This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/GDtm9Gv3P0fKgIud1P943rZPnpI.roa File: GDtm9Gv3P0fKgIud1P943rZPnpI.roa (raw, json) Hash identifier: ZgMgh7QThQHVCvY7UkXW80lU6rdqlfPDwGLKvElHD7o= Subject key identifier: 18:3B:66:F4:6B:F7:3F:47:CA:80:8B:9D:D4:FF:78:DE:B6:4F:9E:92 Certificate issuer: /CN=6d20ddd398dac8f62cc12526325f1821fb724f75 Certificate serial: 019B07C2395B4871646EE2BBB0ABF6B3F547 Authority key identifier: 6D:20:DD:D3:98:DA:C8:F6:2C:C1:25:26:32:5F:18:21:FB:72:4F:75 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/GDtm9Gv3P0fKgIud1P943rZPnpI.roa Signing time: Wed 10 Dec 2025 10:15:27 +0000 ROA not before: Wed 10 Dec 2025 10:15:27 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 62005 IP address blocks: 45.66.248.0/24 maxlen: 24 45.66.249.0/24 maxlen: 24 45.150.109.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/bSDd05jayPYswSUmMl8YIftyT3U.crl rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/bSDd05jayPYswSUmMl8YIftyT3U.mft rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 17 Dec 2025 05:00:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:07:c2:39:5b:48:71:64:6e:e2:bb:b0:ab:f6:b3:f5:47 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6d20ddd398dac8f62cc12526325f1821fb724f75 Validity Not Before: Dec 10 10:15:27 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=183b66f46bf73f47ca808b9dd4ff78deb64f9e92 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ea:1d:66:05:d9:d6:95:c7:54:35:53:f4:c1:50: 39:46:78:1f:8b:50:60:d6:c4:9c:d0:8e:a0:45:ca: bb:e8:57:fb:be:99:8c:e3:4a:8c:43:cc:94:c5:7e: 64:91:83:fa:f6:f8:51:52:c3:65:af:bf:81:13:1a: c7:10:3e:75:a6:0d:81:8f:52:0c:96:f9:39:48:e3: 6c:38:62:5a:87:88:79:ba:c6:85:23:d6:67:3c:bc: 35:d6:8c:f6:a3:d9:ee:0f:96:52:e8:65:00:81:e1: c7:38:c6:b4:a3:da:e0:e4:51:07:19:ee:d4:3c:0a: fa:79:0d:56:27:cf:85:55:90:95:55:78:4e:a1:14: de:2d:60:ff:85:65:4b:98:43:7c:e3:2c:fb:9b:4e: 2b:3f:92:09:ee:10:77:f8:9e:67:6c:35:1e:e2:c2: 84:7e:b0:f4:79:14:3d:79:fe:60:02:30:08:b1:4e: 5a:cd:6e:d2:7a:64:15:ad:3f:17:f5:9d:f4:27:68: 8f:f4:a2:40:7a:37:51:34:3b:c7:d1:8f:68:1b:0c: 58:48:d8:b5:5f:a3:eb:42:7b:60:67:ec:5d:a3:3d: 7e:77:dc:c4:af:00:2e:b5:be:75:2c:bf:f2:53:9e: a9:c2:b6:80:b8:3e:b3:69:ae:1f:74:f6:e9:d2:d2: be:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 18:3B:66:F4:6B:F7:3F:47:CA:80:8B:9D:D4:FF:78:DE:B6:4F:9E:92 X509v3 Authority Key Identifier: keyid:6D:20:DD:D3:98:DA:C8:F6:2C:C1:25:26:32:5F:18:21:FB:72:4F:75 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/GDtm9Gv3P0fKgIud1P943rZPnpI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/bSDd05jayPYswSUmMl8YIftyT3U.