This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/GYzqnh2ZIrUQ3Coh8RQZWhMRdJA.roa File: GYzqnh2ZIrUQ3Coh8RQZWhMRdJA.roa (raw, json) Hash identifier: LGtZBeLVchZ+DLG+jwjaEeg8oP93/BIeN+JjnOVb2BE= Subject key identifier: 19:8C:EA:9E:1D:99:22:B5:10:DC:2A:21:F1:14:19:5A:13:11:74:90 Certificate issuer: /CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa Certificate serial: 019B7F15905891D622E9A62EAEDAEE0C26E8 Authority key identifier: 6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/GYzqnh2ZIrUQ3Coh8RQZWhMRdJA.roa Signing time: Fri 02 Jan 2026 14:21:18 +0000 ROA not before: Fri 02 Jan 2026 14:21:18 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 719 IP address blocks: 2.20.0.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.mft rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 00:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:15:90:58:91:d6:22:e9:a6:2e:ae:da:ee:0c:26:e8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa Validity Not Before: Jan 2 14:21:18 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=198cea9e1d9922b510dc2a21f114195a13117490 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:d9:ef:42:76:33:ff:50:99:d7:d6:10:27:b3: 55:f8:7a:3a:da:67:b4:3a:8a:3c:f9:8a:e3:af:9c: f4:0f:3c:b2:7d:d5:a4:39:34:04:6d:cf:6f:f7:df: 71:dd:d0:af:ae:7b:da:b0:1a:06:8d:13:02:28:41: ec:8e:21:10:33:a7:dc:98:0d:f6:b0:2b:18:ce:83: 6b:86:3e:c9:36:10:c5:ca:4b:2c:b9:0a:9c:c7:c7: d0:3e:57:a0:c9:8a:6e:37:a6:bc:f8:d7:21:f8:ec: 77:42:c2:66:bf:f8:d7:01:14:1d:42:7d:0b:6c:09: 18:39:4d:50:64:54:e2:dd:1a:23:0f:9d:d8:a6:b1: e0:db:12:b2:55:76:ac:03:b6:22:a9:b3:b1:e2:36: ab:62:b5:0b:e7:6b:14:7c:98:bc:ab:fa:79:58:87: 07:23:bf:e1:a3:81:b4:3b:d1:22:a9:d2:f8:6f:0c: d8:df:d0:bd:a7:f5:69:48:28:55:fe:00:38:5c:7f: 05:49:78:e1:2e:38:68:65:9a:e1:1a:65:59:a7:da: 11:09:b2:d9:40:fa:bf:fc:c3:a7:e5:d0:6e:cc:34: 92:c4:23:2c:3f:7a:8f:80:44:90:c6:2d:f7:69:d2: 1a:72:86:df:cd:ae:5f:73:83:28:31:a3:f7:69:6f: e9:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 19:8C:EA:9E:1D:99:22:B5:10:DC:2A:21:F1:14:19:5A:13:11:74:90 X509v3 Authority Key Identifier: keyid:6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/GYzqnh2ZIrUQ3Coh8RQZWhMRdJA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 2.20.0.0/22 Signature Algorithm: sha256WithRSAEncryption 3b:d2:a0:5d:58:81:e9:15:40:3f:d5:3c:a4:64:f5:36:d0:d6: bd:cd:cd:71:10:61:e6:a3:91:7b:b0:ed:69:a8:3a:5c:9f:ae: 79:7c:81:9b:63:b7:63:8f:9a:c9:34:52:1b:0d:0f:b4:2b:12: 1f:99:6f:33:e8:f1:e1:66:79:c4:6b:3b:c0:75:8f:91:46:9a: 38:6e:c6:ee:59:f1:a8:82:12:6a:22:f6:4e:93:24:31:99:61: 2d:15:58:9b:52:cd:4f:d4:6d:ee:48:bc:5c:64:6d:7f:bb:0d: 72:68:c7:d5:95:5d:a2:70:0d:1c:b9:f3:41:95:d9:cd:f1:6c: 6f:84:2e:b2:19:8a:49:fa:46:57:df:de:8f:62:6e:88:a6:a4: f3:b6:98:fb:2c:1e:f9:79:09:15:9a:cd:4d:c5:34:ee:f9:2e: 3b:ad:c4:e6:d2:92:55:4c:94:dd:dd:8e:f3:97:b4:98:d5:be: ee:4b:59:2c:e0:66:04:cc:7e:f4:c5:c6:69:f1:b6:74:ea:75: da:21:c3:d6:16:82:d6:1d:cf:10:c6:5e:50:ed:60:f0:f5:b9: 98:0a:dc:c2:a4:0c:a2:dd:fc:39:8d:c2:33:a6:4d:b5:67:18: db:ff:fc:62:d6:cf:21:67:07:3e:97:4a:6f:a0:fc:d9:96:c9: b9:5f:e3:0c -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt/FZBYkdYi6aYurtruDCboMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZiNWZjYmJlYTQ4OTM3YTQ0MmJhYmRiMzMwMjEzMmM0YmM5 YmQ2YWEwHhcNMjYwMTAyMTQyMTE4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxOThjZWE5ZTFkOTkyMmI1MTBkYzJhMjFmMTE0MTk1YTEzMTE3NDkwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAytnvQnYz/1CZ19YQJ7NV+Ho62me0 Ooo8+Yrjr5z0DzyyfdWkOTQEbc9v999x3dCvrnvasBoGjRMCKEHsjiEQM6fcmA32 sCsYzoNrhj7JNhDFykssuQqcx8fQPlegyYpuN6a8+Nch+Ox3QsJmv/jXARQdQn0L bAkYOU1QZFTi3RojD53YprHg2xKyVXasA7YiqbOx4jarYrUL52sUfJi8q/p5WIcH I7/ho4G0O9EiqdL4bwzY39C9p/VpSChV/gA4XH8FSXjhLjhoZZrhGmVZp9oRCbLZ QPq//MOn5dBuzDSSxCMsP3qPgESQxi33adIacobfza5fc4MoMaP3aW/peQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFBmM6p4dmSK1ENwqIfEUGVoTEXSQMB8GA1UdIwQY MBaAFGtfy76kiTekQrq9szAhMsS8m9aqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQt ODhkMWNhYzllNGYxLzEvR1l6cW5oMlpJclVRM0NvaDhSUVpXaE1SZEpBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQtODhkMWNhYzllNGYx LzEvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCAhQAMA0G CSqGSIb3DQEBCwUAA4IBAQA70qBdWIHpFUA/1TykZPU20Na9zc1xEGHmo5F7sO1p qDpcn655fIGbY7djj5rJNFIbDQ+0KxIfmW8z6PHhZnnEazvAdY+RRpo4bsbuWfGo ghJqIvZOkyQxmWEtFVibUs1P1G3uSLxcZG1/uw1yaMfVlV2icA0cufNBldnN8Wxv hC6yGYpJ+kZX396PYm6IpqTztpj7LB75eQkVms1NxTTu+S47rcTm0pJVTJTd3Y7z l7SY1b7uS1ks4GYEzH70xcZp8bZ06nXaIcPWFoLWHc8Qxl5Q7WDw9bmYCtzCpAyi 3fw5jcIzpk21Zxjb//xi1s8hZwc+l0pvoPzZlsm5X+MM -----END CERTIFICATE-----Generated at Wed Jan 21 10:29:19 2026 by rpki-client