This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/685aa1-ef22-48a5-b70a-5ea8f53ab491/1/GM2WJN9_ezB4uJBKr6KMD-BXxpU.roa File: GM2WJN9_ezB4uJBKr6KMD-BXxpU.roa (raw, json) Hash identifier: 9qjsgV72QPwQBNdaD4BbTgE2UrBD6jAtMEwROmmWrt4= Subject key identifier: 18:CD:96:24:DF:7F:7B:30:78:B8:90:4A:AF:A2:8C:0F:E0:57:C6:95 Certificate issuer: /CN=44af4b76312680e9d40a23b3ca2f19abf2f6c73b Certificate serial: 019B7FF1D3B07CDF6376F5BE58A6735BD75B Authority key identifier: 44:AF:4B:76:31:26:80:E9:D4:0A:23:B3:CA:2F:19:AB:F2:F6:C7:3B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RK9LdjEmgOnUCiOzyi8Zq_L2xzs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/685aa1-ef22-48a5-b70a-5ea8f53ab491/1/GM2WJN9_ezB4uJBKr6KMD-BXxpU.roa Signing time: Fri 02 Jan 2026 18:21:53 +0000 ROA not before: Fri 02 Jan 2026 18:21:53 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 42910 IP address blocks: 185.70.96.0/24 maxlen: 24 185.70.99.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/685aa1-ef22-48a5-b70a-5ea8f53ab491/1/RK9LdjEmgOnUCiOzyi8Zq_L2xzs.crl rsync://rpki.ripe.net/repository/DEFAULT/cf/685aa1-ef22-48a5-b70a-5ea8f53ab491/1/RK9LdjEmgOnUCiOzyi8Zq_L2xzs.mft rsync://rpki.ripe.net/repository/DEFAULT/RK9LdjEmgOnUCiOzyi8Zq_L2xzs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:f1:d3:b0:7c:df:63:76:f5:be:58:a6:73:5b:d7:5b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=44af4b76312680e9d40a23b3ca2f19abf2f6c73b Validity Not Before: Jan 2 18:21:53 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=18cd9624df7f7b3078b8904aafa28c0fe057c695 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:90:83:28:75:1a:68:85:69:1a:40:47:9a:0d: ba:70:59:f2:a3:83:7b:db:9b:06:8f:0a:fa:32:0a: ba:de:e1:4a:9a:85:f9:b7:a4:df:31:9a:de:fb:44: 99:dc:c0:76:04:a6:fe:25:65:e5:ab:3f:2a:77:bf: f1:f9:de:75:26:c9:e6:d9:77:2d:54:44:37:48:62: 96:94:6b:53:40:6a:f4:74:3e:f5:f5:b4:f8:4f:78: eb:70:8f:78:85:55:71:22:bc:43:b0:48:c1:35:ff: 21:28:ff:2e:78:44:2d:86:4d:ea:40:2e:79:33:d9: e1:f4:d4:ca:2c:a1:39:f7:19:36:06:69:46:34:62: 41:0a:72:46:ec:b8:ee:0e:75:ff:82:df:7c:cd:d1: 9a:15:33:40:98:a3:4f:3a:f2:81:c0:de:25:bc:c0: 93:06:38:a9:27:c5:f3:e0:30:fd:7f:80:82:7f:94: ec:6f:e6:9e:f7:33:28:6c:da:cc:0e:d9:f5:88:2b: 31:38:f3:09:ac:ea:24:dd:3f:d4:9d:28:7a:61:9a: 84:b3:e1:95:4c:a2:52:a0:c7:07:1c:61:47:39:9d: af:90:1b:8a:f2:86:66:56:7a:be:34:65:2b:80:77: f2:2d:c2:c7:46:eb:c9:99:2b:c5:4c:2f:4e:7f:14: 45:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 18:CD:96:24:DF:7F:7B:30:78:B8:90:4A:AF:A2:8C:0F:E0:57:C6:95 X509v3 Authority Key Identifier: keyid:44:AF:4B:76:31:26:80:E9:D4:0A:23:B3:CA:2F:19:AB:F2:F6:C7:3B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RK9LdjEmgOnUCiOzyi8Zq_L2xzs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/685aa1-ef22-48a5-b70a-5ea8f53ab491/1/GM2WJN9_ezB4uJBKr6KMD-BXxpU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/685aa1-ef22-48a5-b70a-5ea8f53ab491/1/RK9LdjEmgOnUCiOzyi8Zq_L2xzs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.70.96.0/24 