This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/4b2fb2-c0ab-4eec-8d01-33d18bf6df55/1/QHXSRTuQ2wXN4fBaqbTGI2do0QM.roa File: QHXSRTuQ2wXN4fBaqbTGI2do0QM.roa (raw, json) Hash identifier: 6/Lj3vL/L1J4PjbZ1lCMZ4grKgrWI3SnlcnhAkor32k= Subject key identifier: 40:75:D2:45:3B:90:DB:05:CD:E1:F0:5A:A9:B4:C6:23:67:68:D1:03 Certificate issuer: /CN=4b3e596a24d43650cb60e8fcc9e44d6f8c929d35 Certificate serial: 019B77590CEE079D2FA6798ACFA36AAA4CF2 Authority key identifier: 4B:3E:59:6A:24:D4:36:50:CB:60:E8:FC:C9:E4:4D:6F:8C:92:9D:35 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Sz5ZaiTUNlDLYOj8yeRNb4ySnTU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/4b2fb2-c0ab-4eec-8d01-33d18bf6df55/1/QHXSRTuQ2wXN4fBaqbTGI2do0QM.roa Signing time: Thu 01 Jan 2026 02:18:03 +0000 ROA not before: Thu 01 Jan 2026 02:18:03 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 786 IP address blocks: 161.76.0.0/16 maxlen: 16 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/4b2fb2-c0ab-4eec-8d01-33d18bf6df55/1/Sz5ZaiTUNlDLYOj8yeRNb4ySnTU.crl rsync://rpki.ripe.net/repository/DEFAULT/43/4b2fb2-c0ab-4eec-8d01-33d18bf6df55/1/Sz5ZaiTUNlDLYOj8yeRNb4ySnTU.mft rsync://rpki.ripe.net/repository/DEFAULT/Sz5ZaiTUNlDLYOj8yeRNb4ySnTU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 01:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:59:0c:ee:07:9d:2f:a6:79:8a:cf:a3:6a:aa:4c:f2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4b3e596a24d43650cb60e8fcc9e44d6f8c929d35 Validity Not Before: Jan 1 02:18:03 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=4075d2453b90db05cde1f05aa9b4c6236768d103 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:34:a4:cf:f7:58:d3:7f:74:aa:b0:7a:c3:ff: 25:c0:f3:26:88:87:c7:fc:5a:8e:40:58:d4:0b:19: 49:02:a2:25:87:0d:5d:3a:5d:03:10:c5:a4:1b:a5: a2:97:2c:54:dc:63:cb:85:c4:fb:f7:ed:8b:38:e4: 86:37:89:48:ea:7c:8f:48:b9:15:33:b3:3e:0c:36: af:f0:38:93:82:45:d5:88:55:f8:ee:57:b3:84:76: 42:53:d2:5f:91:c9:a2:77:e7:78:c9:5d:e5:9d:2b: 7d:55:b0:8d:e4:71:56:2a:48:b3:40:c1:7d:d0:05: 6f:16:82:85:c1:2a:fb:6b:a1:1f:32:d7:bc:43:fb: 26:5c:a4:57:ca:f2:3d:bb:df:2f:e8:3f:0c:8e:ac: a3:fd:62:5d:94:95:42:b1:66:19:1e:97:0c:1b:f9: d0:46:00:63:aa:10:f8:8d:de:61:a0:75:84:bd:08: 2c:7a:fc:e0:f6:26:ef:95:4b:00:ec:26:7b:de:4b: 11:18:4d:d2:3a:c3:82:87:63:73:7a:ae:76:3e:93: d0:cb:4b:e1:94:71:5f:ad:8d:6f:da:3c:e6:2c:0e: c6:48:88:77:07:f9:0b:29:fa:6e:99:cc:3e:4a:0a: 11:66:2c:c8:cf:c3:74:34:2e:92:b5:21:74:36:01: 50:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:75:D2:45:3B:90:DB:05:CD:E1:F0:5A:A9:B4:C6:23:67:68:D1:03 X509v3 Authority Key Identifier: keyid:4B:3E:59:6A:24:D4:36:50:CB:60:E8:FC:C9:E4:4D:6F:8C:92:9D:35 