This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/c1cc95-7529-4270-a6ec-5c71956a5377/1/TQNI8cQSDUVw34W6ZTwGYZVMqXk.roa File: TQNI8cQSDUVw34W6ZTwGYZVMqXk.roa (raw, json) Hash identifier: Awh5KrfX+HKhRUgeqGTHvrRVEc6ZCfXov7wUkGa6uMc= Subject key identifier: 4D:03:48:F1:C4:12:0D:45:70:DF:85:BA:65:3C:06:61:95:4C:A9:79 Certificate issuer: /CN=78e98dee9aadc86b4dfa9e168d921bd80ba3f3a6 Certificate serial: 019BA3ECF62CE617D1DFC44A34BD8B1DCC68 Authority key identifier: 78:E9:8D:EE:9A:AD:C8:6B:4D:FA:9E:16:8D:92:1B:D8:0B:A3:F3:A6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eOmN7pqtyGtN-p4WjZIb2Auj86Y.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/c1cc95-7529-4270-a6ec-5c71956a5377/1/TQNI8cQSDUVw34W6ZTwGYZVMqXk.roa Signing time: Fri 09 Jan 2026 18:02:54 +0000 ROA not before: Fri 09 Jan 2026 18:02:54 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 8528 IP address blocks: 138.21.0.0/16 maxlen: 24 138.21.3.0/24 maxlen: 24 138.21.4.0/24 maxlen: 24 138.21.12.0/24 maxlen: 24 138.21.23.0/24 maxlen: 24 138.21.37.0/24 maxlen: 24 138.21.47.0/24 maxlen: 24 138.21.50.0/24 maxlen: 24 138.21.55.0/24 maxlen: 24 138.21.56.0/24 maxlen: 24 138.21.113.0/24 maxlen: 24 138.21.117.0/24 maxlen: 24 138.21.119.0/24 maxlen: 24 138.21.148.0/24 maxlen: 24 193.8.143.0/24 maxlen: 24 193.194.132.0/22 maxlen: 22 193.194.134.0/24 maxlen: 24 193.194.135.0/24 maxlen: 24 194.41.4.0/22 maxlen: 22 194.146.54.0/24 maxlen: 24 2a00:7ec0::/32 maxlen: 32 2a00:7ec0:1::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/74/c1cc95-7529-4270-a6ec-5c71956a5377/1/eOmN7pqtyGtN-p4WjZIb2Auj86Y.crl rsync://rpki.ripe.net/repository/DEFAULT/74/c1cc95-7529-4270-a6ec-5c71956a5377/1/eOmN7pqtyGtN-p4WjZIb2Auj86Y.mft rsync://rpki.ripe.net/repository/DEFAULT/eOmN7pqtyGtN-p4WjZIb2Auj86Y.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:a3:ec:f6:2c:e6:17:d1:df:c4:4a:34:bd:8b:1d:cc:68 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=78e98dee9aadc86b4dfa9e168d921bd80ba3f3a6 Validity Not Before: Jan 9 18:02:54 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=4d0348f1c4120d4570df85ba653c0661954ca979 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:36:14:f8:0d:f4:a8:78:43:fa:0f:39:dd:44: 38:99:82:67:ca:16:62:d3:58:ac:71:5d:a6:a5:1f: 18:bc:98:30:5d:28:d5:22:b2:d7:a4:97:df:84:aa: 21:41:77:38:1d:bf:fc:80:5a:a7:37:c8:d7:64:3d: 02:b3:b0:65:11:1e:15:70:f2:4e:ce:3e:ea:da:95: a8:14:af:85:6e:bc:8b:23:c1:c0:ea:c2:df:d5:ee: c1:b9:91:b8:04:db:af:77:be:da:7a:03:a3:94:65: b3:1f:1a:f5:5b:c4:cd:b9:50:27:8b:72:20:ad:3b: 42:9e:34:d1:c1:f8:13:b7:ad:98:80:05:48:72:6a: 36:86:c8:ec:6e:48:46:e4:f1:22:de:8d:dc:44:ac: 01:50:57:ec:89:5c:65:e6:04:69:ac:c8:e4:1d:d9: 89:57:11:1f:38:c8:4d:33:5d:92:8b:91:19:30:d6: d9:0a:44:84:8d:04:bf:ef:fb:81:f1:cc:94:5e:3d: 92:7b:e6:92:66:29:f3:2a:e8:84:67:3b:de:2b:31: f5:bf:0e:80:5b:c1:a8:04:27:66:a3:b3:ac:6a:a6: 2c:4e:00:39:f2:16:ce:e8:3c:e7:b4:88:66:d0:6f: 07:1b:6e:3a:54:46:eb:0b:c1:f3:b8:75:05:da:b1: e8:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4D:03:48:F1:C4:12:0D:45:70:DF:85:BA:65:3C:06:61:95:4C:A9:79 X509v3 Authority Key Identifier: keyid:78:E9:8D:EE:9A:AD:C8:6B:4D:FA:9E:16:8D:92:1B:D8:0B:A3:F3:A6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eOmN7pqtyGtN-p4WjZIb2Auj86Y.