This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/GZRqY4NDt7hJ9enhVGKaEOmb3NE.roa File: GZRqY4NDt7hJ9enhVGKaEOmb3NE.roa (raw, json) Hash identifier: d80AiHyw0DccEB+5PAX/rzXjQOcOL6jz6PietADkMkc= Subject key identifier: 19:94:6A:63:83:43:B7:B8:49:F5:E9:E1:54:62:9A:10:E9:9B:DC:D1 Certificate issuer: /CN=297ef9befd1a7e24c0cc9729987fc065d6b7132f Certificate serial: 019B131EE32B39425432106D432EE5DC0475 Authority key identifier: 29:7E:F9:BE:FD:1A:7E:24:C0:CC:97:29:98:7F:C0:65:D6:B7:13:2F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KX75vv0afiTAzJcpmH_AZda3Ey8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/GZRqY4NDt7hJ9enhVGKaEOmb3NE.roa Signing time: Fri 12 Dec 2025 15:12:29 +0000 ROA not before: Fri 12 Dec 2025 15:12:29 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 0 IP address blocks: 5.10.213.0/24 maxlen: 24 5.10.222.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/KX75vv0afiTAzJcpmH_AZda3Ey8.crl rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/KX75vv0afiTAzJcpmH_AZda3Ey8.mft rsync://rpki.ripe.net/repository/DEFAULT/KX75vv0afiTAzJcpmH_AZda3Ey8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 14:30:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:13:1e:e3:2b:39:42:54:32:10:6d:43:2e:e5:dc:04:75 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=297ef9befd1a7e24c0cc9729987fc065d6b7132f Validity Not Before: Dec 12 15:12:29 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=19946a638343b7b849f5e9e154629a10e99bdcd1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8b:11:84:76:85:9e:17:1b:43:42:cb:1c:73:66: b1:06:39:32:80:c3:32:07:8e:bb:56:ce:ca:8d:7e: ab:9a:ac:45:2f:20:56:37:02:56:2a:20:f4:16:67: a7:38:50:d3:9e:31:25:ca:4b:53:96:0c:21:65:a2: 65:9c:4e:3a:aa:93:48:05:2a:81:2b:5b:a4:fc:42: 6a:dd:4b:ac:d9:59:f8:49:74:5f:3d:30:df:6a:ff: b5:1c:dc:45:b4:d4:ce:0c:50:cc:c7:4f:f1:9e:45: ad:da:f3:da:bc:95:a5:bf:38:25:59:5c:8f:0f:4f: 73:51:d9:f7:40:19:b2:87:d1:65:68:e7:73:c9:35: 44:10:f0:d1:ce:39:d1:7e:3a:5e:19:e0:4c:61:c3: 36:d7:3e:14:66:c0:5a:0c:e7:90:d2:db:20:d5:42: 68:e4:4a:ac:a7:ed:c3:fc:59:c8:ca:32:2d:4d:77: f2:7c:a1:81:3c:b1:cb:6c:e8:0f:ec:70:6f:cc:76: 67:ce:e8:df:f8:c6:d4:b7:3a:db:75:42:84:27:8e: 8d:db:ad:70:5f:70:5f:55:11:17:d3:60:a6:07:4a: 7c:93:de:1b:91:4f:f4:57:52:20:bc:1c:06:0d:7d: 02:d0:7a:f2:fb:c8:07:90:4a:ac:b4:3e:a0:67:e2: c6:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 19:94:6A:63:83:43:B7:B8:49:F5:E9:E1:54:62:9A:10:E9:9B:DC:D1 X509v3 Authority Key Identifier: keyid:29:7E:F9:BE:FD:1A:7E:24:C0:CC:97:29:98:7F:C0:65:D6:B7:13:2F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KX75vv0afiTAzJcpmH_AZda3Ey8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/GZRqY4NDt7hJ9enhVGKaEOmb3NE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/KX75vv0afiTAzJcpmH_AZda3Ey8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.10.213.0/24 