This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/dafef8-e227-42d3-807f-be810a050944/1/GqfcLrP9OkUTy-GX1d-k-vfcOX8.roa File: GqfcLrP9OkUTy-GX1d-k-vfcOX8.roa (raw, json) Hash identifier: XFhkOuqDVaUrmegmAPvZHJBMmOe4H8O6VpNvMvQVK4k= Subject key identifier: 1A:A7:DC:2E:B3:FD:3A:45:13:CB:E1:97:D5:DF:A4:FA:F7:DC:39:7F Certificate issuer: /CN=5da5ac3bba260538c333e6c860f236012c98675d Certificate serial: 019B78A2F842692415548935620EE676E0AA Authority key identifier: 5D:A5:AC:3B:BA:26:05:38:C3:33:E6:C8:60:F2:36:01:2C:98:67:5D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaWsO7omBTjDM-bIYPI2ASyYZ10.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/dafef8-e227-42d3-807f-be810a050944/1/GqfcLrP9OkUTy-GX1d-k-vfcOX8.roa Signing time: Thu 01 Jan 2026 08:18:24 +0000 ROA not before: Thu 01 Jan 2026 08:18:24 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 30081 IP address blocks: 45.88.132.0/22 maxlen: 24 2a07:9a40::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6e/dafef8-e227-42d3-807f-be810a050944/1/XaWsO7omBTjDM-bIYPI2ASyYZ10.crl rsync://rpki.ripe.net/repository/DEFAULT/6e/dafef8-e227-42d3-807f-be810a050944/1/XaWsO7omBTjDM-bIYPI2ASyYZ10.mft rsync://rpki.ripe.net/repository/DEFAULT/XaWsO7omBTjDM-bIYPI2ASyYZ10.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a2:f8:42:69:24:15:54:89:35:62:0e:e6:76:e0:aa Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5da5ac3bba260538c333e6c860f236012c98675d Validity Not Before: Jan 1 08:18:24 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=1aa7dc2eb3fd3a4513cbe197d5dfa4faf7dc397f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:34:21:8f:f7:d4:86:99:d6:af:02:17:11:d9: 66:2e:a6:8a:26:0d:a6:07:33:98:8a:a6:e6:d0:c1: ec:48:75:65:7b:f4:59:89:7e:8b:8f:66:2c:61:c0: 11:1c:b4:e4:5d:73:a0:b2:6b:2c:ed:27:c0:06:e2: 2e:53:cd:d9:0b:d5:00:a8:28:fa:52:3d:77:63:73: ac:94:89:24:85:32:b3:28:24:75:36:bd:cc:83:cc: 6b:33:e4:0d:5e:c0:31:64:4a:4a:6d:7c:f2:29:94: c5:9a:b1:8a:2d:90:03:8c:44:b7:f0:9e:bf:15:cd: b0:5b:16:1b:87:e9:d1:98:15:df:15:69:e4:86:d1: c7:37:af:0d:ce:aa:fc:ce:46:43:3b:fd:60:34:d9: 7f:4d:3d:79:cb:b9:4d:9f:cd:8b:65:37:5e:42:a5: 6d:1b:c3:9f:9e:9d:88:7e:f5:82:b1:7b:25:c3:0c: 1f:96:98:e3:91:a9:ca:e4:33:c7:0b:db:db:01:31: ec:14:c2:58:36:b5:31:cd:5e:e6:a7:e2:ec:e6:e7: d8:fe:74:71:6e:c1:96:3e:8a:40:83:55:7f:a2:36: 6f:e6:d1:66:a7:71:c0:f8:1b:da:a3:35:9e:54:00: a5:77:4e:83:ed:ca:07:b9:9a:9d:cc:c9:23:c6:4f: fc:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1A:A7:DC:2E:B3:FD:3A:45:13:CB:E1:97:D5:DF:A4:FA:F7:DC:39:7F X509v3 Authority Key Identifier: keyid:5D:A5:AC:3B:BA:26:05:38:C3:33:E6:C8:60:F2:36:01:2C:98:67:5D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaWsO7omBTjDM-bIYPI2ASyYZ10.