This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/042c33-ab6b-48be-a492-66849019627e/1/gECFr_lCurPKmYUZbnBME6fDRJI.roa File: gECFr_lCurPKmYUZbnBME6fDRJI.roa (raw, json) Hash identifier: zPv5BFtY7ZttrJvpLgH3TkAwwjvJ39/Ya/LcQ77bi7A= Subject key identifier: 80:40:85:AF:F9:42:BA:B3:CA:99:85:19:6E:70:4C:13:A7:C3:44:92 Certificate issuer: /CN=c868ca82147ed2277b4bcc69a5285bae735f2e44 Certificate serial: 019B77593A6EDE2D7EB5059B011FE84B05D6 Authority key identifier: C8:68:CA:82:14:7E:D2:27:7B:4B:CC:69:A5:28:5B:AE:73:5F:2E:44 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yGjKghR-0id7S8xppShbrnNfLkQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/042c33-ab6b-48be-a492-66849019627e/1/gECFr_lCurPKmYUZbnBME6fDRJI.roa Signing time: Thu 01 Jan 2026 02:18:14 +0000 ROA not before: Thu 01 Jan 2026 02:18:14 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 198949 IP address blocks: 2.59.68.0/22 maxlen: 24 2.59.72.0/22 maxlen: 24 5.252.60.0/22 maxlen: 24 5.252.88.0/22 maxlen: 24 45.11.148.0/22 maxlen: 24 45.65.104.0/21 maxlen: 24 45.85.176.0/22 maxlen: 24 45.90.224.0/22 maxlen: 24 45.129.48.0/22 maxlen: 24 45.152.184.0/22 maxlen: 24 80.240.176.0/21 maxlen: 24 80.240.184.0/21 maxlen: 24 91.92.18.0/23 maxlen: 24 95.214.44.0/22 maxlen: 24 109.70.16.0/21 maxlen: 24 128.127.16.0/21 maxlen: 24 185.13.180.0/22 maxlen: 24 185.61.144.0/22 maxlen: 24 185.107.84.0/22 maxlen: 24 185.128.140.0/22 maxlen: 24 185.163.60.0/22 maxlen: 24 185.189.20.0/22 maxlen: 24 185.203.180.0/22 maxlen: 24 185.229.176.0/22 maxlen: 24 185.253.36.0/22 maxlen: 24 188.92.64.0/21 maxlen: 24 193.8.116.0/22 maxlen: 24 193.56.168.0/22 maxlen: 24 194.36.137.0/24 maxlen: 24 194.36.167.0/24 maxlen: 24 194.36.169.0/24 maxlen: 24 194.36.221.0/24 maxlen: 24 194.182.112.0/20 maxlen: 24 212.104.240.0/20 maxlen: 24 2a02:79e0::/32 maxlen: 48 2a02:cfc0::/29 maxlen: 48 2a06:4280::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/042c33-ab6b-48be-a492-66849019627e/1/yGjKghR-0id7S8xppShbrnNfLkQ.crl rsync://rpki.ripe.net/repository/DEFAULT/7a/042c33-ab6b-48be-a492-66849019627e/1/yGjKghR-0id7S8xppShbrnNfLkQ.mft rsync://rpki.ripe.net/repository/DEFAULT/yGjKghR-0id7S8xppShbrnNfLkQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 08 Jan 2026 15:30:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:59:3a:6e:de:2d:7e:b5:05:9b:01:1f:e8:4b:05:d6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c868ca82147ed2277b4bcc69a5285bae735f2e44 Validity Not Before: Jan 1 02:18:14 