This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/f9462b-3749-44bb-84ee-ecd8a2474a02/1/GfO-2z23flcVZgus0pDd6WLIU1g.roa File: GfO-2z23flcVZgus0pDd6WLIU1g.roa (raw, json) Hash identifier: 0ETAGcbcy3jcVs9OlDEPeiK922VrJQwu8CgS9xVuEdY= Subject key identifier: 19:F3:BE:DB:3D:B7:7E:57:15:66:0B:AC:D2:90:DD:E9:62:C8:53:58 Certificate issuer: /CN=342e6536b2e74220ef4b092bc090cc4c250f3ed6 Certificate serial: 019B7C12E6773F9C015F613D2C7277A07ED8 Authority key identifier: 34:2E:65:36:B2:E7:42:20:EF:4B:09:2B:C0:90:CC:4C:25:0F:3E:D6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NC5lNrLnQiDvSwkrwJDMTCUPPtY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/f9462b-3749-44bb-84ee-ecd8a2474a02/1/GfO-2z23flcVZgus0pDd6WLIU1g.roa Signing time: Fri 02 Jan 2026 00:19:31 +0000 ROA not before: Fri 02 Jan 2026 00:19:31 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 59816 IP address blocks: 185.70.132.0/22 maxlen: 22 185.241.36.0/24 maxlen: 24 185.241.37.0/24 maxlen: 24 185.241.38.0/24 maxlen: 24 185.251.224.0/22 maxlen: 22 185.251.225.0/24 maxlen: 24 185.251.226.0/24 maxlen: 24 185.254.88.0/22 maxlen: 22 194.147.120.0/22 maxlen: 22 194.147.120.0/24 maxlen: 24 194.147.121.0/24 maxlen: 24 194.147.122.0/24 maxlen: 24 2a05:2a00::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/f9462b-3749-44bb-84ee-ecd8a2474a02/1/NC5lNrLnQiDvSwkrwJDMTCUPPtY.crl rsync://rpki.ripe.net/repository/DEFAULT/1e/f9462b-3749-44bb-84ee-ecd8a2474a02/1/NC5lNrLnQiDvSwkrwJDMTCUPPtY.mft rsync://rpki.ripe.net/repository/DEFAULT/NC5lNrLnQiDvSwkrwJDMTCUPPtY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 15:01:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:12:e6:77:3f:9c:01:5f:61:3d:2c:72:77:a0:7e:d8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=342e6536b2e74220ef4b092bc090cc4c250f3ed6 Validity Not Before: Jan 2 00:19:31 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=19f3bedb3db77e5715660bacd290dde962c85358 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:18:8d:f8:e2:5c:db:dc:95:7c:89:42:94:a9: a8:97:56:6a:d5:08:b9:fe:65:dd:76:0e:18:22:9e: 5f:2a:8f:1a:fe:68:84:64:6f:58:c1:3d:e1:02:b5: 16:92:cf:aa:bd:84:2a:ce:50:d9:84:49:c1:b1:e6: 85:60:52:5d:d4:4f:c7:48:35:f9:f1:31:ef:77:ad: 05:c6:66:6b:99:ec:9f:a8:56:1d:80:14:29:7a:cc: de:e0:17:fa:af:28:f6:13:80:30:af:8a:3f:f0:4e: ca:06:a3:0f:24:a7:cf:72:72:01:e8:fa:23:f4:61: b3:08:65:5d:63:32:2f:e0:9e:c3:80:9a:96:d0:9a: 00:6a:61:81:f3:3d:c8:f5:51:52:24:79:b1:0d:c8: 1a:97:bc:1c:cd:9d:dc:aa:7b:d4:e8:33:76:fd:05: 02:8a:7e:3d:f0:a5:28:80:5f:39:17:20:25:57:70: 69:9f:95:98:13:50:4c:33:5c:ab:d5:72:84:9f:fa: 23:40:5d:a5:92:0c:36:15:11:c3:7f:47:cb:4a:bf: 78:dc:ef:f3:f0:50:eb:e4:dc:7f:5f:b2:d0:f7:0f: 6f:56:21:e2:ea:e7:ab:14:03:98:86:69:d6:ac:b0: 65:db:ca:fc:4a:fa:8e:71:8c:0e:e9:58:76:39:b3: 87:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 19:F3:BE:DB:3D:B7:7E:57:15:66:0B:AC:D2:90:DD:E9:62:C8:53:58 X509v3 Authority Key Identifier: keyid:34:2E:65:36:B2:E7:42:20:EF:4B:09:2B:C0:90:CC:4C:25:0F:3E:D6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NC5lNrLnQiDvSwkrwJDMTCUPPtY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/f9462b-3749-44bb-84ee-ecd8a2474a02/1/GfO-2z23flcVZgus0pDd6WLIU1g.