This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/Cqg-JLEFS3E3SQW_nbJXY_G0YvQ.roa File: Cqg-JLEFS3E3SQW_nbJXY_G0YvQ.roa (raw, json) Hash identifier: DReEkN/hfTnnC9nhnsHSBiwG7Yl2oVS+UgMhg+IV99A= Subject key identifier: 0A:A8:3E:24:B1:05:4B:71:37:49:05:BF:9D:B2:57:63:F1:B4:62:F4 Certificate issuer: /CN=26a5aa918cbfeb3e12997f33890feb258907b343 Certificate serial: 019B7C1213746C3604DCEDDCF7920B52D695 Authority key identifier: 26:A5:AA:91:8C:BF:EB:3E:12:99:7F:33:89:0F:EB:25:89:07:B3:43 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JqWqkYy_6z4SmX8ziQ_rJYkHs0M.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/Cqg-JLEFS3E3SQW_nbJXY_G0YvQ.roa Signing time: Fri 02 Jan 2026 00:18:38 +0000 ROA not before: Fri 02 Jan 2026 00:18:38 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 31229 IP address blocks: 2.57.136.0/22 maxlen: 22 195.2.254.0/24 maxlen: 24 2a14:4bc0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/JqWqkYy_6z4SmX8ziQ_rJYkHs0M.crl rsync://rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/JqWqkYy_6z4SmX8ziQ_rJYkHs0M.mft rsync://rpki.ripe.net/repository/DEFAULT/JqWqkYy_6z4SmX8ziQ_rJYkHs0M.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 09:00:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:12:13:74:6c:36:04:dc:ed:dc:f7:92:0b:52:d6:95 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=26a5aa918cbfeb3e12997f33890feb258907b343 Validity Not Before: Jan 2 00:18:38 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=0aa83e24b1054b71374905bf9db25763f1b462f4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:76:54:f1:f7:0e:43:da:46:40:7d:78:60:19: 4f:e8:87:06:49:45:5e:a3:7f:75:d8:97:5f:54:13: ec:47:23:16:d9:e1:01:b5:3d:81:b9:55:95:cb:88: 69:54:ba:1e:ed:8a:cd:9f:04:7e:6d:47:65:7e:b6: e6:07:56:a1:05:06:39:c7:d1:be:22:98:47:5e:3e: 46:1e:f4:fa:d9:a0:fc:80:91:31:e4:54:9a:9a:8b: 55:b5:65:c9:eb:ca:cf:b5:a2:f1:11:fe:7c:7f:c2: 9c:3a:ea:42:76:f7:45:4c:75:4e:e2:fe:b0:61:ce: fb:6b:c9:d1:23:27:2f:11:a2:75:3b:8e:30:94:4c: 64:83:38:41:93:da:98:f8:51:86:6d:a9:e4:99:01: b6:40:cc:68:6e:9b:bf:be:bb:56:13:98:52:5b:10: d1:dc:55:5e:51:bc:9d:04:d9:98:af:e3:c6:0d:97: 6c:c2:c2:15:73:80:8a:f7:0f:2d:7b:a7:68:51:5c: 72:ca:40:3a:a1:48:da:60:ad:68:70:34:01:b8:81: c0:f3:bc:9c:90:3b:b0:0b:7f:77:3d:25:5b:8e:da: 83:e0:04:cd:39:9e:c3:eb:bd:f6:32:9d:d3:31:03: 20:97:ab:db:b0:08:d9:49:97:d0:4f:7b:c2:b9:91: 07:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0A:A8:3E:24:B1:05:4B:71:37:49:05:BF:9D:B2:57:63:F1:B4:62:F4 X509v3 Authority Key Identifier: keyid:26:A5:AA:91:8C:BF:EB:3E:12:99:7F:33:89:0F:EB:25:89:07:B3:43 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JqWqkYy_6z4SmX8ziQ_rJYkHs0M.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/Cqg-JLEFS3E3SQW_nbJXY_G0YvQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/JqWqkYy_6z4SmX8ziQ_rJYkHs0M.