This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/QrZBpVrINYvtt8eQ3BUierAVaEo.roa File: QrZBpVrINYvtt8eQ3BUierAVaEo.roa (raw, json) Hash identifier: otF3M+RO1u8J3AFXZCe+jAflY8Wg53WcaWXyGwSEsJ4= Subject key identifier: 42:B6:41:A5:5A:C8:35:8B:ED:B7:C7:90:DC:15:22:7A:B0:15:68:4A Certificate issuer: /CN=0b4e3b3b84242258863142ed3a19792d97cbbc74 Certificate serial: 019B7AC881DF62B240D85E9B884E8F10BEE5 Authority key identifier: 0B:4E:3B:3B:84:24:22:58:86:31:42:ED:3A:19:79:2D:97:CB:BC:74 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C047O4QkIliGMULtOhl5LZfLvHQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/QrZBpVrINYvtt8eQ3BUierAVaEo.roa Signing time: Thu 01 Jan 2026 18:18:39 +0000 ROA not before: Thu 01 Jan 2026 18:18:39 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 215474 IP address blocks: 2a0d:d940:b1::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/C047O4QkIliGMULtOhl5LZfLvHQ.crl rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/C047O4QkIliGMULtOhl5LZfLvHQ.mft rsync://rpki.ripe.net/repository/DEFAULT/C047O4QkIliGMULtOhl5LZfLvHQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:c8:81:df:62:b2:40:d8:5e:9b:88:4e:8f:10:be:e5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0b4e3b3b84242258863142ed3a19792d97cbbc74 Validity Not Before: Jan 1 18:18:39 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=42b641a55ac8358bedb7c790dc15227ab015684a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:c5:88:dc:af:47:0a:13:e9:d5:3b:21:02:c0: 51:a8:f2:10:41:01:0e:c8:39:95:9f:8e:ed:31:2e: 5a:b9:ea:31:57:de:31:98:03:72:43:7b:50:aa:fd: 90:de:62:7e:c2:0a:dd:90:45:d6:f5:a8:e5:a5:59: 2f:7b:b8:d2:a8:1d:7e:1c:e9:41:b8:80:9c:b3:c6: 18:24:9a:1a:18:eb:20:ab:eb:b1:fd:23:b9:3b:aa: 1e:27:14:4d:d9:61:d1:8d:f0:68:54:04:62:c3:a6: 4d:fe:35:30:56:68:4b:9b:df:22:23:50:6c:db:61: 91:d5:f3:0e:1e:29:87:aa:0d:3b:28:d0:83:9f:aa: 4d:f7:92:d8:6e:37:db:45:9b:34:9e:8d:59:8b:7b: 59:8e:31:e5:5a:c5:49:fb:49:5a:2b:84:26:56:80: e3:9c:47:5c:c9:16:d6:4b:0e:8b:78:03:29:59:76: 40:57:c2:6d:56:a4:7a:e6:1f:57:40:29:01:ff:10: 7d:e2:f6:99:38:dc:ce:39:72:34:82:23:67:4c:de: 6c:b1:8a:f2:e8:ba:f7:1f:99:ab:b0:13:13:9a:5d: 9d:df:ba:75:8d:7d:53:1a:a6:9b:e5:d3:45:cc:9f: b2:f3:9e:65:7c:e3:15:00:fa:35:f9:90:9c:17:11: 57:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 42:B6:41:A5:5A:C8:35:8B:ED:B7:C7:90:DC:15:22:7A:B0:15:68:4A X509v3 Authority Key Identifier: keyid:0B:4E:3B:3B:84:24:22:58:86:31:42:ED:3A:19:79:2D:97:CB:BC:74 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C047O4QkIliGMULtOhl5LZfLvHQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/QrZBpVrINYvtt8eQ3BUierAVaEo.