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.66.248.0/23 45.150.109.0/24 Signature Algorithm: sha256WithRSAEncryption 5b:18:80:b2:49:99:87:d9:94:25:31:d2:58:86:8d:5c:ca:8c: 3a:3d:10:72:1a:1c:a7:b1:18:e9:52:e5:8e:8f:51:47:5a:4e: 7b:03:fc:f1:ab:56:e1:0b:fa:ea:6d:65:70:30:17:cb:f4:42: 93:14:67:e2:30:c9:54:11:d1:56:9e:e8:44:9a:05:d6:72:eb: f6:e1:6a:74:42:d5:88:bd:d2:87:7d:c3:38:a1:7f:33:03:25: 5d:39:d4:09:89:eb:66:c3:c5:28:da:32:c9:d9:c3:66:16:57: 91:4e:c1:c4:5c:52:e2:62:a5:d0:68:76:b0:e8:1f:18:6b:40: 0d:ea:77:09:35:16:10:c1:04:76:c5:69:c4:58:94:47:9c:0d: c4:74:12:0e:e2:c5:b3:c3:e3:40:3d:d7:61:d5:4e:bf:1e:3b: 30:b5:7d:48:34:3d:64:6c:ad:ad:ed:ae:bb:30:1b:70:7b:ce: 0d:a5:69:2b:be:1f:81:19:bb:bd:fa:cc:77:73:5d:54:d1:d5: db:3d:79:33:14:0d:58:f8:28:33:a0:c5:52:e1:c0:ff:c0:23: 70:9c:fe:b0:f8:a9:85:96:03:de:e2:2d:27:d6:36:bc:2e:95: 5e:00:94:19:4b:da:87:4a:ed:a0:eb:31:9b:bd:9f:b3:56:2a: 2e:67:45:05 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZsHwjlbSHFkbuK7sKv2s/VHMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZkMjBkZGQzOThkYWM4ZjYyY2MxMjUyNjMyNWYxODIxZmI3 MjRmNzUwHhcNMjUxMjEwMTAxNTI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxODNiNjZmNDZiZjczZjQ3Y2E4MDhiOWRkNGZmNzhkZWI2NGY5ZTkyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6h1mBdnWlcdUNVP0wVA5Rngfi1Bg 1sSc0I6gRcq76Ff7vpmM40qMQ8yUxX5kkYP69vhRUsNlr7+BExrHED51pg2Bj1IM lvk5SONsOGJah4h5usaFI9ZnPLw11oz2o9nuD5ZS6GUAgeHHOMa0o9rg5FEHGe7U PAr6eQ1WJ8+FVZCVVXhOoRTeLWD/hWVLmEN84yz7m04rP5IJ7hB3+J5nbDUe4sKE frD0eRQ9ef5gAjAIsU5azW7SemQVrT8X9Z30J2iP9KJAejdRNDvH0Y9oGwxYSNi1 X6PrQntgZ+xdoz1+d9zErwAutb51LL/yU56pwraAuD6zaa4fdPbp0tK+LwIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFBg7ZvRr9z9HyoCLndT/eN62T56SMB8GA1UdIwQY MBaAFG0g3dOY2sj2LMElJjJfGCH7ck91MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYlNEZDA1amF5UFlzd1NVbU1sOFlJZnR5VDNVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9hMWE4OGYtMWRmZi00ZWZmLTgyNmIt MzZkZTY1NzIzMmJlLzEvR0R0bTlHdjNQMGZLZ0l1ZDFQOTQzclpQbnBJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMS9hMWE4OGYtMWRmZi00ZWZmLTgyNmItMzZkZTY1NzIzMmJl LzEvYlNEZDA1amF5UFlzd1NVbU1sOFlJZnR5VDNVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLUL4AwQA LZZtMA0GCSqGSIb3DQEBCwUAA4IBAQBbGICySZmH2ZQlMdJYho1cyow6PRByGhyn sRjpUuWOj1FHWk57A/zxq1bhC/rqbWVwMBfL9EKTFGfiMMlUEdFWnuhEmgXWcuv2 4Wp0QtWIvdKHfcM4oX8zAyVdOdQJietmw8Uo2jLJ2cNmFleRTsHEXFLiYqXQaHaw 6B8Ya0AN6ncJNRYQwQR2xWnEWJRHnA3EdBIO4sWzw+NAPddh1U6/HjswtX1IND1k bK2t7a67MBtwe84NpWkrvh+BGbu9+sx3c11U0dXbPXkzFA1Y+CgzoMVS4cD/wCNw nP6w+KmFlgPe4i0n1ja8LpVeAJQZS9qHSu2g6zGbvZ+zViouZ0UF -----END CERTIFICATE-----Generated at Tue Dec 16 13:55:41 2025 by rpki-client