This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/278398-7339-44b2-b0b0-73a01ae5de8f/1/qhbgvCCuTYLs-T9K9IfIIvF38MQ.roa File: qhbgvCCuTYLs-T9K9IfIIvF38MQ.roa (raw, json) Hash identifier: WdrjO4xvUh7bWyfHcWR8FrUXBHsQMBxvR3LgVLProrg= Subject key identifier: AA:16:E0:BC:20:AE:4D:82:EC:F9:3F:4A:F4:87:C8:22:F1:77:F0:C4 Certificate issuer: /CN=4cd71f5a0050f8ae6444c638769ba375fddbce19 Certificate serial: 019B78A2B6CFEFF40E2E3E9F654C22A6F9A2 Authority key identifier: 4C:D7:1F:5A:00:50:F8:AE:64:44:C6:38:76:9B:A3:75:FD:DB:CE:19 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TNcfWgBQ-K5kRMY4dpujdf3bzhk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/278398-7339-44b2-b0b0-73a01ae5de8f/1/qhbgvCCuTYLs-T9K9IfIIvF38MQ.roa Signing time: Thu 01 Jan 2026 08:18:08 +0000 ROA not before: Thu 01 Jan 2026 08:18:08 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 60893 IP address blocks: 45.150.104.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3b/278398-7339-44b2-b0b0-73a01ae5de8f/1/TNcfWgBQ-K5kRMY4dpujdf3bzhk.crl rsync://rpki.ripe.net/repository/DEFAULT/3b/278398-7339-44b2-b0b0-73a01ae5de8f/1/TNcfWgBQ-K5kRMY4dpujdf3bzhk.mft rsync://rpki.ripe.net/repository/DEFAULT/TNcfWgBQ-K5kRMY4dpujdf3bzhk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 01:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a2:b6:cf:ef:f4:0e:2e:3e:9f:65:4c:22:a6:f9:a2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4cd71f5a0050f8ae6444c638769ba375fddbce19 Validity Not Before: Jan 1 08:18:08 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=aa16e0bc20ae4d82ecf93f4af487c822f177f0c4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:9e:53:1f:9e:5c:a7:3e:81:34:40:6f:0d:05: 4e:3c:d6:a9:6d:fa:87:89:f9:18:be:63:16:c5:87: da:7a:66:b9:01:4f:31:ab:d2:ef:d7:f4:f3:0a:73: 65:2c:f0:e5:0a:17:08:b1:94:67:d9:80:d2:07:21: 0c:72:7b:7e:fc:65:c6:29:86:db:dc:5f:3b:c5:eb: e4:57:7e:0b:92:6b:9e:01:c5:00:46:32:99:d6:aa: 50:5a:de:25:0c:67:7b:27:f0:d7:06:d8:60:07:c1: e6:0f:31:88:97:2c:f5:ed:13:55:20:f2:2e:41:59: 90:dc:f9:15:d3:61:94:bf:a2:6e:2d:ea:c8:45:eb: b5:50:22:e3:fc:e0:41:0b:4e:cd:77:72:7f:b0:39: fc:94:47:47:59:62:02:11:da:a8:73:b9:83:ee:5b: 64:a6:2b:1e:b1:6f:a4:86:c3:68:d6:52:ed:71:58: 2c:71:ad:57:76:2d:15:61:1f:18:39:78:f4:43:7e: 88:22:e3:eb:fd:92:4b:69:67:ff:66:29:ab:8a:b4: f3:39:df:43:2b:6b:39:80:0c:3e:bb:77:8f:fc:2b: b6:a9:71:cb:d2:e0:e7:16:30:7b:cd:9c:7d:b5:c0: af:12:ec:e3:52:fb:d0:8b:f7:e6:19:36:81:37:1a: 0f:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AA:16:E0:BC:20:AE:4D:82:EC:F9:3F:4A:F4:87:C8:22:F1:77:F0:C4 X509v3 Authority Key Identifier: keyid:4C:D7:1F:5A:00:50:F8:AE:64:44:C6:38:76:9B:A3:75:FD:DB:CE:19 