This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/ga8jgyE0Hx9YCWX9n0SR_0A_v1I.roa File: ga8jgyE0Hx9YCWX9n0SR_0A_v1I.roa (raw, json) Hash identifier: 91AJeSFUi+GBEx2QgzVZ61PX0Ts+nzPPryjBaN7CGGg= Subject key identifier: 81:AF:23:83:21:34:1F:1F:58:09:65:FD:9F:44:91:FF:40:3F:BF:52 Certificate issuer: /CN=546834e68890f3986a1b0457ce0f54ae03c2d76b Certificate serial: 019B77C795932EF1DE90FD48A093D0EBE615 Authority key identifier: 54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/ga8jgyE0Hx9YCWX9n0SR_0A_v1I.roa Signing time: Thu 01 Jan 2026 04:18:47 +0000 ROA not before: Thu 01 Jan 2026 04:18:47 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 210587 IP address blocks: 88.220.138.0/24 maxlen: 24 2a00:4120:8005::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/VGg05oiQ85hqGwRXzg9UrgPC12s.crl rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/VGg05oiQ85hqGwRXzg9UrgPC12s.mft rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c7:95:93:2e:f1:de:90:fd:48:a0:93:d0:eb:e6:15 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=546834e68890f3986a1b0457ce0f54ae03c2d76b Validity Not Before: Jan 1 04:18:47 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=81af238321341f1f580965fd9f4491ff403fbf52 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:89:e0:16:71:f3:01:97:7a:ba:38:b1:3b:32:dd: 12:c1:d5:0d:4b:f7:ff:b7:48:7d:b5:e8:a3:dd:cb: d0:90:50:9a:77:f7:ac:2b:92:51:9d:f8:28:96:b0: 18:2b:2e:78:f2:df:99:4c:79:0a:38:ca:af:5b:9d: e2:d2:98:c0:64:24:d9:a2:69:01:35:60:1f:a5:ec: c9:60:9c:ca:8b:03:45:76:2b:28:c6:97:db:fa:5e: 5c:ae:9f:23:44:d4:c0:6f:2e:00:41:89:c4:c3:bc: 2a:de:d7:f8:6f:2c:23:f1:34:e5:f6:b7:73:09:30: b6:a4:69:08:a3:0e:32:a4:76:58:f0:bf:f0:c4:f7: c5:c4:ba:6d:4c:b7:3c:f2:f4:7b:d0:cd:2c:03:14: 69:2f:c6:15:ef:65:61:c0:8b:ed:1f:5b:5a:56:92: 28:0a:53:b7:7a:a4:cc:1d:4a:a7:77:c5:d4:b0:ea: eb:85:fb:42:b5:10:3c:8b:fd:f9:bb:e3:37:01:90: ef:89:a3:7f:a6:ab:2a:16:b1:d4:f4:36:02:bf:47: d1:80:94:d8:94:0d:ba:15:47:f9:ee:c2:bb:91:87: 52:91:05:a2:c6:16:7c:84:01:aa:e9:ce:eb:44:28: 65:da:b6:59:04:ad:3e:da:5b:1e:13:48:e6:91:62: 4d:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 81:AF:23:83:21:34:1F:1F:58:09:65:FD:9F:44:91:FF:40:3F:BF:52 X509v3 Authority Key Identifier: keyid:54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/ga8jgyE0Hx9YCWX9n0SR_0A_v1I.