This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/gymUhqST4gDYlW3CxWmZus_iivg.roa File: gymUhqST4gDYlW3CxWmZus_iivg.roa (raw, json) Hash identifier: VZP3Aqlf8vMmsf/TqEntRsUMPyR+sAdKqaHzPeY3Mv8= Subject key identifier: 83:29:94:86:A4:93:E2:00:D8:95:6D:C2:C5:69:99:BA:CF:E2:8A:F8 Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d Certificate serial: 019A922CC0F823D644ECD237B5A14AB76E41 Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/gymUhqST4gDYlW3CxWmZus_iivg.roa Signing time: Mon 17 Nov 2025 14:16:37 +0000 ROA not before: Mon 17 Nov 2025 14:16:37 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 1273 IP address blocks: 2a0c:9e00::/32 maxlen: 32 2a0c:9e01::/32 maxlen: 32 2a0c:9e04::/32 maxlen: 32 2a0c:fe03::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.mft rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:92:2c:c0:f8:23:d6:44:ec:d2:37:b5:a1:4a:b7:6e:41 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d Validity Not Before: Nov 17 14:16:37 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=83299486a493e200d8956dc2c56999bacfe28af8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:8c:23:13:19:10:97:cd:ef:89:45:0b:44:1f: 9d:2e:4c:c7:9b:c7:d1:8f:38:de:c1:16:37:ab:0e: 04:23:6b:b2:70:73:b2:c0:f8:5c:bc:cf:2a:9b:21: b1:ab:2e:35:d6:a3:44:81:3d:ff:10:47:8c:36:d9: 1e:46:e5:b9:cb:aa:67:8c:77:81:3a:0b:28:ae:d9: a2:74:de:7a:51:95:f9:5b:89:57:2d:af:22:ec:f2: 10:d7:52:2e:6d:22:06:2e:ba:58:5b:0b:6e:68:0c: 1d:66:79:3a:b5:79:77:70:f5:1f:b0:0f:21:ff:b8: 5b:4f:b5:0f:f9:cc:46:ac:56:a5:44:b9:66:28:ad: 8b:6f:13:ee:0a:40:5e:f3:26:c2:69:49:b5:b6:dd: c5:77:b6:00:b3:ca:02:a4:28:cd:d8:c3:3c:a1:23: 92:7c:b3:46:a8:ef:21:23:e4:84:43:b2:bb:e7:cb: 43:99:06:46:90:cc:92:85:d3:95:bb:70:9a:36:59: 57:f0:26:49:b0:40:e3:c4:18:bc:ba:db:7d:35:32: 0e:b5:f7:59:fd:57:2c:69:94:d7:36:68:c2:79:51: 3a:f6:de:c9:8e:ae:98:32:29:c0:96:0e:29:bf:01: e5:91:fd:91:dc:36:04:bb:3d:44:2d:59:46:06:c1: 76:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 83:29:94:86:A4:93:E2:00:D8:95:6D:C2:C5:69:99:BA:CF:E2:8A:F8 X509v3 Authority Key Identifier: keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/gymUhqST4gDYlW3CxWmZus_iivg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0c:9e00::/31 2a0c:9e04::/32 2a0c:fe03::/32 Signature Algorithm: sha256WithRSAEncryption 21:32:83:58:b8:ad:31:e6:72:f8:c8:99:38:41:58:c6:ee:27: 58:cd:c2:48:19:d0:ff:28:50:ee:ba:31:dd:f3:03:73:d6:0a: 04:98:00:b2:12:53:e0:19:b1:98:72:72:d1:dc:7f:03:fa:39: 68:eb:01:20:94:4b:44:34:df:4d:67:fb:55:ea:45:8a:fe:ce: 58:25:5f:1b:7f:89:cb:53:ef:0f:4e:b8:92:bc:5a:35:f0:86: 17:1d:ea:0e:7e:3f:b3:36:00:5f:d0:42:1a:39:a3:f1:aa:fe: e1:60:6f:c9:70:48:10:c2:8a:b3:a6:24:7d:a0:db:1c:cc:de: ae:ca:ea:a8:d8:a8:b8:53:dc:94:8b:e8:76:ea:c7:a9:94:5e: 66:77:57:2f:1c:0c:7f:14:c4:86:a1:1d:5f:13:9f:61:63:9e: 62:8e:87:40:06:13:7b:c1:a9:f2:f8:a3:80:d8:df:c8:50:f1: f3:79:36:fe:5e:14:0c:c2:99:63:03:28:a4:df:01:1d:c7:6b: 1f:a4:de:18:1b:f5:81:ca:25:71:94:41:d0:9f:be:ef:7a:c8: b7:75:fd:5a:80:a1:0d:50:ac:0b:ff:10:4e:ff:4f:a5:a5:34: da:12:08:a2:d2:f9:72:89:45:23:e3:9a:6a:11:01:f9:21:51: c4:ec:cb:10 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZqSLMD4I9ZE7NI3taFKt25BMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw MTRiOGQwHhcNMjUxMTE3MTQxNjM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4MzI5OTQ4NmE0OTNlMjAwZDg5NTZkYzJjNTY5OTliYWNmZTI4YWY4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqowjExkQl83viUULRB+dLkzHm8fR jzjewRY3qw4EI2uycHOywPhcvM8qmyGxqy411qNEgT3/EEeMNtkeRuW5y6pnjHeB OgsortmidN56UZX5W4lXLa8i7PIQ11IubSIGLrpYWwtuaAwdZnk6tXl3cPUfsA8h /7hbT7UP+cxGrFalRLlmKK2LbxPuCkBe8ybCaUm1tt3Fd7YAs8oCpCjN2MM8oSOS fLNGqO8hI+SEQ7K758tDmQZGkMyShdOVu3CaNllX8CZJsEDjxBi8utt9NTIOtfdZ /VcsaZTXNmjCeVE69t7Jjq6YMinAlg4pvwHlkf2R3DYEuz1ELVlGBsF26wIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFIMplIakk+IA2JVtwsVpmbrP4or4MB8GA1UdIwQY MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt NmJjNzU1NzhiNGMzLzEvZ3ltVWhxU1Q0Z0RZbFczQ3hXbVp1c19paXZnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUBKgyeAAMF ACoMngQDBQAqDP4DMA0GCSqGSIb3DQEBCwUAA4IBAQAhMoNYuK0x5nL4yJk4QVjG 7idYzcJIGdD/KFDuujHd8wNz1goEmACyElPgGbGYcnLR3H8D+jlo6wEglEtENN9N Z/tV6kWK/s5YJV8bf4nLU+8PTriSvFo18IYXHeoOfj+zNgBf0EIaOaPxqv7hYG/J cEgQwoqzpiR9oNsczN6uyuqo2Ki4U9yUi+h26seplF5md1cvHAx/FMSGoR1fE59h Y55ijodABhN7wany+KOA2N/IUPHzeTb+XhQMwpljAyik3wEdx2sfpN4YG/WByiVx lEHQn77vesi3df1agKENUKwL/xBO/0+lpTTaEgii0vlyiUUj45pqEQH5IVHE7MsQ -----END CERTIFICATE-----Generated at Sat Dec 6 20:44:17 2025 by rpki-client