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TNcfWgBQ-K5kRMY4dpujdf3bzhk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/278398-7339-44b2-b0b0-73a01ae5de8f/1/qhbgvCCuTYLs-T9K9IfIIvF38MQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/278398-7339-44b2-b0b0-73a01ae5de8f/1/TNcfWgBQ-K5kRMY4dpujdf3bzhk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.150.104.0/22 Signature Algorithm: sha256WithRSAEncryption 9f:cc:ac:54:7e:11:99:0a:36:e8:d2:ae:59:6a:75:db:38:49: fc:c8:a1:e4:45:f5:de:71:49:f1:bd:ec:49:08:f4:3e:bc:79: 76:22:50:9c:b9:78:d2:54:f2:92:36:d3:07:80:bf:a3:2a:c6: 77:9a:be:a1:e0:2b:30:61:ef:49:d4:96:ed:8a:e4:eb:46:58: 64:cc:a5:62:7e:36:d6:2c:7b:be:0f:33:77:3b:c4:90:7f:1f: c9:39:a7:0f:4c:cf:d7:6a:9e:2f:11:f1:c1:4a:33:34:22:d5: dd:d6:2a:fc:a2:f3:60:e1:58:53:30:c6:e4:28:21:06:e6:57: 2d:d6:7d:33:4f:0f:72:9d:43:fc:9d:22:99:39:ba:61:e7:06: 6e:e0:99:4b:2a:6a:8b:3c:e0:8f:05:08:d8:96:fb:ed:4f:50: 26:bd:48:e2:7a:d3:39:c7:12:c5:3e:23:fe:7e:0a:54:0f:fb: b8:e2:ad:ca:f7:8d:f2:41:97:c1:6a:ff:12:a9:76:6d:c1:8c: a8:93:f3:08:d3:a1:2a:09:81:32:ec:31:0a:ba:d0:23:6c:d1: 83:3c:b3:2c:bb:5d:95:09:d1:9a:59:6c:7e:78:8b:be:70:67: f7:00:b9:f7:fc:16:27:c6:df:e2:4e:94:14:e8:3f:c3:14:59: ce:7e:3a:f9 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt4orbP7/QOLj6fZUwipvmiMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRjZDcxZjVhMDA1MGY4YWU2NDQ0YzYzODc2OWJhMzc1ZmRk YmNlMTkwHhcNMjYwMTAxMDgxODA4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhYTE2ZTBiYzIwYWU0ZDgyZWNmOTNmNGFmNDg3YzgyMmYxNzdmMGM0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtJ5TH55cpz6BNEBvDQVOPNapbfqH ifkYvmMWxYfaema5AU8xq9Lv1/TzCnNlLPDlChcIsZRn2YDSByEMcnt+/GXGKYbb 3F87xevkV34LkmueAcUARjKZ1qpQWt4lDGd7J/DXBthgB8HmDzGIlyz17RNVIPIu QVmQ3PkV02GUv6JuLerIReu1UCLj/OBBC07Nd3J/sDn8lEdHWWICEdqoc7mD7ltk pisesW+khsNo1lLtcVgsca1Xdi0VYR8YOXj0Q36IIuPr/ZJLaWf/ZimrirTzOd9D K2s5gAw+u3eP/Cu2qXHL0uDnFjB7zZx9tcCvEuzjUvvQi/fmGTaBNxoPawIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFKoW4Lwgrk2C7Pk/SvSHyCLxd/DEMB8GA1UdIwQY MBaAFEzXH1oAUPiuZETGOHabo3X9284ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVE5jZldnQlEtSzVrUk1ZNGRwdWpkZjNiemhrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi8yNzgzOTgtNzMzOS00NGIyLWIwYjAt NzNhMDFhZTVkZThmLzEvcWhiZ3ZDQ3VUWUxzLVQ5SzlJZklJdkYzOE1RLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYi8yNzgzOTgtNzMzOS00NGIyLWIwYjAtNzNhMDFhZTVkZThm LzEvVE5jZldnQlEtSzVrUk1ZNGRwdWpkZjNiemhrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZZoMA0G CSqGSIb3DQEBCwUAA4IBAQCfzKxUfhGZCjbo0q5ZanXbOEn8yKHkRfXecUnxvexJ CPQ+vHl2IlCcuXjSVPKSNtMHgL+jKsZ3mr6h4CswYe9J1JbtiuTrRlhkzKVifjbW LHu+DzN3O8SQfx/JOacPTM/Xap4vEfHBSjM0ItXd1ir8ovNg4VhTMMbkKCEG5lct 1n0zTw9ynUP8nSKZObph5wZu4JlLKmqLPOCPBQjYlvvtT1AmvUjietM5xxLFPiP+ fgpUD/u44q3K943yQZfBav8SqXZtwYyok/MI06EqCYEy7DEKutAjbNGDPLMsu12V CdGaWWx+eIu+cGf3ALn3/BYnxt/iTpQU6D/DFFnOfjr5 -----END CERTIFICATE-----Generated at Mon Jan 26 09:43:19 2026 by rpki-client