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sz5ZaiTUNlDLYOj8yeRNb4ySnTU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/4b2fb2-c0ab-4eec-8d01-33d18bf6df55/1/QHXSRTuQ2wXN4fBaqbTGI2do0QM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/43/4b2fb2-c0ab-4eec-8d01-33d18bf6df55/1/Sz5ZaiTUNlDLYOj8yeRNb4ySnTU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 161.76.0.0/16 Signature Algorithm: sha256WithRSAEncryption 76:94:56:f6:f6:5f:85:7c:df:c4:d8:7c:e9:f4:7a:d8:2b:58: d5:5a:0b:f5:d0:21:28:4b:e6:8a:26:bc:86:d6:6a:02:56:6b: c8:e0:c6:4b:e9:5e:8e:2b:1c:39:2b:a9:ed:41:5b:77:72:0d: b6:5d:bb:bd:41:e3:e9:82:5b:b9:f5:d9:22:be:14:43:fb:45: ab:32:a9:6a:16:6c:9d:1f:11:5a:92:b7:7c:ee:e8:52:dd:28: 91:2e:a6:1f:b3:be:f9:3a:f9:b3:36:78:71:9a:52:59:0b:4e: 8e:c3:d7:58:b9:f7:ec:30:53:e7:9c:b1:5c:b8:96:4e:fd:3b: 01:ba:cb:5a:20:29:75:34:04:ba:ec:59:81:1e:a0:57:db:51: 17:10:c3:d3:69:e3:a1:a2:0f:3d:8a:6a:61:7c:e5:90:36:da: de:f5:2f:f4:d9:ee:20:a2:72:52:ad:9c:54:f0:73:da:f1:e1: ea:ed:db:b4:e7:d0:ec:6e:b4:e3:a8:82:0f:a3:c2:71:b1:5c: 82:81:a0:1e:78:c3:20:9f:91:64:8c:49:e5:b2:bb:47:fc:e3: 0e:1d:c4:7a:5a:91:41:38:dc:13:c5:f5:e8:9b:8c:2a:8a:e1: 3c:80:33:e2:3d:1d:c3:2e:40:68:8e:67:f6:e8:6e:74:ad:c6: 9d:12:b7:7f -----BEGIN CERTIFICATE----- MIIE/DCCA+SgAwIBAgISAZt3WQzuB50vpnmKz6NqqkzyMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRiM2U1OTZhMjRkNDM2NTBjYjYwZThmY2M5ZTQ0ZDZmOGM5 MjlkMzUwHhcNMjYwMTAxMDIxODAzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0MDc1ZDI0NTNiOTBkYjA1Y2RlMWYwNWFhOWI0YzYyMzY3NjhkMTAzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxDSkz/dY0390qrB6w/8lwPMmiIfH /FqOQFjUCxlJAqIlhw1dOl0DEMWkG6WilyxU3GPLhcT79+2LOOSGN4lI6nyPSLkV M7M+DDav8DiTgkXViFX47lezhHZCU9Jfkcmid+d4yV3lnSt9VbCN5HFWKkizQMF9 0AVvFoKFwSr7a6EfMte8Q/smXKRXyvI9u98v6D8Mjqyj/WJdlJVCsWYZHpcMG/nQ RgBjqhD4jd5hoHWEvQgsevzg9ibvlUsA7CZ73ksRGE3SOsOCh2Nzeq52PpPQy0vh lHFfrY1v2jzmLA7GSIh3B/kLKfpumcw+SgoRZizIz8N0NC6StSF0NgFQDwIDAQAB o4ICCDCCAgQwHQYDVR0OBBYEFEB10kU7kNsFzeHwWqm0xiNnaNEDMB8GA1UdIwQY MBaAFEs+WWok1DZQy2Do/MnkTW+Mkp01MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvU3o1WmFpVFVObERMWU9qOHllUk5iNHlTblRVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My80YjJmYjItYzBhYi00ZWVjLThkMDEt MzNkMThiZjZkZjU1LzEvUUhYU1JUdVEyd1hONGZCYXFiVEdJMmRvMFFNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80My80YjJmYjItYzBhYi00ZWVjLThkMDEtMzNkMThiZjZkZjU1 LzEvU3o1WmFpVFVObERMWU9qOHllUk5iNHlTblRVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAoUwwDQYJ KoZIhvcNAQELBQADggEBAHaUVvb2X4V838TYfOn0etgrWNVaC/XQIShL5oomvIbW agJWa8jgxkvpXo4rHDkrqe1BW3dyDbZdu71B4+mCW7n12SK+FEP7RasyqWoWbJ0f EVqSt3zu6FLdKJEuph+zvvk6+bM2eHGaUlkLTo7D11i59+wwU+ecsVy4lk79OwG6 y1ogKXU0BLrsWYEeoFfbURcQw9Np46GiDz2KamF85ZA22t71L/TZ7iCiclKtnFTw c9rx4ert27Tn0OxutOOogg+jwnGxXIKBoB54wyCfkWSMSeWyu0f84w4dxHpakUE4 3BPF9eibjCqK4TyAM+I9HcMuQGiOZ/bobnStxp0St38= -----END CERTIFICATE-----Generated at Mon Jan 26 10:23:10 2026 by rpki-client