This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/9ca446-fc5c-4746-b26f-30ce83701b39/1/Qz5E3yW1A48GlQlQ8-W44R8k2MA.roa File: Qz5E3yW1A48GlQlQ8-W44R8k2MA.roa (raw, json) Hash identifier: Qac4XS30rjYFAVIp0gz3UqVLZmIGboX+CL088LxdsqA= Subject key identifier: 43:3E:44:DF:25:B5:03:8F:06:95:09:50:F3:E5:B8:E1:1F:24:D8:C0 Certificate issuer: /CN=3433ae1c60672c7591a8f97d68f79fb2a5ee8da7 Certificate serial: 019B78348FAFBEF39F87625DDA6CFC0F15C2 Authority key identifier: 34:33:AE:1C:60:67:2C:75:91:A8:F9:7D:68:F7:9F:B2:A5:EE:8D:A7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NDOuHGBnLHWRqPl9aPefsqXujac.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/9ca446-fc5c-4746-b26f-30ce83701b39/1/Qz5E3yW1A48GlQlQ8-W44R8k2MA.roa Signing time: Thu 01 Jan 2026 06:17:49 +0000 ROA not before: Thu 01 Jan 2026 06:17:49 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 59642 IP address blocks: 195.189.96.0/22 maxlen: 32 2a02:ae01::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/9ca446-fc5c-4746-b26f-30ce83701b39/1/NDOuHGBnLHWRqPl9aPefsqXujac.crl rsync://rpki.ripe.net/repository/DEFAULT/43/9ca446-fc5c-4746-b26f-30ce83701b39/1/NDOuHGBnLHWRqPl9aPefsqXujac.mft rsync://rpki.ripe.net/repository/DEFAULT/NDOuHGBnLHWRqPl9aPefsqXujac.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 06:00:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:34:8f:af:be:f3:9f:87:62:5d:da:6c:fc:0f:15:c2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3433ae1c60672c7591a8f97d68f79fb2a5ee8da7 Validity Not Before: Jan 1 06:17:49 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=433e44df25b5038f06950950f3e5b8e11f24d8c0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:30:66:9a:62:93:60:9a:4a:0e:f0:0a:96:16: 5d:85:d9:3b:58:cb:30:34:ec:0b:83:a3:bc:60:56: bd:60:82:cb:89:c5:8b:11:9f:5c:d1:f8:0c:05:6c: 10:79:ed:5c:1b:12:83:69:bb:6b:dc:c8:83:dd:8b: 9f:7c:f9:d6:25:45:27:04:bc:83:0c:ba:a5:63:af: eb:32:c2:bc:fe:87:50:1a:c1:dc:c8:35:c2:1e:ea: 42:9f:8f:cc:c5:22:0f:7b:f6:77:5b:07:38:a7:49: 70:d2:6c:58:9e:d5:0e:69:89:dc:49:34:b2:71:d2: 86:12:6e:6c:f7:cb:af:f2:2a:b6:a1:40:4e:48:e1: ef:45:d0:f4:0a:cb:ca:4b:9a:df:8f:0e:4f:ca:2b: 32:f8:34:21:b3:a3:fa:c4:dc:86:2c:e4:fb:b2:7b: 57:7c:0a:99:1c:59:ff:e3:29:fb:2b:b1:e6:4e:d0: 63:d0:5c:37:79:cf:7e:e7:bc:2e:2a:e6:48:f0:52: 54:c4:63:5c:ec:5e:8a:2a:a8:8d:41:57:2c:b9:8c: 2f:8c:0e:53:9f:82:cc:2d:42:4b:a5:26:b2:a2:f9: a4:48:46:d6:6a:a0:85:af:eb:6d:51:48:15:c6:9e: 26:e9:c9:92:79:84:a9:2c:43:72:39:b6:69:11:de: 5d:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 43:3E:44:DF:25:B5:03:8F:06:95:09:50:F3:E5:B8:E1:1F:24:D8:C0 X509v3 Authority Key Identifier: keyid:34:33:AE:1C:60:67:2C:75:91:A8:F9:7D:68:F7:9F:B2:A5:EE:8D:A7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NDOuHGBnLHWRqPl9aPefsqXujac.