This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/c24ac9-ad1c-4ec7-9373-b65262cf1983/1/QgMG-u89Y-TWbT4Gt6ZsQgsTYNI.roa File: QgMG-u89Y-TWbT4Gt6ZsQgsTYNI.roa (raw, json) Hash identifier: sETsQ4q/+Tu+FYDJynqCF64iSLCcXXD4r9m9lwpRbx8= Subject key identifier: 42:03:06:FA:EF:3D:63:E4:D6:6D:3E:06:B7:A6:6C:42:0B:13:60:D2 Certificate issuer: /CN=6b4f124c91caa0cc91c3b9bb4f8adb06326224a1 Certificate serial: 019B7C134F255998CB2C3064BD4FB734CDEB Authority key identifier: 6B:4F:12:4C:91:CA:A0:CC:91:C3:B9:BB:4F:8A:DB:06:32:62:24:A1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a08STJHKoMyRw7m7T4rbBjJiJKE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/c24ac9-ad1c-4ec7-9373-b65262cf1983/1/QgMG-u89Y-TWbT4Gt6ZsQgsTYNI.roa Signing time: Fri 02 Jan 2026 00:19:58 +0000 ROA not before: Fri 02 Jan 2026 00:19:58 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 210612 IP address blocks: 91.246.61.0/24 maxlen: 24 2a11:c040::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5c/c24ac9-ad1c-4ec7-9373-b65262cf1983/1/a08STJHKoMyRw7m7T4rbBjJiJKE.crl rsync://rpki.ripe.net/repository/DEFAULT/5c/c24ac9-ad1c-4ec7-9373-b65262cf1983/1/a08STJHKoMyRw7m7T4rbBjJiJKE.mft rsync://rpki.ripe.net/repository/DEFAULT/a08STJHKoMyRw7m7T4rbBjJiJKE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 15:01:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:13:4f:25:59:98:cb:2c:30:64:bd:4f:b7:34:cd:eb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6b4f124c91caa0cc91c3b9bb4f8adb06326224a1 Validity Not Before: Jan 2 00:19:58 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=420306faef3d63e4d66d3e06b7a66c420b1360d2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:69:a6:32:62:fe:a2:ee:b8:98:a9:34:2e:57: 48:d4:f1:8e:e6:af:03:83:e6:b8:cf:24:39:70:70: c5:49:24:67:cf:36:6f:13:84:b3:0b:2f:1f:25:b5: 90:51:89:57:10:14:3c:1b:6a:8d:da:70:54:b0:29: db:12:b1:d1:2c:03:26:2d:bc:e6:5f:6f:4c:9f:14: 62:e7:ba:f9:5b:61:b7:e2:b7:4e:45:80:ff:38:95: 43:ee:03:42:4a:26:8f:a2:71:e2:9f:35:63:40:56: c8:7d:d9:4d:f9:a8:02:df:f4:19:b2:cc:ae:6c:da: 68:79:04:f6:84:92:b7:55:ac:4b:7d:e6:de:b9:04: 5b:ae:7a:06:5f:e6:a8:ae:dc:09:96:98:20:d2:16: 9c:be:dc:e8:30:1e:22:d6:6b:90:2c:d2:4f:5e:be: dc:61:33:be:3f:88:44:8c:43:de:1d:7b:81:9b:8a: 6b:8c:2a:35:84:1b:27:88:0d:0e:20:e3:ad:52:1e: 68:80:65:28:a1:21:a2:af:87:c1:9a:41:ce:49:7f: 71:38:71:ab:fb:01:cd:a5:48:9f:21:71:2f:cb:fc: 3e:4d:c7:88:10:42:1c:af:32:15:10:1b:fa:18:26: d7:e5:ea:b0:56:46:9c:58:8c:7a:06:e7:8c:a6:cc: e2:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 42:03:06:FA:EF:3D:63:E4:D6:6D:3E:06:B7:A6:6C:42:0B:13:60:D2 X509v3 Authority Key Identifier: