This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/GaY0PBVBeo4KpiNFKZ9BeK4puOg.roa File: GaY0PBVBeo4KpiNFKZ9BeK4puOg.roa (raw, json) Hash identifier: kSV2htK/TB9FGgHOzLvBWeHTLFTLf67Ynu1IuSCMkQQ= Subject key identifier: 19:A6:34:3C:15:41:7A:8E:0A:A6:23:45:29:9F:41:78:AE:29:B8:E8 Certificate issuer: /CN=f4b9ea4d9d83a728dd41029e86af8a130d389ed4 Certificate serial: 019B7F14D32FE5D3EFA9353E0EFB9F9DE105 Authority key identifier: F4:B9:EA:4D:9D:83:A7:28:DD:41:02:9E:86:AF:8A:13:0D:38:9E:D4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9LnqTZ2DpyjdQQKehq-KEw04ntQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/GaY0PBVBeo4KpiNFKZ9BeK4puOg.roa Signing time: Fri 02 Jan 2026 14:20:29 +0000 ROA not before: Fri 02 Jan 2026 14:20:29 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 196957 IP address blocks: 91.234.40.0/22 maxlen: 22 193.107.172.0/22 maxlen: 22 2001:67c:13b8::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/9LnqTZ2DpyjdQQKehq-KEw04ntQ.crl rsync://rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/9LnqTZ2DpyjdQQKehq-KEw04ntQ.mft rsync://rpki.ripe.net/repository/DEFAULT/9LnqTZ2DpyjdQQKehq-KEw04ntQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 11:01:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:14:d3:2f:e5:d3:ef:a9:35:3e:0e:fb:9f:9d:e1:05 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f4b9ea4d9d83a728dd41029e86af8a130d389ed4 Validity Not Before: Jan 2 14:20:29 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=19a6343c15417a8e0aa62345299f4178ae29b8e8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:9e:ed:27:06:3d:5f:b3:fb:cd:9f:9f:42:a2: d9:0e:18:19:9b:51:32:98:66:7d:c6:15:7d:48:4f: 24:da:41:73:24:82:c8:e5:57:ae:a8:11:24:ff:7a: 54:77:16:26:16:3a:3e:47:d1:06:06:00:03:00:4f: fa:ab:c9:81:1e:36:e5:1d:8b:7c:34:ba:3c:cb:e8: c6:9e:bb:37:aa:1d:05:1a:15:0f:af:e3:ba:d2:66: 63:dc:9c:fd:24:79:fd:51:d2:c7:c2:7e:8c:14:78: b4:91:be:7e:cb:31:7f:bd:09:85:44:3e:65:4c:b6: 56:6e:d0:c2:b7:bb:3d:4a:bb:fc:11:d8:60:8e:11: 7f:08:fa:d7:c3:50:5e:6f:cf:7e:89:d9:50:76:ac: fe:b6:50:df:3c:13:a9:4d:2d:21:24:1c:25:fb:6e: 5e:ff:50:10:f9:97:51:a2:f6:bc:4f:6b:f7:db:5d: f1:9d:50:34:64:4d:69:ab:40:02:f4:0d:20:c8:6a: 61:c6:ac:b1:a0:1b:07:a7:61:5d:51:69:ed:cd:00: 47:d1:55:cd:c4:58:70:4a:11:1f:56:2e:79:41:1e: 40:eb:8b:90:a6:3d:20:97:69:a6:95:8f:bb:5a:d5: 5e:6d:6d:f3:14:ec:28:b0:52:ba:e7:19:b7:e0:35: d5:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 19:A6:34:3C:15:41:7A:8E:0A:A6:23:45:29:9F:41:78:AE:29:B8:E8 X509v3 Authority Key Identifier: keyid:F4:B9:EA:4D:9D:83:A7:28:DD:41:02:9E:86:AF:8A:13:0D:38:9E:D4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9LnqTZ2DpyjdQQKehq-KEw04ntQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/GaY0PBVBeo4KpiNFKZ9BeK4puOg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/9LnqTZ2DpyjdQQKehq-KEw04ntQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.234.40.0/22 