This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/e768bd-f512-4b8a-936a-06c9296f08a2/1/QCuKQCl6KP2estrIaG6k5Uc81F4.roa File: QCuKQCl6KP2estrIaG6k5Uc81F4.roa (raw, json) Hash identifier: cBmWMEy/zwB8Bt1wF3nlzEol1nOu9jM3rhWTCCMjNfY= Subject key identifier: 40:2B:8A:40:29:7A:28:FD:9E:B2:DA:C8:68:6E:A4:E5:47:3C:D4:5E Certificate issuer: /CN=a6b789b32e16e9dd2f70513119dc77ea61ff1e09 Certificate serial: 019B7C7F7B0A8F4C1270371F020D632B70D2 Authority key identifier: A6:B7:89:B3:2E:16:E9:DD:2F:70:51:31:19:DC:77:EA:61:FF:1E:09 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/preJsy4W6d0vcFExGdx36mH_Hgk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/e768bd-f512-4b8a-936a-06c9296f08a2/1/QCuKQCl6KP2estrIaG6k5Uc81F4.roa Signing time: Fri 02 Jan 2026 02:18:07 +0000 ROA not before: Fri 02 Jan 2026 02:18:07 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 24703 IP address blocks: 176.111.48.0/23 maxlen: 23 176.111.48.0/24 maxlen: 24 176.111.49.0/24 maxlen: 24 176.111.57.0/24 maxlen: 24 176.111.58.0/23 maxlen: 23 176.111.58.0/24 maxlen: 24 176.111.59.0/24 maxlen: 24 176.111.60.0/22 maxlen: 22 176.111.60.0/24 maxlen: 24 176.111.61.0/24 maxlen: 24 176.111.62.0/24 maxlen: 24 176.111.63.0/24 maxlen: 24 193.111.8.0/23 maxlen: 23 193.111.8.0/24 maxlen: 24 193.111.9.0/24 maxlen: 24 195.128.16.0/22 maxlen: 22 195.128.16.0/24 maxlen: 24 195.128.17.0/24 maxlen: 24 195.128.18.0/24 maxlen: 24 195.128.19.0/24 maxlen: 24 195.234.212.0/22 maxlen: 22 195.234.212.0/24 maxlen: 24 195.234.213.0/24 maxlen: 24 195.234.214.0/24 maxlen: 24 195.234.215.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/e768bd-f512-4b8a-936a-06c9296f08a2/1/preJsy4W6d0vcFExGdx36mH_Hgk.crl rsync://rpki.ripe.net/repository/DEFAULT/4f/e768bd-f512-4b8a-936a-06c9296f08a2/1/preJsy4W6d0vcFExGdx36mH_Hgk.mft rsync://rpki.ripe.net/repository/DEFAULT/preJsy4W6d0vcFExGdx36mH_Hgk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 10:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:7f:7b:0a:8f:4c:12:70:37:1f:02:0d:63:2b:70:d2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a6b789b32e16e9dd2f70513119dc77ea61ff1e09 Validity Not Before: Jan 2 02:18:07 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=402b8a40297a28fd9eb2dac8686ea4e5473cd45e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:13:45:55:15:1b:2b:b1:c3:99:d8:d9:4c:42: 8f:69:fd:ea:fc:84:d1:4c:0d:dd:27:35:da:5f:02: c4:59:38:17:be:70:ba:ab:7c:4b:2c:4f:4c:f8:4b: f6:86:d0:07:53:b5:5a:f4:8a:bb:fc:62:7f:39:62: d4:97:6f:1d:a7:54:d9:68:35:15:51:9a:5a:8a:9e: bf:55:b0:c0:38:29:e2:6c:48:99:fb:64:a4:4b:f7: c8:d2:76:eb:c7:77:40:32:af:39:09:95:71:47:fa: 3e:f9:b5:77:33:2b:4c:80:a5:17:83:29:ef:9f:07: 4a:8f:59:8f:83:a5:bd:f5:c9:87:fc:a4:27:41:42: ee:6e:ef:6d:7f:b7:08:74:90:10:20:66:ed:12:a1: 45:59:e8:9b:a8:80:dd:34:5b:21:b4:87:d3:91:43: 26:49:2c:a1:41:c5:91:87:6a:b7:3f:d9:b5:e6:9d: 50:83:77:a9:94:ba:be:b5:00:3d:c4:cb:6d:72:b3: d2:ad:19:fe:e5:8b:68:48:49:6a:6b:63:48:e0:87: f5:18:5b:44:6e:8b:8c:60:c0:a8:d0:35:c6:d7:3e: 6f:29:9a:36:40:04:ee:bd:b9:5c:df:da:92:dc:5c: d9:e2:84:9e:23:89:96:0c:0a:27:2f:94:53:84:2c: b0:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:2B:8A:40:29:7A:28:FD:9E:B2:DA:C8:68:6E:A4:E5:47:3C:D4:5E