This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/QNttCfsRuRLZvfJbkaOBCIPuwh0.roa File: QNttCfsRuRLZvfJbkaOBCIPuwh0.roa (raw, json) Hash identifier: JLiKXYuPVXcBLBoE9Kt2pa4tnI2ncSaE6qIZD2hxOms= Subject key identifier: 40:DB:6D:09:FB:11:B9:12:D9:BD:F2:5B:91:A3:81:08:83:EE:C2:1D Certificate issuer: /CN=f51369ccbf86b1e84e1aeb46e6d336d39f752ae7 Certificate serial: 019AE86B2C3EE7B845A27899AA3C749D9200 Authority key identifier: F5:13:69:CC:BF:86:B1:E8:4E:1A:EB:46:E6:D3:36:D3:9F:75:2A:E7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/QNttCfsRuRLZvfJbkaOBCIPuwh0.roa Signing time: Thu 04 Dec 2025 08:12:08 +0000 ROA not before: Thu 04 Dec 2025 08:12:08 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 31586 IP address blocks: 80.84.224.0/19 maxlen: 24 81.4.64.0/19 maxlen: 24 81.4.64.0/20 maxlen: 24 81.4.80.0/22 maxlen: 24 81.4.88.0/21 maxlen: 24 81.4.96.0/22 maxlen: 24 81.4.112.0/21 maxlen: 24 81.21.136.0/24 maxlen: 24 83.96.128.0/18 maxlen: 24 83.96.192.0/21 maxlen: 24 83.96.208.0/22 maxlen: 24 83.96.224.0/21 maxlen: 24 83.96.232.0/22 maxlen: 24 83.96.248.0/22 maxlen: 24 85.158.248.0/22 maxlen: 24 85.158.252.0/23 maxlen: 23 91.142.252.0/23 maxlen: 24 91.205.32.0/22 maxlen: 24 141.255.180.0/22 maxlen: 24 185.69.232.0/22 maxlen: 24 185.84.72.0/22 maxlen: 24 185.95.68.0/22 maxlen: 24 185.105.204.0/22 maxlen: 24 185.105.216.0/22 maxlen: 24 193.93.172.0/22 maxlen: 24 217.21.241.0/24 maxlen: 24 2001:828::/32 maxlen: 48 2a05:2500::/32 maxlen: 48 2a05:a282::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/9RNpzL-GsehOGutG5tM20591Kuc.crl rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/9RNpzL-GsehOGutG5tM20591Kuc.mft rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:e8:6b:2c:3e:e7:b8:45:a2:78:99:aa:3c:74:9d:92:00 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f51369ccbf86b1e84e1aeb46e6d336d39f752ae7 Validity Not Before: Dec 4 08:12:08 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=40db6d09fb11b912d9bdf25b91a3810883eec21d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:1e:f3:f9:b3:c7:32:78:ab:b5:17:88:a2:1b: d4:3b:74:75:51:73:2d:b6:82:b0:7c:c8:70:73:19: 86:23:3b:15:ad:4d:77:61:b1:67:d6:0d:63:52:5f: 97:ee:b0:7d:0e:2f:57:14:d9:cf:c0:33:ec:d7:c1: c8:35:2f:23:6e:d1:2a:50:7f:37:e5:5b:6f:6e:dc: 4b:dd:64:88:8b:b6:bf:4a:72:4d:c6:1b:ae:12:db: 17:91:41:01:9c:6b:51:38:1b:7c:63:97:27:61:2b: b2:c7:a4:33:6b:a2:e7:b1:7a:7c:f9:a3:29:ba:8d: f5:c9:2d:9b:b8:01:3a:90:1d:28:18:22:a2:99:9a: 33:bc:b8:a5:0e:b3:5b:ac:3c:e4:95:7c:f2:7b:36: 0d:f8:04:09:21:d8:8c:d5:0c:74:9c:be:96:0e:4c: 2f:5b:ae:f9:4b:0f:af:76:97:3b:b7:87:09:e2:10: e5:16:ba:36:9d:d3:ac:65:cc:24:65:c6:94:0b:50: 4b:3f:e5:b6:42:48:8c:db:e0:cc:70:0e:a1:56:4f: f8:bf:32:c2:97:38:4e:99:1d:a6:9c:b9:10:7c:18: 1f:5a:f3:2d:22:8d:74:ce:e0:3c:01:9d:1b:4b:81: 96:fb:93:4b:f1:40:d9:6a:d3:a6:9b:10:41:b8:eb: 84:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:DB:6D:09:FB:11:B9:12:D9:BD:F2:5B:91:A3:81:08:83:EE:C2:1D X509v3 Authority Key Identifier: keyid:F5:13:69:CC:BF:86:B1:E8:4E:1A:EB:46:E6:D3:36:D3:9F:75:2A:E7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/QNttCfsRuRLZvfJbkaOBCIPuwh0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/9RNpzL-GsehOGutG5tM20591Kuc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 