This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/b3987a-4504-4749-9d73-df572fe9672a/1/GYZtGu5A6w6f_D9QSqwvacnqffU.roa File: GYZtGu5A6w6f_D9QSqwvacnqffU.roa (raw, json) Hash identifier: k+vGwyv3QPG/+s72nT5RSbpgXn+mZD4c8cr8T4ADKms= Subject key identifier: 19:86:6D:1A:EE:40:EB:0E:9F:FC:3F:50:4A:AC:2F:69:C9:EA:7D:F5 Certificate issuer: /CN=dbb396dfa951ec4157f211e5ed740ed97e1b0f3f Certificate serial: 019B7758A5282C611F85266723611D62663D Authority key identifier: DB:B3:96:DF:A9:51:EC:41:57:F2:11:E5:ED:74:0E:D9:7E:1B:0F:3F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/27OW36lR7EFX8hHl7XQO2X4bDz8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/b3987a-4504-4749-9d73-df572fe9672a/1/GYZtGu5A6w6f_D9QSqwvacnqffU.roa Signing time: Thu 01 Jan 2026 02:17:36 +0000 ROA not before: Thu 01 Jan 2026 02:17:36 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 201380 IP address blocks: 2a10:59c0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e9/b3987a-4504-4749-9d73-df572fe9672a/1/27OW36lR7EFX8hHl7XQO2X4bDz8.crl rsync://rpki.ripe.net/repository/DEFAULT/e9/b3987a-4504-4749-9d73-df572fe9672a/1/27OW36lR7EFX8hHl7XQO2X4bDz8.mft rsync://rpki.ripe.net/repository/DEFAULT/27OW36lR7EFX8hHl7XQO2X4bDz8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 14:00:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:58:a5:28:2c:61:1f:85:26:67:23:61:1d:62:66:3d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dbb396dfa951ec4157f211e5ed740ed97e1b0f3f Validity Not Before: Jan 1 02:17:36 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=19866d1aee40eb0e9ffc3f504aac2f69c9ea7df5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:07:89:03:b1:04:7d:a4:83:bf:a1:e6:a0:37: 56:e6:a2:48:9a:eb:02:5a:ed:a0:65:ab:31:a2:e8: 65:8c:8c:d1:af:59:39:7b:bb:80:b3:c6:df:b8:bc: c8:a8:e7:db:e5:63:63:dc:f1:ad:37:18:d4:98:8d: 98:ae:36:fa:51:66:64:12:0b:a0:32:0a:25:6d:45: 25:43:c7:10:f3:18:2c:03:82:09:df:1e:e5:97:e8: 06:94:76:02:d6:fb:40:cf:99:a2:42:e0:7b:12:82: 30:2d:c6:ff:c6:fc:4a:80:41:77:fe:e7:84:c0:3f: 5a:8c:45:10:7d:5d:75:97:fd:bf:3d:5e:c1:f0:3e: 0d:79:cc:5d:d8:4e:b5:ed:a3:6c:0f:f4:dd:27:b5: 3e:53:04:af:0f:58:25:2b:36:7a:d4:9f:8f:8b:a3: e2:91:5e:cc:ce:5a:83:cd:2c:b9:1b:b1:b4:91:b3: 1f:5b:3f:5d:f6:7e:02:6a:82:16:f5:46:0b:7d:ba: 0e:58:07:77:4b:fc:90:2d:ec:66:45:b3:f4:25:27: 36:fd:f2:0e:da:00:8d:25:a4:39:5c:8f:26:49:78: a3:b5:ac:14:e1:cb:5c:1f:ae:78:10:28:6c:ad:00: 03:e7:26:72:48:7b:b6:20:7d:94:c7:ac:37:f5:f4: b9:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 19:86:6D:1A:EE:40:EB:0E:9F:FC:3F:50:4A:AC:2F:69:C9:EA:7D:F5 X509v3 Authority Key Identifier: keyid:DB:B3:96:DF:A9:51:EC:41:57:F2:11:E5:ED:74:0E:D9:7E:1B:0F:3F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/27OW36lR7EFX8hHl7XQO2X4bDz8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/b3987a-4504-4749-9d73-df572fe9672a/1/GYZtGu5A6w6f_D9QSqwvacnqffU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/b3987a-4504-4749-9d73-df572fe9672a/1/27OW36lR7EFX8hHl7XQO2X4bDz8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a10:59c0::/32 Signature Algorithm: sha256WithRSAEncryption 74:10:59:12:7a:d6:8a:ed:09:51:9c:8a:a2:c7:73:2f:00:2a: 83:39:93:e8:2e:63:9d:6e:4c:8c:69:79:fa:18:d9:d9:0e:60: da:77:ac:3c:39:6a:1c:00:cd:d7:20:f9:8d:46:17:fc:7d:6a: db:c3:1e:f4:b1:09:4f:91:ea:e0:d5:11:04:f1:ee:d3:d8:6c: 5b:57:c3:6b:56:5d:f5:2e:c3:a0:27:cc:8d:88:f5:16:98:56: 74:6d:4c:72:42:d2:3b:59:1d:30:6a:c6:55:6d:d4:b1:f7:67: 77:30:2e:0e:2f:2c:82:95:37:2c:78:e5:ae:20:6e:f6:c0:8d: 06:71:05:c1:28:b7:ee:9a:ca:4f:e7:91:b7:16:91:b6:43:22: 0d:68:cd:fe:36:d3:8c:f0:48:1a:b6:64:15:5c:42:2d:e6:5a: 89:d2:9e:42:49:f4:de:60:e0:f1:d3:a9:be:11:3c:d0:a6:d8: 66:70:a4:a4:a0:e8:d5:97:27:50:e1:1a:8d:f6:85:eb:64:c8: 6d:b8:0d:b7:47:46:80:1f:75:9f:e4:5c:e0:27:6e:9d:b6:62: ce:7f:a3:c4:bd:70:f8:2a:1c:da:64:f2:6b:8b:6e:46:71:4d: fd:d8:ed:ad:96:37:5a:19:39:85:07:ea:e5:12:94:92:4a:69: ae:5b:a7:9e -----BEGIN CERTIFICATE----- MIIE/jCCA+agAwIBAgISAZt3WKUoLGEfhSZnI2EdYmY9MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRiYjM5NmRmYTk1MWVjNDE1N2YyMTFlNWVkNzQwZWQ5N2Ux YjBmM2YwHhcNMjYwMTAxMDIxNzM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxOTg2NmQxYWVlNDBlYjBlOWZmYzNmNTA0YWFjMmY2OWM5ZWE3ZGY1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAngeJA7EEfaSDv6HmoDdW5qJImusC Wu2gZasxouhljIzRr1k5e7uAs8bfuLzIqOfb5WNj3PGtNxjUmI2Yrjb6UWZkEgug MgolbUUlQ8cQ8xgsA4IJ3x7ll+gGlHYC1vtAz5miQuB7EoIwLcb/xvxKgEF3/ueE wD9ajEUQfV11l/2/PV7B8D4Necxd2E617aNsD/TdJ7U+UwSvD1glKzZ61J+Pi6Pi kV7MzlqDzSy5G7G0kbMfWz9d9n4CaoIW9UYLfboOWAd3S/yQLexmRbP0JSc2/fIO 2gCNJaQ5XI8mSXijtawU4ctcH654EChsrQAD5yZySHu2IH2Ux6w39fS5kQIDAQAB o4ICCjCCAgYwHQYDVR0OBBYEFBmGbRruQOsOn/w/UEqsL2nJ6n31MB8GA1UdIwQY MBaAFNuzlt+pUexBV/IR5e10Dtl+Gw8/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMjdPVzM2bFI3RUZYOGhIbDdYUU8yWDRiRHo4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS9iMzk4N2EtNDUwNC00NzQ5LTlkNzMt ZGY1NzJmZTk2NzJhLzEvR1ladEd1NUE2dzZmX0Q5UVNxd3ZhY25xZmZVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lOS9iMzk4N2EtNDUwNC00NzQ5LTlkNzMtZGY1NzJmZTk2NzJh LzEvMjdPVzM2bFI3RUZYOGhIbDdYUU8yWDRiRHo4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhBZwDAN BgkqhkiG9w0BAQsFAAOCAQEAdBBZEnrWiu0JUZyKosdzLwAqgzmT6C5jnW5MjGl5 +hjZ2Q5g2nesPDlqHADN1yD5jUYX/H1q28Me9LEJT5Hq4NURBPHu09hsW1fDa1Zd 9S7DoCfMjYj1FphWdG1MckLSO1kdMGrGVW3UsfdndzAuDi8sgpU3LHjlriBu9sCN BnEFwSi37prKT+eRtxaRtkMiDWjN/jbTjPBIGrZkFVxCLeZaidKeQkn03mDg8dOp vhE80KbYZnCkpKDo1ZcnUOEajfaF62TIbbgNt0dGgB91n+Rc4CdunbZizn+jxL1w +Coc2mTya4tuRnFN/djtrZY3Whk5hQfq5RKUkkpprlunng== -----END CERTIFICATE-----Generated at Mon Jan 26 18:55:27 2026 by rpki-client