This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/959b9f-1408-4cf7-8e75-4046a32d27a4/1/Q03YqqXk35qJSm0HehmTM-hKNoU.roa File: Q03YqqXk35qJSm0HehmTM-hKNoU.roa (raw, json) Hash identifier: KbpyMNQhXsLpqvy25FWKpi6JbtT5ilUlph7z2bWSx5s= Subject key identifier: 43:4D:D8:AA:A5:E4:DF:9A:89:4A:6D:07:7A:19:93:33:E8:4A:36:85 Certificate issuer: /CN=a151cfef8f3ed86d11aeabad4d19e06a5d070d30 Certificate serial: 019B797E485127DBC349ABCE0C426452ACC3 Authority key identifier: A1:51:CF:EF:8F:3E:D8:6D:11:AE:AB:AD:4D:19:E0:6A:5D:07:0D:30 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oVHP748-2G0RrqutTRngal0HDTA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/959b9f-1408-4cf7-8e75-4046a32d27a4/1/Q03YqqXk35qJSm0HehmTM-hKNoU.roa Signing time: Thu 01 Jan 2026 12:17:57 +0000 ROA not before: Thu 01 Jan 2026 12:17:57 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 44850 IP address blocks: 91.203.32.0/23 maxlen: 23 91.203.32.0/24 maxlen: 24 91.203.33.0/24 maxlen: 24 91.203.34.0/23 maxlen: 23 91.203.34.0/24 maxlen: 24 91.203.35.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/95/959b9f-1408-4cf7-8e75-4046a32d27a4/1/oVHP748-2G0RrqutTRngal0HDTA.crl rsync://rpki.ripe.net/repository/DEFAULT/95/959b9f-1408-4cf7-8e75-4046a32d27a4/1/oVHP748-2G0RrqutTRngal0HDTA.mft rsync://rpki.ripe.net/repository/DEFAULT/oVHP748-2G0RrqutTRngal0HDTA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 21:01:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7e:48:51:27:db:c3:49:ab:ce:0c:42:64:52:ac:c3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a151cfef8f3ed86d11aeabad4d19e06a5d070d30 Validity Not Before: Jan 1 12:17:57 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=434dd8aaa5e4df9a894a6d077a199333e84a3685 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:95:05:e6:2e:91:e0:eb:6f:c6:60:33:26:33:28: b5:16:30:a4:b4:d1:fb:0e:fa:8c:22:1a:44:e8:49: 13:14:ea:7f:33:df:65:25:62:d1:fb:e8:1c:c4:6b: 58:0b:d5:ce:cc:be:77:9e:f8:62:2d:48:ad:3a:d4: b4:cb:4b:c3:48:50:2a:75:4d:f8:a5:57:12:77:6e: 51:1c:fb:02:6c:e9:d9:39:91:4a:df:38:ba:29:f5: 79:8d:eb:59:b2:d3:0c:10:94:8b:d2:59:4f:2d:3a: 9b:49:8d:39:bc:10:d2:b3:0e:8e:94:6c:6b:e6:c1: b5:20:09:45:3b:67:47:fa:c2:b1:bd:57:27:44:4a: fc:5e:ab:e8:31:a9:b0:6b:96:6a:22:1d:23:b2:14: 1f:43:dd:d1:1e:c3:eb:0e:72:c0:00:19:9b:dd:3a: 5d:94:e1:1f:28:d4:b2:3c:10:6e:6d:37:d8:f2:91: c2:97:8a:0f:ba:4e:e1:af:d3:a9:3a:d0:2b:bc:da: fe:b7:6d:27:f0:92:49:19:a4:e5:e5:19:c6:cb:f6: 79:19:73:b7:ab:b9:76:4a:ed:9d:77:79:9a:bf:6b: 7e:1f:48:ef:05:af:56:fd:01:d6:64:b6:96:e1:f1: c1:8a:e9:d6:06:df:9e:ea:cc:87:62:63:76:2b:52: aa:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 43:4D:D8:AA:A5:E4:DF:9A:89:4A:6D:07:7A:19:93:33:E8:4A:36:85 X509v3 Authority Key Identifier: keyid:A1:51:CF:EF:8F:3E:D8:6D:11:AE:AB:AD:4D:19:E0:6A:5D:07:0D:30 