This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/df9096-36c9-439a-a0a0-a3a100ef86de/1/g0-HGh4bznaFgiFX5KCpF3Q8z70.roa File: g0-HGh4bznaFgiFX5KCpF3Q8z70.roa (raw, json) Hash identifier: kuqsXcay0qN76iKLs/AKqPrHvwfsG46t73MVLxZfYe0= Subject key identifier: 83:4F:87:1A:1E:1B:CE:76:85:82:21:57:E4:A0:A9:17:74:3C:CF:BD Certificate issuer: /CN=a023766c62deb51297155708eccb421c8b04780a Certificate serial: 019B7DC9F083A9A3FC641C9F3EE08F424BBD Authority key identifier: A0:23:76:6C:62:DE:B5:12:97:15:57:08:EC:CB:42:1C:8B:04:78:0A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oCN2bGLetRKXFVcI7MtCHIsEeAo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/df9096-36c9-439a-a0a0-a3a100ef86de/1/g0-HGh4bznaFgiFX5KCpF3Q8z70.roa Signing time: Fri 02 Jan 2026 08:19:04 +0000 ROA not before: Fri 02 Jan 2026 08:19:04 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 207784 IP address blocks: 195.144.27.0/24 maxlen: 24 195.149.67.0/24 maxlen: 24 195.149.67.248/30 maxlen: 30 195.149.73.0/24 maxlen: 24 195.149.90.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/df9096-36c9-439a-a0a0-a3a100ef86de/1/oCN2bGLetRKXFVcI7MtCHIsEeAo.crl rsync://rpki.ripe.net/repository/DEFAULT/dc/df9096-36c9-439a-a0a0-a3a100ef86de/1/oCN2bGLetRKXFVcI7MtCHIsEeAo.mft rsync://rpki.ripe.net/repository/DEFAULT/oCN2bGLetRKXFVcI7MtCHIsEeAo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:c9:f0:83:a9:a3:fc:64:1c:9f:3e:e0:8f:42:4b:bd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a023766c62deb51297155708eccb421c8b04780a Validity Not Before: Jan 2 08:19:04 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=834f871a1e1bce7685822157e4a0a917743ccfbd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:d2:ba:d0:5d:55:b3:8b:76:3d:11:a3:a7:43: 33:a8:10:09:d2:0e:7f:6f:e0:06:60:58:21:6c:21: 64:1e:70:48:d8:13:90:cf:9d:9d:a0:26:29:12:7d: 8a:0c:e6:f2:8e:36:c6:81:ca:43:37:40:99:b0:34: 11:fa:b6:fc:45:a4:af:de:0a:5b:8d:05:f4:d1:9b: aa:01:d5:da:e0:b7:e7:78:99:b5:6e:47:b6:2a:47: 5a:dd:cc:5e:7a:26:32:01:b1:84:c2:7a:12:c5:58: 2d:bf:5c:57:b2:18:e7:7d:29:5a:bd:3e:d8:7d:c5: f5:f0:da:90:e1:ed:9c:ff:86:16:da:5c:67:cb:00: c2:6f:fe:d0:32:a2:1e:fe:d2:20:bf:9d:7f:d7:d1: 59:61:fc:3d:8f:1c:7d:df:6c:4c:37:b9:72:1f:b4: 5b:94:37:4c:7a:da:9d:d1:86:1a:19:65:04:ec:0f: 8d:31:55:d9:95:f3:4d:61:22:d6:56:91:ae:9a:1a: 3b:17:59:d3:f5:d0:b6:ab:f3:15:96:27:4e:f9:d5: e3:47:41:52:1f:30:42:87:22:3e:f6:78:f7:b0:80: 14:d8:60:69:dd:c4:98:bc:34:b4:99:bf:02:3a:51: 56:64:e2:ef:f1:af:00:c7:6d:74:27:e9:53:51:50: 29:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 83:4F:87:1A:1E:1B:CE:76:85:82:21:57:E4:A0:A9:17:74:3C:CF:BD X509v3 Authority Key Identifier: keyid:A0:23:76:6C:62:DE:B5:12:97:15:57:08:EC:CB:42:1C:8B:04:78:0A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oCN2bGLetRKXFVcI7MtCHIsEeAo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/df9096-36c9-439a-a0a0-a3a100ef86de/1/g0-HGh4bznaFgiFX5KCpF3Q8z70.