This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/b3ae33-6d62-4093-92ec-5638526ff641/1/GqjpIwPCfuY9AEJq32U-7x8s2Xc.roa File: GqjpIwPCfuY9AEJq32U-7x8s2Xc.roa (raw, json) Hash identifier: hBgV71RI9VW14WRnhYAdkQpWE93JgEHcBWlBuGyNBy4= Subject key identifier: 1A:A8:E9:23:03:C2:7E:E6:3D:00:42:6A:DF:65:3E:EF:1F:2C:D9:77 Certificate issuer: /CN=1e234242957bb1be129681721f9c2cd08df07baa Certificate serial: 019B7F852D71346BC6CB28666A440440E04E Authority key identifier: 1E:23:42:42:95:7B:B1:BE:12:96:81:72:1F:9C:2C:D0:8D:F0:7B:AA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HiNCQpV7sb4SloFyH5ws0I3we6o.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/b3ae33-6d62-4093-92ec-5638526ff641/1/GqjpIwPCfuY9AEJq32U-7x8s2Xc.roa Signing time: Fri 02 Jan 2026 16:23:12 +0000 ROA not before: Fri 02 Jan 2026 16:23:12 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 199484 IP address blocks: 2a01:4c20::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/05/b3ae33-6d62-4093-92ec-5638526ff641/1/HiNCQpV7sb4SloFyH5ws0I3we6o.crl rsync://rpki.ripe.net/repository/DEFAULT/05/b3ae33-6d62-4093-92ec-5638526ff641/1/HiNCQpV7sb4SloFyH5ws0I3we6o.mft rsync://rpki.ripe.net/repository/DEFAULT/HiNCQpV7sb4SloFyH5ws0I3we6o.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:01:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:85:2d:71:34:6b:c6:cb:28:66:6a:44:04:40:e0:4e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1e234242957bb1be129681721f9c2cd08df07baa Validity Not Before: Jan 2 16:23:12 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=1aa8e92303c27ee63d00426adf653eef1f2cd977 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:a7:05:97:8a:3c:18:46:4e:cd:99:2e:10:c6: 15:a5:0d:ec:a8:4e:25:17:80:a9:ca:2d:9b:c0:85: b6:da:48:36:22:da:5c:4e:14:13:6f:2d:ef:04:de: 8f:60:6c:0b:71:fc:34:8b:60:1b:7c:1f:e9:2a:7a: 3e:ee:ea:63:0f:de:d9:c3:bf:1c:f4:5a:8f:a1:d2: 6e:1f:52:65:40:e4:11:d5:72:30:0d:f5:9a:ac:a9: 7d:80:e9:b0:f3:07:2c:53:8c:fb:fe:03:f3:9c:fa: 89:d0:c2:f7:85:10:33:c4:4e:b2:92:b7:50:45:31: 13:ed:31:ed:38:2c:96:11:01:93:ff:dd:0f:21:29: 17:57:f5:3c:f0:27:b6:db:38:e6:fe:db:a5:a8:ac: be:ab:53:5b:0e:91:bc:46:a5:5e:e3:f0:83:c4:16: f1:6b:c9:db:94:66:7c:fc:94:4a:ea:42:fa:ca:c0: 05:2c:cf:0f:9c:a2:a0:60:9e:e0:68:41:6c:2b:33: 73:c5:f9:af:1e:02:c7:aa:56:9f:9c:79:48:fd:df: c2:de:23:ef:8e:86:45:a8:df:12:15:d1:9a:11:d8: 57:89:03:d9:48:04:04:37:9a:54:57:6c:39:a4:8d: fd:82:97:cb:5e:ef:a5:8b:59:3f:27:b5:ad:1e:5a: dd:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1A:A8:E9:23:03:C2:7E:E6:3D:00:42:6A:DF:65:3E:EF:1F:2C:D9:77 X509v3 Authority Key Identifier: keyid:1E:23:42:42:95:7B:B1:BE:12:96:81:72:1F:9C:2C:D0:8D:F0:7B:AA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HiNCQpV7sb4SloFyH5ws0I3we6o.