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oVHP748-2G0RrqutTRngal0HDTA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/959b9f-1408-4cf7-8e75-4046a32d27a4/1/Q03YqqXk35qJSm0HehmTM-hKNoU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/95/959b9f-1408-4cf7-8e75-4046a32d27a4/1/oVHP748-2G0RrqutTRngal0HDTA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.203.32.0/22 Signature Algorithm: sha256WithRSAEncryption 7f:42:36:4d:74:86:a8:d3:c7:11:40:20:c2:52:46:ca:06:a7: 89:a9:39:bb:3d:c1:6b:3d:79:4d:6f:0f:d7:2b:40:2d:7e:54: f0:7f:13:2b:11:eb:0d:89:be:b8:c8:54:7c:11:3d:dd:dd:b5: 5e:63:d2:7e:09:97:0d:b1:d3:b4:e8:04:97:77:4c:f5:84:00: 22:7e:94:bd:df:ce:75:c9:5d:13:f4:34:3d:31:92:95:40:68: 03:7b:53:5a:e6:fc:7c:26:0a:d2:b4:c3:df:fb:ae:29:21:92: 35:ea:46:28:d3:6c:34:4d:1a:e6:9d:ba:a0:25:33:e1:8f:9e: 39:28:56:29:54:d4:8a:ae:df:32:da:f9:ef:59:3c:f9:e5:ae: 7a:12:d1:93:b8:2f:f6:0d:cf:3c:58:44:68:bc:a8:31:9b:31: 0b:43:a3:ff:ae:84:29:d3:d0:54:36:59:08:97:8e:f3:e1:ce: bf:be:f1:3f:a2:b3:db:b8:9e:a3:fe:69:90:12:bb:7f:b0:51: 2d:00:a2:75:ca:ae:c3:29:c8:f4:c7:2b:d2:c3:05:6b:16:4a: cb:22:42:f7:a6:99:c1:ff:86:e2:3a:e1:00:f2:80:7c:eb:3a: 58:71:0f:ba:94:10:ce:42:b4:4c:73:35:bd:c0:2d:e3:b5:97: b2:92:a7:23 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt5fkhRJ9vDSavODEJkUqzDMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGExNTFjZmVmOGYzZWQ4NmQxMWFlYWJhZDRkMTllMDZhNWQw NzBkMzAwHhcNMjYwMTAxMTIxNzU3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0MzRkZDhhYWE1ZTRkZjlhODk0YTZkMDc3YTE5OTMzM2U4NGEzNjg1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlQXmLpHg62/GYDMmMyi1FjCktNH7 DvqMIhpE6EkTFOp/M99lJWLR++gcxGtYC9XOzL53nvhiLUitOtS0y0vDSFAqdU34 pVcSd25RHPsCbOnZOZFK3zi6KfV5jetZstMMEJSL0llPLTqbSY05vBDSsw6OlGxr 5sG1IAlFO2dH+sKxvVcnREr8XqvoMamwa5ZqIh0jshQfQ93RHsPrDnLAABmb3Tpd lOEfKNSyPBBubTfY8pHCl4oPuk7hr9OpOtArvNr+t20n8JJJGaTl5RnGy/Z5GXO3 q7l2Su2dd3mav2t+H0jvBa9W/QHWZLaW4fHBiunWBt+e6syHYmN2K1Kq4QIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFENN2Kql5N+aiUptB3oZkzPoSjaFMB8GA1UdIwQY MBaAFKFRz++PPthtEa6rrU0Z4GpdBw0wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb1ZIUDc0OC0yRzBScnF1dFRSbmdhbDBIRFRBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS85NTliOWYtMTQwOC00Y2Y3LThlNzUt NDA0NmEzMmQyN2E0LzEvUTAzWXFxWGszNXFKU20wSGVobVRNLWhLTm9VLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85NS85NTliOWYtMTQwOC00Y2Y3LThlNzUtNDA0NmEzMmQyN2E0 LzEvb1ZIUDc0OC0yRzBScnF1dFRSbmdhbDBIRFRBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW8sgMA0G CSqGSIb3DQEBCwUAA4IBAQB/QjZNdIao08cRQCDCUkbKBqeJqTm7PcFrPXlNbw/X K0AtflTwfxMrEesNib64yFR8ET3d3bVeY9J+CZcNsdO06ASXd0z1hAAifpS93851 yV0T9DQ9MZKVQGgDe1Na5vx8JgrStMPf+64pIZI16kYo02w0TRrmnbqgJTPhj545 KFYpVNSKrt8y2vnvWTz55a56EtGTuC/2Dc88WERovKgxmzELQ6P/roQp09BUNlkI l47z4c6/vvE/orPbuJ6j/mmQErt/sFEtAKJ1yq7DKcj0xyvSwwVrFkrLIkL3ppnB /4biOuEA8oB86zpYcQ+6lBDOQrRMczW9wC3jtZeykqcj -----END CERTIFICATE-----Generated at Tue Feb 10 02:46:10 2026 by rpki-client