This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/cf943d-c921-4ef7-9aa0-e3fcb23e3438/1/gwfvHd9vGQ-YayDB4JMmJ6Zoy-k.roa File: gwfvHd9vGQ-YayDB4JMmJ6Zoy-k.roa (raw, json) Hash identifier: JXFha1HpeDKqZ6dndv5E6MFGVWN5nIxgaGNdqYj6mdM= Subject key identifier: 83:07:EF:1D:DF:6F:19:0F:98:6B:20:C1:E0:93:26:27:A6:68:CB:E9 Certificate issuer: /CN=352f8919e6bc1ef5663489018fc875be34c0f24c Certificate serial: 019B7B355210367A89952421DDDCBC079C4C Authority key identifier: 35:2F:89:19:E6:BC:1E:F5:66:34:89:01:8F:C8:75:BE:34:C0:F2:4C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NS-JGea8HvVmNIkBj8h1vjTA8kw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/cf943d-c921-4ef7-9aa0-e3fcb23e3438/1/gwfvHd9vGQ-YayDB4JMmJ6Zoy-k.roa Signing time: Thu 01 Jan 2026 20:17:30 +0000 ROA not before: Thu 01 Jan 2026 20:17:30 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 35600 IP address blocks: 14.102.102.0/24 maxlen: 24 45.84.112.0/22 maxlen: 22 91.221.92.0/23 maxlen: 24 91.221.106.0/23 maxlen: 24 185.48.132.0/22 maxlen: 24 185.56.176.0/22 maxlen: 22 194.117.246.0/23 maxlen: 23 2001:67c:184c::/48 maxlen: 48 2a00:4780::/32 maxlen: 32 2a02:5520::/32 maxlen: 32 2a0e:ac80::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c1/cf943d-c921-4ef7-9aa0-e3fcb23e3438/1/NS-JGea8HvVmNIkBj8h1vjTA8kw.crl rsync://rpki.ripe.net/repository/DEFAULT/c1/cf943d-c921-4ef7-9aa0-e3fcb23e3438/1/NS-JGea8HvVmNIkBj8h1vjTA8kw.mft rsync://rpki.ripe.net/repository/DEFAULT/NS-JGea8HvVmNIkBj8h1vjTA8kw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 25 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:35:52:10:36:7a:89:95:24:21:dd:dc:bc:07:9c:4c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=352f8919e6bc1ef5663489018fc875be34c0f24c Validity Not Before: Jan 1 20:17:30 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=8307ef1ddf6f190f986b20c1e0932627a668cbe9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:9a:02:ba:88:e3:b5:9b:1a:78:68:82:17:ca: c8:52:c2:6e:2d:a1:82:4c:4b:75:da:48:a4:5e:4c: 5d:0f:e9:07:90:f2:de:b0:0a:89:5b:51:7c:e2:9f: 35:34:06:bb:ba:0c:cd:17:e4:04:e1:33:66:f1:b0: 36:18:cf:57:3b:8f:2a:37:5e:bb:22:c6:2c:69:87: cf:93:fd:ba:62:6b:16:c4:c0:de:ed:92:6c:05:66: f6:31:ca:50:72:1b:6b:d7:37:cf:98:32:4f:a4:bf: 66:c3:11:fa:cb:f5:3a:0b:c2:15:50:07:4e:e9:d7: dc:c9:b8:d9:68:60:81:40:dc:c8:79:82:61:86:36: 0c:c5:d6:5f:5a:7c:78:e2:b3:46:cb:94:74:4f:1b: cf:d7:5f:6a:86:fd:ba:2b:85:a1:ac:e2:a7:61:d3: 8f:0e:e5:f9:71:28:3a:2a:64:3e:e8:cb:91:a6:91: 9d:17:b1:d2:6c:44:b1:33:69:b9:3c:f4:19:63:ae: aa:dd:58:b8:1f:ac:99:81:09:3d:4d:da:5d:a8:20: 22:e7:4a:8b:b0:85:d2:25:e2:03:26:a1:33:20:c0: 67:fc:69:a3:7d:7a:30:a7:f1:ec:ad:9b:ed:ef:72: 03:17:5d:b5:ce:af:86:8d:64:ca:73:04:ec:4d:fb: 08:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 83:07:EF:1D:DF:6F:19:0F:98:6B:20:C1:E0:93:26:27:A6:68:CB:E9 X509v3 Authority Key Identifier: keyid:35:2F:89:19:E6:BC:1E:F5:66:34:89:01:8F:C8:75:BE:34:C0:F2:4C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NS-JGea8HvVmNIkBj8h1vjTA8kw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/cf943d-c921-4ef7-9aa0-e3fcb23e3438/1/gwfvHd9vGQ-YayDB4JMmJ6Zoy-k.