This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/bb5ece-012e-4194-9980-7e21db5a2ef9/1/Qx55ZZjEUo3STaLz-yeXRfFXd6U.roa File: Qx55ZZjEUo3STaLz-yeXRfFXd6U.roa (raw, json) Hash identifier: H6SY2nIdu7L2TEJH4MdS8DA2eloYCGNuqXlJqZac4sw= Subject key identifier: 43:1E:79:65:98:C4:52:8D:D2:4D:A2:F3:FB:27:97:45:F1:57:77:A5 Certificate issuer: /CN=4214088c77bd12687fd4ba9fe3159ea805888ed2 Certificate serial: 019B797E005A1B735FA94B2028D0ABD1DE3E Authority key identifier: 42:14:08:8C:77:BD:12:68:7F:D4:BA:9F:E3:15:9E:A8:05:88:8E:D2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QhQIjHe9Emh_1Lqf4xWeqAWIjtI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/bb5ece-012e-4194-9980-7e21db5a2ef9/1/Qx55ZZjEUo3STaLz-yeXRfFXd6U.roa Signing time: Thu 01 Jan 2026 12:17:39 +0000 ROA not before: Thu 01 Jan 2026 12:17:39 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 21183 IP address blocks: 46.252.32.0/20 maxlen: 24 185.237.16.0/23 maxlen: 24 188.164.216.0/21 maxlen: 24 188.164.216.0/22 maxlen: 22 188.164.219.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/bb5ece-012e-4194-9980-7e21db5a2ef9/1/QhQIjHe9Emh_1Lqf4xWeqAWIjtI.crl rsync://rpki.ripe.net/repository/DEFAULT/5a/bb5ece-012e-4194-9980-7e21db5a2ef9/1/QhQIjHe9Emh_1Lqf4xWeqAWIjtI.mft rsync://rpki.ripe.net/repository/DEFAULT/QhQIjHe9Emh_1Lqf4xWeqAWIjtI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 06:00:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7e:00:5a:1b:73:5f:a9:4b:20:28:d0:ab:d1:de:3e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4214088c77bd12687fd4ba9fe3159ea805888ed2 Validity Not Before: Jan 1 12:17:39 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=431e796598c4528dd24da2f3fb279745f15777a5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:2f:6e:af:58:39:0e:55:09:58:48:43:14:59: e4:79:5a:73:3d:38:c8:e3:8c:f5:ae:c2:3d:13:30: 09:c9:a8:5d:be:09:62:54:50:9c:ba:14:e6:b5:38: 02:52:64:bd:cd:fa:9d:16:77:0c:a7:58:99:60:7d: 55:a3:d7:8f:19:c4:36:50:b3:e6:a7:cd:8f:ba:f3: 82:84:05:f8:2c:91:c4:62:7d:a4:90:14:e8:0a:53: 53:24:58:49:d4:4b:01:7a:95:c6:f5:87:f8:27:21: 1f:69:30:ca:01:6b:ba:b0:68:ce:e9:fd:74:0b:bb: 04:c4:91:52:6b:43:f1:d4:06:0c:3a:c3:4b:4e:12: bb:82:e8:04:8d:75:c6:b0:4a:5b:85:aa:94:5b:3e: 53:50:60:25:9c:e3:a8:63:37:7a:e2:25:2f:3c:e4: de:1e:9c:19:e8:19:b2:95:19:56:91:4e:59:e3:d8: 4b:23:53:a6:64:58:0d:86:58:af:cb:a4:f6:b7:d8: 89:9d:a9:86:77:ee:d9:18:88:85:03:14:dd:3d:56: f2:58:2d:81:55:c6:7a:94:a4:67:4a:0d:82:c0:b0: ab:e4:b1:fa:dd:e8:db:4f:cb:1c:49:dd:c6:2f:f5: fa:c6:cc:49:6f:cd:49:24:b5:c5:61:2d:59:a5:52: 25:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 43:1E:79:65:98:C4:52:8D:D2:4D:A2:F3:FB:27:97:45:F1:57:77:A5 X509v3 Authority Key Identifier: keyid:42:14:08:8C:77:BD:12:68:7F:D4:BA:9F:E3:15:9E:A8:05:88:8E:D2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QhQIjHe9Emh_1Lqf4xWeqAWIjtI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/bb5ece-012e-4194-9980-7e21db5a2ef9/1/Qx55ZZjEUo3STaLz-yeXRfFXd6U.