This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/Qth5F4Jxy_7Urd_QUYNqQ6dh3BE.roa File: Qth5F4Jxy_7Urd_QUYNqQ6dh3BE.roa (raw, json) Hash identifier: 7J/t016OYUhUIcd/w4kqId0UMUV/HMGOup9T1dY8o6k= Subject key identifier: 42:D8:79:17:82:71:CB:FE:D4:AD:DF:D0:51:83:6A:43:A7:61:DC:11 Certificate issuer: /CN=a7fd3f89335dcf828666b28fad8ae993bd448878 Certificate serial: 019B7F153889DF94ED4ADB6C31C7D7B6E01E Authority key identifier: A7:FD:3F:89:33:5D:CF:82:86:66:B2:8F:AD:8A:E9:93:BD:44:88:78 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p_0_iTNdz4KGZrKPrYrpk71EiHg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/Qth5F4Jxy_7Urd_QUYNqQ6dh3BE.roa Signing time: Fri 02 Jan 2026 14:20:55 +0000 ROA not before: Fri 02 Jan 2026 14:20:55 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 918 IP address blocks: 192.211.0.0/24 maxlen: 24 2a0a:3507::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/p_0_iTNdz4KGZrKPrYrpk71EiHg.crl rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/p_0_iTNdz4KGZrKPrYrpk71EiHg.mft rsync://rpki.ripe.net/repository/DEFAULT/p_0_iTNdz4KGZrKPrYrpk71EiHg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 11:01:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:15:38:89:df:94:ed:4a:db:6c:31:c7:d7:b6:e0:1e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a7fd3f89335dcf828666b28fad8ae993bd448878 Validity Not Before: Jan 2 14:20:55 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=42d879178271cbfed4addfd051836a43a761dc11 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:9e:f7:48:68:72:74:81:b0:77:b9:67:ad:1c: ff:09:e4:bf:47:fd:7e:f7:c9:7a:d3:e4:90:26:73: fa:29:3a:8c:ba:ba:40:1b:fc:4c:f1:a0:a5:4a:cc: 76:eb:f4:eb:07:78:9e:d7:31:f6:1a:31:ef:d1:9d: d7:a5:b4:ae:39:5c:88:72:2c:0f:9e:64:a5:0e:e2: 61:d8:2b:b5:29:d0:70:b9:2d:71:80:7f:e1:27:8a: 5f:65:50:db:c8:e7:f0:e1:55:a2:67:1c:3b:43:a9: ff:76:d4:3f:49:64:ef:e5:35:89:f6:c8:ce:d4:a4: 92:b5:c3:0d:2c:57:66:d7:89:29:1f:a4:13:47:da: 2d:73:fa:ec:38:c8:55:a5:da:4b:22:53:41:e2:ee: 56:e2:ee:1c:29:87:2f:8d:cc:6e:c2:ab:b3:eb:65: 9e:0d:98:6e:f4:d6:74:02:85:46:31:61:d3:f8:75: ef:8f:ea:5d:58:e3:2e:42:d3:7a:3f:19:d4:09:fd: d4:ce:43:8d:fd:29:b3:95:f6:8e:6b:ec:f5:8b:e4: 2b:a4:c1:c8:0d:28:bd:3b:5b:25:cb:67:08:1c:8c: 40:3b:8b:ad:e9:98:2e:c8:75:99:9e:7c:36:2e:27: 07:1c:bb:d4:e8:de:e8:35:06:25:1f:77:2e:2f:ff: ea:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 42:D8:79:17:82:71:CB:FE:D4:AD:DF:D0:51:83:6A:43:A7:61:DC:11 X509v3 Authority Key Identifier: keyid:A7:FD:3F:89:33:5D:CF:82:86:66:B2:8F:AD:8A:E9:93:BD:44:88:78 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p_0_iTNdz4KGZrKPrYrpk71EiHg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/Qth5F4Jxy_7Urd_QUYNqQ6dh3BE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/p_0_iTNdz4KGZrKPrYrpk71EiHg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 