This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/e10165-b4cd-4321-bf3c-480c32f400e1/1/QQeZJrwl_4NJIISgArACAVq6L0o.roa File: QQeZJrwl_4NJIISgArACAVq6L0o.roa (raw, json) Hash identifier: uh1KpLqwgaZj2AcvOxxyx2dRcs//e4c0XtE2TUfZonY= Subject key identifier: 41:07:99:26:BC:25:FF:83:49:20:84:A0:02:B0:02:01:5A:BA:2F:4A Certificate issuer: /CN=490b21f79b9ea2f3d042374714867d12401995db Certificate serial: 019B7F837E1165823A7166F704AB055AF381 Authority key identifier: 49:0B:21:F7:9B:9E:A2:F3:D0:42:37:47:14:86:7D:12:40:19:95:DB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SQsh95ueovPQQjdHFIZ9EkAZlds.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/e10165-b4cd-4321-bf3c-480c32f400e1/1/QQeZJrwl_4NJIISgArACAVq6L0o.roa Signing time: Fri 02 Jan 2026 16:21:22 +0000 ROA not before: Fri 02 Jan 2026 16:21:22 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 51043 IP address blocks: 5.22.136.0/21 maxlen: 24 77.73.9.0/24 maxlen: 24 77.73.12.0/24 maxlen: 24 82.197.74.0/24 maxlen: 24 83.98.32.0/19 maxlen: 19 148.253.160.0/19 maxlen: 24 159.242.64.0/18 maxlen: 24 178.23.128.0/21 maxlen: 24 185.59.180.0/22 maxlen: 24 185.173.67.0/24 maxlen: 24 195.184.238.0/23 maxlen: 24 212.47.86.0/23 maxlen: 23 2a00:ed40::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ae/e10165-b4cd-4321-bf3c-480c32f400e1/1/SQsh95ueovPQQjdHFIZ9EkAZlds.crl rsync://rpki.ripe.net/repository/DEFAULT/ae/e10165-b4cd-4321-bf3c-480c32f400e1/1/SQsh95ueovPQQjdHFIZ9EkAZlds.mft rsync://rpki.ripe.net/repository/DEFAULT/SQsh95ueovPQQjdHFIZ9EkAZlds.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 04:01:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:83:7e:11:65:82:3a:71:66:f7:04:ab:05:5a:f3:81 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=490b21f79b9ea2f3d042374714867d12401995db Validity Not Before: Jan 2 16:21:22 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=41079926bc25ff83492084a002b002015aba2f4a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:95:b6:3c:35:02:7f:7f:d9:82:92:33:38:44:c1: ab:a8:34:4e:7c:8c:35:71:13:d3:71:39:ad:52:0c: f5:06:66:30:df:db:7f:bb:64:a2:63:58:69:d3:dc: e9:67:83:1a:d2:56:fb:78:6f:22:7a:68:e3:d2:58: 45:16:5d:d8:79:1b:e7:0d:06:b3:ba:ba:d4:4e:ba: ce:29:45:e9:c9:25:85:2e:4b:79:29:0f:9c:23:d9: 3d:3e:5e:3b:b5:86:3c:dd:cb:9e:fa:62:4a:29:8a: a5:33:71:1b:20:d9:49:c0:bc:39:d6:15:2c:18:e8: 4d:1b:63:73:0c:c4:a8:73:04:d8:7b:d4:47:fb:02: bf:ae:b1:db:ca:93:b1:b1:9e:08:d6:ff:28:74:d2: f5:39:10:5b:44:db:80:35:6f:4f:77:54:b2:e1:e6: 54:84:1d:07:be:5e:e1:64:10:a6:4f:1f:41:ef:40: 29:ed:ed:32:5d:79:a2:d0:e6:44:f5:72:87:12:08: 0e:c8:44:2b:67:e3:4d:6f:f8:bf:94:06:69:52:39: b7:e4:4a:81:0f:63:f0:54:ee:06:9b:d3:d2:f6:9d: e3:63:5d:d5:6e:a0:9d:54:f3:b9:bf:fa:5c:74:1b: 69:67:ca:91:75:62:04:fa:a2:26:25:fc:84:97:7e: 35:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 41:07:99:26:BC:25:FF:83:49:20:84:A0:02:B0:02:01:5A:BA:2F:4A X509v3 Authority Key Identifier: keyid:49:0B:21:F7:9B:9E:A2:F3:D0:42:37:47:14:86:7D:12:40:19:95:DB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SQsh95ueovPQQjdHFIZ9EkAZlds.