This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/a21c9e-87f1-4983-8394-de37673c409c/1/bZqOUIU_1IqMOnS3XXUrS60GrpM.roa File: bZqOUIU_1IqMOnS3XXUrS60GrpM.roa (raw, json) Hash identifier: LFmDzSYfJ7mk0ygK5bmtim3i/wVzAaEknmN17hltFu0= Subject key identifier: 6D:9A:8E:50:85:3F:D4:8A:8C:3A:74:B7:5D:75:2B:4B:AD:06:AE:93 Certificate issuer: /CN=aa54c4763ea018c3dc70203d04efe71fd4b1b066 Certificate serial: 019B7D5D2DAA9A1BC4B51B2879D3EFF948F0 Authority key identifier: AA:54:C4:76:3E:A0:18:C3:DC:70:20:3D:04:EF:E7:1F:D4:B1:B0:66 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qlTEdj6gGMPccCA9BO_nH9SxsGY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/a21c9e-87f1-4983-8394-de37673c409c/1/bZqOUIU_1IqMOnS3XXUrS60GrpM.roa Signing time: Fri 02 Jan 2026 06:20:17 +0000 ROA not before: Fri 02 Jan 2026 06:20:17 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 59395 IP address blocks: 5.175.59.0/24 maxlen: 24 5.175.61.0/24 maxlen: 24 185.136.73.0/24 maxlen: 24 185.136.74.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/a21c9e-87f1-4983-8394-de37673c409c/1/qlTEdj6gGMPccCA9BO_nH9SxsGY.crl rsync://rpki.ripe.net/repository/DEFAULT/4e/a21c9e-87f1-4983-8394-de37673c409c/1/qlTEdj6gGMPccCA9BO_nH9SxsGY.mft rsync://rpki.ripe.net/repository/DEFAULT/qlTEdj6gGMPccCA9BO_nH9SxsGY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5d:2d:aa:9a:1b:c4:b5:1b:28:79:d3:ef:f9:48:f0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=aa54c4763ea018c3dc70203d04efe71fd4b1b066 Validity Not Before: Jan 2 06:20:17 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=6d9a8e50853fd48a8c3a74b75d752b4bad06ae93 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f2:80:7e:cb:fe:fc:6c:9f:2a:45:09:bb:16:e0: c1:75:69:90:b9:0e:f1:26:65:8b:cc:6e:18:63:a8: 0b:22:a6:75:99:20:1a:48:26:c8:98:c3:e6:ca:1a: 6b:35:5b:8b:46:f9:3e:44:2b:a5:51:59:d8:4e:8d: 53:82:93:6a:5c:af:04:b3:7c:e3:59:a3:f8:7f:e5: 6b:c7:44:bc:c9:94:17:cb:35:1c:dc:ad:ad:ad:6a: 01:9d:ad:c4:fa:3b:b3:39:78:5c:0c:89:03:e8:d3: 1f:24:a2:5a:52:ca:c3:74:2f:cc:39:79:c7:18:96: bf:db:60:59:f0:9a:01:12:61:41:21:83:d5:a1:d3: 47:96:43:04:66:5c:00:f4:06:a4:5a:21:b7:1c:23: 20:9d:37:2a:d9:be:59:b6:7a:e6:a4:52:71:b5:3d: 90:21:04:1e:27:63:58:c2:98:62:4c:bf:8a:49:58: b0:f7:45:c4:db:39:d5:49:e2:ad:18:ad:ef:87:03: b1:f4:c5:fb:0f:bc:df:3c:30:58:3a:bd:92:3e:35: 5d:dc:a9:f1:52:ae:26:38:bc:85:95:83:6f:3d:2d: 3f:91:61:08:9f:62:a5:7a:1b:2e:9e:de:80:b4:4e: 78:e5:67:f2:19:32:18:a1:20:d2:32:5a:be:c1:ed: 0c:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6D:9A:8E:50:85:3F:D4:8A:8C:3A:74:B7:5D:75:2B:4B:AD:06:AE:93 X509v3 Authority Key Identifier: keyid:AA:54:C4:76:3E:A0:18:C3:DC:70:20:3D:04:EF:E7:1F:D4:B1:B0:66 