This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/QODPrlG-VFZOgZAxUGIjQpc2hgs.roa File: QODPrlG-VFZOgZAxUGIjQpc2hgs.roa (raw, json) Hash identifier: XwW86R5AwanY37CTPsNgWsJGKeOgg+VqgPHo62gPeX8= Subject key identifier: 40:E0:CF:AE:51:BE:54:56:4E:81:90:31:50:62:23:42:97:36:86:0B Certificate issuer: /CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c Certificate serial: 019B7E38D2903FD2A554A5BC4367142F0FE0 Authority key identifier: A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/QODPrlG-VFZOgZAxUGIjQpc2hgs.roa Signing time: Fri 02 Jan 2026 10:20:11 +0000 ROA not before: Fri 02 Jan 2026 10:20:11 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 12008 IP address blocks: 37.209.192.0/24 maxlen: 24 37.209.194.0/24 maxlen: 24 37.209.196.0/24 maxlen: 24 37.209.198.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.mft rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 25 Jan 2026 23:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:38:d2:90:3f:d2:a5:54:a5:bc:43:67:14:2f:0f:e0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c Validity Not Before: Jan 2 10:20:11 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=40e0cfae51be54564e819031506223429736860b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:59:5e:3a:0e:de:d6:0c:fc:49:6f:55:ae:78: 9f:82:24:a2:0d:38:47:ae:9a:da:5c:b8:13:00:21: 5f:e4:29:5c:00:20:f9:15:ba:4d:9d:05:f5:db:46: 0b:48:82:92:ea:18:75:2e:b2:41:45:38:a5:17:69: 57:9c:ad:1f:d9:f6:14:e9:8c:c4:4e:ef:9a:05:a4: 8d:41:8a:d2:a8:02:76:bd:c8:53:fc:49:c9:50:04: 86:c7:8b:7f:eb:30:0b:d5:12:87:2a:b4:db:8f:f7: 3d:2c:20:4f:d9:b8:d1:9d:41:78:9e:32:3a:16:7a: 2b:d0:63:55:50:96:73:e0:fc:36:eb:26:ad:f5:35: 93:9a:58:b7:c1:41:89:82:73:cf:44:ea:26:35:fd: 30:5b:e5:37:97:4e:1e:a5:e4:16:b4:c3:8b:ba:a0: 6f:d0:bf:03:43:e8:b3:12:42:53:08:99:c8:4a:8d: f3:a2:af:cd:05:03:4e:6f:89:16:98:54:3d:14:9a: 70:47:79:22:ac:9c:c7:92:96:ed:51:4f:e8:37:cb: e5:4d:99:95:f7:6a:df:c3:af:be:33:b8:05:35:d7: 08:33:39:25:d1:a3:1e:00:5d:97:d1:86:1b:67:30: 7c:cd:d5:98:78:9a:03:27:05:c7:00:45:10:4c:1a: fc:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:E0:CF:AE:51:BE:54:56:4E:81:90:31:50:62:23:42:97:36:86:0B X509v3 Authority Key Identifier: keyid:A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/QODPrlG-VFZOgZAxUGIjQpc2hgs.