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/b3ae33-6d62-4093-92ec-5638526ff641/1/GqjpIwPCfuY9AEJq32U-7x8s2Xc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/05/b3ae33-6d62-4093-92ec-5638526ff641/1/HiNCQpV7sb4SloFyH5ws0I3we6o.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a01:4c20::/29 Signature Algorithm: sha256WithRSAEncryption 51:82:9b:42:2a:b1:13:ee:6e:00:17:07:b7:c4:93:40:ae:1e: c2:f8:d0:ed:6a:cc:58:7f:6d:bd:11:78:27:1c:fe:9e:eb:6c: bd:0f:f9:8d:fa:d5:d0:be:a3:d2:f5:ba:ab:c3:e5:b7:19:86: 2d:fd:b5:f7:20:2e:18:a2:76:77:05:08:75:d4:19:a6:37:31: d2:a1:2d:97:55:6c:d1:32:ad:8d:20:77:2a:7d:0f:31:42:eb: 9c:f6:e7:4b:2c:6d:0d:08:f4:a4:d5:8b:6a:61:d7:ae:ac:82: 0a:88:b4:49:3a:7b:a8:77:88:66:63:1b:a4:33:72:21:cd:a8: 26:6f:43:48:fe:27:03:7e:a8:db:b7:89:a3:e2:07:10:ed:d1: 00:4d:0d:a9:ca:20:ab:54:69:8e:58:a4:57:7b:19:ba:25:49: fc:95:cc:53:6c:d0:d0:d4:80:39:b1:13:17:7d:e0:24:fb:c2: 66:55:ad:57:2b:3c:07:90:2d:b4:ad:fc:9a:6a:02:49:5a:57: 41:27:71:b4:dd:9e:57:57:0b:25:11:99:3b:5c:45:69:e1:ed: 98:80:d7:7a:de:4a:d5:0a:e3:49:74:64:d3:cc:79:d2:53:9b: 0b:1b:5f:e3:a1:5b:1d:03:df:14:60:cc:9d:56:0a:11:dc:f4: e0:3b:65:54 -----BEGIN CERTIFICATE----- MIIE/jCCA+agAwIBAgISAZt/hS1xNGvGyyhmakQEQOBOMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFlMjM0MjQyOTU3YmIxYmUxMjk2ODE3MjFmOWMyY2QwOGRm MDdiYWEwHhcNMjYwMTAyMTYyMzEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxYWE4ZTkyMzAzYzI3ZWU2M2QwMDQyNmFkZjY1M2VlZjFmMmNkOTc3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmqcFl4o8GEZOzZkuEMYVpQ3sqE4l F4Cpyi2bwIW22kg2ItpcThQTby3vBN6PYGwLcfw0i2AbfB/pKno+7upjD97Zw78c 9FqPodJuH1JlQOQR1XIwDfWarKl9gOmw8wcsU4z7/gPznPqJ0ML3hRAzxE6ykrdQ RTET7THtOCyWEQGT/90PISkXV/U88Ce22zjm/tulqKy+q1NbDpG8RqVe4/CDxBbx a8nblGZ8/JRK6kL6ysAFLM8PnKKgYJ7gaEFsKzNzxfmvHgLHqlafnHlI/d/C3iPv joZFqN8SFdGaEdhXiQPZSAQEN5pUV2w5pI39gpfLXu+li1k/J7WtHlrddQIDAQAB o4ICCjCCAgYwHQYDVR0OBBYEFBqo6SMDwn7mPQBCat9lPu8fLNl3MB8GA1UdIwQY MBaAFB4jQkKVe7G+EpaBch+cLNCN8HuqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSGlOQ1FwVjdzYjRTbG9GeUg1d3MwSTN3ZTZvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9iM2FlMzMtNmQ2Mi00MDkzLTkyZWMt NTYzODUyNmZmNjQxLzEvR3FqcEl3UENmdVk5QUVKcTMyVS03eDhzMlhjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wNS9iM2FlMzMtNmQ2Mi00MDkzLTkyZWMtNTYzODUyNmZmNjQx LzEvSGlOQ1FwVjdzYjRTbG9GeUg1d3MwSTN3ZTZvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgFMIDAN BgkqhkiG9w0BAQsFAAOCAQEAUYKbQiqxE+5uABcHt8STQK4ewvjQ7WrMWH9tvRF4 Jxz+nutsvQ/5jfrV0L6j0vW6q8PltxmGLf219yAuGKJ2dwUIddQZpjcx0qEtl1Vs 0TKtjSB3Kn0PMULrnPbnSyxtDQj0pNWLamHXrqyCCoi0STp7qHeIZmMbpDNyIc2o Jm9DSP4nA36o27eJo+IHEO3RAE0Nqcogq1RpjlikV3sZuiVJ/JXMU2zQ0NSAObET F33gJPvCZlWtVys8B5AttK38mmoCSVpXQSdxtN2eV1cLJRGZO1xFaeHtmIDXet5K 1QrjSXRk08x50lObCxtf46FbHQPfFGDMnVYKEdz04DtlVA== -----END CERTIFICATE-----Generated at Sun Jan 25 22:15:52 2026 by rpki-client