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/e10165-b4cd-4321-bf3c-480c32f400e1/1/QQeZJrwl_4NJIISgArACAVq6L0o.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/e10165-b4cd-4321-bf3c-480c32f400e1/1/SQsh95ueovPQQjdHFIZ9EkAZlds.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.22.136.0/21 77.73.9.0/24 77.73.12.0/24 82.197.74.0/24 83.98.32.0/19 148.253.160.0/19 159.242.64.0/18 178.23.128.0/21 185.59.180.0/22 185.173.67.0/24 195.184.238.0/23 212.47.86.0/23 IPv6: 2a00:ed40::/32 Signature Algorithm: sha256WithRSAEncryption 12:6c:60:19:47:c9:49:b8:07:49:8d:00:81:9d:17:f1:8d:71: ec:f2:48:4e:d6:a5:4f:62:8e:5e:9c:32:fa:fa:a0:2e:aa:60: 98:b7:25:dd:f7:b2:ab:8e:81:1b:4b:e9:20:20:f8:3d:77:9b: 71:74:0f:25:aa:15:05:71:c1:ab:28:02:56:4c:5f:29:3f:a4: 8d:64:6d:91:6c:ef:96:e1:6a:39:74:54:50:e7:69:a0:2c:43: ca:c0:77:17:76:87:ff:0c:b5:44:44:51:75:27:e1:ce:ab:ce: 07:8a:87:d1:57:70:ac:18:29:6a:8b:21:dd:44:cd:f0:53:16: 9f:40:40:b3:2e:3b:4a:00:ea:dd:3d:51:02:80:a4:ec:db:06: 4e:2c:22:6d:30:1c:72:c8:76:da:e4:4c:d2:6c:2b:07:86:e1: 49:ae:b6:66:46:1b:1c:01:d2:48:1b:7f:65:33:b0:a6:67:72: 8e:c8:2e:34:70:67:dc:b8:1d:45:95:1d:d1:3f:bc:68:fc:7c: e5:45:b2:28:45:a3:83:2a:46:19:a7:72:d8:84:99:f9:78:3c: 41:03:1d:1e:ce:e8:04:2f:07:fc:b7:93:72:ec:62:57:93:f5: ab:d5:a4:58:c6:1e:35:66:8d:6b:be:05:e3:35:a3:13:46:91: f0:8a:0b:7d -----BEGIN CERTIFICATE----- MIIFTjCCBDagAwIBAgISAZt/g34RZYI6cWb3BKsFWvOBMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQ5MGIyMWY3OWI5ZWEyZjNkMDQyMzc0NzE0ODY3ZDEyNDAx OTk1ZGIwHhcNMjYwMTAyMTYyMTIyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0MTA3OTkyNmJjMjVmZjgzNDkyMDg0YTAwMmIwMDIwMTVhYmEyZjRhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlbY8NQJ/f9mCkjM4RMGrqDROfIw1 cRPTcTmtUgz1BmYw39t/u2SiY1hp09zpZ4Ma0lb7eG8iemjj0lhFFl3YeRvnDQaz urrUTrrOKUXpySWFLkt5KQ+cI9k9Pl47tYY83cue+mJKKYqlM3EbINlJwLw51hUs GOhNG2NzDMSocwTYe9RH+wK/rrHbypOxsZ4I1v8odNL1ORBbRNuANW9Pd1Sy4eZU hB0Hvl7hZBCmTx9B70Ap7e0yXXmi0OZE9XKHEggOyEQrZ+NNb/i/lAZpUjm35EqB D2PwVO4Gm9PS9p3jY13VbqCdVPO5v/pcdBtpZ8qRdWIE+qImJfyEl341XQIDAQAB o4ICWjCCAlYwHQYDVR0OBBYEFEEHmSa8Jf+DSSCEoAKwAgFaui9KMB8GA1UdIwQY MBaAFEkLIfebnqLz0EI3RxSGfRJAGZXbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvU1FzaDk1dWVvdlBRUWpkSEZJWjlFa0FabGRzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS9lMTAxNjUtYjRjZC00MzIxLWJmM2Mt NDgwYzMyZjQwMGUxLzEvUVFlWkpyd2xfNE5KSUlTZ0FyQUNBVnE2TDBvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hZS9lMTAxNjUtYjRjZC00MzIxLWJmM2MtNDgwYzMyZjQwMGUx LzEvU1FzaDk1dWVvdlBRUWpkSEZJWjlFa0FabGRzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzBOBAIAATBIAwQDBRaIAwQA TUkJAwQATUkMAwQAUsVKAwQFU2IgAwQFlP2gAwQGn/JAAwQDsheAAwQCuTu0AwQA ua1DAwQBw7juAwQB1C9WMA0EAgACMAcDBQAqAO1AMA0GCSqGSIb3DQEBCwUAA4IB AQASbGAZR8lJuAdJjQCBnRfxjXHs8khO1qVPYo5enDL6+qAuqmCYtyXd97KrjoEb S+kgIPg9d5txdA8lqhUFccGrKAJWTF8pP6SNZG2RbO+W4Wo5dFRQ52mgLEPKwHcX dof/DLVERFF1J+HOq84HiofRV3CsGClqiyHdRM3wUxafQECzLjtKAOrdPVECgKTs 2wZOLCJtMBxyyHba5EzSbCsHhuFJrrZmRhscAdJIG39lM7CmZ3KOyC40cGfcuB1F lR3RP7xo/HzlRbIoRaODKkYZp3LYhJn5eDxBAx0ezugELwf8t5Ny7GJXk/Wr1aRY xh41Zo1rvgXjNaMTRpHwigt9 -----END CERTIFICATE-----Generated at Sun Jan 25 15:13:04 2026 by rpki-client