This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/a34c1e-1881-4d6c-aad6-5070258dbf2f/1/Qh17y8ZXko2zCvW7ongm_2OyBMU.roa File: Qh17y8ZXko2zCvW7ongm_2OyBMU.roa (raw, json) Hash identifier: GkjSo29sLFooCbJSX6NqzSiNxXF5on4FQp+sbGAp9ko= Subject key identifier: 42:1D:7B:CB:C6:57:92:8D:B3:0A:F5:BB:A2:78:26:FF:63:B2:04:C5 Certificate issuer: /CN=27189ab53f32eff65726fd49d08d42ff812c6db3 Certificate serial: 019B7B353B538B33FFF9017C650940584599 Authority key identifier: 27:18:9A:B5:3F:32:EF:F6:57:26:FD:49:D0:8D:42:FF:81:2C:6D:B3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JxiatT8y7_ZXJv1J0I1C_4EsbbM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/a34c1e-1881-4d6c-aad6-5070258dbf2f/1/Qh17y8ZXko2zCvW7ongm_2OyBMU.roa Signing time: Thu 01 Jan 2026 20:17:24 +0000 ROA not before: Thu 01 Jan 2026 20:17:24 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 209173 IP address blocks: 2.56.36.0/23 maxlen: 23 2.56.38.0/24 maxlen: 24 2.56.39.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/32/a34c1e-1881-4d6c-aad6-5070258dbf2f/1/JxiatT8y7_ZXJv1J0I1C_4EsbbM.crl rsync://rpki.ripe.net/repository/DEFAULT/32/a34c1e-1881-4d6c-aad6-5070258dbf2f/1/JxiatT8y7_ZXJv1J0I1C_4EsbbM.mft rsync://rpki.ripe.net/repository/DEFAULT/JxiatT8y7_ZXJv1J0I1C_4EsbbM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 20:00:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:35:3b:53:8b:33:ff:f9:01:7c:65:09:40:58:45:99 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=27189ab53f32eff65726fd49d08d42ff812c6db3 Validity Not Before: Jan 1 20:17:24 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=421d7bcbc657928db30af5bba27826ff63b204c5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:c6:c7:3c:b7:77:17:b2:f4:78:39:69:de:fa: d4:9d:53:9b:9b:69:6d:02:7b:21:a4:f6:41:24:d9: 62:74:4e:d5:94:d3:41:73:8e:b5:1b:48:9b:9f:97: 75:3f:a0:95:52:26:1c:c6:e6:ee:d8:78:b1:c0:92: 94:c0:99:fe:1b:5d:b9:55:db:ba:a5:a0:31:f9:b2: 88:bf:30:87:d3:4f:76:fb:59:39:a2:b6:de:aa:61: 85:0c:c6:c1:67:a7:4e:3b:ca:a1:83:02:e8:6b:81: 6d:90:ca:30:8e:10:32:ee:59:c2:73:c8:98:91:c7: 2d:f5:87:6f:00:03:02:ce:71:6e:cb:4b:cd:dc:71: ea:e1:f4:b6:72:a0:d3:0e:12:f9:0e:d7:f3:71:38: 55:4e:7f:3a:0a:41:a8:f9:e3:95:4e:d5:4e:2b:03: f4:5d:19:b9:00:93:c6:9f:be:56:32:4b:59:4e:43: eb:fe:e2:31:86:a2:15:f8:2e:7b:44:95:88:e9:18: d6:0d:5e:c2:3b:87:90:bc:e6:81:47:7e:81:23:35: 89:26:e1:22:42:52:45:89:3e:05:13:c2:bd:50:ce: 90:2a:03:cc:b1:1d:2d:f5:46:de:ef:51:0f:7b:f9: 30:a7:d3:9b:b9:d4:f6:8b:87:99:b9:d9:ab:5d:75: 92:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 42:1D:7B:CB:C6:57:92:8D:B3:0A:F5:BB:A2:78:26:FF:63:B2:04:C5 X509v3 Authority Key Identifier: keyid:27:18:9A:B5:3F:32:EF:F6:57:26:FD:49:D0:8D:42:FF:81:2C:6D:B3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JxiatT8y7_ZXJv1J0I1C_4EsbbM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/a34c1e-1881-4d6c-aad6-5070258dbf2f/1/Qh17y8ZXko2zCvW7ongm_2OyBMU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/32/a34c1e-1881-4d6c-aad6-5070258dbf2f/1/JxiatT8y7_ZXJv1J0I1C_4EsbbM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 2.56.36.0/22 Signature Algorithm: sha256WithRSAEncryption 53:5a:8a:ce:c3:13:2b:f4:9c:a6:92:7f:a0:92:13:a6:bb:f5: ce:2a:2a:01:81:61:f3:af:ad:4b:95:da:62:fd:5c:7d:69:d1: e2:7f:f5:f2:e4:09:6d:85:0d:67:13:09:3f:bd:0d:3a:3f:13: a7:0d:00:5b:0e:16:0b:cb:22:e8:b8:3f:85:c4:73:a0:0d:4a: f0:9b:1e:40:91:cd:c5:42:6d:04:a9:02:ad:e6:eb:ff:46:64: e8:42:5b:97:7f:ca:c4:32:46:42:16:9c:00:59:35:ed:b4:b3: 39:5f:84:9e:6a:ef:17:40:de:ba:c3:5a:3c:ec:08:9d:af:bc: c9:48:bc:4b:a6:1b:ce:d1:97:dc:61:20:70:e4:a6:96:1a:03: c8:89:77:61:ad:0d:64:ea:cc:72:7d:5d:83:75:99:38:30:14: 74:51:b8:4b:9c:9d:84:e1:52:d4:44:ee:f8:2c:1a:a5:7c:81: 0f:f4:bf:f3:1d:6e:94:de:43:71:0e:b0:f9:4a:a3:07:11:27: 2a:86:62:ba:15:42:73:4e:6e:9e:eb:2c:63:91:a4:97:0c:ad: 2a:81:7a:de:a0:5b:75:50:c3:d6:27:64:9a:ff:09:d8:af:8c: b3:1e:f3:96:71:78:1b:cf:56:e5:54:40:fd:75:41:5e:e5:af: 66:27:62:a4 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt7NTtTizP/+QF8ZQlAWEWZMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI3MTg5YWI1M2YzMmVmZjY1NzI2ZmQ0OWQwOGQ0MmZmODEy YzZkYjMwHhcNMjYwMTAxMjAxNzI0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0MjFkN2JjYmM2NTc5MjhkYjMwYWY1YmJhMjc4MjZmZjYzYjIwNGM1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApsbHPLd3F7L0eDlp3vrUnVObm2lt AnshpPZBJNlidE7VlNNBc461G0ibn5d1P6CVUiYcxubu2HixwJKUwJn+G125Vdu6 paAx+bKIvzCH0092+1k5orbeqmGFDMbBZ6dOO8qhgwLoa4FtkMowjhAy7lnCc8iY kcct9YdvAAMCznFuy0vN3HHq4fS2cqDTDhL5DtfzcThVTn86CkGo+eOVTtVOKwP0 XRm5AJPGn75WMktZTkPr/uIxhqIV+C57RJWI6RjWDV7CO4eQvOaBR36BIzWJJuEi QlJFiT4FE8K9UM6QKgPMsR0t9Ube71EPe/kwp9ObudT2i4eZudmrXXWSiQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFEIde8vGV5KNswr1u6J4Jv9jsgTFMB8GA1UdIwQY MBaAFCcYmrU/Mu/2Vyb9SdCNQv+BLG2zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSnhpYXRUOHk3X1pYSnYxSjBJMUNfNEVzYmJNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi9hMzRjMWUtMTg4MS00ZDZjLWFhZDYt NTA3MDI1OGRiZjJmLzEvUWgxN3k4WlhrbzJ6Q3ZXN29uZ21fMk95Qk1VLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zMi9hMzRjMWUtMTg4MS00ZDZjLWFhZDYtNTA3MDI1OGRiZjJm LzEvSnhpYXRUOHk3X1pYSnYxSjBJMUNfNEVzYmJNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCAjgkMA0G CSqGSIb3DQEBCwUAA4IBAQBTWorOwxMr9Jymkn+gkhOmu/XOKioBgWHzr61Lldpi /Vx9adHif/Xy5AlthQ1nEwk/vQ06PxOnDQBbDhYLyyLouD+FxHOgDUrwmx5Akc3F Qm0EqQKt5uv/RmToQluXf8rEMkZCFpwAWTXttLM5X4Seau8XQN66w1o87Aidr7zJ SLxLphvO0ZfcYSBw5KaWGgPIiXdhrQ1k6sxyfV2DdZk4MBR0UbhLnJ2E4VLURO74 LBqlfIEP9L/zHW6U3kNxDrD5SqMHEScqhmK6FUJzTm6e6yxjkaSXDK0qgXreoFt1 UMPWJ2Sa/wnYr4yzHvOWcXgbz1blVED9dUFe5a9mJ2Kk -----END CERTIFICATE-----Generated at Tue Feb 10 01:44:02 2026 by rpki-client