This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/df0e81-bdcb-4a24-8435-c1f12e58fedd/1/Qt8hBCMlNLI8nIk_LiMf9y2OnJw.roa File: Qt8hBCMlNLI8nIk_LiMf9y2OnJw.roa (raw, json) Hash identifier: GjRUGfRDG86hd7K9wU5XQ1rme8zCmD1Q06yAXGf5F6Q= Subject key identifier: 42:DF:21:04:23:25:34:B2:3C:9C:89:3F:2E:23:1F:F7:2D:8E:9C:9C Certificate issuer: /CN=cb889feed135dc03492d8b3e828c7309587d1411 Certificate serial: 019B7C805A636C95CEDEA221433A74D65654 Authority key identifier: CB:88:9F:EE:D1:35:DC:03:49:2D:8B:3E:82:8C:73:09:58:7D:14:11 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y4if7tE13ANJLYs-goxzCVh9FBE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/df0e81-bdcb-4a24-8435-c1f12e58fedd/1/Qt8hBCMlNLI8nIk_LiMf9y2OnJw.roa Signing time: Fri 02 Jan 2026 02:19:04 +0000 ROA not before: Fri 02 Jan 2026 02:19:04 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 4749 IP address blocks: 147.189.32.0/23 maxlen: 23 147.189.32.0/24 maxlen: 24 147.189.33.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/df0e81-bdcb-4a24-8435-c1f12e58fedd/1/y4if7tE13ANJLYs-goxzCVh9FBE.crl rsync://rpki.ripe.net/repository/DEFAULT/0e/df0e81-bdcb-4a24-8435-c1f12e58fedd/1/y4if7tE13ANJLYs-goxzCVh9FBE.mft rsync://rpki.ripe.net/repository/DEFAULT/y4if7tE13ANJLYs-goxzCVh9FBE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:80:5a:63:6c:95:ce:de:a2:21:43:3a:74:d6:56:54 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cb889feed135dc03492d8b3e828c7309587d1411 Validity Not Before: Jan 2 02:19:04 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=42df2104232534b23c9c893f2e231ff72d8e9c9c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:49:ed:9a:7a:29:45:46:08:1c:7b:0c:36:c8: 1c:56:03:25:97:3c:c1:c4:65:e6:99:29:51:b5:67: 0d:c5:de:d3:67:5a:dc:81:f7:b0:39:e2:c8:12:5b: d1:63:68:c1:db:b1:59:9e:4a:aa:e6:f4:66:cb:9a: c7:fb:ef:e4:1b:97:ad:4e:cd:77:fc:4c:c5:3b:89: b7:10:96:eb:66:b8:29:76:4f:80:f3:04:77:11:20: fe:83:39:c6:a6:8f:70:c5:7c:4e:98:e9:25:2a:e4: 22:0d:d1:2b:5e:d7:e8:17:53:8c:ad:23:6f:63:b0: 26:10:19:e7:34:1c:74:92:e1:04:15:5d:dd:49:e5: 03:57:3a:77:1e:e8:2d:d2:7c:9b:b3:fa:bc:fb:35: da:68:e8:2a:8b:f0:58:ed:6a:ac:68:45:4b:da:3a: 63:77:68:a0:8b:1d:2e:f3:0b:33:91:88:3f:22:6b: 1d:e7:67:b8:54:e1:6b:a4:e6:72:a5:61:d5:53:89: 45:0a:a3:1a:78:71:84:65:6b:a3:2c:82:43:c4:56: 55:44:73:2b:3a:67:19:a0:83:51:5c:2a:eb:17:63: 44:e9:71:8a:e7:69:11:d1:ed:33:39:f8:f5:7c:6a: 1d:18:87:cf:77:c4:94:80:56:f5:78:b7:06:01:7d: 4b:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 42:DF:21:04:23:25:34:B2:3C:9C:89:3F:2E:23:1F:F7:2D:8E:9C:9C X509v3 Authority Key Identifier: keyid:CB:88:9F:EE:D1:35:DC:03:49:2D:8B:3E:82:8C:73:09:58:7D:14:11 