4d:89:93:5e:ae:02:39:bf:5a:51:af:ed:d4:36: bb:4e:17:97:68:d0:3c:ae:1e:1a:e8:77:72:28:79: 47:f7:fd:39:4c:97:b4:31:c9:de:bd:b3:09:a8:ba: 82:8e:3c:ac:29:f3:71:2c:91:ef:7f:e3:94:cc:fe: 49:15:67:b8:97:fd:9d:d3:3a:8a:e2:63:62:c3:75: 86:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 49:04:F0:31:1A:31:17:B1:51:C8:AE:A7:51:45:9B:0B:3E:00:F5:EA X509v3 Authority Key Identifier: keyid:E5:A1:B3:65:52:F9:DA:CC:B9:2A:C5:C3:B4:4B:42:6D:64:37:49:E2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5aGzZVL52sy5KsXDtEtCbWQ3SeI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/b8ea5b-3dd4-4374-a793-c5e6d23f8b09/1/SQTwMRoxF7FRyK6nUUWbCz4A9eo.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/40/b8ea5b-3dd4-4374-a793-c5e6d23f8b09/1/5aGzZVL52sy5KsXDtEtCbWQ3SeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 46.23.32.0/20 77.93.0.0/19 82.193.64.0/19 83.99.128.0/17 85.158.72.0/21 89.221.112.0/20 109.73.96.0/20 185.31.44.0/22 185.75.236.0/22 185.141.52.0/22 188.92.16.0/21 195.130.205.0/24 212.142.64.0/18 217.195.48.0/20 IPv6: 2a01:4e0::/29 2a04:4e00::/29 Signature Algorithm: sha256WithRSAEncryption 2d:15:78:fc:92:5a:90:5f:58:2c:78:7e:b3:71:94:d0:66:15: b1:ca:74:6f:00:98:16:94:9c:e6:e1:b5:f0:41:35:b9:a5:ba: 06:3a:5d:91:ce:ad:a0:a6:da:52:d6:4c:f0:6e:c7:70:d9:93: 7f:fb:63:23:ee:83:76:df:3e:eb:29:69:4b:fe:72:68:6e:ef: fb:3c:a8:78:41:16:15:4c:90:68:be:ff:1b:62:0a:bb:27:fd: 1f:c1:92:99:ae:63:2d:a7:51:7d:ab:56:c7:6d:87:4c:e6:d0: 94:c5:95:34:39:4f:47:a1:25:05:f3:d7:22:a3:33:0d:7c:a9: 7b:78:10:e7:ec:55:09:51:09:dc:b5:65:89:70:eb:6a:32:d3: c7:f9:cf:a5:8d:15:3a:bb:49:51:0e:46:fc:3e:b7:1f:70:72: 72:e2:b8:a0:0c:b2:c2:0f:b5:6b:a8:90:dc:ed:e1:bb:32:f2: b5:50:5a:8b:fd:4b:45:ad:bd:64:a3:ee:84:32:88:c7:bb:ee: 24:31:97:78:67:f0:fb:73:7b:31:9d:96:bf:50:3b:04:aa:c4: 9a:ae:ed:87:56:33:5e:f9:02:e5:b2:3a:ba:a0:16:cd:aa:6e: 72:20:2f:2a:1a:e7:00:4c:86:1b:d3:25:c3:9c:e1:f3:4c:2a: c6:31:fe:3d -----BEGIN CERTIFICATE----- MIIFYjCCBEqgAwIBAgISAZt5ELCcFT02y1G1ugdH6rovMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGU1YTFiMzY1NTJmOWRhY2NiOTJhYzVjM2I0NGI0MjZkNjQz NzQ5ZTIwHhcNMjYwMTAxMTAxODE1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0OTA0ZjAzMTFhMzExN2IxNTFjOGFlYTc1MTQ1OWIwYjNlMDBmNWVhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5LqxbptzUz4lXEJwNwGfgVPS4rGp Glh9Bl2Y2ysC9zm20J2WuO1NB3vwdPITkDat8xh8nK2Xi6uh8K9LqVC44w0LuzHq RCbBjWCu33gQSp/Y14/3bb227BBbtO81FGjUaUwoknlRw/9V8yzOiRWT3fWOJHh6 de5quukiafkuwCU4ayDJS1EQ1e7nc/DUsbRHatm8c6O2t1GKc+ZT7UKGiUEB+u3M 79fVf0Oba31Wf1tSQ/cKTYmTXq4COb9aUa/t1Da7TheXaNA8rh4a6HdyKHlH9/05 TJe0McnevbMJqLqCjjysKfNxLJHvf+OUzP5JFWe4l/2d0zqK4mNiw3WGLQIDAQAB o4ICbjCCAmowHQYDVR0OBBYEFEkE8DEaMRexUciup1FFmws+APXqMB8GA1UdIwQY MBaAFOWhs2VS+drMuSrFw7RLQm1kN0niMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNWFHelpWTDUyc3k1S3NYRHRFdENiV1EzU2VJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9iOGVhNWItM2RkNC00Mzc0LWE3OTMt YzVlNmQyM2Y4YjA5LzEvU1FUd01Sb3hGN0ZSeUs2blVVV2JDejRBOWVvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80MC9iOGVhNWItM2RkNC00Mzc0LWE3OTMtYzVlNmQyM2Y4YjA5 LzEvNWFHelpWTDUyc3k1S3NYRHRFdENiV1EzU2VJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIGDBggrBgEFBQcBBwEB/wR0MHIwWgQCAAEwVAMEBC4XIAME BU1dAAMEBVLBQAMEB1NjgAMEA1WeSAMEBFndcAMEBG1JYAMEArkfLAMEArlL7AME ArmNNAMEA7xcEAMEAMOCzQMEBtSOQAMEBNnDMDAUBAIAAjAOAwUDKgEE4AMFAyoE TgAwDQYJKoZIhvcNAQELBQADggEBAC0VePySWpBfWCx4frNxlNBmFbHKdG8AmBaU nObhtfBBNbmlugY6XZHOraCm2lLWTPBux3DZk3/7YyPug3bfPuspaUv+cmhu7/s8 qHhBFhVMkGi+/xtiCrsn/R/BkpmuYy2nUX2rVsdth0zm0JTFlTQ5T0ehJQXz1yKj Mw18qXt4EOfsVQlRCdy1ZYlw62oy08f5z6WNFTq7SVEORvw+tx9wcnLiuKAMssIP tWuokNzt4bsy8rVQWov9S0WtvWSj7oQyiMe77iQxl3hn8PtzezGdlr9QOwSqxJqu 7YdWM175AuWyOrqgFs2qbnIgLyoa5wBMhhvTJcOc4fNMKsYx/j0= -----END CERTIFICATE-----Generated at Mon Jan 26 08:38:34 2026 by rpki-client