This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/9118e2-ae74-4c24-a775-32aa6731c291/1/gsUHTOql6ra3NCra3-O-Pk8H1G4.roa File: gsUHTOql6ra3NCra3-O-Pk8H1G4.roa (raw, json) Hash identifier: 8Ghx6DBEFtgP9usvPFW08DYezACf4VPCL0A1biqsI44= Subject key identifier: 82:C5:07:4C:EA:A5:EA:B6:B7:34:2A:DA:DF:E3:BE:3E:4F:07:D4:6E Certificate issuer: /CN=3919f2ad91584baff0467447bac8fb978d1f9dd3 Certificate serial: 019B78A36A8DB30FBBDFC6F81B77DA51B720 Authority key identifier: 39:19:F2:AD:91:58:4B:AF:F0:46:74:47:BA:C8:FB:97:8D:1F:9D:D3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ORnyrZFYS6_wRnRHusj7l40fndM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/9118e2-ae74-4c24-a775-32aa6731c291/1/gsUHTOql6ra3NCra3-O-Pk8H1G4.roa Signing time: Thu 01 Jan 2026 08:18:54 +0000 ROA not before: Thu 01 Jan 2026 08:18:54 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 29286 IP address blocks: 90.159.28.0/24 maxlen: 24 90.159.208.0/20 maxlen: 20 90.159.220.0/24 maxlen: 24 90.159.224.0/20 maxlen: 20 90.159.224.0/21 maxlen: 21 90.159.232.0/22 maxlen: 22 90.159.236.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/75/9118e2-ae74-4c24-a775-32aa6731c291/1/ORnyrZFYS6_wRnRHusj7l40fndM.crl rsync://rpki.ripe.net/repository/DEFAULT/75/9118e2-ae74-4c24-a775-32aa6731c291/1/ORnyrZFYS6_wRnRHusj7l40fndM.mft rsync://rpki.ripe.net/repository/DEFAULT/ORnyrZFYS6_wRnRHusj7l40fndM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a3:6a:8d:b3:0f:bb:df:c6:f8:1b:77:da:51:b7:20 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3919f2ad91584baff0467447bac8fb978d1f9dd3 Validity Not Before: Jan 1 08:18:54 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=82c5074ceaa5eab6b7342adadfe3be3e4f07d46e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:93:38:65:b3:02:60:02:a5:a8:5a:6b:fa:dd: 97:a4:c1:79:d7:84:9e:be:f3:f5:24:43:80:41:3a: c9:b3:a0:a4:48:f9:21:7b:53:c2:b1:ba:7e:3c:3b: 6b:02:64:34:f7:a1:ce:11:8e:e8:40:79:1e:ea:9c: 65:e3:e9:62:bc:78:ac:77:4e:11:09:83:3b:47:8d: 27:04:3d:ec:1e:64:1a:e0:5b:ce:ee:a3:22:11:3d: 24:77:f6:a9:8a:2b:f2:38:ea:70:df:96:63:a6:81: 45:5d:4e:ac:95:5c:44:89:01:a3:9e:9c:50:e0:4a: 12:9d:34:b6:49:e4:2d:0f:db:ac:44:72:e5:52:67: 5b:fe:9d:a1:a8:9c:69:23:70:9d:1f:74:bf:98:af: c2:5a:fd:fc:45:d2:a8:68:a3:67:d4:a3:26:f4:1c: 73:3a:31:dc:9c:75:08:17:f7:ba:8b:f3:b5:97:a5: d7:ee:42:af:d0:4f:c2:4c:d3:b7:81:20:f1:c5:bb: c4:76:86:bc:fd:72:77:4c:cb:9b:3a:8d:70:48:9e: 4c:6e:81:ac:92:cd:a0:6a:63:32:16:c4:b3:ae:c9: 58:86:1e:c0:22:36:64:fd:60:3c:91:3a:ba:6c:71: 80:d8:fb:dc:85:00:28:ae:63:7f:b6:84:96:da:34: 1e:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 82:C5:07:4C:EA:A5:EA:B6:B7:34:2A:DA:DF:E3:BE:3E:4F:07:D4:6E X509v3 Authority Key Identifier: keyid:39:19:F2:AD:91:58:4B:AF:F0:46:74:47:BA:C8:FB:97:8D:1F:9D:D3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ORnyrZFYS6_wRnRHusj7l40fndM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/9118e2-ae74-4c24-a775-32aa6731c291/1/gsUHTOql6ra3NCra3-O-Pk8H1G4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/75/9118e2-ae74-4c24-a775-32aa6731c291/1/ORnyrZFYS6_wRnRHusj7l40fndM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 90.159.28.0/24 90.159.208.0-90.159.239.255 Signature Algorithm: sha256WithRSAEncryption 38:28:9a:19:a5:e2:ef:20:55:82:02:0a:0f:ce:16:77:41:74: fa:ee:72:4e:e3:eb:40:3f:7b:c6:67:55:6c:62:ef:26:74:bb: b1:0b:5b:5c:8b:6a:0b:8e:34:b8:a1:17:8d:13:ed:bb:1c:1f: 9d:d5:46:ba:02:ac:cb:fa:59:6e:29:98:5f:2a:da:67:76:01: c6:75:74:33:2e:6d:e4:35:a2:d7:97:bc:53:c4:96:e7:b8:30: 66:fd:1c:28:a8:7c:f2:2a:c8:ff:fe:f3:18:72:90:3e:76:b9: 8f:fe:97:87:c9:57:e6:d4:04:c8:8e:fa:ef:62:fd:fd:a0:75: 80:a0:b5:c6:fb:b8:0b:87:b2:12:d9:6e:f9:30:6c:c8:65:9a: 45:b7:5e:c2:f8:c6:6d:dd:d1:c2:6f:c4:37:23:df:e8:9f:8b: 76:35:1e:6c:89:b7:67:11:8f:ed:ae:00:24:e2:f4:43:c0:0d: 7c:d0:d5:80:aa:84:ef:42:f8:ab:41:86:16:8c:c9:22:a5:de: 54:cb:a6:98:13:47:73:b7:73:6d:14:83:30:8b:2e:1c:4c:64: bb:42:39:a6:ab:79:23:89:1e:e6:c4:10:79:a1:93:c7:b0:b8: d8:e6:cf:bd:0d:0e:13:f5:a7:83:eb:2c:91:72:fa:94:cf:43: 16:c3:85:f9 -----BEGIN CERTIFICATE----- MIIFCzCCA/OgAwIBAgISAZt4o2qNsw+738b4G3faUbcgMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM5MTlmMmFkOTE1ODRiYWZmMDQ2NzQ0N2JhYzhmYjk3OGQx ZjlkZDMwHhcNMjYwMTAxMDgxODU0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4MmM1MDc0Y2VhYTVlYWI2YjczNDJhZGFkZmUzYmUzZTRmMDdkNDZlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0JM4ZbMCYAKlqFpr+t2XpMF514Se vvP1JEOAQTrJs6CkSPkhe1PCsbp+PDtrAmQ096HOEY7oQHke6pxl4+livHisd04R CYM7R40nBD3sHmQa4FvO7qMiET0kd/apiivyOOpw35ZjpoFFXU6slVxEiQGjnpxQ 4EoSnTS2SeQtD9usRHLlUmdb/p2hqJxpI3CdH3S/mK/CWv38RdKoaKNn1KMm9Bxz OjHcnHUIF/e6i/O1l6XX7kKv0E/CTNO3gSDxxbvEdoa8/XJ3TMubOo1wSJ5MboGs ks2gamMyFsSzrslYhh7AIjZk/WA8kTq6bHGA2PvchQAormN/toSW2jQe1wIDAQAB o4ICFzCCAhMwHQYDVR0OBBYEFILFB0zqpeq2tzQq2t/jvj5PB9RuMB8GA1UdIwQY MBaAFDkZ8q2RWEuv8EZ0R7rI+5eNH53TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT1JueXJaRllTNl93Um5SSHVzajdsNDBmbmRNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS85MTE4ZTItYWU3NC00YzI0LWE3NzUt MzJhYTY3MzFjMjkxLzEvZ3NVSFRPcWw2cmEzTkNyYTMtTy1QazhIMUc0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83NS85MTE4ZTItYWU3NC00YzI0LWE3NzUtMzJhYTY3MzFjMjkx LzEvT1JueXJaRllTNl93Um5SSHVzajdsNDBmbmRNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAWp8cMAwD BARan9ADBARan+AwDQYJKoZIhvcNAQELBQADggEBADgomhml4u8gVYICCg/OFndB dPruck7j60A/e8ZnVWxi7yZ0u7ELW1yLaguONLihF40T7bscH53VRroCrMv6WW4p mF8q2md2AcZ1dDMubeQ1oteXvFPElue4MGb9HCiofPIqyP/+8xhykD52uY/+l4fJ V+bUBMiO+u9i/f2gdYCgtcb7uAuHshLZbvkwbMhlmkW3XsL4xm3d0cJvxDcj3+if i3Y1HmyJt2cRj+2uACTi9EPADXzQ1YCqhO9C+KtBhhaMySKl3lTLppgTR3O3c20U gzCLLhxMZLtCOaareSOJHubEEHmhk8ewuNjmz70NDhP1p4PrLJFy+pTPQxbDhfk= -----END CERTIFICATE-----Generated at Sun Jan 25 17:22:14 2026 by rpki-client