This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/cqhGYMObSa-V5uXdS3cRPivUtdk.roa File: cqhGYMObSa-V5uXdS3cRPivUtdk.roa (raw, json) Hash identifier: rEhEkXajrTTzVePBY0074veOZ52nqnDPs8A9Ei1DDrY= Subject key identifier: 72:A8:46:60:C3:9B:49:AF:95:E6:E5:DD:4B:77:11:3E:2B:D4:B5:D9 Certificate issuer: /CN=bdfad23e11cf0d24a477594eba09f99acc6f1fff Certificate serial: 019B76EB2FCEE50A84B1B5F6A1A71AA088A1 Authority key identifier: BD:FA:D2:3E:11:CF:0D:24:A4:77:59:4E:BA:09:F9:9A:CC:6F:1F:FF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vfrSPhHPDSSkd1lOugn5msxvH_8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/cqhGYMObSa-V5uXdS3cRPivUtdk.roa Signing time: Thu 01 Jan 2026 00:18:03 +0000 ROA not before: Thu 01 Jan 2026 00:18:03 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 25537 IP address blocks: 195.24.71.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/vfrSPhHPDSSkd1lOugn5msxvH_8.crl rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/vfrSPhHPDSSkd1lOugn5msxvH_8.mft rsync://rpki.ripe.net/repository/DEFAULT/vfrSPhHPDSSkd1lOugn5msxvH_8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 28 Jan 2026 15:01:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:76:eb:2f:ce:e5:0a:84:b1:b5:f6:a1:a7:1a:a0:88:a1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=bdfad23e11cf0d24a477594eba09f99acc6f1fff Validity Not Before: Jan 1 00:18:03 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=72a84660c39b49af95e6e5dd4b77113e2bd4b5d9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:2f:48:27:42:30:c1:c1:de:b1:0b:21:66:f8: bd:68:b3:e5:fb:f0:2b:01:47:23:e2:8d:39:e0:79: 4b:56:c7:f7:72:62:ca:ad:f1:1c:60:4c:2c:1a:d6: 01:75:fc:b7:e1:07:01:d0:bf:f1:a1:24:79:c2:09: c4:2b:b9:06:01:0c:dc:e6:71:e3:8b:9c:42:82:fe: 25:08:7f:a1:5a:c7:aa:5f:08:9d:be:20:e5:5f:b7: a3:2f:5d:70:49:5d:4f:ff:33:8a:eb:4a:6e:1e:d0: c4:23:bc:56:bd:43:6e:58:9e:8e:c6:35:74:0f:d4: c8:51:23:ed:0c:15:7b:27:a5:f0:0f:d9:c0:33:e4: 62:d0:c0:98:76:51:2b:5b:69:10:ab:64:10:c3:de: 89:7f:37:42:31:50:a5:c1:c4:42:e3:22:89:e7:bc: 48:4b:bc:46:4d:94:6b:9b:ed:d4:b9:f4:59:09:4e: 00:5c:73:a0:3d:59:54:c4:63:d8:6c:d2:23:79:2a: ea:92:e5:03:55:b9:c9:97:28:03:e1:62:82:6b:8a: 00:4d:be:60:3d:84:84:6e:69:c1:41:73:6a:aa:1e: bd:2b:9f:d8:9e:49:85:38:09:61:b5:ee:a9:df:b7: aa:df:28:80:f9:98:1f:a4:07:9c:40:f7:aa:f3:ea: 41:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 72:A8:46:60:C3:9B:49:AF:95:E6:E5:DD:4B:77:11:3E:2B:D4:B5:D9 X509v3 Authority Key Identifier: keyid:BD:FA:D2:3E:11:CF:0D:24:A4:77:59:4E:BA:09:F9:9A:CC:6F:1F:FF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vfrSPhHPDSSkd1lOugn5msxvH_8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/cqhGYMObSa-V5uXdS3cRPivUtdk.