5.10.222.0/24 Signature Algorithm: sha256WithRSAEncryption 4b:1f:24:65:31:34:80:73:4f:8a:d0:1a:d2:99:18:59:a3:65: d6:a4:a0:ce:94:45:94:49:a0:c6:43:f2:f6:c1:15:6a:f0:51: db:8d:a1:3e:8d:b3:ef:bd:81:b3:6a:92:49:34:35:94:16:14: fb:9c:b4:d9:89:97:b9:21:09:dd:ca:c4:52:1f:e7:86:33:86: ba:7e:6e:18:32:53:b2:88:2a:ae:46:60:a3:a4:dd:ee:d1:30: 9d:2c:72:1f:56:e2:b5:3d:03:1e:7c:cf:7a:32:74:a8:d3:b9: 4f:17:be:6e:01:f0:b3:a9:3f:da:1a:76:3a:5a:e4:b2:18:b1: f6:a9:3f:c0:fc:06:7d:bc:71:f5:ff:80:36:99:a7:e8:59:57: 89:65:59:74:82:98:53:a4:1a:9b:21:60:35:81:b0:ca:e4:b4: cd:0b:28:c7:29:4a:ba:c4:9a:bc:6a:ba:2f:64:fb:52:17:7e: 16:76:f9:2c:03:e7:2d:8e:bc:9e:29:e5:f9:a4:ee:7f:ec:b2: e0:ba:00:2a:5b:1d:13:9a:b0:56:10:f5:e3:47:c4:43:bb:a7: 2d:02:7f:61:7e:44:d9:59:85:a3:2e:3a:a9:b2:b4:0a:c1:7c: 9c:1a:57:20:db:d8:ce:8b:45:9f:26:c4:79:a2:75:67:66:25: 29:70:09:a1 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZsTHuMrOUJUMhBtQy7l3AR1MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI5N2VmOWJlZmQxYTdlMjRjMGNjOTcyOTk4N2ZjMDY1ZDZi NzEzMmYwHhcNMjUxMjEyMTUxMjI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxOTk0NmE2MzgzNDNiN2I4NDlmNWU5ZTE1NDYyOWExMGU5OWJkY2QxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAixGEdoWeFxtDQsscc2axBjkygMMy B467Vs7KjX6rmqxFLyBWNwJWKiD0FmenOFDTnjElyktTlgwhZaJlnE46qpNIBSqB K1uk/EJq3Uus2Vn4SXRfPTDfav+1HNxFtNTODFDMx0/xnkWt2vPavJWlvzglWVyP D09zUdn3QBmyh9FlaOdzyTVEEPDRzjnRfjpeGeBMYcM21z4UZsBaDOeQ0tsg1UJo 5Eqsp+3D/FnIyjItTXfyfKGBPLHLbOgP7HBvzHZnzujf+MbUtzrbdUKEJ46N261w X3BfVREX02CmB0p8k94bkU/0V1IgvBwGDX0C0Hry+8gHkEqstD6gZ+LG9QIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFBmUamODQ7e4SfXp4VRimhDpm9zRMB8GA1UdIwQY MBaAFCl++b79Gn4kwMyXKZh/wGXWtxMvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS1g3NXZ2MGFmaVRBekpjcG1IX0FaZGEzRXk4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS9iZTQ5MDktNzQ1Zi00ZDBjLWJmYWIt ZGVlNzY4NjAwMTNkLzEvR1pScVk0TkR0N2hKOWVuaFZHS2FFT21iM05FLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83YS9iZTQ5MDktNzQ1Zi00ZDBjLWJmYWItZGVlNzY4NjAwMTNk LzEvS1g3NXZ2MGFmaVRBekpjcG1IX0FaZGEzRXk4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABQrVAwQA BQreMA0GCSqGSIb3DQEBCwUAA4IBAQBLHyRlMTSAc0+K0BrSmRhZo2XWpKDOlEWU SaDGQ/L2wRVq8FHbjaE+jbPvvYGzapJJNDWUFhT7nLTZiZe5IQndysRSH+eGM4a6 fm4YMlOyiCquRmCjpN3u0TCdLHIfVuK1PQMefM96MnSo07lPF75uAfCzqT/aGnY6 WuSyGLH2qT/A/AZ9vHH1/4A2mafoWVeJZVl0gphTpBqbIWA1gbDK5LTNCyjHKUq6 xJq8arovZPtSF34WdvksA+ctjryeKeX5pO5/7LLgugAqWx0TmrBWEPXjR8RDu6ct An9hfkTZWYWjLjqpsrQKwXycGlcg29jOi0WfJsR5onVnZiUpcAmh -----END CERTIFICATE-----Generated at Mon Dec 15 17:02:18 2025 by rpki-client