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/VGg05oiQ85hqGwRXzg9UrgPC12s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 88.220.138.0/24 IPv6: 2a00:4120:8005::/48 Signature Algorithm: sha256WithRSAEncryption 38:a2:d2:41:5d:59:b7:b5:3d:b6:0d:0c:af:69:4c:ad:1c:70: 15:be:08:a3:89:31:de:cd:a6:15:cf:8f:81:c9:66:12:e8:3f: a3:a8:4b:22:ed:95:4c:81:cb:2b:8f:64:e4:3e:45:9b:ad:9b: 26:fa:51:bb:23:49:4d:68:ee:55:34:08:58:73:bc:1e:fc:f0: ed:3e:0c:80:1b:3c:e8:f3:db:3b:c2:df:cc:8b:c1:7e:a6:21: 0e:8f:49:da:09:b7:9a:77:5c:c0:96:01:4e:f8:1f:4c:94:53: d6:6c:45:17:69:ee:ac:62:97:83:e1:44:1d:b0:5c:f4:45:ad: 18:4b:2e:f8:42:68:e2:5f:da:8c:58:3b:46:c4:95:06:97:9e: 2d:d5:e8:43:04:d6:65:84:df:2e:17:e9:2e:0b:99:34:8c:74: c2:4d:30:8d:20:01:2c:25:45:57:20:33:c9:2e:4f:1a:1a:76: 2c:e5:87:58:82:0b:78:31:7d:39:15:80:24:77:78:15:37:14: 9a:b5:58:7f:fc:4f:98:37:98:d2:40:1d:eb:fb:7d:79:6d:c5: 4a:c7:36:58:9f:58:73:83:b2:2a:81:fd:04:c0:91:71:cd:97: 52:e0:ce:53:d5:0a:8d:51:1c:84:97:1e:25:2a:98:71:d8:e4: a8:3b:8f:5b -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgISAZt3x5WTLvHekP1IoJPQ6+YVMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDU0NjgzNGU2ODg5MGYzOTg2YTFiMDQ1N2NlMGY1NGFlMDNj MmQ3NmIwHhcNMjYwMTAxMDQxODQ3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4MWFmMjM4MzIxMzQxZjFmNTgwOTY1ZmQ5ZjQ0OTFmZjQwM2ZiZjUyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAieAWcfMBl3q6OLE7Mt0SwdUNS/f/ t0h9teij3cvQkFCad/esK5JRnfgolrAYKy548t+ZTHkKOMqvW53i0pjAZCTZomkB NWAfpezJYJzKiwNFdisoxpfb+l5crp8jRNTAby4AQYnEw7wq3tf4bywj8TTl9rdz CTC2pGkIow4ypHZY8L/wxPfFxLptTLc88vR70M0sAxRpL8YV72VhwIvtH1taVpIo ClO3eqTMHUqnd8XUsOrrhftCtRA8i/35u+M3AZDviaN/pqsqFrHU9DYCv0fRgJTY lA26FUf57sK7kYdSkQWixhZ8hAGq6c7rRChl2rZZBK0+2lseE0jmkWJNgwIDAQAB o4ICGjCCAhYwHQYDVR0OBBYEFIGvI4MhNB8fWAll/Z9Ekf9AP79SMB8GA1UdIwQY MBaAFFRoNOaIkPOYahsEV84PVK4DwtdrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQt NTI3NjZiMjRiYWE0LzEvZ2E4amd5RTBIeDlZQ1dYOW4wU1JfMEFfdjFJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQtNTI3NjZiMjRiYWE0 LzEvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAWNyKMA8E AgACMAkDBwAqAEEggAUwDQYJKoZIhvcNAQELBQADggEBADii0kFdWbe1PbYNDK9p TK0ccBW+CKOJMd7NphXPj4HJZhLoP6OoSyLtlUyByyuPZOQ+RZutmyb6UbsjSU1o 7lU0CFhzvB788O0+DIAbPOjz2zvC38yLwX6mIQ6PSdoJt5p3XMCWAU74H0yUU9Zs RRdp7qxil4PhRB2wXPRFrRhLLvhCaOJf2oxYO0bElQaXni3V6EME1mWE3y4X6S4L mTSMdMJNMI0gASwlRVcgM8kuTxoadizlh1iCC3gxfTkVgCR3eBU3FJq1WH/8T5g3 mNJAHev7fXltxUrHNlifWHODsiqB/QTAkXHNl1LgzlPVCo1RHISXHiUqmHHY5Kg7 j1s= -----END CERTIFICATE-----Generated at Sun Jan 25 22:17:04 2026 by rpki-client