This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/5a9a99-43c2-4cc8-a37b-49501a7694c4/1/GBd4rVL5dJN0-9cuwhBBwNEyoV0.roa File: GBd4rVL5dJN0-9cuwhBBwNEyoV0.roa (raw, json) Hash identifier: iRjXs3gr4L7byQxpcKRUar4Pisuwylgwnacqi0QdLQQ= Subject key identifier: 18:17:78:AD:52:F9:74:93:74:FB:D7:2E:C2:10:41:C0:D1:32:A1:5D Certificate issuer: /CN=89dbc7156a4ee7c67d9e684767a2f4baf8a35bab Certificate serial: 019B7834F5FB09084B767B70A3C2C3EECF72 Authority key identifier: 89:DB:C7:15:6A:4E:E7:C6:7D:9E:68:47:67:A2:F4:BA:F8:A3:5B:AB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/idvHFWpO58Z9nmhHZ6L0uvijW6s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/5a9a99-43c2-4cc8-a37b-49501a7694c4/1/GBd4rVL5dJN0-9cuwhBBwNEyoV0.roa Signing time: Thu 01 Jan 2026 06:18:15 +0000 ROA not before: Thu 01 Jan 2026 06:18:15 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 396982 IP address blocks: 2a10:200:a123::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3c/5a9a99-43c2-4cc8-a37b-49501a7694c4/1/idvHFWpO58Z9nmhHZ6L0uvijW6s.crl rsync://rpki.ripe.net/repository/DEFAULT/3c/5a9a99-43c2-4cc8-a37b-49501a7694c4/1/idvHFWpO58Z9nmhHZ6L0uvijW6s.mft rsync://rpki.ripe.net/repository/DEFAULT/idvHFWpO58Z9nmhHZ6L0uvijW6s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 09 Jan 2026 21:02:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:34:f5:fb:09:08:4b:76:7b:70:a3:c2:c3:ee:cf:72 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=89dbc7156a4ee7c67d9e684767a2f4baf8a35bab Validity Not Before: Jan 1 06:18:15 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=181778ad52f9749374fbd72ec21041c0d132a15d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:6d:96:05:93:fb:3e:a3:53:66:88:3b:c2:54: aa:bc:fb:83:45:70:19:c2:a5:4c:bd:d2:cd:06:5d: f0:5d:f3:a7:38:a3:47:36:a2:a5:e2:57:ff:51:54: e2:b9:82:35:21:2c:5e:8f:c4:1d:18:12:c0:f5:29: fb:f9:e5:60:37:59:a6:92:4d:ae:7a:2e:91:30:ce: d1:31:60:51:8f:d1:ac:4a:0c:63:7b:80:db:8a:ce: 02:fc:80:9a:82:48:53:02:c5:7c:34:32:2a:57:1a: 9f:57:a2:8c:b7:df:c6:9d:30:cf:b6:0b:b4:ce:e2: b4:77:e6:3e:68:be:30:da:b2:ab:33:9a:f9:7a:a2: 04:8d:48:8d:ba:4a:ac:77:b5:43:68:a8:90:57:d5: c2:94:fa:49:1f:5a:70:98:4f:7b:e4:b8:f1:a1:06: 71:b1:42:35:9b:c3:5c:f2:d2:63:94:61:22:75:35: fd:ed:2f:3e:0b:2f:7c:75:c9:f6:35:af:2d:f2:63: a1:3d:fd:2a:df:eb:a2:29:05:76:fb:5f:a1:4b:0f: e9:a0:45:d7:a3:0b:f5:97:aa:86:fc:7e:70:d3:5b: 3e:39:f9:59:eb:73:3d:38:f1:47:38:0a:d8:4c:fe: 18:50:d0:64:c7:67:ff:cd:6d:af:5c:9a:27:ea:cd: 20:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 18:17:78:AD:52:F9:74:93:74:FB:D7:2E:C2:10:41:C0:D1:32:A1:5D X509v3 Authority Key Identifier: keyid:89:DB:C7:15:6A:4E:E7:C6:7D:9E:68:47:67:A2:F4:BA:F8:A3:5B:AB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/idvHFWpO58Z9nmhHZ6L0uvijW6s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/5a9a99-43c2-4cc8-a37b-49501a7694c4/1/GBd4rVL5dJN0-9cuwhBBwNEyoV0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/5a9a99-43c2-4cc8-a37b-49501a7694c4/1/idvHFWpO58Z9nmhHZ6L0uvijW6s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a10:200:a123::/48 Signature Algorithm: sha256WithRSAEncryption 0a:5d:4b:82:1f:9f:df:b8:36:d3:44:28:ae:1b:39:e2:db:d7: e0:94:b6:9e:47:fd:a3:22:18:9a:92:28:7c:34:a2:59:29:e6: cb:ba:f7:07:bb:e9:10:b4:4b:4b:32:9f:ed:f9:13:aa:57:3c: 5c:8f:0d:b1:1f:56:5c:3d:33:b5:02:8c:59:84:55:c2:75:21: 38:de:71:f2:75:84:0b:01:e9:86:c6:e4:81:a0:ad:06:a3:37: 4a:20:a4:6d:58:1e:46:37:38:3b:cb:a1:79:a4:a7:5b:8a:b1: 9d:31:88:9f:5e:07:24:91:2d:35:72:24:cc:55:ed:fb:6e:54: 6e:71:11:59:0e:85:57:45:38:fe:e3:d7:e1:67:03:71:6a:db: a2:13:df:cb:92:dc:b6:d4:4b:6c:f8:be:de:99:30:19:65:34: 31:32:7f:a5:f7:94:26:14:19:53:bb:6a:7a:bd:12:ad:ec:6c: c9:dd:de:88:ca:99:73:a4:db:72:f9:a0:e6:fc:26:58:7b:57: 77:38:c5:ae:cf:59:8e:54:0a:5f:e8:0c:1e:38:9e:fb:c1:2f: 95:7e:8a:43:22:f1:3b:9e:2d:12:ec:38:9d:a9:45:23:4b:d3: 05:5b:39:84:cb:65:3b:08:c1:80:b9:fa:9e:0c:aa:a6:64:65: 88:c8:14:97 -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt4NPX7CQhLdntwo8LD7s9yMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg5ZGJjNzE1NmE0ZWU3YzY3ZDllNjg0NzY3YTJmNGJhZjhh MzViYWIwHhcNMjYwMTAxMDYxODE1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxODE3NzhhZDUyZjk3NDkzNzRmYmQ3MmVjMjEwNDFjMGQxMzJhMTVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu22WBZP7PqNTZog7wlSqvPuDRXAZ wqVMvdLNBl3wXfOnOKNHNqKl4lf/UVTiuYI1ISxej8QdGBLA9Sn7+eVgN1mmkk2u ei6RMM7RMWBRj9GsSgxje4Dbis4C/ICagkhTAsV8NDIqVxqfV6KMt9/GnTDPtgu0 zuK0d+Y+aL4w2rKrM5r5eqIEjUiNukqsd7VDaKiQV9XClPpJH1pwmE975LjxoQZx sUI1m8Nc8tJjlGEidTX97S8+Cy98dcn2Na8t8mOhPf0q3+uiKQV2+1+hSw/poEXX owv1l6qG/H5w01s+OflZ63M9OPFHOArYTP4YUNBkx2f/zW2vXJon6s0g5QIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFBgXeK1S+XSTdPvXLsIQQcDRMqFdMB8GA1UdIwQY MBaAFInbxxVqTufGfZ5oR2ei9Lr4o1urMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaWR2SEZXcE81OFo5bm1oSFo2TDB1dmlqVzZzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy81YTlhOTktNDNjMi00Y2M4LWEzN2It NDk1MDFhNzY5NGM0LzEvR0JkNHJWTDVkSk4wLTljdXdoQkJ3TkV5b1YwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYy81YTlhOTktNDNjMi00Y2M4LWEzN2ItNDk1MDFhNzY5NGM0 LzEvaWR2SEZXcE81OFo5bm1oSFo2TDB1dmlqVzZzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhACAKEj MA0GCSqGSIb3DQEBCwUAA4IBAQAKXUuCH5/fuDbTRCiuGzni29fglLaeR/2jIhia kih8NKJZKebLuvcHu+kQtEtLMp/t+ROqVzxcjw2xH1ZcPTO1AoxZhFXCdSE43nHy dYQLAemGxuSBoK0GozdKIKRtWB5GNzg7y6F5pKdbirGdMYifXgckkS01ciTMVe37 blRucRFZDoVXRTj+49fhZwNxatuiE9/Lkty21Ets+L7emTAZZTQxMn+l95QmFBlT u2p6vRKt7GzJ3d6IyplzpNty+aDm/CZYe1d3OMWuz1mOVApf6AweOJ77wS+VfopD IvE7ni0S7DidqUUjS9MFWzmEy2U7CMGAufqeDKqmZGWIyBSX -----END CERTIFICATE-----Generated at Fri Jan 9 06:22:15 2026 by rpki-client