This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/aa53cf-f988-40eb-8083-51d75568a9e3/1/gFOjbWB7I_w-vrenN-Bunfa99k4.roa File: gFOjbWB7I_w-vrenN-Bunfa99k4.roa (raw, json) Hash identifier: jwgceh/3ITVpquNuTB6w5OIjCduknP3STqxn7Za9hOo= Subject key identifier: 80:53:A3:6D:60:7B:23:FC:3E:BE:B7:A7:37:E0:6E:9D:F6:BD:F6:4E Certificate issuer: /CN=7d502e2d24b1f216913088207a268e6626b0ce39 Certificate serial: 019B7B353FDBF6ED17677AC326227612EF01 Authority key identifier: 7D:50:2E:2D:24:B1:F2:16:91:30:88:20:7A:26:8E:66:26:B0:CE:39 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVAuLSSx8haRMIggeiaOZiawzjk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/aa53cf-f988-40eb-8083-51d75568a9e3/1/gFOjbWB7I_w-vrenN-Bunfa99k4.roa Signing time: Thu 01 Jan 2026 20:17:25 +0000 ROA not before: Thu 01 Jan 2026 20:17:25 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 42330 IP address blocks: 185.250.8.0/24 maxlen: 24 185.250.9.0/24 maxlen: 24 185.250.10.0/23 maxlen: 23 2a0b:9400::/30 maxlen: 30 2a0b:9400:8::/48 maxlen: 48 2a0b:9400:1000::/48 maxlen: 48 2a0b:9400:1001::/48 maxlen: 48 2a0b:9401::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/49/aa53cf-f988-40eb-8083-51d75568a9e3/1/fVAuLSSx8haRMIggeiaOZiawzjk.crl rsync://rpki.ripe.net/repository/DEFAULT/49/aa53cf-f988-40eb-8083-51d75568a9e3/1/fVAuLSSx8haRMIggeiaOZiawzjk.mft rsync://rpki.ripe.net/repository/DEFAULT/fVAuLSSx8haRMIggeiaOZiawzjk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 16:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:35:3f:db:f6:ed:17:67:7a:c3:26:22:76:12:ef:01 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7d502e2d24b1f216913088207a268e6626b0ce39 Validity Not Before: Jan 1 20:17:25 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=8053a36d607b23fc3ebeb7a737e06e9df6bdf64e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:5d:43:b3:27:ca:33:b7:f5:96:22:6e:86:67: d4:6b:b1:d2:88:50:d2:17:52:11:87:f8:dc:ac:68: 31:66:b8:2e:8f:c0:ab:3b:cc:2f:a4:a4:30:0d:a1: 0a:d1:77:a7:94:31:77:fb:c9:17:c3:30:0e:0e:fb: 32:62:8b:6b:24:43:a8:60:14:e0:c8:b4:2f:44:48: df:dd:76:8e:e8:3f:8d:33:f6:11:c3:b4:61:e2:95: d3:51:85:07:6d:54:60:e2:83:79:b5:43:06:a5:ba: 07:df:ed:e6:d7:a4:43:4f:a2:6f:ca:cb:ee:b9:19: 13:8f:51:80:a3:23:e6:1d:e7:3f:d8:ba:26:62:f6: 19:33:92:9b:84:81:82:41:15:41:df:4c:b7:8b:1f: 31:69:db:8b:0a:e4:9e:cf:b9:e7:74:38:2d:bf:31: a8:66:12:a6:95:49:a2:93:4f:d6:e7:17:e5:db:fb: 5d:fb:5a:3b:13:7d:b1:ac:14:cf:58:65:c6:09:e6: 22:fe:f8:e3:33:c4:bc:de:16:e4:52:5f:5c:83:53: 41:ca:a2:7d:24:05:dd:ac:36:3c:5e:a2:5c:90:bc: 08:6d:46:61:fd:cf:1a:36:2b:b8:81:dd:03:91:56: b3:26:fb:87:19:8d:12:6d:31:c9:c6:d9:bb:4e:c8: a1:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 80:53:A3:6D:60:7B:23:FC:3E:BE:B7:A7:37:E0:6E:9D:F6:BD:F6:4E X509v3 Authority Key Identifier: keyid:7D:50:2E:2D:24:B1:F2:16:91:30:88:20:7A:26:8E:66:26:B0:CE:39 