This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/QAN7swOnI3Ff5VrqxOQMitejWug.roa File: QAN7swOnI3Ff5VrqxOQMitejWug.roa (raw, json) Hash identifier: 2Y2g+wJB1OvwtX1AmkRTWuOoQzygFkkQrXjxXMRfp4s= Subject key identifier: 40:03:7B:B3:03:A7:23:71:5F:E5:5A:EA:C4:E4:0C:8A:D7:A3:5A:E8 Certificate issuer: /CN=8bdf76c54b9e6935c30a9b4c9ba9309ac470ec02 Certificate serial: 019B931EAA2A8E54803C4814CBC7C315324B Authority key identifier: 8B:DF:76:C5:4B:9E:69:35:C3:0A:9B:4C:9B:A9:30:9A:C4:70:EC:02 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i992xUueaTXDCptMm6kwmsRw7AI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/QAN7swOnI3Ff5VrqxOQMitejWug.roa Signing time: Tue 06 Jan 2026 11:43:38 +0000 ROA not before: Tue 06 Jan 2026 11:43:38 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 9304 IP address blocks: 5.102.36.0/24 maxlen: 24 5.102.38.0/24 maxlen: 24 195.5.125.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/i992xUueaTXDCptMm6kwmsRw7AI.crl rsync://rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/i992xUueaTXDCptMm6kwmsRw7AI.mft rsync://rpki.ripe.net/repository/DEFAULT/i992xUueaTXDCptMm6kwmsRw7AI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 19 Jan 2026 02:00:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:93:1e:aa:2a:8e:54:80:3c:48:14:cb:c7:c3:15:32:4b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8bdf76c54b9e6935c30a9b4c9ba9309ac470ec02 Validity Not Before: Jan 6 11:43:38 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=40037bb303a723715fe55aeac4e40c8ad7a35ae8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:d9:ed:59:49:16:bb:14:cb:86:f3:e7:63:7f: 0a:f1:c5:2b:f4:1c:d2:ae:dc:34:77:e6:57:a6:6f: 1f:8e:27:4d:e7:10:6d:8e:57:35:03:5c:2c:e2:e8: 68:84:2b:53:55:6a:42:ec:bd:70:b7:db:a4:48:c4: a8:74:ac:60:0e:54:d2:8c:4e:42:c0:ba:b9:29:a4: 36:9d:51:77:44:33:c6:d2:84:d1:73:71:12:e7:98: cd:e4:62:11:d6:c7:c4:6f:66:a9:23:1c:d3:e4:3a: 67:6b:02:59:15:40:52:fa:f1:31:1f:b2:8e:b3:f2: b6:62:50:2f:cb:d9:46:a7:c6:ce:67:7d:ec:a9:08: 9a:af:14:8f:ba:35:81:c5:5c:67:0c:29:5f:2e:87: 43:17:e6:50:eb:ef:e5:bd:ad:53:f8:81:32:28:74: 14:0c:17:68:d1:46:34:b4:52:74:28:db:e2:44:22: 8a:32:b0:a4:12:c6:5c:9d:47:2d:c6:5a:f5:28:9b: db:46:f8:60:ac:47:74:d9:42:3a:30:35:ef:2c:2f: 94:06:b5:2a:25:4b:9d:06:38:a3:4c:27:83:f8:83: f4:c6:36:37:60:9e:28:40:71:00:a3:c8:60:44:22: 56:46:7c:aa:38:44:7d:2d:1f:6b:8d:92:32:89:89: 0e:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:03:7B:B3:03:A7:23:71:5F:E5:5A:EA:C4:E4:0C:8A:D7:A3:5A:E8 X509v3 Authority Key Identifier: keyid:8B:DF:76:C5:4B:9E:69:35:C3:0A:9B:4C:9B:A9:30:9A:C4:70:EC:02 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i992xUueaTXDCptMm6kwmsRw7AI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/QAN7swOnI3Ff5VrqxOQMitejWug.