This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/bacac0-57db-4347-8c87-89b5b67b7234/1/gCqXuZrqazYHb5kcpJpbMQpRYJc.roa File: gCqXuZrqazYHb5kcpJpbMQpRYJc.roa (raw, json) Hash identifier: afhnnfClxh2r1d+F2XrqQwP8OSJVvFHinxzsW7B2Ix0= Subject key identifier: 80:2A:97:B9:9A:EA:6B:36:07:6F:99:1C:A4:9A:5B:31:0A:51:60:97 Certificate issuer: /CN=5acf902c6280eb5feaf675c98989d05cd1574411 Certificate serial: 019B77C7059ED6D6A0A908B114CBBD263ABA Authority key identifier: 5A:CF:90:2C:62:80:EB:5F:EA:F6:75:C9:89:89:D0:5C:D1:57:44:11 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ws-QLGKA61_q9nXJiYnQXNFXRBE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/bacac0-57db-4347-8c87-89b5b67b7234/1/gCqXuZrqazYHb5kcpJpbMQpRYJc.roa Signing time: Thu 01 Jan 2026 04:18:10 +0000 ROA not before: Thu 01 Jan 2026 04:18:10 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 30937 IP address blocks: 91.232.71.0/24 maxlen: 24 185.4.244.0/22 maxlen: 22 188.208.218.0/24 maxlen: 24 193.16.216.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d2/bacac0-57db-4347-8c87-89b5b67b7234/1/Ws-QLGKA61_q9nXJiYnQXNFXRBE.crl rsync://rpki.ripe.net/repository/DEFAULT/d2/bacac0-57db-4347-8c87-89b5b67b7234/1/Ws-QLGKA61_q9nXJiYnQXNFXRBE.mft rsync://rpki.ripe.net/repository/DEFAULT/Ws-QLGKA61_q9nXJiYnQXNFXRBE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c7:05:9e:d6:d6:a0:a9:08:b1:14:cb:bd:26:3a:ba Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5acf902c6280eb5feaf675c98989d05cd1574411 Validity Not Before: Jan 1 04:18:10 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=802a97b99aea6b36076f991ca49a5b310a516097 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:5f:26:b0:4d:80:99:13:2b:cc:f9:a4:48:1f: 9f:79:db:03:35:7e:f1:65:99:07:6a:64:ac:d2:e6: 40:10:8b:46:84:a4:08:62:af:92:9b:39:10:22:31: c4:14:34:7a:64:5a:b9:34:cd:69:bd:ae:3e:32:0e: 50:de:b1:9f:fa:20:f0:16:50:eb:b4:57:59:48:a8: a6:07:cc:f6:9e:91:b9:6e:23:a9:84:48:52:5c:ff: 74:af:86:f6:67:d6:a1:ff:ad:c5:d8:63:fb:fe:e8: 1c:3a:bd:dc:f0:f0:03:da:b8:0d:e2:87:07:38:df: d0:85:48:e0:43:35:f8:1b:d5:39:25:b6:0b:51:af: ee:c0:d1:e6:44:52:5c:cf:79:74:5a:7a:84:b6:ef: cc:b9:c9:bb:8d:23:5d:c1:9b:bc:d9:2d:2f:72:ae: 70:fe:3a:28:41:55:18:bf:a9:79:f0:3a:9f:ab:5a: 6a:32:9e:eb:40:2d:ea:c6:d5:8b:6d:50:32:29:7d: 0b:59:f0:fb:29:24:2b:e9:e3:df:00:7b:93:15:ef: 6e:c5:9f:f7:2b:64:8a:2c:aa:d5:6b:a3:90:8b:d4: bf:7f:b7:f4:43:8e:cf:4e:18:3d:06:0e:bf:be:eb: a5:01:69:75:e7:02:29:dc:73:53:4f:75:e6:71:30: 2e:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 80:2A:97:B9:9A:EA:6B:36:07:6F:99:1C:A4:9A:5B:31:0A:51:60:97 X509v3 Authority Key Identifier: keyid:5A:CF:90:2C:62:80:EB:5F:EA:F6:75:C9:89:89:D0:5C:D1:57:44:11 