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/df9096-36c9-439a-a0a0-a3a100ef86de/1/oCN2bGLetRKXFVcI7MtCHIsEeAo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 195.144.27.0/24 195.149.67.0/24 195.149.73.0/24 195.149.90.0/24 Signature Algorithm: sha256WithRSAEncryption 6c:fc:c5:98:57:43:86:3a:47:69:eb:2a:41:ca:9b:de:4c:c5: ee:b7:01:ce:4a:0a:f8:23:a5:c8:66:4b:fa:87:9a:07:c8:1f: 45:9e:96:b1:b6:57:65:55:e9:32:ed:3f:e5:e5:a5:8c:14:e6: 22:bd:0e:43:a9:f8:3e:24:4e:d7:ab:ae:bc:4f:2a:3a:51:ec: 25:4d:19:a3:29:86:ba:98:a2:de:97:6a:36:22:88:4d:40:7e: 6f:c1:61:75:07:09:44:70:15:53:59:65:1b:b6:0b:45:a9:27: 71:8e:67:e6:ea:f4:6d:d9:f1:0e:79:63:d4:f1:14:c9:c4:c9: ae:c9:78:87:f6:a1:f5:86:19:d2:21:ed:aa:80:5d:82:26:64: 26:02:ec:98:18:42:34:d3:ce:ba:19:db:b1:c0:b3:3a:39:07: ce:ea:4f:fa:43:b9:68:f4:40:be:73:97:49:93:21:bb:27:02: bd:b4:f3:f5:ae:4e:15:c3:22:99:12:57:6c:38:9d:16:6e:b0: be:96:d7:89:9a:03:39:ba:f1:8f:50:04:74:6f:3a:b4:c5:50: 6e:47:82:c6:60:0f:94:5c:2c:92:1d:4a:f5:59:68:e6:13:76: 70:2b:13:7b:14:b5:4f:3f:50:6b:3c:a6:a3:65:e5:b3:70:67: 04:c8:f7:6d -----BEGIN CERTIFICATE----- MIIFDzCCA/egAwIBAgISAZt9yfCDqaP8ZByfPuCPQku9MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEwMjM3NjZjNjJkZWI1MTI5NzE1NTcwOGVjY2I0MjFjOGIw NDc4MGEwHhcNMjYwMTAyMDgxOTA0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4MzRmODcxYTFlMWJjZTc2ODU4MjIxNTdlNGEwYTkxNzc0M2NjZmJkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq9K60F1Vs4t2PRGjp0MzqBAJ0g5/ b+AGYFghbCFkHnBI2BOQz52doCYpEn2KDObyjjbGgcpDN0CZsDQR+rb8RaSv3gpb jQX00ZuqAdXa4LfneJm1bke2Kkda3cxeeiYyAbGEwnoSxVgtv1xXshjnfSlavT7Y fcX18NqQ4e2c/4YW2lxnywDCb/7QMqIe/tIgv51/19FZYfw9jxx932xMN7lyH7Rb lDdMetqd0YYaGWUE7A+NMVXZlfNNYSLWVpGumho7F1nT9dC2q/MVlidO+dXjR0FS HzBChyI+9nj3sIAU2GBp3cSYvDS0mb8COlFWZOLv8a8Ax210J+lTUVApUwIDAQAB o4ICGzCCAhcwHQYDVR0OBBYEFINPhxoeG852hYIhV+SgqRd0PM+9MB8GA1UdIwQY MBaAFKAjdmxi3rUSlxVXCOzLQhyLBHgKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb0NOMmJHTGV0UktYRlZjSTdNdENISXNFZUFvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9kZjkwOTYtMzZjOS00MzlhLWEwYTAt YTNhMTAwZWY4NmRlLzEvZzAtSEdoNGJ6bmFGZ2lGWDVLQ3BGM1E4ejcwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kYy9kZjkwOTYtMzZjOS00MzlhLWEwYTAtYTNhMTAwZWY4NmRl LzEvb0NOMmJHTGV0UktYRlZjSTdNdENISXNFZUFvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAw5AbAwQA w5VDAwQAw5VJAwQAw5VaMA0GCSqGSIb3DQEBCwUAA4IBAQBs/MWYV0OGOkdp6ypB ypveTMXutwHOSgr4I6XIZkv6h5oHyB9FnpaxtldlVeky7T/l5aWMFOYivQ5Dqfg+ JE7Xq668Tyo6UewlTRmjKYa6mKLel2o2IohNQH5vwWF1BwlEcBVTWWUbtgtFqSdx jmfm6vRt2fEOeWPU8RTJxMmuyXiH9qH1hhnSIe2qgF2CJmQmAuyYGEI00866Gdux wLM6OQfO6k/6Q7lo9EC+c5dJkyG7JwK9tPP1rk4VwyKZEldsOJ0WbrC+lteJmgM5 uvGPUAR0bzq0xVBuR4LGYA+UXCySHUr1WWjmE3ZwKxN7FLVPP1BrPKajZeWzcGcE yPdt -----END CERTIFICATE-----Generated at Mon Jan 26 05:14:55 2026 by rpki-client