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 2.57.136.0/22 195.2.254.0/24 IPv6: 2a14:4bc0::/32 Signature Algorithm: sha256WithRSAEncryption 0a:34:63:f2:e1:a3:64:67:56:1e:8b:dc:06:6d:4e:ac:34:0e: 4b:11:32:71:92:17:31:ff:f1:b2:65:59:bb:c6:e8:25:4b:d9: 06:b8:1d:80:eb:61:2f:64:c8:5c:26:dc:59:7d:08:a5:32:90: 31:78:b8:43:62:66:71:bc:20:a1:63:62:c4:03:56:48:0c:e9: 25:3a:7f:86:54:7d:89:59:d9:6e:bc:68:4f:b8:ed:24:ba:b0: a2:0a:46:85:43:09:a4:98:df:3e:1a:27:68:09:b5:c9:24:1b: 60:5f:c3:5a:14:9a:3d:78:f5:d3:63:f9:4c:55:63:4e:3c:e5: 49:d1:7c:38:79:27:03:42:7d:9f:a7:da:58:b8:f6:cd:aa:9a: 77:7e:b1:48:5f:a8:d6:34:83:57:57:76:71:6a:bb:0b:e8:e3: 19:a1:74:e2:09:5c:6d:d5:c5:a7:c0:3d:53:83:c7:b8:cb:6d: 65:89:19:e0:65:a5:42:4c:ec:f6:33:de:1b:d1:f9:3b:82:a9: a6:99:77:18:b4:c2:3f:cb:62:3b:59:58:6b:7e:04:90:be:e9: 0d:b4:13:48:f9:0f:9e:21:58:84:e2:5a:77:c2:97:94:e3:4a: 5c:ad:a2:80:51:1f:03:e2:1b:9f:d4:d4:2e:37:2c:85:19:b1: 0c:2d:c3:1d -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt8EhN0bDYE3O3c95ILUtaVMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI2YTVhYTkxOGNiZmViM2UxMjk5N2YzMzg5MGZlYjI1ODkw N2IzNDMwHhcNMjYwMTAyMDAxODM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwYWE4M2UyNGIxMDU0YjcxMzc0OTA1YmY5ZGIyNTc2M2YxYjQ2MmY0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy3ZU8fcOQ9pGQH14YBlP6IcGSUVe o3912JdfVBPsRyMW2eEBtT2BuVWVy4hpVLoe7YrNnwR+bUdlfrbmB1ahBQY5x9G+ IphHXj5GHvT62aD8gJEx5FSamotVtWXJ68rPtaLxEf58f8KcOupCdvdFTHVO4v6w Yc77a8nRIycvEaJ1O44wlExkgzhBk9qY+FGGbankmQG2QMxobpu/vrtWE5hSWxDR 3FVeUbydBNmYr+PGDZdswsIVc4CK9w8te6doUVxyykA6oUjaYK1ocDQBuIHA87yc kDuwC393PSVbjtqD4ATNOZ7D6732Mp3TMQMgl6vbsAjZSZfQT3vCuZEH1QIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFAqoPiSxBUtxN0kFv52yV2PxtGL0MB8GA1UdIwQY MBaAFCalqpGMv+s+Epl/M4kP6yWJB7NDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSnFXcWtZeV82ejRTbVg4emlRX3JKWWtIczBNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC8xNDMzZWEtMTA4MC00NmU1LWI2MTIt Mjk3ZTI4MmQ2NmE4LzEvQ3FnLUpMRUZTM0UzU1FXX25iSlhZX0cwWXZRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81ZC8xNDMzZWEtMTA4MC00NmU1LWI2MTItMjk3ZTI4MmQ2NmE4 LzEvSnFXcWtZeV82ejRTbVg4emlRX3JKWWtIczBNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCAjmIAwQA wwL+MA0EAgACMAcDBQAqFEvAMA0GCSqGSIb3DQEBCwUAA4IBAQAKNGPy4aNkZ1Ye i9wGbU6sNA5LETJxkhcx//GyZVm7xuglS9kGuB2A62EvZMhcJtxZfQilMpAxeLhD YmZxvCChY2LEA1ZIDOklOn+GVH2JWdluvGhPuO0kurCiCkaFQwmkmN8+GidoCbXJ JBtgX8NaFJo9ePXTY/lMVWNOPOVJ0Xw4eScDQn2fp9pYuPbNqpp3frFIX6jWNINX V3ZxarsL6OMZoXTiCVxt1cWnwD1Tg8e4y21liRngZaVCTOz2M94b0fk7gqmmmXcY tMI/y2I7WVhrfgSQvukNtBNI+Q+eIViE4lp3wpeU40pcraKAUR8D4huf1NQuNyyF GbEMLcMd -----END CERTIFICATE-----Generated at Mon Jan 26 12:37:27 2026 by rpki-client