This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/2472a9-ff66-4dcf-ac82-30e540d5d3a7/1/GTlzvN8hJSJgM1qwowoO5bn8qLU.roa File: GTlzvN8hJSJgM1qwowoO5bn8qLU.roa (raw, json) Hash identifier: 73NFakx+FzAAGVTAVqagiaRLqwrqzSJ1FS4nqNgvaXU= Subject key identifier: 19:39:73:BC:DF:21:25:22:60:33:5A:B0:A3:0A:0E:E5:B9:FC:A8:B5 Certificate issuer: /CN=1b7e7bdc8e15ba6b2e6d09552476bb1b55b159c3 Certificate serial: 019B7F15F467DCE1D3159BFFF3583121279C Authority key identifier: 1B:7E:7B:DC:8E:15:BA:6B:2E:6D:09:55:24:76:BB:1B:55:B1:59:C3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G3573I4VumsubQlVJHa7G1WxWcM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/2472a9-ff66-4dcf-ac82-30e540d5d3a7/1/GTlzvN8hJSJgM1qwowoO5bn8qLU.roa Signing time: Fri 02 Jan 2026 14:21:43 +0000 ROA not before: Fri 02 Jan 2026 14:21:43 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 210863 IP address blocks: 37.16.72.0/24 maxlen: 24 2a11:5d00::/29 maxlen: 64 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/2472a9-ff66-4dcf-ac82-30e540d5d3a7/1/G3573I4VumsubQlVJHa7G1WxWcM.crl rsync://rpki.ripe.net/repository/DEFAULT/5b/2472a9-ff66-4dcf-ac82-30e540d5d3a7/1/G3573I4VumsubQlVJHa7G1WxWcM.mft rsync://rpki.ripe.net/repository/DEFAULT/G3573I4VumsubQlVJHa7G1WxWcM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 20:01:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:15:f4:67:dc:e1:d3:15:9b:ff:f3:58:31:21:27:9c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1b7e7bdc8e15ba6b2e6d09552476bb1b55b159c3 Validity Not Before: Jan 2 14:21:43 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=193973bcdf21252260335ab0a30a0ee5b9fca8b5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:52:0a:7f:bb:9d:d5:13:cc:aa:cd:2c:98:47: 0f:0b:d7:2b:e7:f2:19:58:0a:6b:99:2d:dc:a6:a9: 6f:5c:c6:5c:dd:b9:4f:37:f7:2b:03:e3:90:e6:a5: cc:66:ae:42:69:de:ab:a7:76:b1:6f:2f:1a:33:a8: a9:82:e4:e3:c1:f0:c1:ed:25:09:37:53:a3:a5:73: d1:3e:8d:a6:a5:8b:67:af:56:bb:16:b8:84:ea:58: f7:33:0e:e2:d7:59:2d:7d:64:00:99:9b:7c:ae:13: 6e:3f:e4:c8:cc:23:eb:cc:c9:0f:da:1b:f1:40:b3: 77:da:8d:55:de:35:fd:e6:ec:6e:29:58:42:7d:dc: 29:70:83:ec:56:24:6d:50:5b:18:ec:6c:70:2d:7a: ca:2d:56:4f:e6:a1:13:63:9d:7a:37:f7:fb:84:60: b1:55:18:fa:1f:11:e2:26:2b:f3:73:73:8f:98:5c: cc:29:55:ba:4c:d9:38:b3:1e:3e:38:38:08:fe:4c: 12:62:cf:ef:f8:57:d7:90:b5:23:d0:7f:49:05:04: 9a:ce:b8:0b:0b:6a:9c:2a:bd:3b:55:3d:b3:f3:2b: 18:54:bb:d2:6e:71:4e:44:df:3c:22:dc:e1:16:db: ad:b4:28:fc:e3:08:9c:0d:5f:21:ff:03:a8:33:24: f4:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 19:39:73:BC:DF:21:25:22:60:33:5A:B0:A3:0A:0E:E5:B9:FC:A8:B5 X509v3 Authority Key Identifier: keyid:1B:7E:7B:DC:8E:15:BA:6B:2E:6D:09:55:24:76:BB:1B:55:B1:59:C3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G3573I4VumsubQlVJHa7G1WxWcM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/2472a9-ff66-4dcf-ac82-30e540d5d3a7/1/GTlzvN8hJSJgM1qwowoO5bn8qLU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/2472a9-ff66-4dcf-ac82-30e540d5d3a7/1/G3573I4VumsubQlVJHa7G1WxWcM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 37.16.72.0/24 IPv6: 2a11:5d00::/29 Signature Algorithm: sha256WithRSAEncryption 23:0c:c0:91:a2:05:bc:54:bf:a7:49:c0:78:69:54:bf:d7:09: e5:b6:38:a7:16:5a:93:30:93:0a:f6:e3:f6:8b:36:72:15:ff: 5f:e6:1c:1a:65:97:a6:98:f9:6e:f0:67:57:e9:da:0f:6d:b5: b6:03:cb:d5:f9:8b:11:8e:27:af:3e:1a:55:dd:80:fc:5d:76: fa:64:e4:ca:63:33:71:24:7d:02:11:76:4f:d9:33:e4:27:f7: 9d:3e:f6:4b:e4:81:8b:9b:bf:55:46:e5:42:e6:e5:fe:dc:5b: d5:61:52:58:2a:13:95:9b:60:c5:85:c5:19:5f:ea:fb:07:e9: 74:00:88:bb:99:6d:18:20:b1:ef:8f:88:03:01:19:fb:02:2f: 05:c7:d5:dd:e7:c6:0d:8f:c8:89:79:93:e4:c0:a2:22:6e:ff: 58:85:de:7c:a7:ca:b3:09:d4:eb:9a:f6:56:71:76:b7:8b:1c: 1b:51:17:60:2c:0f:e2:4e:0a:f9:5d:14:8f:86:c2:ba:35:a0: 75:f6:39:de:b1:a6:7e:62:fe:e3:90:6f:14:6e:34:87:fe:12: 21:40:d9:1e:63:56:fd:ae:50:b4:83:91:be:d4:3c:02:75:f0: ea:90:8b:41:9c:54:92:07:30:ec:9f:cc:4d:57:ac:7b:47:ae: 51:6d:d4:d1 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt/FfRn3OHTFZv/81gxISecMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFiN2U3YmRjOGUxNWJhNmIyZTZkMDk1NTI0NzZiYjFiNTVi MTU5YzMwHhcNMjYwMTAyMTQyMTQzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxOTM5NzNiY2RmMjEyNTIyNjAzMzVhYjBhMzBhMGVlNWI5ZmNhOGI1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs1IKf7ud1RPMqs0smEcPC9cr5/IZ WAprmS3cpqlvXMZc3blPN/crA+OQ5qXMZq5Cad6rp3axby8aM6ipguTjwfDB7SUJ N1OjpXPRPo2mpYtnr1a7FriE6lj3Mw7i11ktfWQAmZt8rhNuP+TIzCPrzMkP2hvx QLN32o1V3jX95uxuKVhCfdwpcIPsViRtUFsY7GxwLXrKLVZP5qETY516N/f7hGCx VRj6HxHiJivzc3OPmFzMKVW6TNk4sx4+ODgI/kwSYs/v+FfXkLUj0H9JBQSazrgL C2qcKr07VT2z8ysYVLvSbnFORN88ItzhFtuttCj84wicDV8h/wOoMyT0LwIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFBk5c7zfISUiYDNasKMKDuW5/Ki1MB8GA1UdIwQY MBaAFBt+e9yOFbprLm0JVSR2uxtVsVnDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRzM1NzNJNFZ1bXN1YlFsVkpIYTdHMVd4V2NNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi8yNDcyYTktZmY2Ni00ZGNmLWFjODIt MzBlNTQwZDVkM2E3LzEvR1RsenZOOGhKU0pnTTFxd293b081Ym44cUxVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Yi8yNDcyYTktZmY2Ni00ZGNmLWFjODItMzBlNTQwZDVkM2E3 LzEvRzM1NzNJNFZ1bXN1YlFsVkpIYTdHMVd4V2NNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAJRBIMA0E AgACMAcDBQMqEV0AMA0GCSqGSIb3DQEBCwUAA4IBAQAjDMCRogW8VL+nScB4aVS/ 1wnltjinFlqTMJMK9uP2izZyFf9f5hwaZZemmPlu8GdX6doPbbW2A8vV+YsRjiev PhpV3YD8XXb6ZOTKYzNxJH0CEXZP2TPkJ/edPvZL5IGLm79VRuVC5uX+3FvVYVJY KhOVm2DFhcUZX+r7B+l0AIi7mW0YILHvj4gDARn7Ai8Fx9Xd58YNj8iJeZPkwKIi bv9Yhd58p8qzCdTrmvZWcXa3ixwbURdgLA/iTgr5XRSPhsK6NaB19jnesaZ+Yv7j kG8UbjSH/hIhQNkeY1b9rlC0g5G+1DwCdfDqkItBnFSSBzDsn8xNV6x7R65RbdTR -----END CERTIFICATE-----Generated at Tue Feb 10 02:46:54 2026 by rpki-client