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/9ca446-fc5c-4746-b26f-30ce83701b39/1/Qz5E3yW1A48GlQlQ8-W44R8k2MA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/43/9ca446-fc5c-4746-b26f-30ce83701b39/1/NDOuHGBnLHWRqPl9aPefsqXujac.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 195.189.96.0/22 IPv6: 2a02:ae01::/36 Signature Algorithm: sha256WithRSAEncryption 8e:a4:2c:bf:87:01:60:31:3a:59:b8:92:84:8c:93:e1:10:5d: 6a:c8:3e:f7:f2:bf:e2:d3:fb:6e:3c:09:54:b1:de:c9:9a:d6: 6b:1c:60:3b:37:8e:c0:44:9c:c7:bb:5f:bd:2a:2d:86:ea:c0: 1f:cc:60:53:d4:25:bf:bf:ea:52:06:62:ee:ee:4f:de:fa:46: fb:78:9b:30:ed:2d:16:2f:89:52:2a:0d:dc:7b:3d:21:ef:ea: 79:63:c9:4a:9b:4d:6d:82:74:2a:73:12:1e:8e:05:8d:b3:89: 29:7e:5f:bc:78:a1:f5:43:c8:1f:3c:61:b5:2b:39:2d:a7:d7: 7b:ec:68:86:41:c9:b6:87:ef:af:70:65:ec:a8:72:f5:72:bb: cf:e1:db:04:1e:fc:66:0a:cc:19:68:1f:41:63:58:70:a6:d8: 14:aa:03:af:11:8d:83:60:bc:08:15:af:43:ac:49:e5:5b:c6: f6:fc:70:32:ed:6d:9d:bc:59:4d:67:1e:c4:df:a1:91:f7:a6: 48:30:87:7d:89:71:0e:42:e1:66:d3:ec:28:73:f8:52:af:31: db:55:b0:55:c0:02:4e:b8:ad:b4:c9:d2:c3:47:2b:52:56:c3: 59:c1:db:3b:b4:07:1e:7e:34:86:c3:44:32:33:de:cc:28:02: 70:0e:ba:47 -----BEGIN CERTIFICATE----- MIIFDTCCA/WgAwIBAgISAZt4NI+vvvOfh2Jd2mz8DxXCMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM0MzNhZTFjNjA2NzJjNzU5MWE4Zjk3ZDY4Zjc5ZmIyYTVl ZThkYTcwHhcNMjYwMTAxMDYxNzQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0MzNlNDRkZjI1YjUwMzhmMDY5NTA5NTBmM2U1YjhlMTFmMjRkOGMwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0jBmmmKTYJpKDvAKlhZdhdk7WMsw NOwLg6O8YFa9YILLicWLEZ9c0fgMBWwQee1cGxKDabtr3MiD3YuffPnWJUUnBLyD DLqlY6/rMsK8/odQGsHcyDXCHupCn4/MxSIPe/Z3Wwc4p0lw0mxYntUOaYncSTSy cdKGEm5s98uv8iq2oUBOSOHvRdD0CsvKS5rfjw5Pyisy+DQhs6P6xNyGLOT7sntX fAqZHFn/4yn7K7HmTtBj0Fw3ec9+57wuKuZI8FJUxGNc7F6KKqiNQVcsuYwvjA5T n4LMLUJLpSayovmkSEbWaqCFr+ttUUgVxp4m6cmSeYSpLENyObZpEd5dvwIDAQAB o4ICGTCCAhUwHQYDVR0OBBYEFEM+RN8ltQOPBpUJUPPluOEfJNjAMB8GA1UdIwQY MBaAFDQzrhxgZyx1kaj5fWj3n7Kl7o2nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTkRPdUhHQm5MSFdScVBsOWFQZWZzcVh1amFjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My85Y2E0NDYtZmM1Yy00NzQ2LWIyNmYt MzBjZTgzNzAxYjM5LzEvUXo1RTN5VzFBNDhHbFFsUTgtVzQ0UjhrMk1BLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80My85Y2E0NDYtZmM1Yy00NzQ2LWIyNmYtMzBjZTgzNzAxYjM5 LzEvTkRPdUhHQm5MSFdScVBsOWFQZWZzcVh1amFjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQCw71gMA4E AgACMAgDBgQqAq4BADANBgkqhkiG9w0BAQsFAAOCAQEAjqQsv4cBYDE6WbiShIyT 4RBdasg+9/K/4tP7bjwJVLHeyZrWaxxgOzeOwEScx7tfvSothurAH8xgU9Qlv7/q UgZi7u5P3vpG+3ibMO0tFi+JUioN3Hs9Ie/qeWPJSptNbYJ0KnMSHo4FjbOJKX5f vHih9UPIHzxhtSs5LafXe+xohkHJtofvr3Bl7Khy9XK7z+HbBB78ZgrMGWgfQWNY cKbYFKoDrxGNg2C8CBWvQ6xJ5VvG9vxwMu1tnbxZTWcexN+hkfemSDCHfYlxDkLh ZtPsKHP4Uq8x21WwVcACTrittMnSw0crUlbDWcHbO7QHHn40hsNEMjPezCgCcA66 Rw== -----END CERTIFICATE-----Generated at Sun Jan 25 16:41:50 2026 by rpki-client