This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/421e40-edf6-47aa-9abe-1b0f254de619/1/qm3Y1xRAyMug1o4ZkPIWA5TQn1A.roa File: qm3Y1xRAyMug1o4ZkPIWA5TQn1A.roa (raw, json) Hash identifier: ah0q5b8U5QR+bHmaVCJCImjUhbJsUIFGC+OnAqXZW1w= Subject key identifier: AA:6D:D8:D7:14:40:C8:CB:A0:D6:8E:19:90:F2:16:03:94:D0:9F:50 Certificate issuer: /CN=ccf9a6d2f6cd588a77f423622e6b8d1c654bcdf2 Certificate serial: 019B76EB6B20F287974CDED8EDDF653069AA Authority key identifier: CC:F9:A6:D2:F6:CD:58:8A:77:F4:23:62:2E:6B:8D:1C:65:4B:CD:F2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zPmm0vbNWIp39CNiLmuNHGVLzfI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/421e40-edf6-47aa-9abe-1b0f254de619/1/qm3Y1xRAyMug1o4ZkPIWA5TQn1A.roa Signing time: Thu 01 Jan 2026 00:18:18 +0000 ROA not before: Thu 01 Jan 2026 00:18:18 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 5588 IP address blocks: 62.201.16.0/20 maxlen: 20 2a06:8080::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/421e40-edf6-47aa-9abe-1b0f254de619/1/zPmm0vbNWIp39CNiLmuNHGVLzfI.crl rsync://rpki.ripe.net/repository/DEFAULT/4e/421e40-edf6-47aa-9abe-1b0f254de619/1/zPmm0vbNWIp39CNiLmuNHGVLzfI.mft rsync://rpki.ripe.net/repository/DEFAULT/zPmm0vbNWIp39CNiLmuNHGVLzfI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 16:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:76:eb:6b:20:f2:87:97:4c:de:d8:ed:df:65:30:69:aa Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ccf9a6d2f6cd588a77f423622e6b8d1c654bcdf2 Validity Not Before: Jan 1 00:18:18 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=aa6dd8d71440c8cba0d68e1990f2160394d09f50 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:59:61:e7:7b:69:c5:7a:e6:c4:16:04:f3:c5: e4:e2:75:41:65:e0:e5:0d:4f:43:02:a8:7c:fa:2b: da:3a:9e:45:a4:ee:c1:c8:fa:94:99:b1:11:c4:02: 33:ee:96:5d:99:9a:63:7d:89:a9:81:99:4e:62:ca: 55:18:b1:71:8f:5b:bf:a1:04:21:54:1e:29:9c:aa: a3:e1:7b:91:ca:bd:56:7a:a3:15:7d:89:f5:51:e3: 30:69:f0:73:ca:2f:b7:58:56:42:c7:68:b8:55:24: 4d:21:27:46:c4:b0:b6:b2:8a:cc:2c:6f:af:6c:7c: 10:41:c6:ed:d2:65:c7:d0:f7:b1:8d:c8:43:c0:e3: f4:80:35:a3:05:73:2c:56:c1:fc:5e:15:88:97:8a: dc:31:e9:ad:dc:87:9d:e7:bb:8f:d1:a5:73:d5:a0: b4:50:8a:a6:f6:a8:0b:36:28:db:b4:02:58:47:58: dc:6d:be:82:63:1b:24:f8:64:2b:52:d5:02:7f:77: e1:91:d1:fe:9d:5f:89:e0:ee:74:6c:29:72:0b:8a: d1:70:77:98:3b:e2:6e:a9:a2:bb:69:ee:48:48:ae: e0:c7:6e:e7:6b:7f:ef:6b:18:92:25:ae:cf:74:6e: c4:64:94:39:95:60:28:bb:0b:42:a1:89:87:09:ff: 8d:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AA:6D:D8:D7:14:40:C8:CB:A0:D6:8E:19:90:F2:16:03:94:D0:9F:50 X509v3 Authority Key Identifier: keyid:CC:F9:A6:D2:F6:CD:58:8A:77:F4:23:62:2E:6B:8D:1C:65:4B:CD:F2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zPmm0vbNWIp39CNiLmuNHGVLzfI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/421e40-edf6-47aa-9abe-1b0f254de619/1/qm3Y1xRAyMug1o4ZkPIWA5TQn1A.