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ws-QLGKA61_q9nXJiYnQXNFXRBE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/bacac0-57db-4347-8c87-89b5b67b7234/1/gCqXuZrqazYHb5kcpJpbMQpRYJc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/bacac0-57db-4347-8c87-89b5b67b7234/1/Ws-QLGKA61_q9nXJiYnQXNFXRBE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.232.71.0/24 185.4.244.0/22 188.208.218.0/24 193.16.216.0/24 Signature Algorithm: sha256WithRSAEncryption 29:09:f9:1e:84:54:dd:b7:dc:5f:76:63:92:58:94:d4:6e:86: 6f:11:8b:0f:69:be:69:d4:08:4a:b0:48:f6:01:49:4a:d4:ae: 3b:95:2e:30:6b:3c:be:00:7d:bd:28:28:c5:d0:09:cb:10:03: ad:63:e6:88:16:e2:6b:1b:6f:61:0e:d0:82:9e:40:98:52:d0: 65:3b:1e:6e:80:b5:94:a7:71:19:7e:44:5e:2a:f9:fb:92:d9: 6c:28:1a:79:2a:29:81:b5:d6:d7:7c:9e:5e:73:81:71:a7:81: 68:70:90:93:1c:be:03:3d:bc:dd:bb:0f:d1:ec:66:06:84:ec: c7:04:77:b4:f7:92:9d:d8:00:c8:f1:0f:5a:a5:13:02:24:e2: bb:da:38:b2:6a:a2:74:22:07:97:f9:b8:09:84:fe:dd:af:82: 30:fc:c2:a0:b4:1d:24:5e:53:67:d7:1e:fd:1b:17:46:16:82: 79:88:b5:37:c9:27:62:cb:80:3b:9e:c3:a9:10:76:83:b5:1c: 4e:14:4f:af:58:72:9b:b0:de:8c:0e:dc:c4:a2:56:02:9f:ba: cc:2e:6c:4b:c9:a5:bd:9a:0d:a6:5d:51:97:5c:d2:ab:4b:67: bf:51:8b:0d:69:a4:12:76:76:a5:b5:a2:87:ce:b6:b7:1b:c6: ae:a3:6e:1e -----BEGIN CERTIFICATE----- MIIFDzCCA/egAwIBAgISAZt3xwWe1tagqQixFMu9Jjq6MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVhY2Y5MDJjNjI4MGViNWZlYWY2NzVjOTg5ODlkMDVjZDE1 NzQ0MTEwHhcNMjYwMTAxMDQxODEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4MDJhOTdiOTlhZWE2YjM2MDc2Zjk5MWNhNDlhNWIzMTBhNTE2MDk3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyl8msE2AmRMrzPmkSB+fedsDNX7x ZZkHamSs0uZAEItGhKQIYq+SmzkQIjHEFDR6ZFq5NM1pva4+Mg5Q3rGf+iDwFlDr tFdZSKimB8z2npG5biOphEhSXP90r4b2Z9ah/63F2GP7/ugcOr3c8PAD2rgN4ocH ON/QhUjgQzX4G9U5JbYLUa/uwNHmRFJcz3l0WnqEtu/Mucm7jSNdwZu82S0vcq5w /jooQVUYv6l58Dqfq1pqMp7rQC3qxtWLbVAyKX0LWfD7KSQr6ePfAHuTFe9uxZ/3 K2SKLKrVa6OQi9S/f7f0Q47PThg9Bg6/vuulAWl15wIp3HNTT3XmcTAuhwIDAQAB o4ICGzCCAhcwHQYDVR0OBBYEFIAql7ma6ms2B2+ZHKSaWzEKUWCXMB8GA1UdIwQY MBaAFFrPkCxigOtf6vZ1yYmJ0FzRV0QRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvV3MtUUxHS0E2MV9xOW5YSmlZblFYTkZYUkJFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi9iYWNhYzAtNTdkYi00MzQ3LThjODct ODliNWI2N2I3MjM0LzEvZ0NxWHVacnFhellIYjVrY3BKcGJNUXBSWUpjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMi9iYWNhYzAtNTdkYi00MzQ3LThjODctODliNWI2N2I3MjM0 LzEvV3MtUUxHS0E2MV9xOW5YSmlZblFYTkZYUkJFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAW+hHAwQC uQT0AwQAvNDaAwQAwRDYMA0GCSqGSIb3DQEBCwUAA4IBAQApCfkehFTdt9xfdmOS WJTUboZvEYsPab5p1AhKsEj2AUlK1K47lS4wazy+AH29KCjF0AnLEAOtY+aIFuJr G29hDtCCnkCYUtBlOx5ugLWUp3EZfkReKvn7ktlsKBp5KimBtdbXfJ5ec4Fxp4Fo cJCTHL4DPbzduw/R7GYGhOzHBHe095Kd2ADI8Q9apRMCJOK72jiyaqJ0IgeX+bgJ hP7dr4Iw/MKgtB0kXlNn1x79GxdGFoJ5iLU3ySdiy4A7nsOpEHaDtRxOFE+vWHKb sN6MDtzEolYCn7rMLmxLyaW9mg2mXVGXXNKrS2e/UYsNaaQSdnaltaKHzra3G8au o24e -----END CERTIFICATE-----Generated at Sun Jan 25 17:47:00 2026 by rpki-client