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/vfrSPhHPDSSkd1lOugn5msxvH_8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 195.24.71.0/24 Signature Algorithm: sha256WithRSAEncryption 36:b6:08:ba:de:93:6f:ed:d8:b4:06:c4:8c:24:9a:1c:8b:c7: 55:ae:da:84:71:44:fd:46:2f:61:c7:82:42:e2:61:f0:4e:da: fe:52:58:bf:36:4d:15:dd:a0:a5:59:d8:96:35:b0:af:3f:f2: d5:3a:72:ef:ee:23:9c:63:6c:70:9a:bd:ee:af:15:2f:7a:ca: af:85:ed:ff:fb:b0:6e:72:b3:79:83:63:a0:1e:ca:70:bd:03: dd:f9:be:53:09:54:42:67:1a:fa:e7:e7:fa:5b:f6:ee:0e:a0: c0:39:fe:60:18:08:98:1d:8e:e7:13:9b:4d:f8:82:d0:8f:ee: 41:10:6f:61:f4:e1:c7:61:d8:13:9f:12:62:58:cd:c7:fe:3f: 05:48:cf:be:51:22:8a:3d:85:fc:04:09:f8:65:86:9e:0c:95: 60:10:a9:a0:a5:2b:6b:6b:3d:b7:75:c5:92:5e:b7:88:d8:eb: a0:bc:89:b5:b4:7e:b9:2c:ef:4c:bf:cc:80:0a:22:72:bc:0a: 3f:5f:bf:1b:72:45:5c:4d:b1:f4:7f:ae:7d:5b:61:02:02:69: 68:ac:4c:7b:39:b1:06:d0:c0:ed:55:95:90:e4:8c:af:63:a7: bf:a3:5d:0b:7b:96:f2:2d:ad:5f:47:67:54:54:a9:15:23:9b: 27:45:f1:8f -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt26y/O5QqEsbX2oacaoIihMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGJkZmFkMjNlMTFjZjBkMjRhNDc3NTk0ZWJhMDlmOTlhY2M2 ZjFmZmYwHhcNMjYwMTAxMDAxODAzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3MmE4NDY2MGMzOWI0OWFmOTVlNmU1ZGQ0Yjc3MTEzZTJiZDRiNWQ5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsy9IJ0IwwcHesQshZvi9aLPl+/Ar AUcj4o054HlLVsf3cmLKrfEcYEwsGtYBdfy34QcB0L/xoSR5wgnEK7kGAQzc5nHj i5xCgv4lCH+hWseqXwidviDlX7ejL11wSV1P/zOK60puHtDEI7xWvUNuWJ6OxjV0 D9TIUSPtDBV7J6XwD9nAM+Ri0MCYdlErW2kQq2QQw96JfzdCMVClwcRC4yKJ57xI S7xGTZRrm+3UufRZCU4AXHOgPVlUxGPYbNIjeSrqkuUDVbnJlygD4WKCa4oATb5g PYSEbmnBQXNqqh69K5/YnkmFOAlhte6p37eq3yiA+ZgfpAecQPeq8+pBpwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFHKoRmDDm0mvlebl3Ut3ET4r1LXZMB8GA1UdIwQY MBaAFL360j4Rzw0kpHdZTroJ+ZrMbx//MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdmZyU1BoSFBEU1NrZDFsT3VnbjVtc3h2SF84LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9lMjUyMzktNmFiMC00OTE5LWE3NmEt NGY0ZTcxZTMyMDg0LzEvY3FoR1lNT2JTYS1WNXVYZFMzY1JQaXZVdGRrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMy9lMjUyMzktNmFiMC00OTE5LWE3NmEtNGY0ZTcxZTMyMDg0 LzEvdmZyU1BoSFBEU1NrZDFsT3VnbjVtc3h2SF84LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwxhHMA0G CSqGSIb3DQEBCwUAA4IBAQA2tgi63pNv7di0BsSMJJoci8dVrtqEcUT9Ri9hx4JC 4mHwTtr+Uli/Nk0V3aClWdiWNbCvP/LVOnLv7iOcY2xwmr3urxUvesqvhe3/+7Bu crN5g2OgHspwvQPd+b5TCVRCZxr65+f6W/buDqDAOf5gGAiYHY7nE5tN+ILQj+5B EG9h9OHHYdgTnxJiWM3H/j8FSM++USKKPYX8BAn4ZYaeDJVgEKmgpStraz23dcWS XreI2OugvIm1tH65LO9Mv8yACiJyvAo/X78bckVcTbH0f659W2ECAmlorEx7ObEG 0MDtVZWQ5IyvY6e/o10Le5byLa1fR2dUVKkVI5snRfGP -----END CERTIFICATE-----Generated at Tue Jan 27 19:16:12 2026 by rpki-client