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/C047O4QkIliGMULtOhl5LZfLvHQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0d:d940:b1::/48 Signature Algorithm: sha256WithRSAEncryption 14:74:04:a8:f8:50:8c:60:e7:68:a1:6b:2f:26:7f:e0:9e:4e: 51:37:b3:89:8e:fc:77:f0:b6:08:a2:a0:25:64:72:ad:11:a6: 7c:36:cf:5b:d2:74:b2:c8:6e:cc:c7:74:73:ef:d6:46:b8:0f: 3f:81:44:00:6b:e6:45:ab:78:13:81:36:8c:05:52:a2:cc:05: f0:5f:f8:2a:2e:a0:13:df:21:42:5f:6d:0b:62:0b:d2:bc:07: ee:78:98:11:e0:89:ca:c5:5d:83:7e:f2:ff:01:0b:fa:c5:91: 75:90:70:b4:55:38:20:6f:83:a8:0e:aa:c5:5f:97:76:85:72: 02:c1:28:c5:98:fe:84:d0:2e:b1:55:6a:24:fc:58:19:16:a5: 3d:cc:9e:f6:61:68:89:fe:1f:6a:08:3b:68:3d:cf:60:7d:eb: 46:94:05:52:1d:0a:85:33:c5:4c:cb:c8:58:7c:32:bc:6e:ca: 25:14:20:1b:e9:9f:b3:28:32:f3:a1:98:90:b1:f3:a9:77:7a: 46:30:c8:49:77:90:ff:50:16:04:8b:83:8c:65:43:b4:83:e9: 35:dd:5e:a2:15:18:fe:a7:ed:52:50:4c:e3:28:29:00:50:44: 95:99:cf:02:fc:c9:62:c9:f0:08:1b:a4:15:5e:8f:f2:24:de: e7:b2:a9:1c -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt6yIHfYrJA2F6biE6PEL7lMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBiNGUzYjNiODQyNDIyNTg4NjMxNDJlZDNhMTk3OTJkOTdj YmJjNzQwHhcNMjYwMTAxMTgxODM5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0MmI2NDFhNTVhYzgzNThiZWRiN2M3OTBkYzE1MjI3YWIwMTU2ODRhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAocWI3K9HChPp1TshAsBRqPIQQQEO yDmVn47tMS5aueoxV94xmANyQ3tQqv2Q3mJ+wgrdkEXW9ajlpVkve7jSqB1+HOlB uICcs8YYJJoaGOsgq+ux/SO5O6oeJxRN2WHRjfBoVARiw6ZN/jUwVmhLm98iI1Bs 22GR1fMOHimHqg07KNCDn6pN95LYbjfbRZs0no1Zi3tZjjHlWsVJ+0laK4QmVoDj nEdcyRbWSw6LeAMpWXZAV8JtVqR65h9XQCkB/xB94vaZONzOOXI0giNnTN5ssYry 6Lr3H5mrsBMTml2d37p1jX1TGqab5dNFzJ+y855lfOMVAPo1+ZCcFxFXvwIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFEK2QaVayDWL7bfHkNwVInqwFWhKMB8GA1UdIwQY MBaAFAtOOzuEJCJYhjFC7ToZeS2Xy7x0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQzA0N080UWtJbGlHTVVMdE9obDVMWmZMdkhRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS83YmExYjEtNTU2Mi00YTMyLTlmNWQt MTRkMjM4NTI3ODM1LzEvUXJaQnBWcklOWXZ0dDhlUTNCVWllckFWYUVvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wOS83YmExYjEtNTU2Mi00YTMyLTlmNWQtMTRkMjM4NTI3ODM1 LzEvQzA0N080UWtJbGlHTVVMdE9obDVMWmZMdkhRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg3ZQACx MA0GCSqGSIb3DQEBCwUAA4IBAQAUdASo+FCMYOdooWsvJn/gnk5RN7OJjvx38LYI oqAlZHKtEaZ8Ns9b0nSyyG7Mx3Rz79ZGuA8/gUQAa+ZFq3gTgTaMBVKizAXwX/gq LqAT3yFCX20LYgvSvAfueJgR4InKxV2DfvL/AQv6xZF1kHC0VTggb4OoDqrFX5d2 hXICwSjFmP6E0C6xVWok/FgZFqU9zJ72YWiJ/h9qCDtoPc9gfetGlAVSHQqFM8VM y8hYfDK8bsolFCAb6Z+zKDLzoZiQsfOpd3pGMMhJd5D/UBYEi4OMZUO0g+k13V6i FRj+p+1SUEzjKCkAUESVmc8C/MliyfAIG6QVXo/yJN7nsqkc -----END CERTIFICATE-----Generated at Sun Jan 25 13:03:34 2026 by rpki-client