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/cf943d-c921-4ef7-9aa0-e3fcb23e3438/1/NS-JGea8HvVmNIkBj8h1vjTA8kw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 14.102.102.0/24 45.84.112.0/22 91.221.92.0/23 91.221.106.0/23 185.48.132.0/22 185.56.176.0/22 194.117.246.0/23 IPv6: 2001:67c:184c::/48 2a00:4780::/32 2a02:5520::/32 2a0e:ac80::/29 Signature Algorithm: sha256WithRSAEncryption 43:eb:cb:1b:29:99:81:db:00:4d:f5:15:bd:82:27:37:2c:22: aa:4b:d3:f7:4b:28:aa:d1:84:b1:57:60:2d:fd:61:57:0d:19: 31:dd:1d:2f:4f:88:42:d7:32:87:2e:63:49:c7:c5:ca:44:c4: d0:32:fc:5c:0f:96:f1:1b:7d:40:00:18:b1:15:0c:7f:97:e3: 2b:8c:db:74:c3:7f:58:d4:8d:d5:7f:4c:9a:97:81:3d:6d:db: 8f:d7:f8:20:12:b2:f2:86:56:44:8f:de:74:e0:04:bd:df:a5: e1:65:2c:a2:2c:ee:19:14:bf:54:d7:26:ea:6f:27:e7:1f:7c: f8:fb:56:f9:c0:48:47:c4:d0:b0:51:6c:fa:0a:30:6e:a5:ce: 89:e5:ee:61:a8:cd:34:e8:2d:22:5e:91:3d:db:89:b2:d3:ba: 7c:7e:c3:b7:59:64:a0:9d:a3:11:a4:ce:36:36:5f:57:81:bf: 0f:fa:bf:5a:04:e3:9b:53:91:81:4b:2d:5c:45:00:e6:5e:ab: 6e:2b:de:b3:b5:e8:05:ab:ce:6c:e0:45:6a:96:95:d2:1b:0d: cd:13:10:fd:5d:29:2d:16:05:9a:68:ce:32:ff:4f:f6:85:9f: 2f:95:b3:bb:f3:f5:92:40:26:b0:67:dc:c8:97:e5:06:68:06: dd:d8:33:06 -----BEGIN CERTIFICATE----- MIIFRzCCBC+gAwIBAgISAZt7NVIQNnqJlSQh3dy8B5xMMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM1MmY4OTE5ZTZiYzFlZjU2NjM0ODkwMThmYzg3NWJlMzRj MGYyNGMwHhcNMjYwMTAxMjAxNzMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4MzA3ZWYxZGRmNmYxOTBmOTg2YjIwYzFlMDkzMjYyN2E2NjhjYmU5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqZoCuojjtZsaeGiCF8rIUsJuLaGC TEt12kikXkxdD+kHkPLesAqJW1F84p81NAa7ugzNF+QE4TNm8bA2GM9XO48qN167 IsYsaYfPk/26YmsWxMDe7ZJsBWb2McpQchtr1zfPmDJPpL9mwxH6y/U6C8IVUAdO 6dfcybjZaGCBQNzIeYJhhjYMxdZfWnx44rNGy5R0TxvP119qhv26K4WhrOKnYdOP DuX5cSg6KmQ+6MuRppGdF7HSbESxM2m5PPQZY66q3Vi4H6yZgQk9TdpdqCAi50qL sIXSJeIDJqEzIMBn/GmjfXowp/HsrZvt73IDF121zq+GjWTKcwTsTfsIFQIDAQAB o4ICUzCCAk8wHQYDVR0OBBYEFIMH7x3fbxkPmGsgweCTJiemaMvpMB8GA1UdIwQY MBaAFDUviRnmvB71ZjSJAY/Idb40wPJMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTlMtSkdlYThIdlZtTklrQmo4aDF2alRBOGt3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS9jZjk0M2QtYzkyMS00ZWY3LTlhYTAt ZTNmY2IyM2UzNDM4LzEvZ3dmdkhkOXZHUS1ZYXlEQjRKTW1KNlpveS1rLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jMS9jZjk0M2QtYzkyMS00ZWY3LTlhYTAtZTNmY2IyM2UzNDM4 LzEvTlMtSkdlYThIdlZtTklrQmo4aDF2alRBOGt3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDAwBAIAATAqAwQADmZmAwQC LVRwAwQBW91cAwQBW91qAwQCuTCEAwQCuTiwAwQBwnX2MCQEAgACMB4DBwAgAQZ8 GEwDBQAqAEeAAwUAKgJVIAMFAyoOrIAwDQYJKoZIhvcNAQELBQADggEBAEPryxsp mYHbAE31Fb2CJzcsIqpL0/dLKKrRhLFXYC39YVcNGTHdHS9PiELXMocuY0nHxcpE xNAy/FwPlvEbfUAAGLEVDH+X4yuM23TDf1jUjdV/TJqXgT1t24/X+CASsvKGVkSP 3nTgBL3fpeFlLKIs7hkUv1TXJupvJ+cffPj7VvnASEfE0LBRbPoKMG6lzonl7mGo zTToLSJekT3bibLTunx+w7dZZKCdoxGkzjY2X1eBvw/6v1oE45tTkYFLLVxFAOZe q24r3rO16AWrzmzgRWqWldIbDc0TEP1dKS0WBZpozjL/T/aFny+Vs7vz9ZJAJrBn 3MiX5QZoBt3YMwY= -----END CERTIFICATE-----Generated at Sun Jan 25 08:49:23 2026 by rpki-client