This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/065dba-eef9-480d-a880-9175c8408e5e/1/_GSS7SJcNRk5v2vKpj-91_QngG8.roa File: _GSS7SJcNRk5v2vKpj-91_QngG8.roa (raw, json) Hash identifier: WRLHRWQSGtnWOjdrbpDdHkWnLB1hXZNo4bQD6Y6g7rg= Subject key identifier: FC:64:92:ED:22:5C:35:19:39:BF:6B:CA:A6:3F:BD:D7:F4:27:80:6F Certificate issuer: /CN=7059e03a08e17416f66546307988349991b84a2e Certificate serial: 019B7E3753CCFB022CA007FA434064EAB7C7 Authority key identifier: 70:59:E0:3A:08:E1:74:16:F6:65:46:30:79:88:34:99:91:B8:4A:2E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cFngOgjhdBb2ZUYweYg0mZG4Si4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/065dba-eef9-480d-a880-9175c8408e5e/1/_GSS7SJcNRk5v2vKpj-91_QngG8.roa Signing time: Fri 02 Jan 2026 10:18:33 +0000 ROA not before: Fri 02 Jan 2026 10:18:33 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 42605 IP address blocks: 83.136.72.0/21 maxlen: 24 167.17.80.0/21 maxlen: 24 185.111.192.0/22 maxlen: 24 2a02:b28::/29 maxlen: 29 2a02:b28::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/05/065dba-eef9-480d-a880-9175c8408e5e/1/cFngOgjhdBb2ZUYweYg0mZG4Si4.crl rsync://rpki.ripe.net/repository/DEFAULT/05/065dba-eef9-480d-a880-9175c8408e5e/1/cFngOgjhdBb2ZUYweYg0mZG4Si4.mft rsync://rpki.ripe.net/repository/DEFAULT/cFngOgjhdBb2ZUYweYg0mZG4Si4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 21:05:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:37:53:cc:fb:02:2c:a0:07:fa:43:40:64:ea:b7:c7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7059e03a08e17416f66546307988349991b84a2e Validity Not Before: Jan 2 10:18:33 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=fc6492ed225c351939bf6bcaa63fbdd7f427806f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:a0:10:92:9c:10:e0:ab:4f:1e:44:e8:b4:4b: dc:4e:b4:f3:8d:a0:2e:45:fa:4f:cd:b3:06:7f:2b: 25:59:2e:23:de:71:e1:d9:f2:a7:43:5e:e6:14:46: 67:d1:e4:39:b9:90:1b:fe:61:f1:aa:f9:6a:24:8e: 9a:c9:4c:2a:dd:ef:da:d9:af:97:a4:e2:b6:d8:43: 69:a4:ca:02:27:2e:7e:ad:94:83:bc:eb:30:88:90: 3b:01:67:0d:97:2b:de:d1:63:7d:4b:03:e7:db:34: 0f:ef:fc:37:3b:98:94:5d:ac:09:b4:ea:6c:c1:4e: 9c:67:1d:c2:fd:28:26:bd:73:af:27:0f:c9:92:35: 18:93:4a:fc:de:09:5a:f6:36:00:01:a2:4a:a7:33: bc:93:13:21:83:7e:97:31:b8:dd:9d:ca:97:a8:d6: c1:17:bd:81:60:38:dc:74:dd:b7:34:e8:76:bd:de: 3f:3a:dc:68:6e:d5:ca:af:bc:43:27:ad:8c:f1:28: 95:3e:45:75:47:be:2b:9e:ab:c1:e3:0d:96:cd:10: 56:fe:f5:ef:c7:81:9f:36:d0:e0:9d:57:80:be:ce: 40:5e:b1:51:d9:d0:ca:57:1d:21:60:2c:36:aa:e5: 41:16:b5:46:44:e0:f5:93:71:a6:14:0c:b3:a2:3c: f5:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FC:64:92:ED:22:5C:35:19:39:BF:6B:CA:A6:3F:BD:D7:F4:27:80:6F X509v3 Authority Key Identifier: keyid:70:59:E0:3A:08:E1:74:16:F6:65:46:30:79:88:34:99:91:B8:4A:2E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cFngOgjhdBb2ZUYweYg0mZG4Si4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/065dba-eef9-480d-a880-9175c8408e5e/1/_GSS7SJcNRk5v2vKpj-91_QngG8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/05/065dba-eef9-480d-a880-9175c8408e5e/1/cFngOgjhdBb2ZUYweYg0mZG4Si4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 83.136.72.0/21 167.17.80.0/21 185.111.192.0/22 IPv6: 2a02:b28::/29 Signature Algorithm: sha256WithRSAEncryption 0d:5e:af:b3:93:4a:2c:18:22:5c:ed:bb:ef:68:2b:63:97:e1: d2:0b:67:10:24:71:f2:bc:f3:dc:9f:1e:6a:4f:3b:5a:ea:a5: b4:c5:34:81:cc:c6:94:9b:7a:2c:80:bf:12:a1:db:e1:8a:81: cc:36:5d:96:ef:2c:a8:52:c7:a7:db:34:a5:95:bd:73:9b:1e: 6c:84:d1:a5:bc:a7:37:13:b3:1d:91:0f:0f:bc:eb:f3:e4:e2: f6:4b:87:56:3d:d3:e7:b0:1c:09:22:eb:20:88:b1:72:78:6c: b9:10:c3:ba:96:2b:b3:14:9f:2e:41:22:24:4e:79:00:01:cb: 43:07:30:a2:e4:28:31:d7:db:b9:08:9e:92:29:8c:54:c0:d1: 0b:f1:91:77:99:f4:e6:a5:0c:70:8d:c4:bd:cd:f7:82:c5:2b: b4:1c:d6:a6:39:83:0a:62:b4:cb:17:21:2b:06:75:e7:b4:07: af:14:67:13:b6:06:12:31:8d:24:80:81:16:92:d3:dd:9b:ca: 91:5b:53:37:27:16:87:b2:b3:78:80:6b:49:5f:25:87:be:bd: 28:3c:1a:78:a5:69:1c:77:56:da:f6:cd:3a:99:e5:a5:d4:13: 2a:a3:5d:69:a1:d7:74:18:fa:af:78:90:66:78:33:44:9b:8e: 87:56:b7:0c -----BEGIN CERTIFICATE----- MIIFGDCCBACgAwIBAgISAZt+N1PM+wIsoAf6Q0Bk6rfHMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDcwNTllMDNhMDhlMTc0MTZmNjY1NDYzMDc5ODgzNDk5OTFi ODRhMmUwHhcNMjYwMTAyMTAxODMzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmYzY0OTJlZDIyNWMzNTE5MzliZjZiY2FhNjNmYmRkN2Y0Mjc4MDZmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq6AQkpwQ4KtPHkTotEvcTrTzjaAu RfpPzbMGfyslWS4j3nHh2fKnQ17mFEZn0eQ5uZAb/mHxqvlqJI6ayUwq3e/a2a+X pOK22ENppMoCJy5+rZSDvOswiJA7AWcNlyve0WN9SwPn2zQP7/w3O5iUXawJtOps wU6cZx3C/SgmvXOvJw/JkjUYk0r83gla9jYAAaJKpzO8kxMhg36XMbjdncqXqNbB F72BYDjcdN23NOh2vd4/OtxobtXKr7xDJ62M8SiVPkV1R74rnqvB4w2WzRBW/vXv x4GfNtDgnVeAvs5AXrFR2dDKVx0hYCw2quVBFrVGROD1k3GmFAyzojz15QIDAQAB o4ICJDCCAiAwHQYDVR0OBBYEFPxkku0iXDUZOb9ryqY/vdf0J4BvMB8GA1UdIwQY MBaAFHBZ4DoI4XQW9mVGMHmINJmRuEouMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvY0ZuZ09namhkQmIyWlVZd2VZZzBtWkc0U2k0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS8wNjVkYmEtZWVmOS00ODBkLWE4ODAt OTE3NWM4NDA4ZTVlLzEvX0dTUzdTSmNOUms1djJ2S3BqLTkxX1FuZ0c4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wNS8wNjVkYmEtZWVmOS00ODBkLWE4ODAtOTE3NWM4NDA4ZTVl LzEvY0ZuZ09namhkQmIyWlVZd2VZZzBtWkc0U2k0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDU4hIAwQD pxFQAwQCuW/AMA0EAgACMAcDBQMqAgsoMA0GCSqGSIb3DQEBCwUAA4IBAQANXq+z k0osGCJc7bvvaCtjl+HSC2cQJHHyvPPcnx5qTzta6qW0xTSBzMaUm3osgL8Sodvh ioHMNl2W7yyoUsen2zSllb1zmx5shNGlvKc3E7MdkQ8PvOvz5OL2S4dWPdPnsBwJ IusgiLFyeGy5EMO6liuzFJ8uQSIkTnkAActDBzCi5Cgx19u5CJ6SKYxUwNEL8ZF3 mfTmpQxwjcS9zfeCxSu0HNamOYMKYrTLFyErBnXntAevFGcTtgYSMY0kgIEWktPd m8qRW1M3JxaHsrN4gGtJXyWHvr0oPBp4pWkcd1ba9s06meWl1BMqo11podd0GPqv eJBmeDNEm46HVrcM -----END CERTIFICATE-----Generated at Tue Feb 10 03:09:26 2026 by rpki-client