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y4if7tE13ANJLYs-goxzCVh9FBE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/df0e81-bdcb-4a24-8435-c1f12e58fedd/1/Qt8hBCMlNLI8nIk_LiMf9y2OnJw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/df0e81-bdcb-4a24-8435-c1f12e58fedd/1/y4if7tE13ANJLYs-goxzCVh9FBE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 147.189.32.0/23 Signature Algorithm: sha256WithRSAEncryption 4a:e8:92:1f:68:9e:b0:5b:07:8a:72:18:e0:8b:4a:40:ab:bb: 49:b6:43:e4:0e:37:25:13:ee:49:80:3b:1d:32:a0:24:72:59: 64:bc:4c:86:6a:82:7d:d9:eb:0d:c0:b5:1c:5c:3d:be:85:a1: ba:a3:ec:17:8c:5d:02:07:92:be:eb:87:d2:01:b6:87:2b:dc: ae:35:a2:69:af:ce:7e:d0:d0:b8:79:6e:56:19:36:1b:ba:49: e0:36:76:d6:c0:9e:24:6a:f9:ed:76:72:c2:9a:5f:55:f9:73: 74:d6:2a:fa:f1:f1:3e:9e:c4:17:5f:e0:8d:a9:9e:6e:d5:1c: d1:2c:d6:4e:42:0b:23:22:ed:9a:9f:4d:c8:af:82:ee:37:e1: c8:c3:c2:d5:ea:e0:dc:70:f7:fc:c5:22:be:e4:68:3f:c3:4b: 9c:e7:14:5b:47:04:fd:63:4d:c0:cc:66:e0:cd:cb:bb:b2:c4: 13:9b:ae:ef:63:06:53:0f:ac:20:a0:e0:58:19:f1:03:28:5e: 22:9e:82:61:04:0f:3d:96:b6:f8:8f:4a:86:ef:f6:86:fa:4f: 86:d2:3a:38:82:70:db:db:bd:9c:2c:a3:28:43:50:93:50:10: 43:fc:f8:79:86:7a:44:60:8b:4e:94:e4:92:14:b5:e6:3c:ba: 84:c5:2a:9a -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt8gFpjbJXO3qIhQzp01lZUMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNiODg5ZmVlZDEzNWRjMDM0OTJkOGIzZTgyOGM3MzA5NTg3 ZDE0MTEwHhcNMjYwMTAyMDIxOTA0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0MmRmMjEwNDIzMjUzNGIyM2M5Yzg5M2YyZTIzMWZmNzJkOGU5YzljMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmEntmnopRUYIHHsMNsgcVgMllzzB xGXmmSlRtWcNxd7TZ1rcgfewOeLIElvRY2jB27FZnkqq5vRmy5rH++/kG5etTs13 /EzFO4m3EJbrZrgpdk+A8wR3ESD+gznGpo9wxXxOmOklKuQiDdErXtfoF1OMrSNv Y7AmEBnnNBx0kuEEFV3dSeUDVzp3Hugt0nybs/q8+zXaaOgqi/BY7WqsaEVL2jpj d2igix0u8wszkYg/Imsd52e4VOFrpOZypWHVU4lFCqMaeHGEZWujLIJDxFZVRHMr OmcZoINRXCrrF2NE6XGK52kR0e0zOfj1fGodGIfPd8SUgFb1eLcGAX1LSQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFELfIQQjJTSyPJyJPy4jH/ctjpycMB8GA1UdIwQY MBaAFMuIn+7RNdwDSS2LPoKMcwlYfRQRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveTRpZjd0RTEzQU5KTFlzLWdveHpDVmg5RkJFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS9kZjBlODEtYmRjYi00YTI0LTg0MzUt YzFmMTJlNThmZWRkLzEvUXQ4aEJDTWxOTEk4bklrX0xpTWY5eTJPbkp3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wZS9kZjBlODEtYmRjYi00YTI0LTg0MzUtYzFmMTJlNThmZWRk LzEveTRpZjd0RTEzQU5KTFlzLWdveHpDVmg5RkJFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBk70gMA0G CSqGSIb3DQEBCwUAA4IBAQBK6JIfaJ6wWweKchjgi0pAq7tJtkPkDjclE+5JgDsd MqAkcllkvEyGaoJ92esNwLUcXD2+haG6o+wXjF0CB5K+64fSAbaHK9yuNaJpr85+ 0NC4eW5WGTYbukngNnbWwJ4kavntdnLCml9V+XN01ir68fE+nsQXX+CNqZ5u1RzR LNZOQgsjIu2an03Ir4LuN+HIw8LV6uDccPf8xSK+5Gg/w0uc5xRbRwT9Y03AzGbg zcu7ssQTm67vYwZTD6wgoOBYGfEDKF4inoJhBA89lrb4j0qG7/aG+k+G0jo4gnDb 272cLKMoQ1CTUBBD/Ph5hnpEYItOlOSSFLXmPLqExSqa -----END CERTIFICATE-----Generated at Sun Jan 25 20:01:13 2026 by rpki-client