This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/5ed525-3f37-4c70-a2ec-a4151b5e2fcf/1/QHHv-lGS27dlf_Kcr4moiCURb3g.roa File: QHHv-lGS27dlf_Kcr4moiCURb3g.roa (raw, json) Hash identifier: Lcy2JaAZZjozQ94TOOqc21SM3JNpF1vrI2NkHkiFmLY= Subject key identifier: 40:71:EF:FA:51:92:DB:B7:65:7F:F2:9C:AF:89:A8:88:25:11:6F:78 Certificate issuer: /CN=3c177b528043a85953fc250f991d9d8020e2810d Certificate serial: 019B77594251CC1D3BFE5F92860510954122 Authority key identifier: 3C:17:7B:52:80:43:A8:59:53:FC:25:0F:99:1D:9D:80:20:E2:81:0D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PBd7UoBDqFlT_CUPmR2dgCDigQ0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/5ed525-3f37-4c70-a2ec-a4151b5e2fcf/1/QHHv-lGS27dlf_Kcr4moiCURb3g.roa Signing time: Thu 01 Jan 2026 02:18:16 +0000 ROA not before: Thu 01 Jan 2026 02:18:16 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 212754 IP address blocks: 193.19.248.0/22 maxlen: 24 2a0a:2300::/31 maxlen: 32 2a0a:2302::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/84/5ed525-3f37-4c70-a2ec-a4151b5e2fcf/1/PBd7UoBDqFlT_CUPmR2dgCDigQ0.crl rsync://rpki.ripe.net/repository/DEFAULT/84/5ed525-3f37-4c70-a2ec-a4151b5e2fcf/1/PBd7UoBDqFlT_CUPmR2dgCDigQ0.mft rsync://rpki.ripe.net/repository/DEFAULT/PBd7UoBDqFlT_CUPmR2dgCDigQ0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:59:42:51:cc:1d:3b:fe:5f:92:86:05:10:95:41:22 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3c177b528043a85953fc250f991d9d8020e2810d Validity Not Before: Jan 1 02:18:16 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=4071effa5192dbb7657ff29caf89a88825116f78 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:0c:69:27:81:4d:6e:8c:8e:60:92:38:ee:cf: 13:9c:97:55:8d:ef:e4:94:a6:3d:28:e5:58:f3:16: 63:fd:60:c1:93:71:b3:35:ee:74:34:fa:c4:3d:fd: 86:a3:39:cc:14:fb:bb:33:97:bf:1c:b3:3c:94:7f: e5:89:2d:a0:45:02:92:e2:e7:db:a6:03:c5:02:fa: d2:8c:ed:34:f3:66:3e:28:07:84:aa:29:6f:15:60: 59:c3:1c:5a:02:37:b0:eb:4d:12:1f:c9:1c:6e:2f: ab:ae:28:52:5e:fb:7c:8a:fb:b7:6d:6f:25:84:64: 0a:bb:d0:f8:96:b0:d0:b5:85:a0:b7:4a:07:8b:29: 9b:43:01:8c:5f:90:9f:fa:8f:26:18:3a:ab:b4:36: c8:23:2b:d9:58:7b:2a:1c:8c:8e:05:17:72:fa:3d: 19:50:4f:05:66:88:fb:9a:f9:28:40:0a:d0:70:4b: b7:f1:16:f5:df:2c:ba:a7:d3:21:67:9a:af:72:f2: 0c:21:a1:03:86:5b:27:eb:ca:b3:03:6e:a3:99:6c: 6f:f5:9b:28:d3:74:a6:e6:af:82:aa:50:50:45:f7: df:b1:97:ae:a0:0b:7c:cb:9c:81:74:39:40:0a:cb: cf:21:f4:fb:bf:f6:33:6c:2a:51:98:0e:a4:46:f9: 4a:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:71:EF:FA:51:92:DB:B7:65:7F:F2:9C:AF:89:A8:88:25:11:6F:78 X509v3 Authority Key Identifier: keyid:3C:17:7B:52:80:43:A8:59:53:FC:25:0F:99:1D:9D:80:20:E2:81:0D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PBd7UoBDqFlT_CUPmR2dgCDigQ0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/5ed525-3f37-4c70-a2ec-a4151b5e2fcf/1/QHHv-lGS27dlf_Kcr4moiCURb3g.