keyid:6B:4F:12:4C:91:CA:A0:CC:91:C3:B9:BB:4F:8A:DB:06:32:62:24:A1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a08STJHKoMyRw7m7T4rbBjJiJKE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/c24ac9-ad1c-4ec7-9373-b65262cf1983/1/QgMG-u89Y-TWbT4Gt6ZsQgsTYNI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/c24ac9-ad1c-4ec7-9373-b65262cf1983/1/a08STJHKoMyRw7m7T4rbBjJiJKE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.246.61.0/24 IPv6: 2a11:c040::/29 Signature Algorithm: sha256WithRSAEncryption 52:53:8a:f5:a3:f6:58:9a:3a:fd:8f:d6:19:5a:b6:f0:b0:eb: 85:db:4f:5a:61:30:3f:36:65:bd:e5:1d:48:6d:a1:ba:74:30: e5:15:ea:da:74:01:7a:23:0c:31:4c:b3:ca:ab:bd:72:e5:ad: 02:00:d8:a2:2a:5f:92:a3:aa:63:cf:72:62:a4:10:b4:2f:e1: 78:e9:b1:fa:63:5d:38:cd:39:5e:44:74:d2:e8:38:f6:81:43: 3c:1d:3c:f6:f1:06:2c:f7:0e:67:40:aa:36:b8:56:d4:4d:89: 6f:2c:71:84:2f:54:90:63:77:4c:07:02:7d:14:fd:0c:da:9d: 72:2f:9c:03:e6:71:f0:64:57:0e:3c:e4:0c:51:8e:5c:74:d1: 74:a0:56:c8:8d:eb:25:06:d2:92:3f:a5:23:ad:79:77:a5:be: 3e:a8:5a:60:af:bc:48:6c:5f:c3:1f:62:24:78:89:db:ab:0d: 48:b4:db:69:3f:cb:15:85:a1:56:42:4d:97:2c:b1:db:ae:94: 47:1e:cb:d4:fd:66:29:a7:ec:1f:bd:cb:11:d8:a9:c3:fe:ea: 24:61:54:34:e5:f6:44:39:0c:2e:21:c2:1b:61:a6:7d:91:35: 4e:4b:49:06:1e:c9:d4:51:5f:93:a2:a8:f4:80:00:b8:21:a1: cb:61:a0:b7 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt8E08lWZjLLDBkvU+3NM3rMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZiNGYxMjRjOTFjYWEwY2M5MWMzYjliYjRmOGFkYjA2MzI2 MjI0YTEwHhcNMjYwMTAyMDAxOTU4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0MjAzMDZmYWVmM2Q2M2U0ZDY2ZDNlMDZiN2E2NmM0MjBiMTM2MGQyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm2mmMmL+ou64mKk0LldI1PGO5q8D g+a4zyQ5cHDFSSRnzzZvE4SzCy8fJbWQUYlXEBQ8G2qN2nBUsCnbErHRLAMmLbzm X29MnxRi57r5W2G34rdORYD/OJVD7gNCSiaPonHinzVjQFbIfdlN+agC3/QZssyu bNpoeQT2hJK3VaxLfebeuQRbrnoGX+aortwJlpgg0hacvtzoMB4i1muQLNJPXr7c YTO+P4hEjEPeHXuBm4prjCo1hBsniA0OIOOtUh5ogGUooSGir4fBmkHOSX9xOHGr +wHNpUifIXEvy/w+TceIEEIcrzIVEBv6GCbX5eqwVkacWIx6BueMpsziuwIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFEIDBvrvPWPk1m0+BrembEILE2DSMB8GA1UdIwQY MBaAFGtPEkyRyqDMkcO5u0+K2wYyYiShMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYTA4U1RKSEtvTXlSdzdtN1Q0cmJCakppSktFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9jMjRhYzktYWQxYy00ZWM3LTkzNzMt YjY1MjYyY2YxOTgzLzEvUWdNRy11ODlZLVRXYlQ0R3Q2WnNRZ3NUWU5JLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Yy9jMjRhYzktYWQxYy00ZWM3LTkzNzMtYjY1MjYyY2YxOTgz LzEvYTA4U1RKSEtvTXlSdzdtN1Q0cmJCakppSktFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAW/Y9MA0E AgACMAcDBQMqEcBAMA0GCSqGSIb3DQEBCwUAA4IBAQBSU4r1o/ZYmjr9j9YZWrbw sOuF209aYTA/NmW95R1IbaG6dDDlFeradAF6IwwxTLPKq71y5a0CANiiKl+So6pj z3JipBC0L+F46bH6Y104zTleRHTS6Dj2gUM8HTz28QYs9w5nQKo2uFbUTYlvLHGE L1SQY3dMBwJ9FP0M2p1yL5wD5nHwZFcOPOQMUY5cdNF0oFbIjeslBtKSP6UjrXl3 pb4+qFpgr7xIbF/DH2IkeInbqw1ItNtpP8sVhaFWQk2XLLHbrpRHHsvU/WYpp+wf vcsR2KnD/uokYVQ05fZEOQwuIcIbYaZ9kTVOS0kGHsnUUV+Toqj0gAC4IaHLYaC3 -----END CERTIFICATE-----Generated at Mon Jan 26 01:16:09 2026 by rpki-client