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/dafef8-e227-42d3-807f-be810a050944/1/GqfcLrP9OkUTy-GX1d-k-vfcOX8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/dafef8-e227-42d3-807f-be810a050944/1/XaWsO7omBTjDM-bIYPI2ASyYZ10.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.88.132.0/22 IPv6: 2a07:9a40::/29 Signature Algorithm: sha256WithRSAEncryption 11:a8:05:d6:8a:b0:9d:7a:d6:99:02:54:7d:ca:f6:3b:78:20: 82:74:0e:44:76:34:58:ef:6a:3f:87:64:3b:96:7c:bd:3d:6a: 18:8b:4c:a8:4e:99:f0:4a:3c:41:af:67:da:ec:2a:eb:29:26: a0:50:c8:8e:43:bf:9b:ea:ad:1d:24:62:6d:c2:98:ae:3c:6c: 63:c3:49:ce:83:95:84:09:bd:ec:e6:27:4c:74:be:6f:53:51: 53:6f:65:62:f6:9b:15:7b:9c:00:4e:54:9a:2f:49:d6:c3:69: eb:33:07:30:b2:2b:11:a4:d5:17:6d:4d:c3:c3:e5:61:90:08: ed:ba:6c:e6:6b:4b:59:4a:71:04:e1:d6:fe:bd:e4:70:df:78: 79:a1:cf:05:9e:06:0b:07:17:5b:7e:00:7c:a3:de:b1:c1:8f: 56:e5:fe:0f:fb:e8:2d:9a:44:5b:8d:00:8c:51:0d:ee:0d:77: 64:4b:a9:51:64:b7:b5:92:81:7f:e1:f3:1d:58:7d:a7:bf:26: eb:31:73:4a:2b:14:04:a9:51:8c:39:80:c2:3b:02:5f:1e:5c: b0:55:55:3c:4a:4c:b7:ae:00:55:70:a9:23:c3:b8:07:25:09: 6f:0e:11:39:e0:7b:7f:a9:26:e5:55:2c:8f:95:be:44:4b:2b: 69:e3:54:fb -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt4ovhCaSQVVIk1Yg7mduCqMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVkYTVhYzNiYmEyNjA1MzhjMzMzZTZjODYwZjIzNjAxMmM5 ODY3NWQwHhcNMjYwMTAxMDgxODI0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxYWE3ZGMyZWIzZmQzYTQ1MTNjYmUxOTdkNWRmYTRmYWY3ZGMzOTdmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwjQhj/fUhpnWrwIXEdlmLqaKJg2m BzOYiqbm0MHsSHVle/RZiX6Lj2YsYcARHLTkXXOgsmss7SfABuIuU83ZC9UAqCj6 Uj13Y3OslIkkhTKzKCR1Nr3Mg8xrM+QNXsAxZEpKbXzyKZTFmrGKLZADjES38J6/ Fc2wWxYbh+nRmBXfFWnkhtHHN68Nzqr8zkZDO/1gNNl/TT15y7lNn82LZTdeQqVt G8Ofnp2IfvWCsXslwwwflpjjkanK5DPHC9vbATHsFMJYNrUxzV7mp+Ls5ufY/nRx bsGWPopAg1V/ojZv5tFmp3HA+BvaozWeVACld06D7coHuZqdzMkjxk/8ewIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFBqn3C6z/TpFE8vhl9XfpPr33Dl/MB8GA1UdIwQY MBaAFF2lrDu6JgU4wzPmyGDyNgEsmGddMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWGFXc083b21CVGpETS1iSVlQSTJBU3lZWjEwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS9kYWZlZjgtZTIyNy00MmQzLTgwN2Yt YmU4MTBhMDUwOTQ0LzEvR3FmY0xyUDlPa1VUeS1HWDFkLWstdmZjT1g4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82ZS9kYWZlZjgtZTIyNy00MmQzLTgwN2YtYmU4MTBhMDUwOTQ0 LzEvWGFXc083b21CVGpETS1iSVlQSTJBU3lZWjEwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLViEMA0E AgACMAcDBQMqB5pAMA0GCSqGSIb3DQEBCwUAA4IBAQARqAXWirCdetaZAlR9yvY7 eCCCdA5EdjRY72o/h2Q7lny9PWoYi0yoTpnwSjxBr2fa7CrrKSagUMiOQ7+b6q0d JGJtwpiuPGxjw0nOg5WECb3s5idMdL5vU1FTb2Vi9psVe5wATlSaL0nWw2nrMwcw sisRpNUXbU3Dw+VhkAjtumzma0tZSnEE4db+veRw33h5oc8FngYLBxdbfgB8o96x wY9W5f4P++gtmkRbjQCMUQ3uDXdkS6lRZLe1koF/4fMdWH2nvybrMXNKKxQEqVGM OYDCOwJfHlywVVU8Sky3rgBVcKkjw7gHJQlvDhE54Ht/qSblVSyPlb5ESytp41T7 -----END CERTIFICATE-----Generated at Sun Jan 25 17:32:52 2026 by rpki-client