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVAuLSSx8haRMIggeiaOZiawzjk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/aa53cf-f988-40eb-8083-51d75568a9e3/1/gFOjbWB7I_w-vrenN-Bunfa99k4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/49/aa53cf-f988-40eb-8083-51d75568a9e3/1/fVAuLSSx8haRMIggeiaOZiawzjk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.250.8.0/22 IPv6: 2a0b:9400::/30 Signature Algorithm: sha256WithRSAEncryption 07:d6:a1:7d:28:6f:9e:6c:12:3a:31:17:f6:bc:dd:7a:e9:03: 72:8c:5f:17:b0:9a:fd:55:da:6a:2a:eb:ba:bd:4e:3d:87:1c: 81:25:17:14:b6:56:04:93:84:1a:5d:08:54:8f:cc:25:3d:9d: bd:e0:20:0a:e2:46:27:83:00:a1:4e:45:70:9b:20:ad:c5:6e: b6:3f:e5:f4:50:fa:e1:d1:7f:a2:01:aa:98:4f:aa:64:fb:fe: 13:92:dd:ca:04:c4:df:62:f2:a2:e7:fa:66:84:6b:48:dd:c6: 16:91:70:75:d6:a6:4e:e6:ba:a9:b9:ce:4f:3d:64:fb:92:ae: 87:81:b0:48:76:08:e4:e6:ed:56:b8:37:7e:08:7e:49:dc:a7: 9b:b5:27:59:c0:87:87:79:e8:f9:d7:76:ba:2c:4f:af:ac:37: e2:0c:e3:b9:89:bf:68:db:c6:39:1f:d5:0d:10:e4:e8:8d:c9: 8a:60:8d:fe:b2:c9:a0:fc:b3:cf:a2:6f:8c:d1:fe:f3:da:75: ee:0c:07:b5:96:43:a4:8f:b2:9a:93:6f:bb:c5:b4:06:cb:f5: 64:71:72:ca:33:d9:9d:15:9f:75:91:db:de:7b:4e:b5:2c:13: c8:79:a7:73:ba:dd:58:1e:12:c2:d6:99:92:b7:61:e2:af:1a: d8:6d:97:a8 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt7NT/b9u0XZ3rDJiJ2Eu8BMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDdkNTAyZTJkMjRiMWYyMTY5MTMwODgyMDdhMjY4ZTY2MjZi MGNlMzkwHhcNMjYwMTAxMjAxNzI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4MDUzYTM2ZDYwN2IyM2ZjM2ViZWI3YTczN2UwNmU5ZGY2YmRmNjRlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtV1DsyfKM7f1liJuhmfUa7HSiFDS F1IRh/jcrGgxZrguj8CrO8wvpKQwDaEK0XenlDF3+8kXwzAODvsyYotrJEOoYBTg yLQvREjf3XaO6D+NM/YRw7Rh4pXTUYUHbVRg4oN5tUMGpboH3+3m16RDT6Jvysvu uRkTj1GAoyPmHec/2LomYvYZM5KbhIGCQRVB30y3ix8xaduLCuSez7nndDgtvzGo ZhKmlUmik0/W5xfl2/td+1o7E32xrBTPWGXGCeYi/vjjM8S83hbkUl9cg1NByqJ9 JAXdrDY8XqJckLwIbUZh/c8aNiu4gd0DkVazJvuHGY0SbTHJxtm7TsihFwIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFIBTo21geyP8Pr63pzfgbp32vfZOMB8GA1UdIwQY MBaAFH1QLi0ksfIWkTCIIHomjmYmsM45MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZlZBdUxTU3g4aGFSTUlnZ2VpYU9aaWF3emprLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS9hYTUzY2YtZjk4OC00MGViLTgwODMt NTFkNzU1NjhhOWUzLzEvZ0ZPamJXQjdJX3ctdnJlbk4tQnVuZmE5OWs0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80OS9hYTUzY2YtZjk4OC00MGViLTgwODMtNTFkNzU1NjhhOWUz LzEvZlZBdUxTU3g4aGFSTUlnZ2VpYU9aaWF3emprLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCufoIMA0E AgACMAcDBQIqC5QAMA0GCSqGSIb3DQEBCwUAA4IBAQAH1qF9KG+ebBI6MRf2vN16 6QNyjF8XsJr9VdpqKuu6vU49hxyBJRcUtlYEk4QaXQhUj8wlPZ294CAK4kYngwCh TkVwmyCtxW62P+X0UPrh0X+iAaqYT6pk+/4Tkt3KBMTfYvKi5/pmhGtI3cYWkXB1 1qZO5rqpuc5PPWT7kq6HgbBIdgjk5u1WuDd+CH5J3KebtSdZwIeHeej513a6LE+v rDfiDOO5ib9o28Y5H9UNEOTojcmKYI3+ssmg/LPPom+M0f7z2nXuDAe1lkOkj7Ka k2+7xbQGy/VkcXLKM9mdFZ91kdvee061LBPIeadzut1YHhLC1pmSt2HirxrYbZeo -----END CERTIFICATE-----Generated at Mon Jan 26 02:07:39 2026 by rpki-client