This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/2780ce-4f26-4b64-b7f1-90c999d35ed8/1/GQ44FZo45uadx5xa67VPxM3MWOc.roa File: GQ44FZo45uadx5xa67VPxM3MWOc.roa (raw, json) Hash identifier: uTq3D6bK0frbt9f5N6hf9Vhq6zN5k3gerfpDd5Jzok8= Subject key identifier: 19:0E:38:15:9A:38:E6:E6:9D:C7:9C:5A:EB:B5:4F:C4:CD:CC:58:E7 Certificate issuer: /CN=1a31dca887d8be606019d0a1593a16ffd39fd692 Certificate serial: 019B79EBFE84094200452B20DCFBEF0ED1DF Authority key identifier: 1A:31:DC:A8:87:D8:BE:60:60:19:D0:A1:59:3A:16:FF:D3:9F:D6:92 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GjHcqIfYvmBgGdChWToW_9Of1pI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/2780ce-4f26-4b64-b7f1-90c999d35ed8/1/GQ44FZo45uadx5xa67VPxM3MWOc.roa Signing time: Thu 01 Jan 2026 14:17:47 +0000 ROA not before: Thu 01 Jan 2026 14:17:47 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 14576 IP address blocks: 45.159.188.0/24 maxlen: 24 45.159.189.0/24 maxlen: 24 45.159.190.0/24 maxlen: 24 45.159.191.0/24 maxlen: 24 185.130.104.0/24 maxlen: 24 185.130.105.0/24 maxlen: 24 185.130.106.0/24 maxlen: 24 185.130.107.0/24 maxlen: 24 185.159.80.0/24 maxlen: 24 185.159.81.0/24 maxlen: 24 185.159.82.0/24 maxlen: 24 185.159.83.0/24 maxlen: 24 185.162.128.0/24 maxlen: 24 185.162.129.0/24 maxlen: 24 185.162.130.0/24 maxlen: 24 185.162.131.0/24 maxlen: 24 185.180.196.0/24 maxlen: 24 185.180.197.0/24 maxlen: 24 185.180.198.0/24 maxlen: 24 185.180.199.0/24 maxlen: 24 185.209.160.0/24 maxlen: 24 185.209.161.0/24 maxlen: 24 185.209.162.0/24 maxlen: 24 185.209.163.0/24 maxlen: 24 185.223.93.0/24 maxlen: 24 185.223.94.0/24 maxlen: 24 185.223.95.0/24 maxlen: 24 212.23.202.0/24 maxlen: 24 2a07:4dc0::/29 maxlen: 29 2a07:b400::/29 maxlen: 29 2a0b:2000::/29 maxlen: 29 2a0d:6800::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/2780ce-4f26-4b64-b7f1-90c999d35ed8/1/GjHcqIfYvmBgGdChWToW_9Of1pI.crl rsync://rpki.ripe.net/repository/DEFAULT/f1/2780ce-4f26-4b64-b7f1-90c999d35ed8/1/GjHcqIfYvmBgGdChWToW_9Of1pI.mft rsync://rpki.ripe.net/repository/DEFAULT/GjHcqIfYvmBgGdChWToW_9Of1pI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:eb:fe:84:09:42:00:45:2b:20:dc:fb:ef:0e:d1:df Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1a31dca887d8be606019d0a1593a16ffd39fd692 Validity Not Before: Jan 1 14:17:47 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=190e38159a38e6e69dc79c5aebb54fc4cdcc58e7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:be:df:96:79:b1:8c:ed:33:cd:40:6e:65:e7: e1:b1:41:14:70:5a:e9:fa:9f:5e:91:fc:2c:5f:18: 1c:49:f1:5d:90:9a:1b:e6:47:09:f8:7f:43:3c:ee: e2:ed:23:ab:cc:e0:f1:99:b4:b0:ef:4b:2a:55:66: 5d:99:af:0d:9a:e4:46:0f:96:10:af:51:56:73:64: 98:83:2b:02:92:9f:3c:75:6c:6b:03:18:e7:90:6b: cb:72:22:a6:e1:80:70:85:99:49:cb:53:bd:a2:d1: 86:bb:4c:8e:3e:e8:50:e1:7d:00:e5:f9:ae:81:72: fa:51:68:17:3e:69:6b:0d:12:0b:9d:c9:20:25:20: ca:12:13:19:bd:fa:fc:b6:07:93:4d:45:c1:60:89: bf:80:22:e2:cc:2d:78:dc:61:27:71:4d:7c:7b:20: e8:6b:3a:d8:40:8d:02:81:fb:5f:59:34:3a:7f:0d: 4b:0f:fa:36:74:b0:af:89:c3:b5:48:61:f1:7a:26: 06:9f:f5:22:03:21:12:50:f7:d1:f0:92:d9:c6:fd: c6:2f:26:7f:1d:31:9c:88:a0:2d:8b:1a:c2:16:44: 69:71:db:22:57:1e:e3:77:e2:4c:10:50:7c:6d:06: a1:8d:22:15:84:a0:4c:24:3f:2a:21:0d:ca:81:62: 95:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 19:0E:38:15:9A:38:E6:E6:9D:C7:9C:5A:EB:B5:4F:C4:CD:CC:58:E7 