This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/a2f87b-4811-4fe1-b15d-f889ca161c01/1/PQhkPKvFMO7XAZJCK0yg6JOYn-Q.roa File: PQhkPKvFMO7XAZJCK0yg6JOYn-Q.roa (raw, json) Hash identifier: GclksRKdEgrXLLR1LhQTLSvorV7LCPoO0w2Ir6KfZ4M= Subject key identifier: 3D:08:64:3C:AB:C5:30:EE:D7:01:92:42:2B:4C:A0:E8:93:98:9F:E4 Certificate issuer: /CN=49c403d43b5f38fca2119cd1409a92763edefe71 Certificate serial: 019B7D5CA7784635FEC4CC44179505B1E18F Authority key identifier: 49:C4:03:D4:3B:5F:38:FC:A2:11:9C:D1:40:9A:92:76:3E:DE:FE:71 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ScQD1DtfOPyiEZzRQJqSdj7e_nE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/a2f87b-4811-4fe1-b15d-f889ca161c01/1/PQhkPKvFMO7XAZJCK0yg6JOYn-Q.roa Signing time: Fri 02 Jan 2026 06:19:42 +0000 ROA not before: Fri 02 Jan 2026 06:19:42 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 265530 IP address blocks: 176.57.201.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ff/a2f87b-4811-4fe1-b15d-f889ca161c01/1/ScQD1DtfOPyiEZzRQJqSdj7e_nE.crl rsync://rpki.ripe.net/repository/DEFAULT/ff/a2f87b-4811-4fe1-b15d-f889ca161c01/1/ScQD1DtfOPyiEZzRQJqSdj7e_nE.mft rsync://rpki.ripe.net/repository/DEFAULT/ScQD1DtfOPyiEZzRQJqSdj7e_nE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 12:00:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5c:a7:78:46:35:fe:c4:cc:44:17:95:05:b1:e1:8f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=49c403d43b5f38fca2119cd1409a92763edefe71 Validity Not Before: Jan 2 06:19:42 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3d08643cabc530eed70192422b4ca0e893989fe4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:b2:32:ce:88:00:0c:94:a7:4d:25:09:3f:c0: b2:fc:55:77:90:fc:fe:7e:a8:11:57:5d:9a:c5:25: de:77:9c:2d:2a:2b:7c:00:93:f8:00:27:2b:8e:b0: 9a:bb:e2:8e:e1:fe:98:22:f6:28:66:d3:ca:57:26: 54:c6:4f:88:da:b8:a3:49:23:af:42:6e:17:04:cd: e2:d3:b3:ce:31:3b:ac:78:a6:c0:a1:c1:67:a8:a7: d7:7a:bf:bf:41:04:ec:e7:d3:83:eb:98:98:4b:df: 7b:a6:5b:17:de:3b:cf:3e:f5:68:18:70:6a:ac:ce: 5e:00:8e:12:7f:82:e9:c7:8b:22:18:cf:21:b8:9f: df:03:b3:73:1c:fc:38:75:21:6c:ad:f7:78:3b:88: 74:77:b3:1e:1c:f8:2f:1a:af:4c:67:54:25:31:c8: c9:84:84:b7:5a:fd:9d:d7:49:cd:c7:f2:a9:8f:df: 27:c9:b8:f6:f8:06:05:bd:4c:4d:b7:86:b8:2a:02: 54:4d:84:61:7f:ac:e4:ab:95:d1:c6:b4:ae:52:bc: 26:77:f1:60:05:65:45:e0:89:a9:61:f7:e6:85:5e: 5a:af:f1:5c:14:49:d0:6a:cd:4d:2a:c9:91:91:fa: 7b:36:78:2d:2e:ed:e5:c6:da:46:09:92:c1:b2:b9: 85:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3D:08:64:3C:AB:C5:30:EE:D7:01:92:42:2B:4C:A0:E8:93:98:9F:E4 X509v3 Authority Key Identifier: keyid:49:C4:03:D4:3B:5F:38:FC:A2:11:9C:D1:40:9A:92:76:3E:DE:FE:71 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ScQD1DtfOPyiEZzRQJqSdj7e_nE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/a2f87b-4811-4fe1-b15d-f889ca161c01/1/PQhkPKvFMO7XAZJCK0yg6JOYn-Q.