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=804085aff942bab3ca9985196e704c13a7c34492 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:ce:6d:82:4d:38:08:5f:d5:6a:26:85:45:83: 7d:3d:ee:8e:38:dc:05:c1:f3:44:a6:7c:ea:98:f8: 2d:66:b0:50:55:1b:3e:e0:3f:68:bc:d1:12:ab:73: 43:0c:e8:83:81:1c:1b:f3:fc:0e:0b:ff:05:7f:40: 67:f9:7d:89:fb:f3:00:60:06:af:20:97:bc:f6:eb: bd:f7:3c:5b:2d:af:1b:ee:ee:de:03:59:09:3f:19: 45:91:73:6c:bc:ed:3c:4d:d4:c0:2e:ef:11:8a:a1: 2a:82:f5:e0:50:8d:88:d4:7c:b7:a7:a6:e5:c6:40: 84:91:3c:80:9b:1e:cd:c1:f7:44:94:86:6f:35:ed: b8:aa:1b:47:9b:97:c2:68:61:af:0e:88:8d:64:6d: c3:d1:00:27:a4:b8:81:6c:66:ab:1a:16:9b:b7:b9: 78:77:99:38:a1:d1:c2:d0:3c:97:80:88:0b:80:0c: e2:28:82:88:a4:84:bc:d8:98:31:c4:7c:1d:7b:7f: 73:c3:02:34:57:d0:95:f0:0d:40:df:ee:16:8f:62: ec:d8:24:57:03:eb:8e:3b:53:94:f1:6a:b3:b3:0c: 4c:3d:f7:13:61:f8:a1:a8:ee:7c:74:47:a1:ca:71: c2:53:08:fd:23:34:42:f1:f8:75:0f:d7:2d:23:d9: 33:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 80:40:85:AF:F9:42:BA:B3:CA:99:85:19:6E:70:4C:13:A7:C3:44:92 X509v3 Authority Key Identifier: keyid:C8:68:CA:82:14:7E:D2:27:7B:4B:CC:69:A5:28:5B:AE:73:5F:2E:44 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yGjKghR-0id7S8xppShbrnNfLkQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/042c33-ab6b-48be-a492-66849019627e/1/gECFr_lCurPKmYUZbnBME6fDRJI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/042c33-ab6b-48be-a492-66849019627e/1/yGjKghR-0id7S8xppShbrnNfLkQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 2.59.68.0-2.59.75.255 5.252.60.0/22 5.252.88.0/22 45.11.148.0/22 45.65.104.0/21 45.85.176.0/22 45.90.224.0/22 45.129.48.0/22 45.152.184.0/22 80.240.176.0/20 91.92.18.0/23 95.214.44.0/22 109.70.16.0/21 128.127.16.0/21 185.13.180.0/22 185.61.144.0/22 185.107.84.0/22 185.128.140.0/22 185.163.60.0/22 185.189.20.0/22 185.203.180.0/22 185.229.176.0/22 185.253.36.0/22 188.92.64.0/21 193.8.116.0/22 193.56.168.0/22 194.36.137.0/24 194.36.167.0/24 194.36.169.0/24 194.36.221.0/24 194.182.112.0/20 212.104.240.0/20 IPv6: 2a02:79e0::/32 2a02:cfc0::/29 2a06:4280::/29 Signature Algorithm: sha256WithRSAEncryption 6d:3e:31:c8:9d:84:a5:28:c0:af:60:af:42:68:b8:13:0a:98: c3:13:52:f2:bf:98:6b:3a:c6:0b:80:3d:aa:a7:e6:bd:48:1b: a8:ea:67:b3:3e:20:fe:c6:cf:6b:d3:4f:93:b9:c2:d9:b3:60: 4c:80:54:be:ce:c8:96:af:31:50:da:ec:7c:0e:ce:ed:c1:a5: d7:ba:c1:e9:87:61:e9:45:fc:bd:45:0c:9a:64:91:b6:1b:a5: e5:ea:e1:95:f0:7b:2e:a9:1a:c9:7c:cc:d6:9b:cc:d2:2e:6e: 