This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/1868ee-51a8-4619-9143-188dcff0e405/1/cqEx3z1wzl-0mdtNpY4AnTyAIMc.roa File: cqEx3z1wzl-0mdtNpY4AnTyAIMc.roa (raw, json) Hash identifier: GFZBmF6WdLGeI9dqHrnwm1HNWHgZhg1gZ+mGTpe3Vfo= Subject key identifier: 72:A1:31:DF:3D:70:CE:5F:B4:99:DB:4D:A5:8E:00:9D:3C:80:20:C7 Certificate issuer: /CN=06216eec514b07dce29d3013a190b2ee5fcb1f94 Certificate serial: 019B7C7FCAB02D53A8176FDA3E6E5B461F67 Authority key identifier: 06:21:6E:EC:51:4B:07:DC:E2:9D:30:13:A1:90:B2:EE:5F:CB:1F:94 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BiFu7FFLB9zinTAToZCy7l_LH5Q.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/1868ee-51a8-4619-9143-188dcff0e405/1/cqEx3z1wzl-0mdtNpY4AnTyAIMc.roa Signing time: Fri 02 Jan 2026 02:18:28 +0000 ROA not before: Fri 02 Jan 2026 02:18:28 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 212827 IP address blocks: 2a10:4240::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/1868ee-51a8-4619-9143-188dcff0e405/1/BiFu7FFLB9zinTAToZCy7l_LH5Q.crl rsync://rpki.ripe.net/repository/DEFAULT/8d/1868ee-51a8-4619-9143-188dcff0e405/1/BiFu7FFLB9zinTAToZCy7l_LH5Q.mft rsync://rpki.ripe.net/repository/DEFAULT/BiFu7FFLB9zinTAToZCy7l_LH5Q.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:7f:ca:b0:2d:53:a8:17:6f:da:3e:6e:5b:46:1f:67 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=06216eec514b07dce29d3013a190b2ee5fcb1f94 Validity Not Before: Jan 2 02:18:28 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=72a131df3d70ce5fb499db4da58e009d3c8020c7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:28:bd:47:39:50:f8:9c:d3:80:76:71:4d:9a: 82:a2:ee:73:52:44:f0:75:64:e8:27:77:3e:b9:13: b7:9f:13:e7:06:df:ae:7f:7a:dd:6d:63:a1:ff:dd: e2:71:ab:20:ca:62:dd:94:01:b8:cf:9f:46:9b:08: 63:8c:f6:f5:7b:8d:3c:2b:88:f5:a0:27:26:f8:f5: 46:31:9a:a1:ed:b6:b5:f8:9d:3e:39:86:81:af:db: ed:2d:a5:ff:4d:77:68:ab:6c:ec:af:a1:5e:c4:02: 20:0a:11:71:4c:43:d3:ec:6e:8d:6c:d2:2b:28:97: 3e:db:7a:f3:23:b9:7e:68:33:34:07:e2:3e:ad:f3: a9:a1:de:15:f7:21:76:cd:3f:bc:1f:53:e3:18:80: 5c:04:d2:39:ef:49:bf:c1:19:b6:3b:dd:19:59:d9: 7d:e1:83:df:d5:2e:92:ba:ec:09:65:93:0f:a8:91: 8d:5d:9c:c9:6c:6c:1a:01:6d:44:c0:f7:f9:cb:5a: 19:78:18:cc:4a:be:98:b3:81:c0:8a:6a:c4:75:1f: ad:98:f0:a3:fb:2e:7c:7b:66:f6:a3:4e:da:9a:22: 6e:8c:06:cf:d0:58:f5:04:72:7a:90:b1:a7:45:a4: 0f:a8:99:65:78:19:66:d0:2b:10:d3:c7:79:2a:94: ea:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 72:A1:31:DF:3D:70:CE:5F:B4:99:DB:4D:A5:8E:00:9D:3C:80:20:C7 X509v3 Authority Key Identifier: keyid:06:21:6E:EC:51:4B:07:DC:E2:9D:30:13:A1:90:B2:EE:5F:CB:1F:94 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BiFu7FFLB9zinTAToZCy7l_LH5Q.