This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/0c9b54-130a-499a-bf9f-7610aabaa274/1/GhRfbSGe51z6Jb6sfbK_5O7-fIw.roa File: GhRfbSGe51z6Jb6sfbK_5O7-fIw.roa (raw, json) Hash identifier: iRqtkY5Ddgt99U2md8cn4+ApKi05lHDrF49d41JL04g= Subject key identifier: 1A:14:5F:6D:21:9E:E7:5C:FA:25:BE:AC:7D:B2:BF:E4:EE:FE:7C:8C Certificate issuer: /CN=725c0c7111e2f57fcaf8113a42e556e882dd5c4b Certificate serial: 019B7AC88BC00A27F6EDDEA29521BC48E063 Authority key identifier: 72:5C:0C:71:11:E2:F5:7F:CA:F8:11:3A:42:E5:56:E8:82:DD:5C:4B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/clwMcRHi9X_K-BE6QuVW6ILdXEs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/0c9b54-130a-499a-bf9f-7610aabaa274/1/GhRfbSGe51z6Jb6sfbK_5O7-fIw.roa Signing time: Thu 01 Jan 2026 18:18:41 +0000 ROA not before: Thu 01 Jan 2026 18:18:41 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 212726 IP address blocks: 185.242.12.0/24 maxlen: 24 185.242.13.0/24 maxlen: 24 185.242.14.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/0c9b54-130a-499a-bf9f-7610aabaa274/1/clwMcRHi9X_K-BE6QuVW6ILdXEs.crl rsync://rpki.ripe.net/repository/DEFAULT/d1/0c9b54-130a-499a-bf9f-7610aabaa274/1/clwMcRHi9X_K-BE6QuVW6ILdXEs.mft rsync://rpki.ripe.net/repository/DEFAULT/clwMcRHi9X_K-BE6QuVW6ILdXEs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:c8:8b:c0:0a:27:f6:ed:de:a2:95:21:bc:48:e0:63 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=725c0c7111e2f57fcaf8113a42e556e882dd5c4b Validity Not Before: Jan 1 18:18:41 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=1a145f6d219ee75cfa25beac7db2bfe4eefe7c8c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:68:63:e1:6c:af:cd:bb:20:32:e2:be:ed:b4: ed:55:0d:e7:7e:f4:55:08:31:f8:ee:44:c9:c8:35: 2c:ae:fa:ab:e1:a6:02:85:e0:89:4e:e1:52:bc:c3: 3e:94:ab:37:ac:64:84:7e:73:39:28:3c:ce:78:fb: e9:44:46:8f:a0:de:b8:17:21:3f:be:7b:69:11:1a: e6:b8:ae:f0:3a:d6:09:c0:76:2e:a2:c0:03:16:b5: e7:7e:8f:74:f1:b6:1f:9c:17:d3:2c:3f:a6:8a:9a: 5b:71:44:5f:d1:95:ea:1d:e9:90:1c:81:b4:12:ef: 32:74:72:ed:3f:11:e4:22:c8:99:98:53:73:45:9a: 55:ab:bd:27:5e:98:1d:33:ee:22:4a:43:2c:f9:3a: 5f:56:63:29:73:ae:76:5e:b4:ea:bd:a8:a3:5b:49: 23:45:fe:f5:6d:48:7a:03:a4:e7:5d:12:82:51:a5: 85:b2:5c:83:ed:22:59:ac:79:e5:a1:0e:a2:b1:f8: e4:53:81:25:5c:6d:05:96:74:30:7d:15:4a:92:d8: ed:47:a1:90:d1:3f:9e:a6:fa:b8:14:b0:84:26:e6: 2b:b2:93:11:08:44:58:af:dc:9f:ec:3b:c5:8b:e9: a2:c7:b2:28:7a:18:26:d7:da:af:4b:11:8a:18:b2: 32:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1A:14:5F:6D:21:9E:E7:5C:FA:25:BE:AC:7D:B2:BF:E4:EE:FE:7C:8C X509v3 Authority Key Identifier: keyid:72:5C:0C:71:11:E2:F5:7F:CA:F8:11:3A:42:E5:56:E8:82:DD:5C:4B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/clwMcRHi9X_K-BE6QuVW6ILdXEs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/0c9b54-130a-499a-bf9f-7610aabaa274/1/GhRfbSGe51z6Jb6sfbK_5O7-fIw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/0c9b54-130a-499a-bf9f-7610aabaa274/1/clwMcRHi9X_K-BE6QuVW6ILdXEs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.242.12.0-185.242.14.255 Signature Algorithm: sha256WithRSAEncryption 62:32:03:f8:5d:81:3f:9b:49:cd:3d:c2:0c:54:89:1a:18:67: 8b:6e:7b:a5:81:c2:8d:6b:0a:8d:49:b0:30:dd:05:e7:7d:ae: 8c:d1:ba:24:ca:f1:6a:20:ce:7e:bb:43:a4:af:f9:2d:38:ed: 33:58:08:b3:a5:92:43:d9:02:c3:6c:81:36:3f:53:e7:e8:05: 28:c1:b8:98:1e:28:82:c8:d7:8e:5a:3c:33:36:e3:1f:fc:be: 0c:31:c2:e1:83:52:ae:a6:66:16:db:87:57:7d:0b:70:f5:da: 15:88:e0:e6:83:09:16:06:be:72:f5:e5:01:05:36:09:f1:53: a2:3a:03:6d:b4:01:c2:3e:71:04:a6:66:13:fb:4a:6f:ad:63: da:b1:48:4f:15:07:07:49:0c:bb:60:ff:11:37:fd:03:51:a0: d6:8e:e3:f4:88:1d:c2:90:16:27:ba:2c:71:34:51:eb:b4:1c: 45:aa:d0:d5:28:b3:3a:25:5c:fd:20:bc:d0:96:0f:0a:23:62: 82:50:2f:f4:c6:81:12:ca:67:6b:45:65:56:48:d4:23:b4:30: 3c:12:8c:4b:80:80:ea:6f:c0:05:df:06:5f:5a:1d:36:ed:fa: 89:94:b3:b7:11:68:8c:d1:8a:89:3e:7e:4b:fa:94:2f:b3:cf: 2b:c7:0e:48 -----BEGIN CERTIFICATE----- MIIFBTCCA+2gAwIBAgISAZt6yIvACif27d6ilSG8SOBjMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDcyNWMwYzcxMTFlMmY1N2ZjYWY4MTEzYTQyZTU1NmU4ODJk ZDVjNGIwHhcNMjYwMTAxMTgxODQxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxYTE0NWY2ZDIxOWVlNzVjZmEyNWJlYWM3ZGIyYmZlNGVlZmU3YzhjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuGhj4WyvzbsgMuK+7bTtVQ3nfvRV CDH47kTJyDUsrvqr4aYCheCJTuFSvMM+lKs3rGSEfnM5KDzOePvpREaPoN64FyE/ vntpERrmuK7wOtYJwHYuosADFrXnfo908bYfnBfTLD+mippbcURf0ZXqHemQHIG0 Eu8ydHLtPxHkIsiZmFNzRZpVq70nXpgdM+4iSkMs+TpfVmMpc652XrTqvaijW0kj Rf71bUh6A6TnXRKCUaWFslyD7SJZrHnloQ6isfjkU4ElXG0FlnQwfRVKktjtR6GQ 0T+epvq4FLCEJuYrspMRCERYr9yf7DvFi+mix7Ioehgm19qvSxGKGLIyQQIDAQAB o4ICETCCAg0wHQYDVR0OBBYEFBoUX20hnudc+iW+rH2yv+Tu/nyMMB8GA1UdIwQY MBaAFHJcDHER4vV/yvgROkLlVuiC3VxLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvY2x3TWNSSGk5WF9LLUJFNlF1Vlc2SUxkWEVzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS8wYzliNTQtMTMwYS00OTlhLWJmOWYt NzYxMGFhYmFhMjc0LzEvR2hSZmJTR2U1MXo2SmI2c2ZiS181TzctZkl3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMS8wYzliNTQtMTMwYS00OTlhLWJmOWYtNzYxMGFhYmFhMjc0 LzEvY2x3TWNSSGk5WF9LLUJFNlF1Vlc2SUxkWEVzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAK58gwD BAC58g4wDQYJKoZIhvcNAQELBQADggEBAGIyA/hdgT+bSc09wgxUiRoYZ4tue6WB wo1rCo1JsDDdBed9rozRuiTK8Wogzn67Q6Sv+S047TNYCLOlkkPZAsNsgTY/U+fo BSjBuJgeKILI145aPDM24x/8vgwxwuGDUq6mZhbbh1d9C3D12hWI4OaDCRYGvnL1 5QEFNgnxU6I6A220AcI+cQSmZhP7Sm+tY9qxSE8VBwdJDLtg/xE3/QNRoNaO4/SI HcKQFie6LHE0Ueu0HEWq0NUoszolXP0gvNCWDwojYoJQL/TGgRLKZ2tFZVZI1CO0 MDwSjEuAgOpvwAXfBl9aHTbt+omUs7cRaIzRiok+fkv6lC+zzyvHDkg= -----END CERTIFICATE-----Generated at Sun Jan 25 21:28:51 2026 by rpki-client