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/i992xUueaTXDCptMm6kwmsRw7AI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.102.36.0/24 5.102.38.0/24 195.5.125.0/24 Signature Algorithm: sha256WithRSAEncryption 7d:ea:6d:09:d8:ef:ab:46:ed:e5:fb:a0:c2:79:39:c1:18:4b: 36:49:99:1c:c4:19:a1:71:26:f8:25:dd:55:a6:c4:fc:2f:0a: 03:d5:fc:c9:0a:59:17:dc:93:f2:0b:2b:60:d0:f0:51:99:8f: 2e:01:a4:b5:af:f4:b8:32:45:67:06:54:37:96:bd:0d:76:59: 90:d0:d9:43:9f:bf:be:05:a7:d1:41:bd:a6:4c:fe:0d:d9:ed: 15:81:99:ea:60:a3:5b:1c:df:42:ea:b2:cb:a6:51:ec:c9:de: a1:40:f2:c0:e8:d1:28:f4:24:25:12:bc:c8:ef:3f:1e:69:f9: 93:da:c7:e2:a8:50:f6:94:80:33:ec:18:82:14:63:8e:99:14: 9d:9f:a7:b9:75:0e:10:c0:44:ab:5b:d4:fe:d4:e9:1b:c0:eb: 6a:eb:56:3b:6e:e4:43:e6:7c:47:93:ef:e3:bc:b7:d0:21:47: a5:8a:5c:c5:74:02:71:06:11:27:20:0e:0c:8e:d9:95:cc:38: 00:28:ec:17:42:eb:54:fe:2a:86:c3:8a:70:b0:67:a3:5a:78: 12:d6:7d:cc:00:0d:6a:8f:19:fb:8a:d4:d9:dc:45:b3:83:73: c8:e7:7f:f3:6b:b0:b8:1d:a5:eb:7c:9e:9a:9e:c6:15:c3:15: 7e:6f:72:39 -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZuTHqoqjlSAPEgUy8fDFTJLMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDhiZGY3NmM1NGI5ZTY5MzVjMzBhOWI0YzliYTkzMDlhYzQ3 MGVjMDIwHhcNMjYwMTA2MTE0MzM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0MDAzN2JiMzAzYTcyMzcxNWZlNTVhZWFjNGU0MGM4YWQ3YTM1YWU4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0dntWUkWuxTLhvPnY38K8cUr9BzS rtw0d+ZXpm8fjidN5xBtjlc1A1ws4uhohCtTVWpC7L1wt9ukSMSodKxgDlTSjE5C wLq5KaQ2nVF3RDPG0oTRc3ES55jN5GIR1sfEb2apIxzT5DpnawJZFUBS+vExH7KO s/K2YlAvy9lGp8bOZ33sqQiarxSPujWBxVxnDClfLodDF+ZQ6+/lva1T+IEyKHQU DBdo0UY0tFJ0KNviRCKKMrCkEsZcnUctxlr1KJvbRvhgrEd02UI6MDXvLC+UBrUq JUudBjijTCeD+IP0xjY3YJ4oQHEAo8hgRCJWRnyqOER9LR9rjZIyiYkOYwIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFEADe7MDpyNxX+Va6sTkDIrXo1roMB8GA1UdIwQY MBaAFIvfdsVLnmk1wwqbTJupMJrEcOwCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaTk5MnhVdWVhVFhEQ3B0TW02a3dtc1J3N0FJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS8yMTUxOWUtYjhkYy00MjQwLWFhNzgt OGQyMTg2NjUwMjdkLzEvUUFON3N3T25JM0ZmNVZycXhPUU1pdGVqV3VnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kOS8yMTUxOWUtYjhkYy00MjQwLWFhNzgtOGQyMTg2NjUwMjdk LzEvaTk5MnhVdWVhVFhEQ3B0TW02a3dtc1J3N0FJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABWYkAwQA BWYmAwQAwwV9MA0GCSqGSIb3DQEBCwUAA4IBAQB96m0J2O+rRu3l+6DCeTnBGEs2 SZkcxBmhcSb4Jd1VpsT8LwoD1fzJClkX3JPyCytg0PBRmY8uAaS1r/S4MkVnBlQ3 lr0NdlmQ0NlDn7++BafRQb2mTP4N2e0VgZnqYKNbHN9C6rLLplHsyd6hQPLA6NEo 9CQlErzI7z8eafmT2sfiqFD2lIAz7BiCFGOOmRSdn6e5dQ4QwESrW9T+1OkbwOtq 61Y7buRD5nxHk+/jvLfQIUelilzFdAJxBhEnIA4MjtmVzDgAKOwXQutU/iqGw4pw sGejWngS1n3MAA1qjxn7itTZ3EWzg3PI53/za7C4HaXrfJ6ansYVwxV+b3I5 -----END CERTIFICATE-----Generated at Sun Jan 18 08:54:52 2026 by rpki-client