This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/3b5110-5167-48e0-8597-61d7333f8570/1/GHotn1I_CfqFAPEWFyv9br8ia3I.roa File: GHotn1I_CfqFAPEWFyv9br8ia3I.roa (raw, json) Hash identifier: jZG9+3CBzuOz4wMuP+83/hjNEuOMEsA5C1lYAS1ilM0= Subject key identifier: 18:7A:2D:9F:52:3F:09:FA:85:00:F1:16:17:2B:FD:6E:BF:22:6B:72 Certificate issuer: /CN=fbcd0233808570e31ffb2fcde1b877071cbc6603 Certificate serial: 019B79EC2E5E920C9A5D1E60C7F4EAECE75A Authority key identifier: FB:CD:02:33:80:85:70:E3:1F:FB:2F:CD:E1:B8:77:07:1C:BC:66:03 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-80CM4CFcOMf-y_N4bh3Bxy8ZgM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/3b5110-5167-48e0-8597-61d7333f8570/1/GHotn1I_CfqFAPEWFyv9br8ia3I.roa Signing time: Thu 01 Jan 2026 14:18:00 +0000 ROA not before: Thu 01 Jan 2026 14:18:00 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 207203 IP address blocks: 45.153.140.0/22 maxlen: 22 45.156.240.0/22 maxlen: 22 45.156.240.0/24 maxlen: 24 109.104.108.0/23 maxlen: 23 185.39.172.0/22 maxlen: 22 185.82.120.0/22 maxlen: 22 185.238.32.0/22 maxlen: 22 193.228.80.0/24 maxlen: 24 193.228.81.0/24 maxlen: 24 193.228.82.0/23 maxlen: 23 2a04:7700::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/3b5110-5167-48e0-8597-61d7333f8570/1/1-80CM4CFcOMf-y_N4bh3Bxy8ZgM.crl rsync://rpki.ripe.net/repository/DEFAULT/2d/3b5110-5167-48e0-8597-61d7333f8570/1/1-80CM4CFcOMf-y_N4bh3Bxy8ZgM.mft rsync://rpki.ripe.net/repository/DEFAULT/1-80CM4CFcOMf-y_N4bh3Bxy8ZgM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:ec:2e:5e:92:0c:9a:5d:1e:60:c7:f4:ea:ec:e7:5a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=fbcd0233808570e31ffb2fcde1b877071cbc6603 Validity Not Before: Jan 1 14:18:00 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=187a2d9f523f09fa8500f116172bfd6ebf226b72 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:87:ee:7a:61:e5:22:12:bb:5b:b4:76:34:97: 76:3d:fb:71:75:f3:fb:2e:29:0d:8f:2b:84:43:a2: fe:31:a3:e3:c8:06:7d:a8:52:15:bc:d0:a4:b8:51: c4:48:56:0d:9d:9b:4e:a1:0c:71:c1:89:90:37:34: 25:d1:72:e3:d0:44:e0:1b:9a:73:89:36:83:0b:93: 48:5f:44:7e:9b:90:38:d4:14:f9:50:21:ab:9e:09: b3:15:6f:51:ee:15:1a:7b:eb:2d:0f:d0:7a:53:bb: 4b:80:07:b7:87:70:f9:29:ea:da:64:97:b9:96:e7: b1:ea:fb:0f:1f:53:6d:3b:fb:54:41:53:50:20:81: e2:b5:ea:64:7a:e2:26:a5:8b:56:76:53:71:17:f4: 5c:1d:40:01:a8:06:93:2b:00:6e:36:83:8a:9d:dc: 5c:c2:ba:f6:49:be:7f:12:2d:c9:f3:d5:1d:94:fc: c1:ed:fb:e3:c4:76:3b:3d:1c:72:89:dd:ad:d9:b0: c3:ee:dd:15:c2:66:43:3e:ac:ab:cf:02:90:25:63: c1:a3:9d:77:d6:56:b8:f6:57:f4:62:e4:01:72:9a: b6:3d:54:68:a8:bc:d6:a1:05:51:5c:a4:85:50:c0: eb:0b:e0:39:4d:92:65:56:06:37:2d:c5:de:c8:e5: 3d:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 18:7A:2D:9F:52:3F:09:FA:85:00:F1:16:17:2B:FD:6E:BF:22:6B:72 X509v3 Authority Key Identifier: keyid:FB:CD:02:33:80:85:70:E3:1F:FB:2F:CD:E1:B8:77:07:1C:BC:66:03 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-80CM4CFcOMf-y_N4bh3Bxy8ZgM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/3b5110-5167-48e0-8597-61d7333f8570/1/GHotn1I_CfqFAPEWFyv9br8ia3I.