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/1868ee-51a8-4619-9143-188dcff0e405/1/cqEx3z1wzl-0mdtNpY4AnTyAIMc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/1868ee-51a8-4619-9143-188dcff0e405/1/BiFu7FFLB9zinTAToZCy7l_LH5Q.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a10:4240::/29 Signature Algorithm: sha256WithRSAEncryption 8c:03:e0:5d:06:ac:a5:da:39:83:dc:14:68:02:3d:9b:d2:15: d8:27:ab:13:fe:8b:ea:e6:bf:a5:89:e9:f1:64:f1:86:6b:5e: 1c:15:21:db:84:0c:b1:10:90:30:08:fe:6b:72:41:d0:a0:a1: 92:d6:79:33:68:d8:00:4a:3e:15:77:34:f2:95:dd:30:35:e2: 65:e5:d0:f4:67:0f:00:86:e1:5a:76:32:11:16:6e:5c:87:24: ca:31:8a:77:89:19:d1:6c:18:45:3c:22:c1:e3:64:ed:4c:4f: 70:ee:75:07:35:de:d3:80:30:6f:20:e7:75:1c:a5:6f:4c:d5: d2:28:a8:c2:54:63:e1:4a:dc:dc:bd:09:bb:e9:0f:4c:fd:ea: 9c:d5:8b:7c:74:7a:e5:f2:7d:5f:95:26:e0:67:57:80:3c:04: c1:90:5c:34:5a:a5:86:a7:fe:63:75:f2:29:50:2c:f8:57:ef: d3:b1:ba:60:c7:6f:85:d8:57:e9:32:78:da:7f:1d:cb:d8:15: 8b:f9:34:34:ca:b5:55:b6:1f:e3:3f:70:a6:8f:83:aa:a3:19: 2c:2c:3a:99:60:6d:96:38:68:17:38:9b:f9:ac:13:b9:91:75: ab:29:51:3d:07:33:b5:82:ad:ff:10:f5:ea:af:ac:d3:ba:23: 5e:51:07:b3 -----BEGIN CERTIFICATE----- MIIE/jCCA+agAwIBAgISAZt8f8qwLVOoF2/aPm5bRh9nMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA2MjE2ZWVjNTE0YjA3ZGNlMjlkMzAxM2ExOTBiMmVlNWZj YjFmOTQwHhcNMjYwMTAyMDIxODI4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3MmExMzFkZjNkNzBjZTVmYjQ5OWRiNGRhNThlMDA5ZDNjODAyMGM3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzCi9RzlQ+JzTgHZxTZqCou5zUkTw dWToJ3c+uRO3nxPnBt+uf3rdbWOh/93icasgymLdlAG4z59GmwhjjPb1e408K4j1 oCcm+PVGMZqh7ba1+J0+OYaBr9vtLaX/TXdoq2zsr6FexAIgChFxTEPT7G6NbNIr KJc+23rzI7l+aDM0B+I+rfOpod4V9yF2zT+8H1PjGIBcBNI570m/wRm2O90ZWdl9 4YPf1S6SuuwJZZMPqJGNXZzJbGwaAW1EwPf5y1oZeBjMSr6Ys4HAimrEdR+tmPCj +y58e2b2o07amiJujAbP0Fj1BHJ6kLGnRaQPqJlleBlm0CsQ08d5KpTqCwIDAQAB o4ICCjCCAgYwHQYDVR0OBBYEFHKhMd89cM5ftJnbTaWOAJ08gCDHMB8GA1UdIwQY MBaAFAYhbuxRSwfc4p0wE6GQsu5fyx+UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQmlGdTdGRkxCOXppblRBVG9aQ3k3bF9MSDVRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC8xODY4ZWUtNTFhOC00NjE5LTkxNDMt MTg4ZGNmZjBlNDA1LzEvY3FFeDN6MXd6bC0wbWR0TnBZNEFuVHlBSU1jLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84ZC8xODY4ZWUtNTFhOC00NjE5LTkxNDMtMTg4ZGNmZjBlNDA1 LzEvQmlGdTdGRkxCOXppblRBVG9aQ3k3bF9MSDVRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhBCQDAN BgkqhkiG9w0BAQsFAAOCAQEAjAPgXQaspdo5g9wUaAI9m9IV2CerE/6L6ua/pYnp 8WTxhmteHBUh24QMsRCQMAj+a3JB0KChktZ5M2jYAEo+FXc08pXdMDXiZeXQ9GcP AIbhWnYyERZuXIckyjGKd4kZ0WwYRTwiweNk7UxPcO51BzXe04AwbyDndRylb0zV 0iiowlRj4Urc3L0Ju+kPTP3qnNWLfHR65fJ9X5Um4GdXgDwEwZBcNFqlhqf+Y3Xy KVAs+Ffv07G6YMdvhdhX6TJ42n8dy9gVi/k0NMq1VbYf4z9wpo+DqqMZLCw6mWBt ljhoFzib+awTuZF1qylRPQcztYKt/xD16q+s07ojXlEHsw== -----END CERTIFICATE-----Generated at Mon Jan 26 05:54:51 2026 by rpki-client