This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/1153f8-1994-4b2d-9645-f28b4d640a49/1/QUGDzQXyufF4cTbxCFKpDXDDu0Y.roa File: QUGDzQXyufF4cTbxCFKpDXDDu0Y.roa (raw, json) Hash identifier: 8BFiaRg39psluNeIpVd2PWr39z5J747/91yNbr4CXuY= Subject key identifier: 41:41:83:CD:05:F2:B9:F1:78:71:36:F1:08:52:A9:0D:70:C3:BB:46 Certificate issuer: /CN=48ea30c0f28e02269c5765bf4a045677ca2794a5 Certificate serial: 019B76EAC586E3A81A580BA8D85EB3F258FC Authority key identifier: 48:EA:30:C0:F2:8E:02:26:9C:57:65:BF:4A:04:56:77:CA:27:94:A5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SOowwPKOAiacV2W_SgRWd8onlKU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/1153f8-1994-4b2d-9645-f28b4d640a49/1/QUGDzQXyufF4cTbxCFKpDXDDu0Y.roa Signing time: Thu 01 Jan 2026 00:17:35 +0000 ROA not before: Thu 01 Jan 2026 00:17:35 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 800 IP address blocks: 27.121.104.0/22 maxlen: 24 45.147.188.0/22 maxlen: 24 2a09:4880::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/1153f8-1994-4b2d-9645-f28b4d640a49/1/SOowwPKOAiacV2W_SgRWd8onlKU.crl rsync://rpki.ripe.net/repository/DEFAULT/f8/1153f8-1994-4b2d-9645-f28b4d640a49/1/SOowwPKOAiacV2W_SgRWd8onlKU.mft rsync://rpki.ripe.net/repository/DEFAULT/SOowwPKOAiacV2W_SgRWd8onlKU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 21 Jan 2026 12:00:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:76:ea:c5:86:e3:a8:1a:58:0b:a8:d8:5e:b3:f2:58:fc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=48ea30c0f28e02269c5765bf4a045677ca2794a5 Validity Not Before: Jan 1 00:17:35 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=414183cd05f2b9f1787136f10852a90d70c3bb46 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:a4:56:03:c7:55:3b:3c:10:64:c0:b3:46:0d: 0c:34:9b:45:90:9d:95:e5:16:6b:12:df:02:d5:c5: ea:5d:87:ba:58:f9:14:4c:1e:76:b3:ed:15:da:a6: 29:ee:0b:64:90:a3:35:2c:59:13:86:f1:f3:38:7e: 65:d3:b1:16:56:ba:98:bc:14:ea:0c:0f:08:86:74: 02:b7:f1:5e:2c:79:2d:0e:ee:d0:cb:d2:d9:58:e2: dc:b4:b1:9c:15:79:30:37:14:c8:d9:55:a5:02:11: 2b:c6:ee:aa:1e:aa:c7:ba:5d:30:eb:0e:3b:f4:d6: bf:ff:0e:25:10:c6:0e:98:1f:ef:14:9e:2a:a9:66: 83:f0:6e:84:38:9a:7d:2f:8c:06:98:00:6c:af:c2: 38:fe:d0:78:5f:ec:1f:8f:99:dd:df:74:8c:21:71: 34:45:42:06:75:ed:35:5d:37:b3:f2:40:ae:b9:85: 5b:ff:1f:83:da:93:2f:1c:a1:21:7c:c9:4e:4f:c5: c6:82:95:95:6f:8d:3f:26:38:31:59:2c:81:cb:70: a1:ba:59:c8:05:d1:c8:b0:52:fb:58:81:2b:aa:2e: a8:6d:12:66:11:fb:9c:61:af:10:6a:d3:e8:8a:b5: f8:71:a5:0e:10:cb:78:39:a6:ec:0e:46:63:b1:b7: c2:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 41:41:83:CD:05:F2:B9:F1:78:71:36:F1:08:52:A9:0D:70:C3:BB:46 X509v3 Authority Key Identifier: keyid:48:EA:30:C0:F2:8E:02:26:9C:57:65:BF:4A:04:56:77:CA:27:94:A5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SOowwPKOAiacV2W_SgRWd8onlKU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/1153f8-1994-4b2d-9645-f28b4d640a49/1/QUGDzQXyufF4cTbxCFKpDXDDu0Y.