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qlTEdj6gGMPccCA9BO_nH9SxsGY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/a21c9e-87f1-4983-8394-de37673c409c/1/bZqOUIU_1IqMOnS3XXUrS60GrpM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/a21c9e-87f1-4983-8394-de37673c409c/1/qlTEdj6gGMPccCA9BO_nH9SxsGY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.175.59.0/24 5.175.61.0/24 185.136.73.0-185.136.75.255 Signature Algorithm: sha256WithRSAEncryption 85:2d:cc:cc:4b:e4:40:dc:89:39:56:17:74:46:fc:2a:46:85: 9d:a5:53:5d:bc:e9:51:1f:5e:ab:13:6f:05:5c:74:70:9e:66: 36:33:a6:0a:c6:40:8c:4f:50:80:52:c1:ac:31:97:72:cf:53: f0:f4:6d:71:49:15:e8:1a:3e:eb:ed:23:83:ff:3e:ba:a8:51: 59:0e:81:d2:ee:a2:22:1d:69:e0:a1:1f:01:84:ce:ff:8d:66: 70:e3:6d:b2:7d:44:4e:7b:3e:98:ce:70:75:1d:ce:77:5c:3e: d5:a0:30:00:ef:ae:f0:1c:7b:ef:6c:26:63:4f:c5:59:30:97: 5e:96:44:73:0b:15:a9:12:f1:9f:0b:1e:2a:92:42:a7:f1:be: 91:07:5a:a4:71:12:bf:db:06:65:05:20:3b:20:55:de:04:e2: 33:55:02:f3:c5:5d:d6:bb:a9:dd:47:ca:b8:05:d1:ea:f5:2f: c2:ad:61:1f:3c:2d:40:f2:3a:c8:18:6d:e4:66:14:6e:e5:7d: f3:07:5d:05:f3:2a:0d:e1:37:45:61:64:e1:08:c8:d3:8d:33: a7:2d:9d:01:d2:05:4d:25:d8:7f:2e:e3:a8:52:08:44:78:a9: 90:4d:fc:bf:59:66:a5:52:23:0a:30:c8:5f:8c:b9:5e:27:26: 1c:45:c6:54 -----BEGIN CERTIFICATE----- MIIFETCCA/mgAwIBAgISAZt9XS2qmhvEtRsoedPv+UjwMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFhNTRjNDc2M2VhMDE4YzNkYzcwMjAzZDA0ZWZlNzFmZDRi MWIwNjYwHhcNMjYwMTAyMDYyMDE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2ZDlhOGU1MDg1M2ZkNDhhOGMzYTc0Yjc1ZDc1MmI0YmFkMDZhZTkzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8oB+y/78bJ8qRQm7FuDBdWmQuQ7x JmWLzG4YY6gLIqZ1mSAaSCbImMPmyhprNVuLRvk+RCulUVnYTo1TgpNqXK8Es3zj WaP4f+Vrx0S8yZQXyzUc3K2trWoBna3E+juzOXhcDIkD6NMfJKJaUsrDdC/MOXnH GJa/22BZ8JoBEmFBIYPVodNHlkMEZlwA9AakWiG3HCMgnTcq2b5ZtnrmpFJxtT2Q IQQeJ2NYwphiTL+KSViw90XE2znVSeKtGK3vhwOx9MX7D7zfPDBYOr2SPjVd3Knx Uq4mOLyFlYNvPS0/kWEIn2Klehsunt6AtE545WfyGTIYoSDSMlq+we0MmwIDAQAB o4ICHTCCAhkwHQYDVR0OBBYEFG2ajlCFP9SKjDp0t111K0utBq6TMB8GA1UdIwQY MBaAFKpUxHY+oBjD3HAgPQTv5x/UsbBmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcWxURWRqNmdHTVBjY0NBOUJPX25IOVN4c0dZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9hMjFjOWUtODdmMS00OTgzLTgzOTQt ZGUzNzY3M2M0MDljLzEvYlpxT1VJVV8xSXFNT25TM1hYVXJTNjBHcnBNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80ZS9hMjFjOWUtODdmMS00OTgzLTgzOTQtZGUzNzY3M2M0MDlj LzEvcWxURWRqNmdHTVBjY0NBOUJPX25IOVN4c0dZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQABa87AwQA Ba89MAwDBAC5iEkDBAK5iEgwDQYJKoZIhvcNAQELBQADggEBAIUtzMxL5EDciTlW F3RG/CpGhZ2lU1286VEfXqsTbwVcdHCeZjYzpgrGQIxPUIBSwawxl3LPU/D0bXFJ FegaPuvtI4P/PrqoUVkOgdLuoiIdaeChHwGEzv+NZnDjbbJ9RE57PpjOcHUdzndc PtWgMADvrvAce+9sJmNPxVkwl16WRHMLFakS8Z8LHiqSQqfxvpEHWqRxEr/bBmUF IDsgVd4E4jNVAvPFXda7qd1HyrgF0er1L8KtYR88LUDyOsgYbeRmFG7lffMHXQXz Kg3hN0VhZOEIyNONM6ctnQHSBU0l2H8u46hSCER4qZBN/L9ZZqVSIwowyF+MuV4n JhxFxlQ= -----END CERTIFICATE-----Generated at Sun Jan 25 15:13:44 2026 by rpki-client