This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/2a420d-9d0e-4ea8-95bc-f53d9e36e95a/1/GuWBmwhJapEp_BmmuNbZSMGsF-Y.roa File: GuWBmwhJapEp_BmmuNbZSMGsF-Y.roa (raw, json) Hash identifier: XKoJ/kEd+7q2jht4EhlLR7+g4VG6e/EP//UCSF6Kcuw= Subject key identifier: 1A:E5:81:9B:08:49:6A:91:29:FC:19:A6:B8:D6:D9:48:C1:AC:17:E6 Certificate issuer: /CN=b714595c50c351921b0de9a57540a15e5c1c618a Certificate serial: 019B79EC3CE5E6C4DE7C66773C3C7ECF327D Authority key identifier: B7:14:59:5C:50:C3:51:92:1B:0D:E9:A5:75:40:A1:5E:5C:1C:61:8A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/txRZXFDDUZIbDemldUChXlwcYYo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/2a420d-9d0e-4ea8-95bc-f53d9e36e95a/1/GuWBmwhJapEp_BmmuNbZSMGsF-Y.roa Signing time: Thu 01 Jan 2026 14:18:03 +0000 ROA not before: Thu 01 Jan 2026 14:18:03 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 47753 IP address blocks: 185.138.167.0/24 maxlen: 24 2a11:c0::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/2a420d-9d0e-4ea8-95bc-f53d9e36e95a/1/txRZXFDDUZIbDemldUChXlwcYYo.crl rsync://rpki.ripe.net/repository/DEFAULT/16/2a420d-9d0e-4ea8-95bc-f53d9e36e95a/1/txRZXFDDUZIbDemldUChXlwcYYo.mft rsync://rpki.ripe.net/repository/DEFAULT/txRZXFDDUZIbDemldUChXlwcYYo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:ec:3c:e5:e6:c4:de:7c:66:77:3c:3c:7e:cf:32:7d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b714595c50c351921b0de9a57540a15e5c1c618a Validity Not Before: Jan 1 14:18:03 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=1ae5819b08496a9129fc19a6b8d6d948c1ac17e6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:5a:10:cf:99:34:c9:de:5d:78:38:07:f3:b3: 92:eb:99:f3:a2:1a:27:d9:73:e0:28:bd:4a:39:9d: 98:3e:90:24:0d:e0:56:9b:9e:4f:01:26:04:ee:45: 1d:4a:11:7f:21:86:b1:74:9d:f2:21:69:73:ba:b6: c3:68:c2:8b:e5:8e:0c:0f:10:6f:72:e5:ff:f6:5c: 06:8c:73:b8:94:80:b1:e5:c5:2e:1b:01:b0:f6:8b: 1a:ed:a4:9f:48:75:f0:5c:60:6b:1e:02:ef:af:10: 72:ae:f9:38:2e:05:d9:70:3e:50:96:c6:14:41:76: 42:08:35:77:26:7c:df:07:9e:63:66:22:af:72:02: 95:d3:05:9e:93:49:57:5c:32:7b:f6:10:24:3a:b8: 74:8a:15:d9:68:da:9f:6e:b6:80:24:37:3e:c2:4c: 85:5e:17:0f:02:d6:c5:b3:a9:b6:3f:3e:c2:bc:a2: ee:49:50:75:1e:c6:4f:e7:3f:9e:d8:af:dd:d2:05: 6d:b5:ac:1d:1c:32:7a:d2:54:d1:e6:73:4a:f1:b4: a4:71:46:41:71:43:46:4f:1b:73:05:20:83:e1:38: 31:3f:58:79:ae:f8:a8:0e:49:f9:f1:b2:f5:21:eb: b0:57:ea:ad:ce:36:7f:5a:ee:db:fa:f9:56:07:2d: cf:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1A:E5:81:9B:08:49:6A:91:29:FC:19:A6:B8:D6:D9:48:C1:AC:17:E6 X509v3 Authority Key Identifier: keyid:B7:14:59:5C:50:C3:51:92:1B:0D:E9:A5:75:40:A1:5E:5C:1C:61:8A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/txRZXFDDUZIbDemldUChXlwcYYo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/2a420d-9d0e-4ea8-95bc-f53d9e36e95a/1/GuWBmwhJapEp_BmmuNbZSMGsF-Y.