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/421e40-edf6-47aa-9abe-1b0f254de619/1/zPmm0vbNWIp39CNiLmuNHGVLzfI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 62.201.16.0/20 IPv6: 2a06:8080::/29 Signature Algorithm: sha256WithRSAEncryption 39:79:4a:7b:a6:75:2f:b1:c2:45:9a:a9:4c:e8:54:07:6b:51: c6:bf:f3:3d:3d:6c:1d:3f:6e:d6:a2:50:47:2f:41:08:57:e7: e7:07:1f:56:ed:9a:32:94:2e:11:fc:c5:9a:a9:44:f4:39:b5: 67:d0:8d:52:d0:87:a8:00:46:d8:43:0e:2c:ad:be:11:69:2a: d2:b1:f1:c0:91:80:e2:b2:af:48:bb:ee:66:c6:01:23:f5:d4: 97:72:7b:52:9a:97:61:d0:b9:96:27:03:19:76:f0:9c:33:cd: 1c:61:36:37:48:10:88:65:9b:35:dc:85:0a:d7:f9:7d:78:ee: 01:63:8f:1e:e4:c4:c9:1c:33:46:d9:cc:e5:f4:2e:8f:04:0f: a6:59:96:6c:bd:4b:c9:01:7d:43:7d:15:5d:06:ac:56:f9:9d: 69:01:a8:63:6d:16:ab:85:d8:83:c4:1b:87:e0:82:33:0e:0d: bd:5f:13:f6:a4:80:fc:ed:ac:83:46:c6:8c:80:33:e5:22:74: c5:4d:0f:7e:f5:dc:fa:c7:53:ea:2e:f3:ce:70:5c:5f:20:61: 7e:f9:89:cb:af:37:8d:eb:3c:44:ac:9f:9e:bd:01:e6:7b:0f: b7:cf:00:ee:4c:fb:9c:ab:dc:86:4b:f9:cc:2d:1d:05:58:f7: 68:46:04:94 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt262sg8oeXTN7Y7d9lMGmqMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNjZjlhNmQyZjZjZDU4OGE3N2Y0MjM2MjJlNmI4ZDFjNjU0 YmNkZjIwHhcNMjYwMTAxMDAxODE4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhYTZkZDhkNzE0NDBjOGNiYTBkNjhlMTk5MGYyMTYwMzk0ZDA5ZjUwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw1lh53tpxXrmxBYE88Xk4nVBZeDl DU9DAqh8+ivaOp5FpO7ByPqUmbERxAIz7pZdmZpjfYmpgZlOYspVGLFxj1u/oQQh VB4pnKqj4XuRyr1WeqMVfYn1UeMwafBzyi+3WFZCx2i4VSRNISdGxLC2sorMLG+v bHwQQcbt0mXH0PexjchDwOP0gDWjBXMsVsH8XhWIl4rcMemt3Ied57uP0aVz1aC0 UIqm9qgLNijbtAJYR1jcbb6CYxsk+GQrUtUCf3fhkdH+nV+J4O50bClyC4rRcHeY O+JuqaK7ae5ISK7gx27na3/vaxiSJa7PdG7EZJQ5lWAouwtCoYmHCf+NbwIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFKpt2NcUQMjLoNaOGZDyFgOU0J9QMB8GA1UdIwQY MBaAFMz5ptL2zViKd/QjYi5rjRxlS83yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvelBtbTB2Yk5XSXAzOUNOaUxtdU5IR1ZMemZJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS80MjFlNDAtZWRmNi00N2FhLTlhYmUt MWIwZjI1NGRlNjE5LzEvcW0zWTF4UkF5TXVnMW80WmtQSVdBNVRRbjFBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80ZS80MjFlNDAtZWRmNi00N2FhLTlhYmUtMWIwZjI1NGRlNjE5 LzEvelBtbTB2Yk5XSXAzOUNOaUxtdU5IR1ZMemZJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQEPskQMA0E AgACMAcDBQMqBoCAMA0GCSqGSIb3DQEBCwUAA4IBAQA5eUp7pnUvscJFmqlM6FQH a1HGv/M9PWwdP27WolBHL0EIV+fnBx9W7ZoylC4R/MWaqUT0ObVn0I1S0IeoAEbY Qw4srb4RaSrSsfHAkYDisq9Iu+5mxgEj9dSXcntSmpdh0LmWJwMZdvCcM80cYTY3 SBCIZZs13IUK1/l9eO4BY48e5MTJHDNG2czl9C6PBA+mWZZsvUvJAX1DfRVdBqxW +Z1pAahjbRarhdiDxBuH4IIzDg29XxP2pID87ayDRsaMgDPlInTFTQ9+9dz6x1Pq LvPOcFxfIGF++YnLrzeN6zxErJ+evQHmew+3zwDuTPucq9yGS/nMLR0FWPdoRgSU -----END CERTIFICATE-----Generated at Mon Jan 26 00:37:32 2026 by rpki-client