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/bb5ece-012e-4194-9980-7e21db5a2ef9/1/QhQIjHe9Emh_1Lqf4xWeqAWIjtI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 46.252.32.0/20 185.237.16.0/23 188.164.216.0/21 Signature Algorithm: sha256WithRSAEncryption 0c:82:c3:3f:93:94:23:0a:a0:4b:d1:b8:86:0e:c4:19:51:6b: 35:0b:7d:ae:9a:86:bb:55:de:6f:9c:a0:82:a8:7f:40:32:12: 4c:8b:30:f5:91:33:01:b2:10:5f:7c:39:aa:be:3f:8b:93:e4: 36:37:c3:52:69:a8:74:10:cd:a0:48:59:0f:b5:c3:db:aa:f7: e1:30:24:8f:a6:0d:64:74:1c:f0:78:f3:85:c4:44:89:e5:8a: 5d:8e:60:7a:59:b0:3c:00:18:41:d7:c7:38:fe:f6:84:d5:fa: 48:66:91:6a:48:53:bd:bc:e6:75:49:46:81:f0:29:4b:0a:34: 6a:3c:fd:54:91:1b:a5:6b:c0:4b:3d:73:dd:f9:19:9d:1c:bd: b3:c8:b7:87:1c:cf:d9:86:1b:56:f3:8a:6d:60:30:d5:fc:c1: 89:32:58:21:13:26:ff:cd:04:b5:81:12:13:77:31:95:59:10: 96:0d:f6:8d:3d:5a:02:c1:42:96:1c:10:e0:8a:99:cc:5f:f1: 1b:79:af:ce:cf:57:d6:3e:9d:09:e0:75:aa:ff:71:97:fe:58: 8e:3f:68:ac:2c:d2:69:a1:98:bb:c9:43:35:be:fb:cf:c9:cb: 60:ee:d8:ea:5c:db:51:3e:12:f1:72:c5:fc:5d:b5:b3:bb:c3: 47:51:45:51 -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt5fgBaG3NfqUsgKNCr0d4+MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQyMTQwODhjNzdiZDEyNjg3ZmQ0YmE5ZmUzMTU5ZWE4MDU4 ODhlZDIwHhcNMjYwMTAxMTIxNzM5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0MzFlNzk2NTk4YzQ1MjhkZDI0ZGEyZjNmYjI3OTc0NWYxNTc3N2E1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxS9ur1g5DlUJWEhDFFnkeVpzPTjI 44z1rsI9EzAJyahdvgliVFCcuhTmtTgCUmS9zfqdFncMp1iZYH1Vo9ePGcQ2ULPm p82PuvOChAX4LJHEYn2kkBToClNTJFhJ1EsBepXG9Yf4JyEfaTDKAWu6sGjO6f10 C7sExJFSa0Px1AYMOsNLThK7gugEjXXGsEpbhaqUWz5TUGAlnOOoYzd64iUvPOTe HpwZ6BmylRlWkU5Z49hLI1OmZFgNhlivy6T2t9iJnamGd+7ZGIiFAxTdPVbyWC2B VcZ6lKRnSg2CwLCr5LH63ejbT8scSd3GL/X6xsxJb81JJLXFYS1ZpVIltQIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFEMeeWWYxFKN0k2i8/snl0XxV3elMB8GA1UdIwQY MBaAFEIUCIx3vRJof9S6n+MVnqgFiI7SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUWhRSWpIZTlFbWhfMUxxZjR4V2VxQVdJanRJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9iYjVlY2UtMDEyZS00MTk0LTk5ODAt N2UyMWRiNWEyZWY5LzEvUXg1NVpaakVVbzNTVGFMei15ZVhSZkZYZDZVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81YS9iYjVlY2UtMDEyZS00MTk0LTk5ODAtN2UyMWRiNWEyZWY5 LzEvUWhRSWpIZTlFbWhfMUxxZjR4V2VxQVdJanRJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQELvwgAwQB ue0QAwQDvKTYMA0GCSqGSIb3DQEBCwUAA4IBAQAMgsM/k5QjCqBL0biGDsQZUWs1 C32umoa7Vd5vnKCCqH9AMhJMizD1kTMBshBffDmqvj+Lk+Q2N8NSaah0EM2gSFkP tcPbqvfhMCSPpg1kdBzwePOFxESJ5YpdjmB6WbA8ABhB18c4/vaE1fpIZpFqSFO9 vOZ1SUaB8ClLCjRqPP1UkRula8BLPXPd+RmdHL2zyLeHHM/ZhhtW84ptYDDV/MGJ MlghEyb/zQS1gRITdzGVWRCWDfaNPVoCwUKWHBDgipnMX/Ebea/Oz1fWPp0J4HWq /3GX/liOP2isLNJpoZi7yUM1vvvPyctg7tjqXNtRPhLxcsX8XbWzu8NHUUVR -----END CERTIFICATE-----Generated at Mon Jan 26 14:53:23 2026 by rpki-client