This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/8f1968-a79a-4a07-ace6-c1d296f8fd07/1/qBMQ_OTzlhMPTgYD0x98v7ieh-M.roa File: qBMQ_OTzlhMPTgYD0x98v7ieh-M.roa (raw, json) Hash identifier: srAfkImn91GUj6UJibeFHF6TEzTA92kUfQ1mQv9UhIQ= Subject key identifier: A8:13:10:FC:E4:F3:96:13:0F:4E:06:03:D3:1F:7C:BF:B8:9E:87:E3 Certificate issuer: /CN=66e92c341e769443fde1d27566044b4b65159060 Certificate serial: 019B7DCA9A182785A2862B625A27D6985D16 Authority key identifier: 66:E9:2C:34:1E:76:94:43:FD:E1:D2:75:66:04:4B:4B:65:15:90:60 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZuksNB52lEP94dJ1ZgRLS2UVkGA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/8f1968-a79a-4a07-ace6-c1d296f8fd07/1/qBMQ_OTzlhMPTgYD0x98v7ieh-M.roa Signing time: Fri 02 Jan 2026 08:19:48 +0000 ROA not before: Fri 02 Jan 2026 08:19:48 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 205072 IP address blocks: 45.137.36.0/22 maxlen: 22 45.147.88.0/22 maxlen: 22 45.155.20.0/22 maxlen: 22 45.155.21.0/24 maxlen: 24 87.239.16.0/21 maxlen: 24 109.109.128.0/20 maxlen: 24 146.19.83.0/24 maxlen: 24 185.149.108.0/22 maxlen: 24 193.22.80.0/24 maxlen: 24 194.26.214.0/24 maxlen: 24 195.5.168.0/24 maxlen: 24 195.5.170.0/24 maxlen: 24 195.5.176.0/24 maxlen: 24 217.8.119.0/24 maxlen: 24 2a0d:da00::/29 maxlen: 29 2a0d:da00::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/99/8f1968-a79a-4a07-ace6-c1d296f8fd07/1/ZuksNB52lEP94dJ1ZgRLS2UVkGA.crl rsync://rpki.ripe.net/repository/DEFAULT/99/8f1968-a79a-4a07-ace6-c1d296f8fd07/1/ZuksNB52lEP94dJ1ZgRLS2UVkGA.mft rsync://rpki.ripe.net/repository/DEFAULT/ZuksNB52lEP94dJ1ZgRLS2UVkGA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 05:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:ca:9a:18:27:85:a2:86:2b:62:5a:27:d6:98:5d:16 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=66e92c341e769443fde1d27566044b4b65159060 Validity Not Before: Jan 2 08:19:48 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=a81310fce4f396130f4e0603d31f7cbfb89e87e3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:b7:0c:ea:2c:5f:5b:52:20:3b:f8:63:1a:57: 6d:92:c2:62:09:1a:33:63:5b:8a:74:c7:eb:28:9d: bb:96:14:92:a9:93:e6:1c:93:6c:a0:7f:0f:b3:2f: f3:ce:c5:b5:00:bc:c0:13:a0:87:91:d7:79:52:2d: 1f:ce:8f:4e:b8:ca:80:15:b3:7e:ff:03:8f:74:1d: 55:ab:04:2b:42:b6:91:36:a0:df:d4:50:e7:f6:9d: 84:a3:0f:09:bd:94:de:bc:08:17:df:f9:a0:0a:e6: 19:ca:1c:5c:a1:8d:ec:7a:e8:37:2c:9c:7d:aa:23: 81:b3:e4:16:d4:2c:df:7f:65:79:55:9f:1f:35:98: bf:4e:92:b9:d4:c1:93:78:0c:d2:13:b9:dd:bd:64: 1f:08:4b:61:ae:32:83:48:74:e3:7e:06:46:71:ab: 0c:ce:45:ae:54:5a:0d:6c:5e:cc:e1:26:a6:04:f3: d8:c4:ad:f1:e5:5f:a0:04:bb:ea:39:00:08:e9:60: 34:9a:cd:e4:a4:03:58:19:e9:5d:4c:aa:98:c5:9b: de:aa:10:d1:d3:c3:b4:00:72:c1:09:79:06:c1:71: 43:ed:16:26:2e:dd:ac:c1:6e:f0:86:e3:5e:4a:96: f1:0d:52:bf:cc:65:db:c6:47:d1:65:34:15:20:30: 1c:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A8:13:10:FC:E4:F3:96:13:0F:4E:06:03:D3:1F:7C:BF:B8:9E:87:E3 X509v3 Authority Key Identifier: keyid:66:E9:2C:34:1E:76:94:43:FD:E1:D2:75:66:04:4B:4B:65:15:90:60 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZuksNB52lEP94dJ1ZgRLS2UVkGA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/8f1968-a79a-4a07-ace6-c1d296f8fd07/1/qBMQ_OTzlhMPTgYD0x98v7ieh-M.