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/a2f87b-4811-4fe1-b15d-f889ca161c01/1/ScQD1DtfOPyiEZzRQJqSdj7e_nE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 176.57.201.0/24 Signature Algorithm: sha256WithRSAEncryption 46:2e:73:c5:fa:98:c3:3a:5a:cf:cd:23:f6:db:45:16:a0:b0: 47:b4:ca:d9:87:11:f0:c3:9a:4c:9f:75:75:b0:ae:4d:46:ba: 17:dd:13:bc:4d:20:9e:4d:3f:92:b0:bf:7c:7d:38:8e:2d:40: 2e:24:da:a5:fe:14:69:f8:ee:56:07:b7:ca:91:27:10:43:04: 5a:19:16:97:28:1b:71:b9:e7:98:3c:b7:c8:1a:06:c7:bf:af: ce:c0:33:9a:95:1e:ca:59:91:0b:b0:1f:92:e1:ea:af:97:9a: 26:e3:c6:36:fd:ec:f1:e3:be:ad:f7:eb:08:64:b5:c1:e5:69: 89:ed:d1:21:c7:46:2c:87:1c:6f:97:32:d5:b8:05:8e:13:78: 78:17:2a:6e:81:c0:63:b1:44:3a:aa:5a:1f:42:96:ee:0d:d4: df:4a:54:b1:b7:95:1a:a4:82:d3:00:26:65:dc:4a:12:37:a1: 91:95:ee:40:1a:9f:6f:cc:a7:52:b0:a6:da:49:80:05:23:f9: 61:52:85:d1:05:2e:9f:cc:c3:88:c3:a4:52:a8:6c:26:aa:02: 6f:57:7c:f0:f3:2d:a7:9a:19:fc:ef:a1:c9:85:b8:ee:41:f5: a3:be:19:10:3b:e7:7f:25:71:03:01:97:e2:23:1b:10:1e:c1: c7:08:eb:72 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt9XKd4RjX+xMxEF5UFseGPMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQ5YzQwM2Q0M2I1ZjM4ZmNhMjExOWNkMTQwOWE5Mjc2M2Vk ZWZlNzEwHhcNMjYwMTAyMDYxOTQyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzZDA4NjQzY2FiYzUzMGVlZDcwMTkyNDIyYjRjYTBlODkzOTg5ZmU0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA07IyzogADJSnTSUJP8Cy/FV3kPz+ fqgRV12axSXed5wtKit8AJP4ACcrjrCau+KO4f6YIvYoZtPKVyZUxk+I2rijSSOv Qm4XBM3i07POMTuseKbAocFnqKfXer+/QQTs59OD65iYS997plsX3jvPPvVoGHBq rM5eAI4Sf4Lpx4siGM8huJ/fA7NzHPw4dSFsrfd4O4h0d7MeHPgvGq9MZ1QlMcjJ hIS3Wv2d10nNx/Kpj98nybj2+AYFvUxNt4a4KgJUTYRhf6zkq5XRxrSuUrwmd/Fg BWVF4ImpYffmhV5ar/FcFEnQas1NKsmRkfp7NngtLu3lxtpGCZLBsrmFoQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFD0IZDyrxTDu1wGSQitMoOiTmJ/kMB8GA1UdIwQY MBaAFEnEA9Q7Xzj8ohGc0UCaknY+3v5xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvU2NRRDFEdGZPUHlpRVp6UlFKcVNkajdlX25FLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9hMmY4N2ItNDgxMS00ZmUxLWIxNWQt Zjg4OWNhMTYxYzAxLzEvUFFoa1BLdkZNTzdYQVpKQ0sweWc2Sk9Zbi1RLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mZi9hMmY4N2ItNDgxMS00ZmUxLWIxNWQtZjg4OWNhMTYxYzAx LzEvU2NRRDFEdGZPUHlpRVp6UlFKcVNkajdlX25FLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsDnJMA0G CSqGSIb3DQEBCwUAA4IBAQBGLnPF+pjDOlrPzSP220UWoLBHtMrZhxHww5pMn3V1 sK5NRroX3RO8TSCeTT+SsL98fTiOLUAuJNql/hRp+O5WB7fKkScQQwRaGRaXKBtx ueeYPLfIGgbHv6/OwDOalR7KWZELsB+S4eqvl5om48Y2/ezx476t9+sIZLXB5WmJ 7dEhx0YshxxvlzLVuAWOE3h4FypugcBjsUQ6qlofQpbuDdTfSlSxt5UapILTACZl 3EoSN6GRle5AGp9vzKdSsKbaSYAFI/lhUoXRBS6fzMOIw6RSqGwmqgJvV3zw8y2n mhn876HJhbjuQfWjvhkQO+d/JXEDAZfiIxsQHsHHCOty -----END CERTIFICATE-----Generated at Sun Jan 25 21:28:09 2026 by rpki-client