This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/QIm7dSvtcpzFOIMcrTzwe_OIWNQ.roa File: QIm7dSvtcpzFOIMcrTzwe_OIWNQ.roa (raw, json) Hash identifier: Ch8UtIUviSsaCVKNk2Yb1YCrdhDpRUHvwacjcC2l2ow= Subject key identifier: 40:89:BB:75:2B:ED:72:9C:C5:38:83:1C:AD:3C:F0:7B:F3:88:58:D4 Certificate issuer: /CN=1eaf5c2e5edc197834d07f345962b0745bee66d7 Certificate serial: 019B7F836AF41EE5FE78EC49C32BDC3CC3F1 Authority key identifier: 1E:AF:5C:2E:5E:DC:19:78:34:D0:7F:34:59:62:B0:74:5B:EE:66:D7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hq9cLl7cGXg00H80WWKwdFvuZtc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/QIm7dSvtcpzFOIMcrTzwe_OIWNQ.roa Signing time: Fri 02 Jan 2026 16:21:17 +0000 ROA not before: Fri 02 Jan 2026 16:21:17 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 59823 IP address blocks: 31.40.128.0/24 maxlen: 24 31.40.129.0/24 maxlen: 24 31.40.191.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/Hq9cLl7cGXg00H80WWKwdFvuZtc.crl rsync://rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/Hq9cLl7cGXg00H80WWKwdFvuZtc.mft rsync://rpki.ripe.net/repository/DEFAULT/Hq9cLl7cGXg00H80WWKwdFvuZtc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:83:6a:f4:1e:e5:fe:78:ec:49:c3:2b:dc:3c:c3:f1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1eaf5c2e5edc197834d07f345962b0745bee66d7 Validity Not Before: Jan 2 16:21:17 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=4089bb752bed729cc538831cad3cf07bf38858d4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:42:c5:ef:44:eb:fc:f3:69:4e:c4:14:0e:a4: 33:2a:89:6a:03:53:fe:8f:c5:ae:0c:be:a7:c4:78: 9c:70:e5:95:0e:14:8d:db:c0:08:8f:d2:e0:be:98: c4:26:7b:cd:8f:92:c8:29:82:0a:14:26:9d:8b:6d: 93:fd:38:39:24:5e:2f:fd:45:1e:44:1d:75:ec:a8: 70:4a:7a:8e:57:08:73:07:aa:c3:e6:69:1c:e8:15: 8e:34:83:c9:bc:42:87:dc:4d:18:bc:bb:d1:0f:cb: 36:49:06:b3:70:90:e1:3f:58:b2:cf:44:dc:03:ed: 2d:81:8f:da:bb:00:59:a8:45:e4:27:3d:e7:fc:af: e6:d0:34:5c:04:ec:12:67:9f:f8:19:91:ff:23:f3: 8f:fd:4e:84:d6:17:37:73:4b:9d:63:a2:5f:c7:69: 92:6e:91:0e:d6:b9:cb:c7:e1:ea:77:09:f4:0c:50: 58:35:4f:4f:74:5a:e5:cf:71:df:19:4d:dc:e8:de: 85:7e:cf:13:32:d1:e7:cf:95:c9:26:d8:6f:d0:28: 99:16:df:b9:cd:d3:bf:e3:5a:5c:37:ee:90:f5:9c: 5a:a9:5f:42:ae:e1:c5:71:0f:0b:fc:cf:9d:a2:62: a4:f4:85:93:30:41:54:dd:3f:aa:71:f9:f4:37:41: c1:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:89:BB:75:2B:ED:72:9C:C5:38:83:1C:AD:3C:F0:7B:F3:88:58:D4 X509v3 Authority Key Identifier: keyid:1E:AF:5C:2E:5E:DC:19:78:34:D0:7F:34:59:62:B0:74:5B:EE:66:D7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hq9cLl7cGXg00H80WWKwdFvuZtc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/QIm7dSvtcpzFOIMcrTzwe_OIWNQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/Hq9cLl7cGXg00H80WWKwdFvuZtc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.40.128.0/23 