185.70.99.0/24 Signature Algorithm: sha256WithRSAEncryption 16:40:f7:30:62:09:92:d6:b6:03:5d:66:d1:44:38:43:28:15: 2d:2f:34:35:21:67:06:8a:17:e3:bd:33:7c:26:70:6f:a8:5c: 1d:fc:90:01:83:94:e1:10:56:5b:85:0f:de:59:15:44:bb:8f: 50:34:1f:3f:53:92:6d:59:cd:b6:95:b3:ec:26:05:2c:c5:50: 42:6e:34:bf:a2:6e:73:51:96:0b:b4:5b:d7:39:23:c0:b1:1b: 11:60:4a:a5:f7:4f:c2:6e:cf:80:00:d8:fb:e9:89:6e:54:3f: 49:30:0d:b7:7a:1a:28:a7:be:0b:29:1c:c8:14:a8:78:72:64: a7:0b:43:bb:0c:91:3c:c9:51:0a:00:ab:f1:04:b5:15:fb:d2: 64:ac:21:ee:9d:13:33:fa:f5:80:dd:0c:a9:4f:8f:93:fe:0c: b1:6f:82:4e:b6:b0:ff:ac:2f:ff:f5:56:6c:f8:b3:46:2e:b2: a1:e2:ab:ab:fc:ca:d2:ab:5c:8b:a6:a9:fe:08:26:84:32:33: 55:c8:a0:f1:55:97:10:46:d4:9f:d9:75:03:16:fa:4d:6d:e5: f8:85:fb:fa:87:9e:84:2f:58:f2:1e:cd:4b:1d:6d:7d:e4:1f: 00:81:36:26:ab:07:38:a1:71:18:42:20:5a:c8:21:b3:16:e3: 2d:35:02:0b -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt/8dOwfN9jdvW+WKZzW9dbMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQ0YWY0Yjc2MzEyNjgwZTlkNDBhMjNiM2NhMmYxOWFiZjJm NmM3M2IwHhcNMjYwMTAyMTgyMTUzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxOGNkOTYyNGRmN2Y3YjMwNzhiODkwNGFhZmEyOGMwZmUwNTdjNjk1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3ZCDKHUaaIVpGkBHmg26cFnyo4N7 25sGjwr6Mgq63uFKmoX5t6TfMZre+0SZ3MB2BKb+JWXlqz8qd7/x+d51Jsnm2Xct VEQ3SGKWlGtTQGr0dD719bT4T3jrcI94hVVxIrxDsEjBNf8hKP8ueEQthk3qQC55 M9nh9NTKLKE59xk2BmlGNGJBCnJG7LjuDnX/gt98zdGaFTNAmKNPOvKBwN4lvMCT BjipJ8Xz4DD9f4CCf5Tsb+ae9zMobNrMDtn1iCsxOPMJrOok3T/UnSh6YZqEs+GV TKJSoMcHHGFHOZ2vkBuK8oZmVnq+NGUrgHfyLcLHRuvJmSvFTC9OfxRF5wIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFBjNliTff3sweLiQSq+ijA/gV8aVMB8GA1UdIwQY MBaAFESvS3YxJoDp1Aojs8ovGavy9sc7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUks5TGRqRW1nT25VQ2lPenlpOFpxX0wyeHpzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi82ODVhYTEtZWYyMi00OGE1LWI3MGEt NWVhOGY1M2FiNDkxLzEvR00yV0pOOV9lekI0dUpCS3I2S01ELUJYeHBVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jZi82ODVhYTEtZWYyMi00OGE1LWI3MGEtNWVhOGY1M2FiNDkx LzEvUks5TGRqRW1nT25VQ2lPenlpOFpxX0wyeHpzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuUZgAwQA uUZjMA0GCSqGSIb3DQEBCwUAA4IBAQAWQPcwYgmS1rYDXWbRRDhDKBUtLzQ1IWcG ihfjvTN8JnBvqFwd/JABg5ThEFZbhQ/eWRVEu49QNB8/U5JtWc22lbPsJgUsxVBC bjS/om5zUZYLtFvXOSPAsRsRYEql90/Cbs+AANj76YluVD9JMA23ehoop74LKRzI FKh4cmSnC0O7DJE8yVEKAKvxBLUV+9JkrCHunRMz+vWA3QypT4+T/gyxb4JOtrD/ rC//9VZs+LNGLrKh4qur/MrSq1yLpqn+CCaEMjNVyKDxVZcQRtSf2XUDFvpNbeX4 hfv6h56EL1jyHs1LHW195B8AgTYmqwc4oXEYQiBayCGzFuMtNQIL -----END CERTIFICATE-----Generated at Sun Jan 25 20:48:19 2026 by rpki-client