193.107.172.0/22 IPv6: 2001:67c:13b8::/48 Signature Algorithm: sha256WithRSAEncryption 5a:7a:74:61:14:f6:da:a0:aa:cd:cf:8e:a1:6f:dd:9d:2c:b2: d0:c9:25:5d:30:ad:54:9a:2d:31:d8:92:97:26:b8:6a:3f:72: d6:f5:5c:f2:ce:34:dd:61:78:79:6c:cf:84:d5:59:b4:f0:93: 70:b3:0a:10:53:c7:15:3c:ee:89:f7:16:28:2e:ca:fd:cc:37: 8d:e8:d7:43:b6:a3:d0:08:c1:58:7f:b8:18:78:16:c8:86:ad: fc:5a:20:44:0b:57:c1:80:09:19:60:ab:f8:a1:5e:07:7c:28: cd:8a:60:ba:21:07:65:e0:db:d1:c2:07:62:7a:76:b2:28:ea: 15:1b:9b:cf:a4:47:8b:9c:13:de:33:68:f2:53:82:49:15:5b: 13:99:0c:3f:d6:98:fb:ba:8c:50:bf:e2:c6:a3:e0:1a:33:61: 71:ca:02:8a:06:b0:f8:c5:a4:f0:e7:15:ac:85:7d:f0:57:82: 4d:e5:be:92:b8:dd:de:2b:fb:89:67:1a:9c:84:df:db:9e:e9: e0:4b:e6:28:0d:9f:00:98:1f:43:15:4d:e8:de:1a:77:f8:5e: 6b:3c:8e:ec:80:22:45:36:f7:55:1b:5c:4e:ae:2d:a3:ab:3b: 54:6b:bf:28:9b:2f:9c:6a:30:d1:d3:1e:05:d8:77:46:52:f5: 8a:0c:1b:c2 -----BEGIN CERTIFICATE----- MIIFFDCCA/ygAwIBAgISAZt/FNMv5dPvqTU+DvufneEFMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGY0YjllYTRkOWQ4M2E3MjhkZDQxMDI5ZTg2YWY4YTEzMGQz ODllZDQwHhcNMjYwMTAyMTQyMDI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxOWE2MzQzYzE1NDE3YThlMGFhNjIzNDUyOTlmNDE3OGFlMjliOGU4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv57tJwY9X7P7zZ+fQqLZDhgZm1Ey mGZ9xhV9SE8k2kFzJILI5VeuqBEk/3pUdxYmFjo+R9EGBgADAE/6q8mBHjblHYt8 NLo8y+jGnrs3qh0FGhUPr+O60mZj3Jz9JHn9UdLHwn6MFHi0kb5+yzF/vQmFRD5l TLZWbtDCt7s9Srv8EdhgjhF/CPrXw1Beb89+idlQdqz+tlDfPBOpTS0hJBwl+25e /1AQ+ZdRova8T2v3213xnVA0ZE1pq0AC9A0gyGphxqyxoBsHp2FdUWntzQBH0VXN xFhwShEfVi55QR5A64uQpj0gl2mmlY+7WtVebW3zFOwosFK65xm34DXVKwIDAQAB o4ICIDCCAhwwHQYDVR0OBBYEFBmmNDwVQXqOCqYjRSmfQXiuKbjoMB8GA1UdIwQY MBaAFPS56k2dg6co3UECnoavihMNOJ7UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvOUxucVRaMkRweWpkUVFLZWhxLUtFdzA0bnRRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My8xNGYzMDUtMDEzYi00NTNlLWFjNTMt MDgxY2IyYjE3YWI1LzEvR2FZMFBCVkJlbzRLcGlORktaOUJlSzRwdU9nLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82My8xNGYzMDUtMDEzYi00NTNlLWFjNTMtMDgxY2IyYjE3YWI1 LzEvOUxucVRaMkRweWpkUVFLZWhxLUtFdzA0bnRRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQCW+ooAwQC wWusMA8EAgACMAkDBwAgAQZ8E7gwDQYJKoZIhvcNAQELBQADggEBAFp6dGEU9tqg qs3PjqFv3Z0sstDJJV0wrVSaLTHYkpcmuGo/ctb1XPLONN1heHlsz4TVWbTwk3Cz ChBTxxU87on3Figuyv3MN43o10O2o9AIwVh/uBh4FsiGrfxaIEQLV8GACRlgq/ih Xgd8KM2KYLohB2Xg29HCB2J6drIo6hUbm8+kR4ucE94zaPJTgkkVWxOZDD/WmPu6 jFC/4saj4BozYXHKAooGsPjFpPDnFayFffBXgk3lvpK43d4r+4lnGpyE39ue6eBL 5igNnwCYH0MVTejeGnf4Xms8juyAIkU291UbXE6uLaOrO1RrvyibL5xqMNHTHgXY d0ZS9YoMG8I= -----END CERTIFICATE-----Generated at Sun Jan 25 20:48:31 2026 by rpki-client