This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/GTGqXVhz06Y47h4tsfVzQ5-izUM.roa File: GTGqXVhz06Y47h4tsfVzQ5-izUM.roa (raw, json) Hash identifier: OFMU1gHAzvgxMOuofABHjmhX/fgNwdGN42jTuyPduAw= Subject key identifier: 19:31:AA:5D:58:73:D3:A6:38:EE:1E:2D:B1:F5:73:43:9F:A2:CD:43 Certificate issuer: /CN=22373571c90249bf2aa948e78bed13e08528b87e Certificate serial: 019B7A5B76908A5992F58743246CA9486500 Authority key identifier: 22:37:35:71:C9:02:49:BF:2A:A9:48:E7:8B:ED:13:E0:85:28:B8:7E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ijc1cckCSb8qqUjni-0T4IUouH4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/GTGqXVhz06Y47h4tsfVzQ5-izUM.roa Signing time: Thu 01 Jan 2026 16:19:33 +0000 ROA not before: Thu 01 Jan 2026 16:19:33 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 43395 IP address blocks: 5.160.240.0/24 maxlen: 24 46.209.248.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/Ijc1cckCSb8qqUjni-0T4IUouH4.crl rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/Ijc1cckCSb8qqUjni-0T4IUouH4.mft rsync://rpki.ripe.net/repository/DEFAULT/Ijc1cckCSb8qqUjni-0T4IUouH4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5b:76:90:8a:59:92:f5:87:43:24:6c:a9:48:65:00 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=22373571c90249bf2aa948e78bed13e08528b87e Validity Not Before: Jan 1 16:19:33 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=1931aa5d5873d3a638ee1e2db1f573439fa2cd43 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:24:f0:87:43:d9:30:8f:89:d1:f3:f1:12:ab: 15:97:29:08:c0:9d:c6:c3:8d:b1:ce:75:88:ef:f9: d0:72:ef:0d:1b:a3:71:34:45:5b:2c:57:4a:24:52: 3e:f4:b9:9f:6c:2c:94:fd:85:3f:85:00:af:3d:30: df:91:7a:42:b2:95:19:25:24:9c:ff:76:66:79:4d: fb:3b:29:b1:fe:17:f0:68:7c:12:f3:c3:de:1c:cd: 4d:a0:38:30:c9:14:9d:6d:14:20:94:7e:1e:0c:36: 97:a9:23:f8:8b:1a:17:0c:d7:63:6f:83:e0:73:26: dc:df:31:11:46:06:b5:0c:b7:cf:de:1c:f8:bd:04: 8a:5f:81:53:2b:f3:15:78:bf:fb:84:f3:b8:58:f9: 80:9b:db:f7:08:2a:f5:59:bd:b9:37:60:e9:10:2d: 3c:86:fc:5b:69:05:ae:48:35:b3:76:3d:8f:b0:9e: ae:17:99:52:06:ae:92:44:c3:40:e7:d2:b5:16:fe: 62:9e:7e:13:58:8f:4e:a6:b5:bd:65:fe:ec:fd:1f: 67:06:65:8d:f1:ac:f6:b1:00:63:d4:1d:bc:92:30: c1:b4:54:1a:85:b7:e8:ab:1f:52:d8:96:c1:cf:e1: e1:d3:7d:61:71:af:32:8b:11:aa:a5:73:53:3f:b0: c0:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 19:31:AA:5D:58:73:D3:A6:38:EE:1E:2D:B1:F5:73:43:9F:A2:CD:43 X509v3 Authority Key Identifier: keyid:22:37:35:71:C9:02:49:BF:2A:A9:48:E7:8B:ED:13:E0:85:28:B8:7E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ijc1cckCSb8qqUjni-0T4IUouH4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/GTGqXVhz06Y47h4tsfVzQ5-izUM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/Ijc1cckCSb8qqUjni-0T4IUouH4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.160.240.0/24 