X509v3 Authority Key Identifier: keyid:A6:B7:89:B3:2E:16:E9:DD:2F:70:51:31:19:DC:77:EA:61:FF:1E:09 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/preJsy4W6d0vcFExGdx36mH_Hgk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/e768bd-f512-4b8a-936a-06c9296f08a2/1/QCuKQCl6KP2estrIaG6k5Uc81F4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/e768bd-f512-4b8a-936a-06c9296f08a2/1/preJsy4W6d0vcFExGdx36mH_Hgk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 176.111.48.0/23 176.111.57.0-176.111.63.255 193.111.8.0/23 195.128.16.0/22 195.234.212.0/22 Signature Algorithm: sha256WithRSAEncryption 6e:38:77:d9:b1:9d:82:de:0c:27:74:0d:9b:c9:b6:d3:a9:55: e8:91:bc:e3:25:8c:8c:cd:99:f8:46:3f:bf:5d:bf:52:29:08: 0c:8e:93:be:a5:a8:e7:5c:8e:c3:28:92:92:73:b1:9a:8b:68: b8:2d:f3:ca:ab:07:0b:60:56:bd:b0:25:e4:c1:b2:61:c6:64: 57:a1:b9:6a:2b:65:17:b4:7e:2d:77:8d:52:1c:eb:65:59:5f: ce:5a:bd:00:71:b8:fc:cd:01:61:66:ac:a9:54:2b:9b:51:2a: 3c:8a:04:17:47:2d:85:31:11:7a:17:21:ae:84:76:02:f0:d1: 86:92:0f:b7:e6:7a:92:84:90:6c:1f:d7:4b:d0:11:d4:db:08: 8f:6f:0f:4b:63:f7:36:11:47:21:8a:4f:76:b8:98:07:d6:bb: 72:72:92:d5:df:2a:d5:8e:cd:e1:a3:66:75:14:32:36:14:40: 50:a6:f7:78:84:76:b2:e9:2f:27:71:03:83:40:dd:f5:a5:26: 55:83:95:19:20:ef:95:4e:5b:ec:da:da:3c:2a:a4:cf:77:1a: 96:03:35:65:55:b5:31:a4:72:2d:49:1f:70:75:f0:32:da:4b: ba:c9:2c:96:df:37:d5:d2:82:a1:77:79:14:d8:bd:8a:26:33: 4e:67:6d:52 -----BEGIN CERTIFICATE----- MIIFHTCCBAWgAwIBAgISAZt8f3sKj0wScDcfAg1jK3DSMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE2Yjc4OWIzMmUxNmU5ZGQyZjcwNTEzMTE5ZGM3N2VhNjFm ZjFlMDkwHhcNMjYwMTAyMDIxODA3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0MDJiOGE0MDI5N2EyOGZkOWViMmRhYzg2ODZlYTRlNTQ3M2NkNDVlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAthNFVRUbK7HDmdjZTEKPaf3q/ITR TA3dJzXaXwLEWTgXvnC6q3xLLE9M+Ev2htAHU7Va9Iq7/GJ/OWLUl28dp1TZaDUV UZpaip6/VbDAOCnibEiZ+2SkS/fI0nbrx3dAMq85CZVxR/o++bV3MytMgKUXgynv nwdKj1mPg6W99cmH/KQnQULubu9tf7cIdJAQIGbtEqFFWeibqIDdNFshtIfTkUMm SSyhQcWRh2q3P9m15p1Qg3eplLq+tQA9xMttcrPSrRn+5YtoSElqa2NI4If1GFtE bouMYMCo0DXG1z5vKZo2QATuvblc39qS3FzZ4oSeI4mWDAonL5RThCywrQIDAQAB o4ICKTCCAiUwHQYDVR0OBBYEFEArikApeij9nrLayGhupOVHPNReMB8GA1UdIwQY MBaAFKa3ibMuFundL3BRMRncd+ph/x4JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcHJlSnN5NFc2ZDB2Y0ZFeEdkeDM2bUhfSGdrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9lNzY4YmQtZjUxMi00YjhhLTkzNmEt MDZjOTI5NmYwOGEyLzEvUUN1S1FDbDZLUDJlc3RySWFHNms1VWM4MUY0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Zi9lNzY4YmQtZjUxMi00YjhhLTkzNmEtMDZjOTI5NmYwOGEy LzEvcHJlSnN5NFc2ZDB2Y0ZFeEdkeDM2bUhfSGdrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQBsG8wMAwD BACwbzkDBAawbwADBAHBbwgDBALDgBADBALD6tQwDQYJKoZIhvcNAQELBQADggEB AG44d9mxnYLeDCd0DZvJttOpVeiRvOMljIzNmfhGP79dv1IpCAyOk76lqOdcjsMo kpJzsZqLaLgt88qrBwtgVr2wJeTBsmHGZFehuWorZRe0fi13jVIc62VZX85avQBx uPzNAWFmrKlUK5tRKjyKBBdHLYUxEXoXIa6EdgLw0YaSD7fmepKEkGwf10vQEdTb CI9vD0tj9zYRRyGKT3a4mAfWu3JyktXfKtWOzeGjZnUUMjYUQFCm93iEdrLpLydx A4NA3fWlJlWDlRkg75VOW+za2jwqpM93GpYDNWVVtTGkci1JH3B18DLaS7rJLJbf N9XSgqF3eRTYvYomM05nbVI= -----END CERTIFICATE-----Generated at Mon Jan 26 12:56:51 2026 by rpki-client