X509v3 Authority Key Identifier: keyid:1A:31:DC:A8:87:D8:BE:60:60:19:D0:A1:59:3A:16:FF:D3:9F:D6:92 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GjHcqIfYvmBgGdChWToW_9Of1pI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/2780ce-4f26-4b64-b7f1-90c999d35ed8/1/GQ44FZo45uadx5xa67VPxM3MWOc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/2780ce-4f26-4b64-b7f1-90c999d35ed8/1/GjHcqIfYvmBgGdChWToW_9Of1pI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.159.188.0/22 185.130.104.0/22 185.159.80.0/22 185.162.128.0/22 185.180.196.0/22 185.209.160.0/22 185.223.93.0-185.223.95.255 212.23.202.0/24 IPv6: 2a07:4dc0::/29 2a07:b400::/29 2a0b:2000::/29 2a0d:6800::/29 Signature Algorithm: sha256WithRSAEncryption 58:59:bd:76:57:7c:64:1e:ab:c0:14:8d:de:b4:56:1f:65:20: 77:24:81:96:8a:90:c7:60:2b:ec:a8:07:8a:1d:d0:f5:ca:ce: 76:b3:6a:f9:b2:96:36:d9:cc:27:2a:03:ef:1d:93:63:83:c7: aa:ac:fb:e4:6e:eb:da:2a:e0:93:3d:d7:3c:31:25:f0:e1:8f: 47:73:d7:26:fd:7c:d1:8c:a1:d7:bc:85:e8:3a:58:1d:0a:3a: 8b:14:b0:c9:97:20:6e:18:13:70:19:b4:c7:af:ce:e0:e5:3d: c6:25:16:fd:98:95:9b:43:c0:81:ab:44:71:03:fd:8c:1e:b1: c9:e2:21:14:b3:ed:fe:04:cf:c1:88:7b:74:29:ae:95:9a:82: c4:b2:7a:33:0a:b8:d5:0a:4a:06:c5:45:d4:c3:de:f2:6e:7d: ce:65:d7:1d:bf:0e:75:67:d8:e8:b6:ec:29:f5:de:91:40:d0: 03:07:e5:bc:ec:c7:fd:8a:b5:b5:3e:3f:7a:a6:0f:da:66:15: 21:d7:c0:9a:32:f4:7b:f5:60:bc:08:49:d0:8a:7c:98:04:b7: ac:27:ba:c8:cf:6a:5a:af:78:6c:c2:5c:fc:d0:ce:2d:88:0e: 22:b9:d6:fd:92:10:f0:e4:44:36:35:6f:2c:8e:04:50:13:46: 2a:13:e3:60 -----BEGIN CERTIFICATE----- MIIFUzCCBDugAwIBAgISAZt56/6ECUIARSsg3PvvDtHfMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFhMzFkY2E4ODdkOGJlNjA2MDE5ZDBhMTU5M2ExNmZmZDM5 ZmQ2OTIwHhcNMjYwMTAxMTQxNzQ3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxOTBlMzgxNTlhMzhlNmU2OWRjNzljNWFlYmI1NGZjNGNkY2M1OGU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApr7flnmxjO0zzUBuZefhsUEUcFrp +p9ekfwsXxgcSfFdkJob5kcJ+H9DPO7i7SOrzODxmbSw70sqVWZdma8NmuRGD5YQ r1FWc2SYgysCkp88dWxrAxjnkGvLciKm4YBwhZlJy1O9otGGu0yOPuhQ4X0A5fmu gXL6UWgXPmlrDRILnckgJSDKEhMZvfr8tgeTTUXBYIm/gCLizC143GEncU18eyDo azrYQI0CgftfWTQ6fw1LD/o2dLCvicO1SGHxeiYGn/UiAyESUPfR8JLZxv3GLyZ/ HTGciKAtixrCFkRpcdsiVx7jd+JMEFB8bQahjSIVhKBMJD8qIQ3KgWKVlQIDAQAB o4ICXzCCAlswHQYDVR0OBBYEFBkOOBWaOObmncecWuu1T8TNzFjnMB8GA1UdIwQY MBaAFBox3KiH2L5gYBnQoVk6Fv/Tn9aSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvR2pIY3FJZll2bUJnR2RDaFdUb1dfOU9mMXBJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS8yNzgwY2UtNGYyNi00YjY0LWI3ZjEt OTBjOTk5ZDM1ZWQ4LzEvR1E0NEZabzQ1dWFkeDV4YTY3VlB4TTNNV09jLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mMS8yNzgwY2UtNGYyNi00YjY0LWI3ZjEtOTBjOTk5ZDM1ZWQ4 LzEvR2pIY3FJZll2bUJnR2RDaFdUb1dfOU9mMXBJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDA+BAIAATA4AwQCLZ+8AwQC uYJoAwQCuZ9QAwQCuaKAAwQCubTEAwQCudGgMAwDBAC5310DBAW530ADBADUF8ow IgQCAAIwHAMFAyoHTcADBQMqB7QAAwUDKgsgAAMFAyoNaAAwDQYJKoZIhvcNAQEL BQADggEBAFhZvXZXfGQeq8AUjd60Vh9lIHckgZaKkMdgK+yoB4od0PXKznazavmy ljbZzCcqA+8dk2ODx6qs++Ru69oq4JM91zwxJfDhj0dz1yb9fNGMode8heg6WB0K OosUsMmXIG4YE3AZtMevzuDlPcYlFv2YlZtDwIGrRHED/YwescniIRSz7f4Ez8GI e3QprpWagsSyejMKuNUKSgbFRdTD3vJufc5l1x2/DnVn2Oi27Cn13pFA0AMH5bzs x/2KtbU+P3qmD9pmFSHXwJoy9Hv1YLwISdCKfJgEt6wnusjPalqveGzCXPzQzi2I DiK51v2SEPDkRDY1byyOBFATRioT42A= -----END CERTIFICATE-----Generated at Sun Jan 25 21:04:32 2026 by rpki-client