This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/Dq47WCi1_R3R9nKkOKnsCn37r54.roa File: Dq47WCi1_R3R9nKkOKnsCn37r54.roa (raw, json) Hash identifier: 5JD7iNqs4qn/sy+bgp/hKnEbHR2EBc8c01xHZGOpYMA= Subject key identifier: 0E:AE:3B:58:28:B5:FD:1D:D1:F6:72:A4:38:A9:EC:0A:7D:FB:AF:9E Certificate issuer: /CN=4104a40821c4176cc42e255ef6c1727473c3f00a Certificate serial: 019B7FF275159E20D312AC9CF90A14AE8FA7 Authority key identifier: 41:04:A4:08:21:C4:17:6C:C4:2E:25:5E:F6:C1:72:74:73:C3:F0:0A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QQSkCCHEF2zELiVe9sFydHPD8Ao.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/Dq47WCi1_R3R9nKkOKnsCn37r54.roa Signing time: Fri 02 Jan 2026 18:22:34 +0000 ROA not before: Fri 02 Jan 2026 18:22:34 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 57237 IP address blocks: 194.12.235.0/24 maxlen: 24 194.12.236.0/24 maxlen: 24 194.12.243.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/QQSkCCHEF2zELiVe9sFydHPD8Ao.crl rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/QQSkCCHEF2zELiVe9sFydHPD8Ao.mft rsync://rpki.ripe.net/repository/DEFAULT/QQSkCCHEF2zELiVe9sFydHPD8Ao.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:f2:75:15:9e:20:d3:12:ac:9c:f9:0a:14:ae:8f:a7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4104a40821c4176cc42e255ef6c1727473c3f00a Validity Not Before: Jan 2 18:22:34 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=0eae3b5828b5fd1dd1f672a438a9ec0a7dfbaf9e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:9e:6d:81:55:29:37:e5:56:6b:ee:75:db:7d: 95:1f:15:e2:50:c6:9f:80:90:8c:45:42:c5:05:22: c1:0f:8f:1a:7d:57:95:10:b5:9f:f5:f6:90:14:6d: e7:f7:97:5b:f3:c1:18:d9:58:0c:f4:72:c2:54:b0: d6:c6:e1:fe:29:4c:e1:64:54:aa:b0:fc:94:3d:8a: 24:b7:6a:11:21:bd:70:26:b2:52:5f:74:4f:c5:d0: 68:0a:60:22:6a:11:bd:58:98:95:23:ca:77:fe:e2: 0b:8c:b3:a4:f5:b0:68:0b:d0:c3:db:bc:00:d3:f3: a0:b3:6b:f2:e7:d3:a5:97:2b:08:f1:7d:6e:6b:8e: 6c:fc:c8:e9:77:3d:26:44:8b:a8:76:85:63:ac:59: 6f:30:5d:ed:82:5b:15:8b:6e:29:2b:f9:a2:0b:90: 6e:73:32:f1:f1:c7:91:e8:fd:c2:55:a8:fd:35:8e: d3:d8:68:b5:eb:03:fd:78:6b:2b:47:07:d3:9f:74: 28:88:ef:aa:e9:cd:76:28:04:41:e2:d0:f7:6b:79: 5d:d4:ab:12:cc:cf:20:d6:aa:3b:d1:a9:e5:d7:ea: e6:41:4e:41:8e:e8:b6:22:de:68:3c:12:ce:fa:5f: be:a0:ca:18:34:fb:2f:3b:ac:63:4d:a6:6e:97:97: a8:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0E:AE:3B:58:28:B5:FD:1D:D1:F6:72:A4:38:A9:EC:0A:7D:FB:AF:9E X509v3 Authority Key Identifier: keyid:41:04:A4:08:21:C4:17:6C:C4:2E:25:5E:F6:C1:72:74:73:C3:F0:0A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QQSkCCHEF2zELiVe9sFydHPD8Ao.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/Dq47WCi1_R3R9nKkOKnsCn37r54.