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/16/2a420d-9d0e-4ea8-95bc-f53d9e36e95a/1/txRZXFDDUZIbDemldUChXlwcYYo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.138.167.0/24 IPv6: 2a11:c0::/29 Signature Algorithm: sha256WithRSAEncryption 3a:6d:1d:62:d1:d3:9d:9e:dd:db:92:de:09:61:23:40:1e:53: bf:73:92:6f:7d:e4:e1:f2:0c:47:9a:db:64:1d:0b:6d:80:66: 94:04:e9:df:02:9b:c9:44:22:41:09:e0:21:b6:36:c6:1d:7c: ea:f8:37:a8:e2:f5:87:a4:9f:c0:19:d4:4f:6b:a9:cc:63:a5: ab:f7:b1:24:4c:72:8f:ac:51:02:a0:93:6a:d1:f4:80:23:c1: d3:c0:18:7a:11:09:ce:17:bc:96:97:f9:b6:12:ac:e3:ee:8f: 8a:70:92:84:1e:c7:da:43:fd:c7:02:82:33:af:a0:44:95:10: cb:0b:3b:fe:90:57:09:8d:93:86:30:7f:e4:ea:15:d4:38:0c: 21:a4:19:42:9b:95:d6:6c:42:2c:c0:09:3b:1c:24:1f:87:7a: 01:c7:39:12:13:3d:9d:72:41:fa:b9:e0:93:87:9e:61:9f:26: 51:fa:3a:ae:37:1b:48:ec:c6:b6:ef:9a:7f:02:ad:a5:6d:04: 85:1c:56:a5:03:41:9c:e2:9f:d5:26:5a:23:48:61:7e:e8:a1: 40:82:33:eb:b1:bc:04:8c:01:ff:77:92:ac:fb:ff:8d:6f:de: 86:f6:f6:6b:39:b9:8c:be:89:80:1b:73:23:2c:44:17:4e:a7: 6a:75:d4:33 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt57Dzl5sTefGZ3PDx+zzJ9MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI3MTQ1OTVjNTBjMzUxOTIxYjBkZTlhNTc1NDBhMTVlNWMx YzYxOGEwHhcNMjYwMTAxMTQxODAzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxYWU1ODE5YjA4NDk2YTkxMjlmYzE5YTZiOGQ2ZDk0OGMxYWMxN2U2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv1oQz5k0yd5deDgH87OS65nzohon 2XPgKL1KOZ2YPpAkDeBWm55PASYE7kUdShF/IYaxdJ3yIWlzurbDaMKL5Y4MDxBv cuX/9lwGjHO4lICx5cUuGwGw9osa7aSfSHXwXGBrHgLvrxByrvk4LgXZcD5QlsYU QXZCCDV3JnzfB55jZiKvcgKV0wWek0lXXDJ79hAkOrh0ihXZaNqfbraAJDc+wkyF XhcPAtbFs6m2Pz7CvKLuSVB1HsZP5z+e2K/d0gVttawdHDJ60lTR5nNK8bSkcUZB cUNGTxtzBSCD4TgxP1h5rvioDkn58bL1IeuwV+qtzjZ/Wu7b+vlWBy3PiQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFBrlgZsISWqRKfwZprjW2UjBrBfmMB8GA1UdIwQY MBaAFLcUWVxQw1GSGw3ppXVAoV5cHGGKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdHhSWlhGRERVWkliRGVtbGRVQ2hYbHdjWVlvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8yYTQyMGQtOWQwZS00ZWE4LTk1YmMt ZjUzZDllMzZlOTVhLzEvR3VXQm13aEphcEVwX0JtbXVOYlpTTUdzRi1ZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNi8yYTQyMGQtOWQwZS00ZWE4LTk1YmMtZjUzZDllMzZlOTVh LzEvdHhSWlhGRERVWkliRGVtbGRVQ2hYbHdjWVlvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuYqnMA0E AgACMAcDBQMqEQDAMA0GCSqGSIb3DQEBCwUAA4IBAQA6bR1i0dOdnt3bkt4JYSNA HlO/c5JvfeTh8gxHmttkHQttgGaUBOnfApvJRCJBCeAhtjbGHXzq+Deo4vWHpJ/A GdRPa6nMY6Wr97EkTHKPrFECoJNq0fSAI8HTwBh6EQnOF7yWl/m2Eqzj7o+KcJKE HsfaQ/3HAoIzr6BElRDLCzv+kFcJjZOGMH/k6hXUOAwhpBlCm5XWbEIswAk7HCQf h3oBxzkSEz2dckH6ueCTh55hnyZR+jquNxtI7Ma275p/Aq2lbQSFHFalA0Gc4p/V JlojSGF+6KFAgjPrsbwEjAH/d5Ks+/+Nb96G9vZrObmMvomAG3MjLEQXTqdqddQz -----END CERTIFICATE-----Generated at Mon Jan 26 07:08:32 2026 by rpki-client