This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/dd394b-6bc4-4e47-b012-518f2c8f846b/1/QEMDPwJ2cNS9ewt5zX-nDeHB4lc.roa File: QEMDPwJ2cNS9ewt5zX-nDeHB4lc.roa (raw, json) Hash identifier: ZAZFuVLV8kzOv/LeKj7q3UVNfSHjw6/4Wpf1tRlJMEo= Subject key identifier: 40:43:03:3F:02:76:70:D4:BD:7B:0B:79:CD:7F:A7:0D:E1:C1:E2:57 Certificate issuer: /CN=23329cb3abe4e940cfc62a20e2a6e2c28fc28329 Certificate serial: 019B7F1419E09F7BD23DD203062419F196C7 Authority key identifier: 23:32:9C:B3:AB:E4:E9:40:CF:C6:2A:20:E2:A6:E2:C2:8F:C2:83:29 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IzKcs6vk6UDPxiog4qbiwo_Cgyk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/dd394b-6bc4-4e47-b012-518f2c8f846b/1/QEMDPwJ2cNS9ewt5zX-nDeHB4lc.roa Signing time: Fri 02 Jan 2026 14:19:42 +0000 ROA not before: Fri 02 Jan 2026 14:19:42 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 215620 IP address blocks: 45.15.41.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/dd394b-6bc4-4e47-b012-518f2c8f846b/1/IzKcs6vk6UDPxiog4qbiwo_Cgyk.crl rsync://rpki.ripe.net/repository/DEFAULT/15/dd394b-6bc4-4e47-b012-518f2c8f846b/1/IzKcs6vk6UDPxiog4qbiwo_Cgyk.mft rsync://rpki.ripe.net/repository/DEFAULT/IzKcs6vk6UDPxiog4qbiwo_Cgyk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:14:19:e0:9f:7b:d2:3d:d2:03:06:24:19:f1:96:c7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=23329cb3abe4e940cfc62a20e2a6e2c28fc28329 Validity Not Before: Jan 2 14:19:42 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=4043033f027670d4bd7b0b79cd7fa70de1c1e257 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:81:f3:7a:a1:77:6b:1c:4b:f8:58:2d:d5:11:bf: 60:78:ba:fc:bd:98:58:ea:b7:6a:81:de:88:d9:9a: de:db:b7:6d:8b:94:31:2b:c6:b6:19:4c:02:ea:c1: 02:40:07:a9:6f:56:62:d7:6c:46:cc:67:99:6f:ea: 02:62:8a:c2:bf:23:be:bf:99:bd:72:46:95:26:cc: 43:b4:61:7e:56:3f:fe:50:7e:f8:da:a9:0d:60:33: 0f:cd:54:78:ff:a5:76:c5:36:95:f3:55:4f:0d:f3: f0:5a:9c:0c:23:0a:61:d3:ce:ef:b5:74:84:f4:24: b1:cf:0e:8f:d0:fe:ca:e8:2f:16:96:82:92:d6:0e: 86:ff:ca:e6:0a:9a:e1:ad:98:34:1b:ec:24:a6:61: 27:b9:ce:ce:3c:15:73:1f:95:17:1f:f9:55:b5:55: 0d:da:f8:f6:c7:05:24:6d:33:7d:cd:a2:ba:e0:3b: 38:43:41:dd:ee:5a:f0:f9:76:bd:45:bb:ee:2a:1f: b4:d4:1e:f9:e0:33:78:ad:be:47:b2:12:a8:1e:13: dc:e0:37:31:96:65:7e:01:92:bb:d4:af:1b:d3:d6: 3e:18:db:1c:d0:3d:b9:fe:9e:52:a9:c9:a6:46:ca: 60:1c:08:4d:ef:52:4f:a8:eb:10:18:d8:e4:d2:7e: 8f:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:43:03:3F:02:76:70:D4:BD:7B:0B:79:CD:7F:A7:0D:E1:C1:E2:57 X509v3 Authority Key Identifier: keyid:23:32:9C:B3:AB:E4:E9:40:CF:C6:2A:20:E2:A6:E2:C2:8F:C2:83:29 