8c:f2:52:6f:e2:e3:7d:5a:c2:73:c5:5e:05:f6:1c:30:71:10: 3e:32:ad:26:19:c2:d0:38:84:03:f1:66:86:eb:62:6a:16:61: 80:de:7d:57:68:61:7e:47:1e:3d:8e:af:23:c6:8f:a2:10:4a: a3:ee:13:ed:ac:ec:09:65:e1:ca:7c:36:8f:af:1c:bc:21:25: e7:ef:9d:65:c8:1c:fa:a4:e1:f7:ae:54:04:48:31:f3:bf:17: 9f:45:d8:28:63:a1:6c:c7:d3:9a:ff:10:60:00:24:d0:0e:9c: e7:b2:5e:15:9d:ce:7b:59:cd:85:82:be:c3:25:2e:e7:b0:87: 01:68:0c:9f:c6:ba:f6:d9:3a:eb:38:53:00:73:a8:d2:1f:0d: d2:6e:7f:01 -----BEGIN CERTIFICATE----- MIIF4jCCBMqgAwIBAgISAZt3WTpu3i1+tQWbAR/oSwXWMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM4NjhjYTgyMTQ3ZWQyMjc3YjRiY2M2OWE1Mjg1YmFlNzM1 ZjJlNDQwHhcNMjYwMTAxMDIxODE0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4MDQwODVhZmY5NDJiYWIzY2E5OTg1MTk2ZTcwNGMxM2E3YzM0NDkyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtM5tgk04CF/VaiaFRYN9Pe6OONwF wfNEpnzqmPgtZrBQVRs+4D9ovNESq3NDDOiDgRwb8/wOC/8Ff0Bn+X2J+/MAYAav IJe89uu99zxbLa8b7u7eA1kJPxlFkXNsvO08TdTALu8RiqEqgvXgUI2I1Hy3p6bl xkCEkTyAmx7NwfdElIZvNe24qhtHm5fCaGGvDoiNZG3D0QAnpLiBbGarGhabt7l4 d5k4odHC0DyXgIgLgAziKIKIpIS82JgxxHwde39zwwI0V9CV8A1A3+4Wj2Ls2CRX A+uOO1OU8WqzswxMPfcTYfihqO58dEehynHCUwj9IzRC8fh1D9ctI9kzQQIDAQAB o4IC7jCCAuowHQYDVR0OBBYEFIBAha/5QrqzypmFGW5wTBOnw0SSMB8GA1UdIwQY MBaAFMhoyoIUftIne0vMaaUoW65zXy5EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveUdqS2doUi0waWQ3Uzh4cHBTaGJybk5mTGtRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS8wNDJjMzMtYWI2Yi00OGJlLWE0OTIt NjY4NDkwMTk2MjdlLzEvZ0VDRnJfbEN1clBLbVlVWmJuQk1FNmZEUkpJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83YS8wNDJjMzMtYWI2Yi00OGJlLWE0OTItNjY4NDkwMTk2Mjdl LzEveUdqS2doUi0waWQ3Uzh4cHBTaGJybk5mTGtRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIIBAgYIKwYBBQUHAQcBAf8EgfIwge8wgc8EAgABMIHIMAwD BAICO0QDBAICO0gDBAIF/DwDBAIF/FgDBAItC5QDBAMtQWgDBAItVbADBAItWuAD BAItgTADBAItmLgDBARQ8LADBAFbXBIDBAJf1iwDBANtRhADBAOAfxADBAK5DbQD BAK5PZADBAK5a1QDBAK5gIwDBAK5ozwDBAK5vRQDBAK5y7QDBAK55bADBAK5/SQD BAO8XEADBALBCHQDBALBOKgDBADCJIkDBADCJKcDBADCJKkDBADCJN0DBATCtnAD BATUaPAwGwQCAAIwFQMFACoCeeADBQMqAs/AAwUDKgZCgDANBgkqhkiG9w0BAQsF AAOCAQEAbT4xyJ2EpSjAr2CvQmi4EwqYwxNS8r+YazrGC4A9qqfmvUgbqOpnsz4g /sbPa9NPk7nC2bNgTIBUvs7Ilq8xUNrsfA7O7cGl17rB6Ydh6UX8vUUMmmSRthul 5erhlfB7LqkayXzM1pvM0i5ujPJSb+LjfVrCc8VeBfYcMHEQPjKtJhnC0DiEA/Fm hutiahZhgN59V2hhfkcePY6vI8aPohBKo+4T7azsCWXhynw2j68cvCEl5++dZcgc +qTh965UBEgx878Xn0XYKGOhbMfTmv8QYAAk0A6c57JeFZ3Oe1nNhYK+wyUu57CH AWgMn8a69tk66zhTAHOo0h8N0m5/AQ== -----END CERTIFICATE-----Generated at Wed Jan 7 22:29:19 2026 by rpki-client