192.211.0.0/24 IPv6: 2a0a:3507::/48 Signature Algorithm: sha256WithRSAEncryption 31:91:3f:f3:ca:6a:1b:73:95:db:f1:b9:77:e1:81:e5:1a:a4: 01:dc:23:f6:29:16:ef:46:9f:a6:08:f9:aa:a1:19:e3:ad:ff: da:02:f4:87:43:51:15:eb:f9:a5:0f:05:56:c2:9c:25:19:ec: 09:07:02:d5:d8:44:fa:7d:ef:3d:99:6a:7f:2e:50:c2:5a:4a: 95:26:86:b4:ab:59:ea:37:1a:00:2c:2a:15:93:3c:c5:8f:25: 76:d8:f8:d1:de:82:ed:18:d5:16:51:6e:47:52:d4:98:8f:21: 42:80:9d:c0:87:26:ab:2f:f6:1c:14:f1:89:7e:b8:75:4a:c9: 3f:dd:4e:54:09:d7:18:a7:39:6c:ae:ce:90:d9:aa:53:95:6e: 0e:3e:4e:9d:00:bf:0c:37:ae:5b:de:4e:d5:b7:1f:99:f3:7e: d1:c4:80:04:64:ef:f0:3d:19:cb:c4:ad:3c:96:b1:c2:77:04: 23:4b:90:d7:27:f4:0a:1d:06:68:1a:0a:10:34:3e:5e:6f:75: 68:ff:c6:30:a4:dc:5b:a3:0c:8c:de:16:6d:2e:02:f0:56:bc: e6:60:3d:e6:79:c1:23:6d:74:4f:91:54:fa:b2:34:b7:3c:f3: a7:e2:63:d3:89:89:a0:9c:22:47:71:1e:35:29:00:5e:7f:74: c9:4c:f9:d8 -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgISAZt/FTiJ35TtSttsMcfXtuAeMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE3ZmQzZjg5MzM1ZGNmODI4NjY2YjI4ZmFkOGFlOTkzYmQ0 NDg4NzgwHhcNMjYwMTAyMTQyMDU1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0MmQ4NzkxNzgyNzFjYmZlZDRhZGRmZDA1MTgzNmE0M2E3NjFkYzExMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv573SGhydIGwd7lnrRz/CeS/R/1+ 98l60+SQJnP6KTqMurpAG/xM8aClSsx26/TrB3ie1zH2GjHv0Z3XpbSuOVyIciwP nmSlDuJh2Cu1KdBwuS1xgH/hJ4pfZVDbyOfw4VWiZxw7Q6n/dtQ/SWTv5TWJ9sjO 1KSStcMNLFdm14kpH6QTR9otc/rsOMhVpdpLIlNB4u5W4u4cKYcvjcxuwquz62We DZhu9NZ0AoVGMWHT+HXvj+pdWOMuQtN6PxnUCf3UzkON/SmzlfaOa+z1i+QrpMHI DSi9O1sly2cIHIxAO4ut6ZguyHWZnnw2LicHHLvU6N7oNQYlH3cuL//q+QIDAQAB o4ICGjCCAhYwHQYDVR0OBBYEFELYeReCccv+1K3f0FGDakOnYdwRMB8GA1UdIwQY MBaAFKf9P4kzXc+Chmayj62K6ZO9RIh4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcF8wX2lUTmR6NEtHWnJLUHJZcnBrNzFFaUhnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC8zODhmZDgtYzgxZi00ZTcxLWFmNTIt YzBiMWFkNDM1Yjk1LzEvUXRoNUY0Snh5XzdVcmRfUVVZTnFRNmRoM0JFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83ZC8zODhmZDgtYzgxZi00ZTcxLWFmNTItYzBiMWFkNDM1Yjk1 LzEvcF8wX2lUTmR6NEtHWnJLUHJZcnBrNzFFaUhnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwNMAMA8E AgACMAkDBwAqCjUHAAAwDQYJKoZIhvcNAQELBQADggEBADGRP/PKahtzldvxuXfh geUapAHcI/YpFu9Gn6YI+aqhGeOt/9oC9IdDURXr+aUPBVbCnCUZ7AkHAtXYRPp9 7z2Zan8uUMJaSpUmhrSrWeo3GgAsKhWTPMWPJXbY+NHegu0Y1RZRbkdS1JiPIUKA ncCHJqsv9hwU8Yl+uHVKyT/dTlQJ1xinOWyuzpDZqlOVbg4+Tp0Avww3rlveTtW3 H5nzftHEgARk7/A9GcvErTyWscJ3BCNLkNcn9AodBmgaChA0Pl5vdWj/xjCk3Fuj DIzeFm0uAvBWvOZgPeZ5wSNtdE+RVPqyNLc886fiY9OJiaCcIkdxHjUpAF5/dMlM +dg= -----END CERTIFICATE-----Generated at Sun Jan 25 20:01:23 2026 by rpki-client