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/1153f8-1994-4b2d-9645-f28b4d640a49/1/SOowwPKOAiacV2W_SgRWd8onlKU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 27.121.104.0/22 45.147.188.0/22 IPv6: 2a09:4880::/32 Signature Algorithm: sha256WithRSAEncryption 4f:a6:60:de:98:f2:12:a9:e0:d6:08:54:01:81:f9:f7:5f:29: c9:69:b1:4d:57:c9:ac:3a:ed:ee:3f:fb:8a:8e:99:ee:64:75: 76:bd:d3:20:35:41:2e:78:a6:e0:dd:c5:ac:5c:57:d6:c6:ed: 7a:5b:0f:b4:b4:d3:d2:bd:fd:99:58:af:05:94:08:bf:fc:41: 7c:bc:6f:b7:c1:35:45:9a:ce:7d:6d:17:40:94:b2:c0:60:58: 97:66:00:89:39:d3:6d:4a:08:09:bb:24:b3:c6:36:dc:b5:8a: ef:39:15:fa:fc:07:b2:b5:ff:2a:2f:4c:92:f9:e5:2e:2f:ae: 0e:ed:7c:1a:c0:7c:40:34:a2:0a:cb:37:65:12:74:38:6d:92: 08:73:79:63:81:77:0b:7d:62:ea:18:65:00:02:45:51:3b:19: 33:ac:a9:a4:ce:09:98:65:d4:a2:88:96:fa:e2:fc:93:b7:a4: fe:bd:3d:a5:a2:24:22:0d:b7:59:01:e6:0b:1a:bc:e5:88:7d: 7e:1e:51:28:2d:b9:b7:0d:b6:58:7c:4b:3e:15:06:e0:8a:01: 4f:4a:38:8c:a8:f2:82:bd:60:49:bb:27:78:7b:d6:52:0f:e9: 74:90:ce:9e:04:65:54:c7:de:81:23:87:d8:2d:aa:28:f8:c2: b9:79:e4:97 -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt26sWG46gaWAuo2F6z8lj8MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQ4ZWEzMGMwZjI4ZTAyMjY5YzU3NjViZjRhMDQ1Njc3Y2Ey Nzk0YTUwHhcNMjYwMTAxMDAxNzM1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0MTQxODNjZDA1ZjJiOWYxNzg3MTM2ZjEwODUyYTkwZDcwYzNiYjQ2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsqRWA8dVOzwQZMCzRg0MNJtFkJ2V 5RZrEt8C1cXqXYe6WPkUTB52s+0V2qYp7gtkkKM1LFkThvHzOH5l07EWVrqYvBTq DA8IhnQCt/FeLHktDu7Qy9LZWOLctLGcFXkwNxTI2VWlAhErxu6qHqrHul0w6w47 9Na//w4lEMYOmB/vFJ4qqWaD8G6EOJp9L4wGmABsr8I4/tB4X+wfj5nd33SMIXE0 RUIGde01XTez8kCuuYVb/x+D2pMvHKEhfMlOT8XGgpWVb40/JjgxWSyBy3ChulnI BdHIsFL7WIErqi6obRJmEfucYa8QatPoirX4caUOEMt4OabsDkZjsbfClQIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFEFBg80F8rnxeHE28QhSqQ1ww7tGMB8GA1UdIwQY MBaAFEjqMMDyjgImnFdlv0oEVnfKJ5SlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvU09vd3dQS09BaWFjVjJXX1NnUldkOG9ubEtVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC8xMTUzZjgtMTk5NC00YjJkLTk2NDUt ZjI4YjRkNjQwYTQ5LzEvUVVHRHpRWHl1ZkY0Y1RieENGS3BEWEREdTBZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mOC8xMTUzZjgtMTk5NC00YjJkLTk2NDUtZjI4YjRkNjQwYTQ5 LzEvU09vd3dQS09BaWFjVjJXX1NnUldkOG9ubEtVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCG3loAwQC LZO8MA0EAgACMAcDBQAqCUiAMA0GCSqGSIb3DQEBCwUAA4IBAQBPpmDemPISqeDW CFQBgfn3XynJabFNV8msOu3uP/uKjpnuZHV2vdMgNUEueKbg3cWsXFfWxu16Ww+0 tNPSvf2ZWK8FlAi//EF8vG+3wTVFms59bRdAlLLAYFiXZgCJOdNtSggJuySzxjbc tYrvORX6/Aeytf8qL0yS+eUuL64O7XwawHxANKIKyzdlEnQ4bZIIc3ljgXcLfWLq GGUAAkVROxkzrKmkzgmYZdSiiJb64vyTt6T+vT2loiQiDbdZAeYLGrzliH1+HlEo Lbm3DbZYfEs+FQbgigFPSjiMqPKCvWBJuyd4e9ZSD+l0kM6eBGVUx96BI4fYLaoo +MK5eeSX -----END CERTIFICATE-----Generated at Tue Jan 20 14:04:05 2026 by rpki-client