46.209.248.0/23 Signature Algorithm: sha256WithRSAEncryption 4a:18:a8:b4:f6:8d:dc:77:54:e8:0d:6b:3b:0e:45:05:67:90: 76:c4:e3:17:0b:21:b6:28:ec:13:f0:31:f7:b0:e2:6b:dd:6e: df:36:fd:89:02:b2:7b:c3:74:35:ec:e4:41:2c:53:78:ef:05: 74:a7:c6:6a:6b:aa:6c:8e:c8:42:c9:34:b4:11:c0:dd:cc:57: 60:b7:71:88:75:d0:df:ae:d2:91:97:cd:ca:91:37:28:0c:09: d4:c7:22:74:f1:b0:18:69:3c:5f:a3:ce:12:ae:1f:06:90:18: 0f:d6:9f:ac:a7:2c:88:07:bd:73:fd:b5:2d:a1:68:ff:76:3c: 41:26:08:af:f3:b2:ac:3a:f3:d9:f3:b8:fa:33:71:13:5c:26: 20:3c:66:7c:b1:94:2c:0c:aa:4d:8c:91:7c:e8:ed:52:81:e1: 0c:3a:56:e1:a5:3e:13:97:a0:9a:cd:79:6b:56:32:a6:23:3b: 1d:f5:2f:41:ad:b4:2d:a0:96:ff:df:16:c9:2c:aa:23:96:d0: f2:a8:38:72:50:6a:82:e6:f7:ff:27:55:05:f7:96:41:c9:15: e2:83:4c:d2:7d:9d:99:f2:d9:2e:89:b4:fa:27:2b:a5:51:e0: 81:7a:bc:b9:ed:4c:7b:d1:6d:43:fa:f8:09:83:be:aa:82:8f: 8d:2e:6c:f6 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt6W3aQilmS9YdDJGypSGUAMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIyMzczNTcxYzkwMjQ5YmYyYWE5NDhlNzhiZWQxM2UwODUy OGI4N2UwHhcNMjYwMTAxMTYxOTMzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxOTMxYWE1ZDU4NzNkM2E2MzhlZTFlMmRiMWY1NzM0MzlmYTJjZDQzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtyTwh0PZMI+J0fPxEqsVlykIwJ3G w42xznWI7/nQcu8NG6NxNEVbLFdKJFI+9LmfbCyU/YU/hQCvPTDfkXpCspUZJSSc /3ZmeU37Oymx/hfwaHwS88PeHM1NoDgwyRSdbRQglH4eDDaXqSP4ixoXDNdjb4Pg cybc3zERRga1DLfP3hz4vQSKX4FTK/MVeL/7hPO4WPmAm9v3CCr1Wb25N2DpEC08 hvxbaQWuSDWzdj2PsJ6uF5lSBq6SRMNA59K1Fv5inn4TWI9OprW9Zf7s/R9nBmWN 8az2sQBj1B28kjDBtFQahbfoqx9S2JbBz+Hh031hca8yixGqpXNTP7DAjQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFBkxql1Yc9OmOO4eLbH1c0Ofos1DMB8GA1UdIwQY MBaAFCI3NXHJAkm/KqlI54vtE+CFKLh+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSWpjMWNja0NTYjhxcVVqbmktMFQ0SVVvdUg0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS84NjZlNWUtODMxZS00Y2IxLWJkNTEt YjQ1NDBjNzRjOTRiLzEvR1RHcVhWaHowNlk0N2g0dHNmVnpRNS1pelVNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYS84NjZlNWUtODMxZS00Y2IxLWJkNTEtYjQ1NDBjNzRjOTRi LzEvSWpjMWNja0NTYjhxcVVqbmktMFQ0SVVvdUg0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABaDwAwQB LtH4MA0GCSqGSIb3DQEBCwUAA4IBAQBKGKi09o3cd1ToDWs7DkUFZ5B2xOMXCyG2 KOwT8DH3sOJr3W7fNv2JArJ7w3Q17ORBLFN47wV0p8Zqa6psjshCyTS0EcDdzFdg t3GIddDfrtKRl83KkTcoDAnUxyJ08bAYaTxfo84Srh8GkBgP1p+spyyIB71z/bUt oWj/djxBJgiv87KsOvPZ87j6M3ETXCYgPGZ8sZQsDKpNjJF86O1SgeEMOlbhpT4T l6CazXlrVjKmIzsd9S9BrbQtoJb/3xbJLKojltDyqDhyUGqC5vf/J1UF95ZByRXi g0zSfZ2Z8tkuibT6JyulUeCBery57Ux70W1D+vgJg76qgo+NLmz2 -----END CERTIFICATE-----Generated at Mon Jan 26 07:09:31 2026 by rpki-client