80.84.224.0/19 81.4.64.0-81.4.99.255 81.4.112.0/21 81.21.136.0/24 83.96.128.0-83.96.199.255 83.96.208.0/22 83.96.224.0-83.96.235.255 83.96.248.0/22 85.158.248.0-85.158.253.255 91.142.252.0/23 91.205.32.0/22 141.255.180.0/22 185.69.232.0/22 185.84.72.0/22 185.95.68.0/22 185.105.204.0/22 185.105.216.0/22 193.93.172.0/22 217.21.241.0/24 IPv6: 2001:828::/32 2a05:2500::/32 2a05:a282::/32 Signature Algorithm: sha256WithRSAEncryption a7:ae:9a:a4:4c:f4:f0:57:8a:81:b1:e7:3d:79:0f:36:08:bb: d0:5d:ae:93:84:fe:89:9a:d2:19:7c:84:98:c7:e5:42:4e:21: ed:5d:2e:b7:33:ca:b3:c1:c7:55:3c:ab:b8:ae:b6:ce:8f:b9: ef:2b:1f:a9:3b:fb:f0:36:57:b7:80:36:11:d3:70:8e:30:08: b3:d1:36:02:cf:1c:47:c1:c8:9e:ba:f1:06:85:e5:e7:37:16: a5:b0:08:1d:34:dd:05:12:42:74:21:5a:39:be:28:58:be:f7: fc:18:9a:3f:c3:60:bd:b9:13:eb:43:23:60:97:d1:8a:c3:b8: 44:d5:fa:3e:d9:a3:21:51:72:53:8b:98:b1:3d:4f:af:12:4d: e9:ef:8b:7e:df:63:76:50:e1:dc:65:7a:84:eb:74:da:0f:0e: 23:37:77:95:da:15:ae:e9:cc:15:cb:6b:d6:d1:cc:a0:40:f5: f0:f0:b2:e4:7d:5b:45:53:c3:03:21:f2:58:0a:c7:7d:fb:64: ce:10:78:c6:a9:a7:c3:e4:22:ea:f9:de:04:f3:59:4f:ee:eb: 9e:ec:03:74:8b:ca:14:bb:8b:3e:46:bd:ea:c4:e2:a7:4e:b1: ba:44:0a:ee:80:78:63:4c:0c:4d:42:69:10:b8:47:ae:46:5b: 2b:08:50:fe -----BEGIN CERTIFICATE----- MIIFqzCCBJOgAwIBAgISAZroayw+57hFoniZqjx0nZIAMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGY1MTM2OWNjYmY4NmIxZTg0ZTFhZWI0NmU2ZDMzNmQzOWY3 NTJhZTcwHhcNMjUxMjA0MDgxMjA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0MGRiNmQwOWZiMTFiOTEyZDliZGYyNWI5MWEzODEwODgzZWVjMjFkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzB7z+bPHMnirtReIohvUO3R1UXMt toKwfMhwcxmGIzsVrU13YbFn1g1jUl+X7rB9Di9XFNnPwDPs18HINS8jbtEqUH83 5VtvbtxL3WSIi7a/SnJNxhuuEtsXkUEBnGtROBt8Y5cnYSuyx6Qza6LnsXp8+aMp uo31yS2buAE6kB0oGCKimZozvLilDrNbrDzklXzyezYN+AQJIdiM1Qx0nL6WDkwv W675Sw+vdpc7t4cJ4hDlFro2ndOsZcwkZcaUC1BLP+W2QkiM2+DMcA6hVk/4vzLC lzhOmR2mnLkQfBgfWvMtIo10zuA8AZ0bS4GW+5NL8UDZatOmmxBBuOuEzwIDAQAB o4ICtzCCArMwHQYDVR0OBBYEFEDbbQn7EbkS2b3yW5GjgQiD7sIdMB8GA1UdIwQY MBaAFPUTacy/hrHoThrrRubTNtOfdSrnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvOVJOcHpMLUdzZWhPR3V0RzV0TTIwNTkxS3VjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi8yZDViZGYtNTI2NS00OWI4LThhZmUt MmI5MjBiZGUzOTkwLzEvUU50dENmc1J1UkxadmZKYmthT0JDSVB1d2gwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hMi8yZDViZGYtNTI2NS00OWI4LThhZmUtMmI5MjBiZGUzOTkw LzEvOVJOcHpMLUdzZWhPR3V0RzV0TTIwNTkxS3VjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIHMBggrBgEFBQcBBwEB/wSBvDCBuTCBmQQCAAEwgZIDBAVQ VOAwDAMEBlEEQAMEAlEEYAMEA1EEcAMEAFEViDAMAwQHU2CAAwQDU2DAAwQCU2DQ MAwDBAVTYOADBAJTYOgDBAJTYPgwDAMEA1We+AMEAVWe/AMEAVuO/AMEAlvNIAME Ao3/tAMEArlF6AMEArlUSAMEArlfRAMEArlpzAMEArlp2AMEAsFdrAMEANkV8TAb BAIAAjAVAwUAIAEIKAMFACoFJQADBQAqBaKCMA0GCSqGSIb3DQEBCwUAA4IBAQCn rpqkTPTwV4qBsec9eQ82CLvQXa6ThP6JmtIZfISYx+VCTiHtXS63M8qzwcdVPKu4 rrbOj7nvKx+pO/vwNle3gDYR03COMAiz0TYCzxxHwcieuvEGheXnNxalsAgdNN0F EkJ0IVo5vihYvvf8GJo/w2C9uRPrQyNgl9GKw7hE1fo+2aMhUXJTi5ixPU+vEk3p 74t+32N2UOHcZXqE63TaDw4jN3eV2hWu6cwVy2vW0cygQPXw8LLkfVtFU8MDIfJY Csd9+2TOEHjGqafD5CLq+d4E81lP7uue7AN0i8oUu4s+Rr3qxOKnTrG6RArugHhj TAxNQmkQuEeuRlsrCFD+ -----END CERTIFICATE-----Generated at Sat Dec 6 21:11:01 2025 by rpki-client