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/QQSkCCHEF2zELiVe9sFydHPD8Ao.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 194.12.235.0-194.12.236.255 194.12.243.0/24 Signature Algorithm: sha256WithRSAEncryption 11:13:c2:05:ec:eb:33:dc:30:ec:6d:48:6a:56:c7:19:d4:93: 39:7a:22:77:8f:e5:8e:d1:b5:1c:20:68:0f:e7:37:9d:3e:f2: 86:6e:e2:bd:a5:0d:dc:4f:f1:e5:9a:a9:fd:99:10:bb:19:b6: cb:91:19:3f:37:c8:f3:f8:06:12:2d:aa:6c:8b:a1:2c:8b:f1: fb:e2:e8:48:ab:19:5b:7f:99:e4:75:2d:af:9f:51:13:8c:64: 3d:38:df:aa:cf:64:01:55:f5:ca:8b:0d:ba:57:97:9f:cd:c8: 92:c2:0b:a5:44:f7:de:27:09:66:ea:65:f3:58:20:30:ea:91: c5:5b:f4:6c:d2:a3:02:7d:d1:bf:e7:cc:94:08:6c:c1:95:19: 1a:e2:ab:39:4e:c8:78:29:7d:58:2d:ca:2a:f1:83:55:04:02: 2b:6d:c5:08:94:53:8e:5e:38:0e:19:8c:c8:c4:ec:01:d3:02: c4:07:86:f6:7e:5f:f8:26:76:12:6b:3e:31:52:1f:02:82:bb: 29:9a:0b:13:7e:3e:2f:75:23:f8:fb:c2:e8:ad:63:34:ae:03: 24:7e:37:22:06:56:f7:82:07:56:51:93:45:20:bc:43:fb:09: 11:16:b3:ee:26:5a:09:0a:29:02:6c:dd:86:0e:45:bd:35:27: 5d:60:d6:ae -----BEGIN CERTIFICATE----- MIIFCzCCA/OgAwIBAgISAZt/8nUVniDTEqyc+QoUro+nMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQxMDRhNDA4MjFjNDE3NmNjNDJlMjU1ZWY2YzE3Mjc0NzNj M2YwMGEwHhcNMjYwMTAyMTgyMjM0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwZWFlM2I1ODI4YjVmZDFkZDFmNjcyYTQzOGE5ZWMwYTdkZmJhZjllMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApZ5tgVUpN+VWa+51232VHxXiUMaf gJCMRULFBSLBD48afVeVELWf9faQFG3n95db88EY2VgM9HLCVLDWxuH+KUzhZFSq sPyUPYokt2oRIb1wJrJSX3RPxdBoCmAiahG9WJiVI8p3/uILjLOk9bBoC9DD27wA 0/Ogs2vy59OllysI8X1ua45s/Mjpdz0mRIuodoVjrFlvMF3tglsVi24pK/miC5Bu czLx8ceR6P3CVaj9NY7T2Gi16wP9eGsrRwfTn3QoiO+q6c12KARB4tD3a3ld1KsS zM8g1qo70anl1+rmQU5Bjui2It5oPBLO+l++oMoYNPsvO6xjTaZul5eoQwIDAQAB o4ICFzCCAhMwHQYDVR0OBBYEFA6uO1gotf0d0fZypDip7Ap9+6+eMB8GA1UdIwQY MBaAFEEEpAghxBdsxC4lXvbBcnRzw/AKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUVFTa0NDSEVGMnpFTGlWZTlzRnlkSFBEOEFvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS85Njk5NjItMTJkMy00MWIyLWFiNDMt YjI3ZDZlMjc4ZTE4LzEvRHE0N1dDaTFfUjNSOW5La09LbnNDbjM3cjU0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jYS85Njk5NjItMTJkMy00MWIyLWFiNDMtYjI3ZDZlMjc4ZTE4 LzEvUVFTa0NDSEVGMnpFTGlWZTlzRnlkSFBEOEFvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBADCDOsD BADCDOwDBADCDPMwDQYJKoZIhvcNAQELBQADggEBABETwgXs6zPcMOxtSGpWxxnU kzl6IneP5Y7RtRwgaA/nN50+8oZu4r2lDdxP8eWaqf2ZELsZtsuRGT83yPP4BhIt qmyLoSyL8fvi6EirGVt/meR1La+fUROMZD0436rPZAFV9cqLDbpXl5/NyJLCC6VE 994nCWbqZfNYIDDqkcVb9GzSowJ90b/nzJQIbMGVGRriqzlOyHgpfVgtyirxg1UE AittxQiUU45eOA4ZjMjE7AHTAsQHhvZ+X/gmdhJrPjFSHwKCuymaCxN+Pi91I/j7 wuitYzSuAyR+NyIGVveCB1ZRk0UgvEP7CREWs+4mWgkKKQJs3YYORb01J11g1q4= -----END CERTIFICATE-----Generated at Sun Jan 25 23:16:29 2026 by rpki-client