31.40.191.0/24 Signature Algorithm: sha256WithRSAEncryption 99:d2:69:ae:d3:87:3a:17:c2:ff:3c:5e:d4:0f:c2:71:33:19: c3:08:8d:1b:b3:ef:23:e9:0b:65:e3:e4:09:1b:38:fc:a4:09: d9:9e:82:0a:76:f4:a7:d8:11:7d:6c:bc:99:e7:26:35:a5:32: 87:ef:12:91:1b:b6:2d:c2:2b:54:f5:74:fc:a5:3c:e7:b0:74: 28:07:bf:c8:32:f9:66:dd:81:f0:fa:cf:ec:da:1d:4e:d1:b3: ab:08:f9:94:20:30:77:af:bd:b5:ed:43:3b:18:4a:eb:c2:f9: 5a:c8:5a:7e:54:2e:22:3f:9b:17:81:71:05:8e:41:80:38:ad: 4d:c0:1d:5b:bc:e3:ae:a9:05:99:53:99:fd:91:2e:33:ee:9e: 58:99:ca:1c:c4:fa:1e:26:38:14:20:e9:21:18:db:1c:46:dd: e3:17:2a:5e:08:50:1b:f7:6a:83:ec:e9:03:0f:87:9a:32:10: 11:cf:cd:4a:b0:48:e3:13:d8:3a:01:a3:c8:71:e1:ef:b9:8b: 6a:02:b3:34:c5:d3:26:ad:bd:bd:ff:c5:3e:94:7c:86:2f:e3: 09:88:0f:63:f3:dc:28:6d:06:7d:29:e5:95:3e:e2:ec:a4:fa: bd:f9:00:97:dd:2a:cc:6f:ab:9c:cf:a1:56:a9:da:3b:e4:ed: 54:4b:8f:cc -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt/g2r0HuX+eOxJwyvcPMPxMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFlYWY1YzJlNWVkYzE5NzgzNGQwN2YzNDU5NjJiMDc0NWJl ZTY2ZDcwHhcNMjYwMTAyMTYyMTE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0MDg5YmI3NTJiZWQ3MjljYzUzODgzMWNhZDNjZjA3YmYzODg1OGQ0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs0LF70Tr/PNpTsQUDqQzKolqA1P+ j8WuDL6nxHiccOWVDhSN28AIj9LgvpjEJnvNj5LIKYIKFCadi22T/Tg5JF4v/UUe RB117KhwSnqOVwhzB6rD5mkc6BWONIPJvEKH3E0YvLvRD8s2SQazcJDhP1iyz0Tc A+0tgY/auwBZqEXkJz3n/K/m0DRcBOwSZ5/4GZH/I/OP/U6E1hc3c0udY6Jfx2mS bpEO1rnLx+Hqdwn0DFBYNU9PdFrlz3HfGU3c6N6Ffs8TMtHnz5XJJthv0CiZFt+5 zdO/41pcN+6Q9ZxaqV9CruHFcQ8L/M+domKk9IWTMEFU3T+qcfn0N0HB3QIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFECJu3Ur7XKcxTiDHK088HvziFjUMB8GA1UdIwQY MBaAFB6vXC5e3Bl4NNB/NFlisHRb7mbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSHE5Y0xsN2NHWGcwMEg4MFdXS3dkRnZ1WnRjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni8xY2ZiOTItOWMzMS00NjRmLTkzODIt NGEzNGMxYmJhYjJiLzEvUUltN2RTdnRjcHpGT0lNY3JUendlX09JV05RLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83Ni8xY2ZiOTItOWMzMS00NjRmLTkzODItNGEzNGMxYmJhYjJi LzEvSHE5Y0xsN2NHWGcwMEg4MFdXS3dkRnZ1WnRjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBHyiAAwQA Hyi/MA0GCSqGSIb3DQEBCwUAA4IBAQCZ0mmu04c6F8L/PF7UD8JxMxnDCI0bs+8j 6Qtl4+QJGzj8pAnZnoIKdvSn2BF9bLyZ5yY1pTKH7xKRG7YtwitU9XT8pTznsHQo B7/IMvlm3YHw+s/s2h1O0bOrCPmUIDB3r7217UM7GErrwvlayFp+VC4iP5sXgXEF jkGAOK1NwB1bvOOuqQWZU5n9kS4z7p5YmcocxPoeJjgUIOkhGNscRt3jFypeCFAb 92qD7OkDD4eaMhARz81KsEjjE9g6AaPIceHvuYtqArM0xdMmrb29/8U+lHyGL+MJ iA9j89wobQZ9KeWVPuLspPq9+QCX3SrMb6ucz6FWqdo75O1US4/M -----END CERTIFICATE-----Generated at Mon Jan 26 04:38:47 2026 by rpki-client