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/3b5110-5167-48e0-8597-61d7333f8570/1/1-80CM4CFcOMf-y_N4bh3Bxy8ZgM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.153.140.0/22 45.156.240.0/22 109.104.108.0/23 185.39.172.0/22 185.82.120.0/22 185.238.32.0/22 193.228.80.0/22 IPv6: 2a04:7700::/29 Signature Algorithm: sha256WithRSAEncryption 5e:7b:b2:fc:d0:c1:50:21:51:38:38:11:d6:83:0a:c7:5e:e2: c1:0d:24:57:67:e4:7d:8f:c2:67:ac:bc:f1:7e:c1:ba:93:6e: 86:cc:a0:e0:4c:93:dd:4d:9e:ad:3d:91:40:01:3f:2c:25:67: 3d:0a:fe:9f:a7:ec:be:5c:93:a5:2e:72:2a:ba:77:32:a7:3f: 70:ee:fc:a9:2d:d3:f8:d8:bf:f7:fe:a4:7c:89:49:72:d4:55: e6:35:88:e5:92:df:1d:58:99:0d:ed:a4:e6:8b:47:e0:5e:ee: 04:51:a1:32:45:d9:29:b6:41:f1:2f:5b:9a:a5:81:5b:59:b9: dc:64:89:d8:8a:78:4f:44:46:15:7b:ba:d7:25:f7:53:46:4a: 06:52:ab:af:73:a1:c0:53:98:fd:df:29:eb:22:10:58:6e:06: 76:ab:1e:03:12:d0:3e:9e:48:fa:e3:32:9b:8b:33:2a:a3:27: 0d:32:01:0f:98:0d:4f:33:6d:c3:0b:71:98:e1:1e:21:60:92: 0e:3d:58:25:d9:4f:0e:f3:da:0f:2c:d3:67:3b:67:56:b4:3b: 2d:2f:13:eb:8c:7f:31:bb:3e:be:a9:8e:10:a0:79:42:6a:4d: f9:ac:9d:d8:9f:71:9e:8d:9a:41:56:eb:48:7e:30:1a:c3:f8: 12:82:ee:d9 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgISAZt57C5ekgyaXR5gx/Tq7OdaMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGZiY2QwMjMzODA4NTcwZTMxZmZiMmZjZGUxYjg3NzA3MWNi YzY2MDMwHhcNMjYwMTAxMTQxODAwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxODdhMmQ5ZjUyM2YwOWZhODUwMGYxMTYxNzJiZmQ2ZWJmMjI2YjcyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ofuemHlIhK7W7R2NJd2PftxdfP7 LikNjyuEQ6L+MaPjyAZ9qFIVvNCkuFHESFYNnZtOoQxxwYmQNzQl0XLj0ETgG5pz iTaDC5NIX0R+m5A41BT5UCGrngmzFW9R7hUae+stD9B6U7tLgAe3h3D5KeraZJe5 luex6vsPH1NtO/tUQVNQIIHitepkeuImpYtWdlNxF/RcHUABqAaTKwBuNoOKndxc wrr2Sb5/Ei3J89UdlPzB7fvjxHY7PRxyid2t2bDD7t0VwmZDPqyrzwKQJWPBo513 1la49lf0YuQBcpq2PVRoqLzWoQVRXKSFUMDrC+A5TZJlVgY3LcXeyOU9awIDAQAB o4ICPjCCAjowHQYDVR0OBBYEFBh6LZ9SPwn6hQDxFhcr/W6/ImtyMB8GA1UdIwQY MBaAFPvNAjOAhXDjH/svzeG4dwccvGYDMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMS04MENNNENGY09NZi15X040YmgzQnh5OFpnTS5jZXIw gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmQvM2I1MTEwLTUxNjctNDhlMC04NTk3 LTYxZDczMzNmODU3MC8xL0dIb3RuMUlfQ2ZxRkFQRVdGeXY5YnI4aWEzSS5yb2Ew gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0 b3J5L0RFRkFVTFQvMmQvM2I1MTEwLTUxNjctNDhlMC04NTk3LTYxZDczMzNmODU3 MC8xLzEtODBDTTRDRmNPTWYteV9ONGJoM0J4eThaZ00uY3JsMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwUgYIKwYBBQUHAQcBAf8EQzBBMDAEAgABMCoDBAItmYwD BAItnPADBAFtaGwDBAK5J6wDBAK5UngDBAK57iADBALB5FAwDQQCAAIwBwMFAyoE dwAwDQYJKoZIhvcNAQELBQADggEBAF57svzQwVAhUTg4EdaDCsde4sENJFdn5H2P wmesvPF+wbqTbobMoOBMk91Nnq09kUABPywlZz0K/p+n7L5ck6Uuciq6dzKnP3Du /Kkt0/jYv/f+pHyJSXLUVeY1iOWS3x1YmQ3tpOaLR+Be7gRRoTJF2Sm2QfEvW5ql gVtZudxkidiKeE9ERhV7utcl91NGSgZSq69zocBTmP3fKesiEFhuBnarHgMS0D6e SPrjMpuLMyqjJw0yAQ+YDU8zbcMLcZjhHiFgkg49WCXZTw7z2g8s02c7Z1a0Oy0v E+uMfzG7Pr6pjhCgeUJqTfmsndifcZ6NmkFW60h+MBrD+BKC7tk= -----END CERTIFICATE-----Generated at Mon Jan 26 08:46:40 2026 by rpki-client