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/c1cc95-7529-4270-a6ec-5c71956a5377/1/TQNI8cQSDUVw34W6ZTwGYZVMqXk.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/74/c1cc95-7529-4270-a6ec-5c71956a5377/1/eOmN7pqtyGtN-p4WjZIb2Auj86Y.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 138.21.0.0/16 193.8.143.0/24 193.194.132.0/22 194.41.4.0/22 194.146.54.0/24 IPv6: 2a00:7ec0::/32 Signature Algorithm: sha256WithRSAEncryption 09:08:03:bf:96:06:57:12:54:af:da:09:44:83:4e:7d:19:8f: 14:52:76:20:94:1e:2e:ef:14:b6:77:12:54:90:9f:85:08:58: bc:46:3c:88:80:0f:6d:10:bc:38:6a:ab:e2:f8:e4:f5:87:68: da:73:2b:91:ec:71:81:10:14:a8:ce:88:ce:ca:b2:82:0e:07: 8d:5e:fb:fa:79:e7:c9:98:f1:25:02:73:91:d2:6f:45:f0:45: b0:79:e2:ac:be:ad:56:fd:77:bb:24:7e:26:b1:01:9d:ce:0f: 12:da:dc:60:b9:bf:87:8e:ee:56:bf:80:88:15:79:f7:fe:94: 3d:01:3a:f8:fc:82:95:d1:88:32:9b:99:92:4c:98:a4:e2:1a: 8b:86:c6:d0:8e:5a:e0:7a:eb:f4:39:a2:58:cb:7c:bf:41:ff: ed:3b:93:a2:8b:73:6f:12:d8:51:21:f0:c3:7f:56:6f:2a:4f: 58:17:1f:10:9a:45:be:c0:5c:b3:f9:23:cc:77:13:4a:fe:7a: ed:5f:25:88:86:03:52:21:83:46:48:ac:3a:ff:71:4c:b9:1c: 24:e2:1e:a6:0b:b3:8e:07:13:1c:c9:f4:b3:6a:b3:22:95:7b: 4a:e2:02:ed:7d:25:46:5e:77:a1:23:43:7e:d5:52:3e:05:ee: da:fa:d6:0e -----BEGIN CERTIFICATE----- MIIFIzCCBAugAwIBAgISAZuj7PYs5hfR38RKNL2LHcxoMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc4ZTk4ZGVlOWFhZGM4NmI0ZGZhOWUxNjhkOTIxYmQ4MGJh M2YzYTYwHhcNMjYwMTA5MTgwMjU0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0ZDAzNDhmMWM0MTIwZDQ1NzBkZjg1YmE2NTNjMDY2MTk1NGNhOTc5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4TYU+A30qHhD+g853UQ4mYJnyhZi 01iscV2mpR8YvJgwXSjVIrLXpJffhKohQXc4Hb/8gFqnN8jXZD0Cs7BlER4VcPJO zj7q2pWoFK+FbryLI8HA6sLf1e7BuZG4BNuvd77aegOjlGWzHxr1W8TNuVAni3Ig rTtCnjTRwfgTt62YgAVIcmo2hsjsbkhG5PEi3o3cRKwBUFfsiVxl5gRprMjkHdmJ VxEfOMhNM12Si5EZMNbZCkSEjQS/7/uB8cyUXj2Se+aSZinzKuiEZzveKzH1vw6A W8GoBCdmo7OsaqYsTgA58hbO6DzntIhm0G8HG246VEbrC8HzuHUF2rHoJwIDAQAB o4ICLzCCAiswHQYDVR0OBBYEFE0DSPHEEg1FcN+FumU8BmGVTKl5MB8GA1UdIwQY MBaAFHjpje6archrTfqeFo2SG9gLo/OmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZU9tTjdwcXR5R3ROLXA0V2paSWIyQXVqODZZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC9jMWNjOTUtNzUyOS00MjcwLWE2ZWMt NWM3MTk1NmE1Mzc3LzEvVFFOSThjUVNEVVZ3MzRXNlpUd0dZWlZNcVhrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83NC9jMWNjOTUtNzUyOS00MjcwLWE2ZWMtNWM3MTk1NmE1Mzc3 LzEvZU9tTjdwcXR5R3ROLXA0V2paSWIyQXVqODZZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAjBAIAATAdAwMAihUDBADB CI8DBALBwoQDBALCKQQDBADCkjYwDQQCAAIwBwMFACoAfsAwDQYJKoZIhvcNAQEL BQADggEBAAkIA7+WBlcSVK/aCUSDTn0ZjxRSdiCUHi7vFLZ3ElSQn4UIWLxGPIiA D20QvDhqq+L45PWHaNpzK5HscYEQFKjOiM7KsoIOB41e+/p558mY8SUCc5HSb0Xw RbB54qy+rVb9d7skfiaxAZ3ODxLa3GC5v4eO7la/gIgVeff+lD0BOvj8gpXRiDKb mZJMmKTiGouGxtCOWuB66/Q5oljLfL9B/+07k6KLc28S2FEh8MN/Vm8qT1gXHxCa Rb7AXLP5I8x3E0r+eu1fJYiGA1Ihg0ZIrDr/cUy5HCTiHqYLs44HExzJ9LNqsyKV e0riAu19JUZed6EjQ37VUj4F7tr61g4= -----END CERTIFICATE-----Generated at Mon Jan 26 04:41:53 2026 by rpki-client