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/99/8f1968-a79a-4a07-ace6-c1d296f8fd07/1/ZuksNB52lEP94dJ1ZgRLS2UVkGA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.137.36.0/22 45.147.88.0/22 45.155.20.0/22 87.239.16.0/21 109.109.128.0/20 146.19.83.0/24 185.149.108.0/22 193.22.80.0/24 194.26.214.0/24 195.5.168.0/24 195.5.170.0/24 195.5.176.0/24 217.8.119.0/24 IPv6: 2a0d:da00::/29 Signature Algorithm: sha256WithRSAEncryption 94:d1:72:ee:7e:88:9a:1c:63:0d:8f:55:b9:cf:15:60:49:f9: d5:0b:29:47:c4:b1:8f:4c:90:92:98:8f:c6:af:98:22:e8:e4: b0:66:5d:24:3d:51:b8:db:5e:f6:e1:69:83:0b:a4:e4:48:14: 3e:bc:65:d3:fe:5e:4e:3d:42:85:07:af:33:08:b0:79:c4:97: 5d:27:14:a9:d8:b0:5e:67:44:c1:5e:65:de:ee:a6:21:0c:89: c6:e9:38:a7:1c:06:a1:69:66:f6:64:d0:8e:3b:e2:6d:9c:61: 9b:d7:f5:6a:02:58:47:0d:a3:a7:41:20:50:4f:86:43:c8:3d: 89:85:cc:a6:69:e7:e6:12:b5:09:03:9d:f5:9b:b6:59:21:4c: c2:41:2b:a6:5e:74:07:98:08:f6:c1:f0:b0:4d:d7:d2:82:b0: 0a:66:01:86:25:e5:18:c9:08:e0:4a:66:f4:65:c7:fc:e9:1c: 21:d5:5b:5e:f6:cb:df:6e:80:1b:5b:a3:23:56:30:6e:15:34: a2:50:a5:77:5b:fb:20:04:87:85:c6:37:43:39:7c:ae:b7:44: cc:c1:83:e6:ce:9d:af:1a:94:4d:c4:d7:17:4d:5e:45:75:b8: a8:b6:3f:11:72:34:50:63:3d:52:57:8a:cc:a3:44:05:f7:2f: 3a:5c:02:10 -----BEGIN CERTIFICATE----- MIIFVDCCBDygAwIBAgISAZt9ypoYJ4WihitiWifWmF0WMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY2ZTkyYzM0MWU3Njk0NDNmZGUxZDI3NTY2MDQ0YjRiNjUx NTkwNjAwHhcNMjYwMTAyMDgxOTQ4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhODEzMTBmY2U0ZjM5NjEzMGY0ZTA2MDNkMzFmN2NiZmI4OWU4N2UzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArbcM6ixfW1IgO/hjGldtksJiCRoz Y1uKdMfrKJ27lhSSqZPmHJNsoH8Psy/zzsW1ALzAE6CHkdd5Ui0fzo9OuMqAFbN+ /wOPdB1VqwQrQraRNqDf1FDn9p2Eow8JvZTevAgX3/mgCuYZyhxcoY3seug3LJx9 qiOBs+QW1Czff2V5VZ8fNZi/TpK51MGTeAzSE7ndvWQfCEthrjKDSHTjfgZGcasM zkWuVFoNbF7M4SamBPPYxK3x5V+gBLvqOQAI6WA0ms3kpANYGeldTKqYxZveqhDR 08O0AHLBCXkGwXFD7RYmLt2swW7whuNeSpbxDVK/zGXbxkfRZTQVIDAcmQIDAQAB o4ICYDCCAlwwHQYDVR0OBBYEFKgTEPzk85YTD04GA9MffL+4nofjMB8GA1UdIwQY MBaAFGbpLDQedpRD/eHSdWYES0tlFZBgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWnVrc05CNTJsRVA5NGRKMVpnUkxTMlVWa0dBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS84ZjE5NjgtYTc5YS00YTA3LWFjZTYt YzFkMjk2ZjhmZDA3LzEvcUJNUV9PVHpsaE1QVGdZRDB4OTh2N2llaC1NLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85OS84ZjE5NjgtYTc5YS00YTA3LWFjZTYtYzFkMjk2ZjhmZDA3 LzEvWnVrc05CNTJsRVA5NGRKMVpnUkxTMlVWa0dBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMHYGCCsGAQUFBwEHAQH/BGcwZTBUBAIAATBOAwQCLYkkAwQC LZNYAwQCLZsUAwQDV+8QAwQEbW2AAwQAkhNTAwQCuZVsAwQAwRZQAwQAwhrWAwQA wwWoAwQAwwWqAwQAwwWwAwQA2Qh3MA0EAgACMAcDBQMqDdoAMA0GCSqGSIb3DQEB CwUAA4IBAQCU0XLufoiaHGMNj1W5zxVgSfnVCylHxLGPTJCSmI/Gr5gi6OSwZl0k PVG421724WmDC6TkSBQ+vGXT/l5OPUKFB68zCLB5xJddJxSp2LBeZ0TBXmXe7qYh DInG6TinHAahaWb2ZNCOO+JtnGGb1/VqAlhHDaOnQSBQT4ZDyD2JhcymaefmErUJ A531m7ZZIUzCQSumXnQHmAj2wfCwTdfSgrAKZgGGJeUYyQjgSmb0Zcf86Rwh1Vte 9svfboAbW6MjVjBuFTSiUKV3W/sgBIeFxjdDOXyut0TMwYPmzp2vGpRNxNcXTV5F dbiotj8RcjRQYz1SV4rMo0QF9y86XAIQ -----END CERTIFICATE-----Generated at Sun Jan 25 12:22:32 2026 by rpki-client