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 37.209.192.0/24 37.209.194.0/24 37.209.196.0/24 37.209.198.0/24 Signature Algorithm: sha256WithRSAEncryption 5f:dc:ac:cb:d4:72:b8:72:6c:c9:f7:92:b3:95:4c:a5:ad:84: ef:d4:7e:91:fc:c6:74:be:14:1b:b6:13:cf:df:62:ea:e0:40: da:de:51:1e:80:51:22:0a:bc:2e:a8:04:26:3d:ae:b5:00:30: 76:2e:71:ed:ef:fa:c5:f3:9f:11:c8:53:7d:d8:b7:c4:0c:2d: 36:c8:73:23:f5:c3:0e:cf:2f:6c:46:4d:29:04:0b:21:84:82: 30:c0:dc:c7:ec:b8:b7:7e:8d:19:77:e8:b2:a2:ed:43:73:35: 19:9a:69:69:9c:10:1e:25:83:f0:f6:da:bc:0e:a0:54:4d:47: 0f:75:c9:cd:a9:92:c5:e7:ca:0f:10:b7:7a:65:df:89:42:ee: 8c:33:7a:b8:4a:b5:a4:84:90:13:ba:2e:b9:73:f4:8e:92:a9: dc:df:61:10:c4:3b:4c:84:63:69:38:a8:d4:24:f2:dc:67:f3: 05:59:89:9b:62:e1:6e:1d:d6:6a:67:9c:c0:5e:2d:67:ec:03: 06:02:ab:57:ec:93:27:05:ba:d2:36:81:54:1a:17:42:7a:88: 52:6e:ab:d7:0b:a0:65:6a:b6:f1:0a:f2:d3:10:6f:64:56:80: 61:c7:9c:95:99:5c:57:e3:a7:3a:09:77:aa:72:67:07:6b:21: a6:8d:13:5f -----BEGIN CERTIFICATE----- MIIFDzCCA/egAwIBAgISAZt+ONKQP9KlVKW8Q2cULw/gMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE1YWU4YTNkOGJkYWFiZjQ3NjVmZGE3OWQ1NWVjYThjNjlj OGJmMmMwHhcNMjYwMTAyMTAyMDExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0MGUwY2ZhZTUxYmU1NDU2NGU4MTkwMzE1MDYyMjM0Mjk3MzY4NjBiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApVleOg7e1gz8SW9VrnifgiSiDThH rpraXLgTACFf5ClcACD5FbpNnQX120YLSIKS6hh1LrJBRTilF2lXnK0f2fYU6YzE Tu+aBaSNQYrSqAJ2vchT/EnJUASGx4t/6zAL1RKHKrTbj/c9LCBP2bjRnUF4njI6 Fnor0GNVUJZz4Pw26yat9TWTmli3wUGJgnPPROomNf0wW+U3l04epeQWtMOLuqBv 0L8DQ+izEkJTCJnISo3zoq/NBQNOb4kWmFQ9FJpwR3kirJzHkpbtUU/oN8vlTZmV 92rfw6++M7gFNdcIMzkl0aMeAF2X0YYbZzB8zdWYeJoDJwXHAEUQTBr8owIDAQAB o4ICGzCCAhcwHQYDVR0OBBYEFEDgz65RvlRWToGQMVBiI0KXNoYLMB8GA1UdIwQY MBaAFKWuij2L2qv0dl/aedVeyoxpyL8sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEt NDE2Zjg1ZWUyMzdiLzEvUU9EUHJsRy1WRlpPZ1pBeFVHSWpRcGMyaGdzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEtNDE2Zjg1ZWUyMzdi LzEvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAJdHAAwQA JdHCAwQAJdHEAwQAJdHGMA0GCSqGSIb3DQEBCwUAA4IBAQBf3KzL1HK4cmzJ95Kz lUylrYTv1H6R/MZ0vhQbthPP32Lq4EDa3lEegFEiCrwuqAQmPa61ADB2LnHt7/rF 858RyFN92LfEDC02yHMj9cMOzy9sRk0pBAshhIIwwNzH7Li3fo0Zd+iyou1DczUZ mmlpnBAeJYPw9tq8DqBUTUcPdcnNqZLF58oPELd6Zd+JQu6MM3q4SrWkhJATui65 c/SOkqnc32EQxDtMhGNpOKjUJPLcZ/MFWYmbYuFuHdZqZ5zAXi1n7AMGAqtX7JMn BbrSNoFUGhdCeohSbqvXC6BlarbxCvLTEG9kVoBhx5yVmVxX46c6CXeqcmcHayGm jRNf -----END CERTIFICATE-----Generated at Sun Jan 25 10:37:52 2026 by rpki-client