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/f9462b-3749-44bb-84ee-ecd8a2474a02/1/NC5lNrLnQiDvSwkrwJDMTCUPPtY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.70.132.0/22 185.241.36.0-185.241.38.255 185.251.224.0/22 185.254.88.0/22 194.147.120.0/22 IPv6: 2a05:2a00::/29 Signature Algorithm: sha256WithRSAEncryption 7b:26:2b:ec:b8:ec:c5:bf:7e:b6:25:97:fa:cb:86:73:1f:7c: d1:77:07:8b:20:f8:20:3f:00:c2:b2:8a:9f:27:59:6f:36:f4: 01:8d:7b:cb:46:d5:f7:8a:2a:71:ae:1d:80:f8:3e:9c:06:1f: 8e:76:fa:53:45:96:d8:1c:fa:98:c7:95:63:72:d6:89:9c:01: 74:9f:5b:b4:ef:bf:90:2c:a8:39:b7:62:10:b3:70:4c:13:63: 84:7e:37:21:d9:4a:4a:0a:a9:a7:f6:63:c3:25:a7:ca:09:34: 51:97:6c:69:b7:31:2c:07:28:fe:41:dd:38:bc:6b:7b:bd:48: fd:9d:13:71:50:10:38:e8:4f:e9:93:3b:18:57:46:f3:1a:95: 70:32:51:d2:3f:42:e4:2c:b4:ab:1b:dc:d5:25:b0:3d:d2:12: 63:10:fa:c3:20:a4:50:a1:d6:80:36:5b:47:d1:70:1e:de:ba: 8f:cb:94:e6:ed:b2:30:d8:fb:2b:00:b1:59:e6:3b:24:b3:e3: 88:57:04:6b:e2:f9:ca:8b:68:82:de:c8:c0:2d:b8:f1:59:64: 27:a7:5f:5c:18:b8:1f:84:5e:c5:5c:ea:99:9b:a1:cb:c9:fc: e8:c5:91:8d:fa:49:7e:8c:01:6d:93:fd:83:f3:39:91:3b:f9: b5:c6:f0:25 -----BEGIN CERTIFICATE----- MIIFLDCCBBSgAwIBAgISAZt8EuZ3P5wBX2E9LHJ3oH7YMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM0MmU2NTM2YjJlNzQyMjBlZjRiMDkyYmMwOTBjYzRjMjUw ZjNlZDYwHhcNMjYwMTAyMDAxOTMxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxOWYzYmVkYjNkYjc3ZTU3MTU2NjBiYWNkMjkwZGRlOTYyYzg1MzU4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoBiN+OJc29yVfIlClKmol1Zq1Qi5 /mXddg4YIp5fKo8a/miEZG9YwT3hArUWks+qvYQqzlDZhEnBseaFYFJd1E/HSDX5 8THvd60FxmZrmeyfqFYdgBQpesze4Bf6ryj2E4Awr4o/8E7KBqMPJKfPcnIB6Poj 9GGzCGVdYzIv4J7DgJqW0JoAamGB8z3I9VFSJHmxDcgal7wczZ3cqnvU6DN2/QUC in498KUogF85FyAlV3Bpn5WYE1BMM1yr1XKEn/ojQF2lkgw2FRHDf0fLSr943O/z 8FDr5Nx/X7LQ9w9vViHi6uerFAOYhmnWrLBl28r8SvqOcYwO6Vh2ObOHsQIDAQAB o4ICODCCAjQwHQYDVR0OBBYEFBnzvts9t35XFWYLrNKQ3eliyFNYMB8GA1UdIwQY MBaAFDQuZTay50Ig70sJK8CQzEwlDz7WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTkM1bE5yTG5RaUR2U3drcndKRE1UQ1VQUHRZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS9mOTQ2MmItMzc0OS00NGJiLTg0ZWUt ZWNkOGEyNDc0YTAyLzEvR2ZPLTJ6MjNmbGNWWmd1czBwRGQ2V0xJVTFnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xZS9mOTQ2MmItMzc0OS00NGJiLTg0ZWUtZWNkOGEyNDc0YTAy LzEvTkM1bE5yTG5RaUR2U3drcndKRE1UQ1VQUHRZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAsBAIAATAmAwQCuUaEMAwD BAK58SQDBAC58SYDBAK5++ADBAK5/lgDBALCk3gwDQQCAAIwBwMFAyoFKgAwDQYJ KoZIhvcNAQELBQADggEBAHsmK+y47MW/frYll/rLhnMffNF3B4sg+CA/AMKyip8n WW829AGNe8tG1feKKnGuHYD4PpwGH452+lNFltgc+pjHlWNy1omcAXSfW7Tvv5As qDm3YhCzcEwTY4R+NyHZSkoKqaf2Y8Mlp8oJNFGXbGm3MSwHKP5B3Ti8a3u9SP2d E3FQEDjoT+mTOxhXRvMalXAyUdI/QuQstKsb3NUlsD3SEmMQ+sMgpFCh1oA2W0fR cB7euo/LlObtsjDY+ysAsVnmOySz44hXBGvi+cqLaILeyMAtuPFZZCenX1wYuB+E XsVc6pmbocvJ/OjFkY36SX6MAW2T/YPzOZE7+bXG8CU= -----END CERTIFICATE-----Generated at Sun Jan 25 23:48:10 2026 by rpki-client