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/84/5ed525-3f37-4c70-a2ec-a4151b5e2fcf/1/PBd7UoBDqFlT_CUPmR2dgCDigQ0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 193.19.248.0/22 IPv6: 2a0a:2300::-2a0a:2302:ffff:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 7d:c0:0c:13:78:6a:d8:4d:9d:3b:f0:82:c9:be:36:9f:fe:12: f2:4e:c6:8d:14:13:2e:54:bb:55:eb:2c:19:cd:7f:b2:fa:f7: 64:5b:ef:b5:46:c0:7f:78:b0:c0:4e:c0:1c:08:52:ac:d5:21: 1f:03:15:6b:2c:08:e6:ef:e5:17:8a:89:ba:ce:e1:83:7d:77: 3b:5f:36:4c:3c:20:59:ae:7e:40:fd:69:b2:7e:09:71:4e:8c: 14:1e:34:56:53:8c:b0:a1:3a:f4:02:0d:0d:c4:05:8c:12:24: c5:7d:bc:8c:04:24:65:95:8c:a4:76:34:16:e4:69:dd:da:08: ce:eb:8e:76:63:b0:25:de:d6:7d:d9:b7:0f:4c:b7:8b:df:23: 8d:47:c9:4e:2e:1c:44:42:50:ba:04:eb:89:e8:85:46:b6:0e: b2:fd:f1:e8:2e:b2:3a:c6:cd:63:2c:98:d2:6b:37:85:f2:8c: 59:72:85:3f:fb:80:4d:bb:cc:ed:79:48:8b:f9:19:f4:ef:8b: 91:fd:88:07:36:89:cc:7c:32:b0:15:ec:d8:ce:e5:dd:60:fb: a6:85:c4:2c:67:1c:ad:39:28:78:cb:94:7a:78:3d:c5:25:43: 1f:67:4c:36:2a:5d:ca:8c:bf:fe:b4:43:ed:d4:ee:69:e4:1f: e8:85:7d:c1 -----BEGIN CERTIFICATE----- MIIFFDCCA/ygAwIBAgISAZt3WUJRzB07/l+ShgUQlUEiMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNjMTc3YjUyODA0M2E4NTk1M2ZjMjUwZjk5MWQ5ZDgwMjBl MjgxMGQwHhcNMjYwMTAxMDIxODE2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0MDcxZWZmYTUxOTJkYmI3NjU3ZmYyOWNhZjg5YTg4ODI1MTE2Zjc4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxgxpJ4FNboyOYJI47s8TnJdVje/k lKY9KOVY8xZj/WDBk3GzNe50NPrEPf2GoznMFPu7M5e/HLM8lH/liS2gRQKS4ufb pgPFAvrSjO0082Y+KAeEqilvFWBZwxxaAjew600SH8kcbi+rrihSXvt8ivu3bW8l hGQKu9D4lrDQtYWgt0oHiymbQwGMX5Cf+o8mGDqrtDbIIyvZWHsqHIyOBRdy+j0Z UE8FZoj7mvkoQArQcEu38Rb13yy6p9MhZ5qvcvIMIaEDhlsn68qzA26jmWxv9Zso 03Sm5q+CqlBQRfffsZeuoAt8y5yBdDlACsvPIfT7v/YzbCpRmA6kRvlKvwIDAQAB o4ICIDCCAhwwHQYDVR0OBBYEFEBx7/pRktu3ZX/ynK+JqIglEW94MB8GA1UdIwQY MBaAFDwXe1KAQ6hZU/wlD5kdnYAg4oENMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUEJkN1VvQkRxRmxUX0NVUG1SMmRnQ0RpZ1EwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC81ZWQ1MjUtM2YzNy00YzcwLWEyZWMt YTQxNTFiNWUyZmNmLzEvUUhIdi1sR1MyN2RsZl9LY3I0bW9pQ1VSYjNnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84NC81ZWQ1MjUtM2YzNy00YzcwLWEyZWMtYTQxNTFiNWUyZmNm LzEvUEJkN1VvQkRxRmxUX0NVUG1SMmRnQ0RpZ1EwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAMBAIAATAGAwQCwRP4MBUE AgACMA8wDQMEACoKIwMFACoKIwIwDQYJKoZIhvcNAQELBQADggEBAH3ADBN4athN nTvwgsm+Np/+EvJOxo0UEy5Uu1XrLBnNf7L692Rb77VGwH94sMBOwBwIUqzVIR8D FWssCObv5ReKibrO4YN9dztfNkw8IFmufkD9abJ+CXFOjBQeNFZTjLChOvQCDQ3E BYwSJMV9vIwEJGWVjKR2NBbkad3aCM7rjnZjsCXe1n3Ztw9Mt4vfI41HyU4uHERC ULoE64nohUa2DrL98egusjrGzWMsmNJrN4XyjFlyhT/7gE27zO15SIv5GfTvi5H9 iAc2icx8MrAV7NjO5d1g+6aFxCxnHK05KHjLlHp4PcUlQx9nTDYqXcqMv/60Q+3U 7mnkH+iFfcE= -----END CERTIFICATE-----Generated at Mon Feb 9 23:41:41 2026 by rpki-client