This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/21b500-34a6-420a-aa44-749905c327b1/1/qNAwNr9sOtlnmTZXNsD7ZTCA6FQ.roa File: qNAwNr9sOtlnmTZXNsD7ZTCA6FQ.roa (raw, json) Hash identifier: dZNLxY2R+OMbFcczhFdBzgHwABmB4UkJwEeAYi+FzG4= Subject key identifier: A8:D0:30:36:BF:6C:3A:D9:67:99:36:57:36:C0:FB:65:30:80:E8:54 Certificate issuer: /CN=1cae1a26967dfe287eb602749ec2c6f05afbb57c Certificate serial: 019B76EB65BEF090E9D6A1297E71B732A332 Authority key identifier: 1C:AE:1A:26:96:7D:FE:28:7E:B6:02:74:9E:C2:C6:F0:5A:FB:B5:7C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HK4aJpZ9_ih-tgJ0nsLG8Fr7tXw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/21b500-34a6-420a-aa44-749905c327b1/1/qNAwNr9sOtlnmTZXNsD7ZTCA6FQ.roa Signing time: Thu 01 Jan 2026 00:18:16 +0000 ROA not before: Thu 01 Jan 2026 00:18:16 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 56953 IP address blocks: 31.132.200.0/21 maxlen: 24 91.229.152.0/23 maxlen: 24 2001:67c:2340::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/78/21b500-34a6-420a-aa44-749905c327b1/1/HK4aJpZ9_ih-tgJ0nsLG8Fr7tXw.crl rsync://rpki.ripe.net/repository/DEFAULT/78/21b500-34a6-420a-aa44-749905c327b1/1/HK4aJpZ9_ih-tgJ0nsLG8Fr7tXw.mft rsync://rpki.ripe.net/repository/DEFAULT/HK4aJpZ9_ih-tgJ0nsLG8Fr7tXw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 12 Jan 2026 18:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:76:eb:65:be:f0:90:e9:d6:a1:29:7e:71:b7:32:a3:32 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1cae1a26967dfe287eb602749ec2c6f05afbb57c Validity Not Before: Jan 1 00:18:16 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=a8d03036bf6c3ad96799365736c0fb653080e854 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:94:b4:80:e4:30:40:19:de:aa:d3:13:c6:0f:71: d4:7c:3e:fc:7e:e2:f6:a4:79:87:a4:5e:9c:6d:e5: 12:f9:a2:fe:24:d1:e2:0c:86:1b:d8:fd:87:db:9f: 7b:cb:d6:53:b8:12:9f:36:a2:ef:fb:a8:fa:5b:07: 94:c3:20:3a:d8:2c:14:cd:a3:42:29:a9:fa:e0:ce: 85:e8:d8:98:84:69:f1:ba:a7:bd:1c:10:aa:6a:69: c4:a1:92:9e:66:7a:c7:db:33:46:1d:1f:c6:a8:87: b9:79:77:94:80:7b:4a:0a:21:ac:fa:5f:70:02:4c: c2:d0:b9:71:a2:26:dd:12:d8:a2:51:49:e1:26:70: 82:67:1e:8a:be:35:3c:76:57:a3:33:ff:49:ef:5f: 51:03:b6:4d:aa:0d:b3:83:8b:1a:74:c8:dd:fc:29: f2:78:fa:d4:85:0f:f4:f0:2e:3e:6a:7e:a9:66:36: 5e:9d:7e:a5:98:bd:a4:4e:51:93:8e:fb:a3:92:3c: d6:b2:83:c2:59:71:e7:1f:28:07:d8:8a:bc:b3:e2: e9:6f:b0:81:2c:aa:de:ed:18:a5:bf:62:0b:0b:1c: 49:77:fd:fb:85:93:d8:a8:99:e8:4c:82:ff:8d:bc: fe:73:ae:fc:1f:b8:17:5d:a4:50:0d:ed:22:fe:87: a7:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A8:D0:30:36:BF:6C:3A:D9:67:99:36:57:36:C0:FB:65:30:80:E8:54 X509v3 Authority Key Identifier: keyid:1C:AE:1A:26:96:7D:FE:28:7E:B6:02:74:9E:C2:C6:F0:5A:FB:B5:7C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HK4aJpZ9_ih-tgJ0nsLG8Fr7tXw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/21b500-34a6-420a-aa44-749905c327b1/1/qNAwNr9sOtlnmTZXNsD7ZTCA6FQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/78/21b500-34a6-420a-aa44-749905c327b1/1/HK4aJpZ9_ih-tgJ0nsLG8Fr7tXw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.132.200.0/21 91.229.152.0/23 IPv6: 2001:67c:2340::/48 Signature Algorithm: sha256WithRSAEncryption d3:b4:79:74:0c:55:42:19:59:ba:01:3a:42:d3:38:2e:e6:99: 64:a8:a7:02:28:99:bc:8a:fa:6d:05:06:55:f2:62:48:1c:74: 31:17:c5:22:82:7a:e2:2b:13:e2:52:7a:06:d9:55:ea:53:9f: 94:57:03:2f:d0:f9:f0:a8:b8:d0:59:61:d8:eb:f1:0d:88:e3: ba:d2:76:f3:d5:83:f1:06:80:50:a0:4d:43:e9:d2:de:ef:62: fb:94:46:61:62:e8:11:c6:9f:fa:57:9e:53:1c:83:10:3c:a9: 99:62:5f:07:61:6e:ff:24:87:20:41:ff:fa:ea:93:4d:3d:d2: 7c:66:af:c8:c2:4d:7b:6e:a2:91:e7:83:3e:d9:26:e4:f0:b8: ca:f4:ec:2a:d8:d7:14:2b:4d:59:2f:6d:69:8b:6d:83:6e:14: 4a:c4:70:77:e5:d0:ad:0f:e6:43:79:9f:33:61:63:b3:26:73: b9:88:f6:8f:26:0d:9e:d1:3d:6e:23:a2:01:11:98:96:83:3d: cc:f7:00:47:c1:33:88:e3:63:7e:fc:e0:74:0c:58:bc:2c:79: f8:49:51:9f:59:03:5f:d5:45:b1:d9:34:e4:5e:9e:d9:ff:af: 7e:58:33:1f:4f:3e:6c:14:86:61:ea:1d:97:d0:6b:27:e9:a2: da:22:f6:ed -----BEGIN CERTIFICATE----- MIIFFDCCA/ygAwIBAgISAZt262W+8JDp1qEpfnG3MqMyMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFjYWUxYTI2OTY3ZGZlMjg3ZWI2MDI3NDllYzJjNmYwNWFm YmI1N2MwHhcNMjYwMTAxMDAxODE2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhOGQwMzAzNmJmNmMzYWQ5Njc5OTM2NTczNmMwZmI2NTMwODBlODU0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlLSA5DBAGd6q0xPGD3HUfD78fuL2 pHmHpF6cbeUS+aL+JNHiDIYb2P2H2597y9ZTuBKfNqLv+6j6WweUwyA62CwUzaNC Kan64M6F6NiYhGnxuqe9HBCqamnEoZKeZnrH2zNGHR/GqIe5eXeUgHtKCiGs+l9w AkzC0LlxoibdEtiiUUnhJnCCZx6KvjU8dlejM/9J719RA7ZNqg2zg4sadMjd/Cny ePrUhQ/08C4+an6pZjZenX6lmL2kTlGTjvujkjzWsoPCWXHnHygH2Iq8s+Lpb7CB LKre7Rilv2ILCxxJd/37hZPYqJnoTIL/jbz+c678H7gXXaRQDe0i/oenOwIDAQAB o4ICIDCCAhwwHQYDVR0OBBYEFKjQMDa/bDrZZ5k2VzbA+2UwgOhUMB8GA1UdIwQY MBaAFByuGiaWff4ofrYCdJ7CxvBa+7V8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSEs0YUpwWjlfaWgtdGdKMG5zTEc4RnI3dFh3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC8yMWI1MDAtMzRhNi00MjBhLWFhNDQt NzQ5OTA1YzMyN2IxLzEvcU5Bd05yOXNPdGxubVRaWE5zRDdaVENBNkZRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83OC8yMWI1MDAtMzRhNi00MjBhLWFhNDQtNzQ5OTA1YzMyN2Ix LzEvSEs0YUpwWjlfaWgtdGdKMG5zTEc4RnI3dFh3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQDH4TIAwQB W+WYMA8EAgACMAkDBwAgAQZ8I0AwDQYJKoZIhvcNAQELBQADggEBANO0eXQMVUIZ WboBOkLTOC7mmWSopwIombyK+m0FBlXyYkgcdDEXxSKCeuIrE+JSegbZVepTn5RX Ay/Q+fCouNBZYdjr8Q2I47rSdvPVg/EGgFCgTUPp0t7vYvuURmFi6BHGn/pXnlMc gxA8qZliXwdhbv8khyBB//rqk0090nxmr8jCTXtuopHngz7ZJuTwuMr07CrY1xQr TVkvbWmLbYNuFErEcHfl0K0P5kN5nzNhY7Mmc7mI9o8mDZ7RPW4jogERmJaDPcz3 AEfBM4jjY3784HQMWLwsefhJUZ9ZA1/VRbHZNORentn/r35YMx9PPmwUhmHqHZfQ ayfpotoi9u0= -----END CERTIFICATE-----Generated at Mon Jan 12 02:27:56 2026 by rpki-client