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IzKcs6vk6UDPxiog4qbiwo_Cgyk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/dd394b-6bc4-4e47-b012-518f2c8f846b/1/QEMDPwJ2cNS9ewt5zX-nDeHB4lc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/15/dd394b-6bc4-4e47-b012-518f2c8f846b/1/IzKcs6vk6UDPxiog4qbiwo_Cgyk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.15.41.0/24 Signature Algorithm: sha256WithRSAEncryption 78:bd:b4:a4:e2:4e:33:94:3b:c2:93:68:a3:43:ba:1f:d0:50: 0f:0b:11:17:57:e7:2a:27:e8:f9:14:d9:d0:20:14:1c:06:6b: 61:03:48:ab:84:1f:50:6b:9b:84:14:74:e3:fd:45:66:08:de: f9:cb:03:92:d1:a8:10:32:2c:83:29:1d:37:44:3f:e4:9a:99: db:f6:12:cf:6e:d2:65:be:0c:30:e7:26:7f:0d:e5:48:78:f2: ab:ef:f1:44:2c:26:9a:bd:b4:e8:3c:81:5b:82:75:a1:a6:e9: 2c:da:45:b1:1a:03:80:dd:df:07:07:19:09:27:85:43:bd:35: 78:83:e5:94:5b:1a:df:5c:76:c6:84:44:2b:c1:cd:c7:23:89: 51:1b:c8:62:ac:66:fc:5e:f2:40:23:56:09:50:9d:a6:92:2d: f6:99:ec:98:f5:55:a0:cc:ec:83:6f:13:2c:cf:be:9c:39:13: da:0e:bb:28:ec:c3:1a:d5:b8:74:b1:cc:25:0f:60:30:ec:46: 95:13:cf:08:96:2e:9b:d7:36:b9:54:d9:19:16:45:68:70:3f: c1:11:ef:2e:58:6a:42:db:50:db:42:ce:a6:7a:f4:23:63:36: 47:1a:9e:d9:7c:58:4a:2e:b0:74:8c:28:08:8b:1a:8e:ac:e7: 8a:8e:c0:a3 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt/FBngn3vSPdIDBiQZ8ZbHMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIzMzI5Y2IzYWJlNGU5NDBjZmM2MmEyMGUyYTZlMmMyOGZj MjgzMjkwHhcNMjYwMTAyMTQxOTQyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0MDQzMDMzZjAyNzY3MGQ0YmQ3YjBiNzljZDdmYTcwZGUxYzFlMjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgfN6oXdrHEv4WC3VEb9geLr8vZhY 6rdqgd6I2Zre27dti5QxK8a2GUwC6sECQAepb1Zi12xGzGeZb+oCYorCvyO+v5m9 ckaVJsxDtGF+Vj/+UH742qkNYDMPzVR4/6V2xTaV81VPDfPwWpwMIwph087vtXSE 9CSxzw6P0P7K6C8WloKS1g6G/8rmCprhrZg0G+wkpmEnuc7OPBVzH5UXH/lVtVUN 2vj2xwUkbTN9zaK64Ds4Q0Hd7lrw+Xa9RbvuKh+01B754DN4rb5HshKoHhPc4Dcx lmV+AZK71K8b09Y+GNsc0D25/p5SqcmmRspgHAhN71JPqOsQGNjk0n6PgQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFEBDAz8CdnDUvXsLec1/pw3hweJXMB8GA1UdIwQY MBaAFCMynLOr5OlAz8YqIOKm4sKPwoMpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSXpLY3M2dms2VURQeGlvZzRxYml3b19DZ3lrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS9kZDM5NGItNmJjNC00ZTQ3LWIwMTIt NTE4ZjJjOGY4NDZiLzEvUUVNRFB3SjJjTlM5ZXd0NXpYLW5EZUhCNGxjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNS9kZDM5NGItNmJjNC00ZTQ3LWIwMTItNTE4ZjJjOGY4NDZi LzEvSXpLY3M2dms2VURQeGlvZzRxYml3b19DZ3lrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALQ8pMA0G CSqGSIb3DQEBCwUAA4IBAQB4vbSk4k4zlDvCk2ijQ7of0FAPCxEXV+cqJ+j5FNnQ IBQcBmthA0irhB9Qa5uEFHTj/UVmCN75ywOS0agQMiyDKR03RD/kmpnb9hLPbtJl vgww5yZ/DeVIePKr7/FELCaavbToPIFbgnWhpuks2kWxGgOA3d8HBxkJJ4VDvTV4 g+WUWxrfXHbGhEQrwc3HI4lRG8hirGb8XvJAI1YJUJ2mki32meyY9VWgzOyDbxMs z76cORPaDrso7MMa1bh0scwlD2Aw7EaVE88Ili6b1za5VNkZFkVocD/BEe8uWGpC 21DbQs6mevQjYzZHGp7ZfFhKLrB0jCgIixqOrOeKjsCj -----END CERTIFICATE-----Generated at Sun Jan 25 17:39:28 2026 by rpki-client