This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/GZOk1yLtT85SuOsXwESP5vjo36E.roa File: GZOk1yLtT85SuOsXwESP5vjo36E.roa (raw, json) Hash identifier: H5Ahmgm6guc/1E9tVEpA5mmu7swxmuaCmqeEu6T2UbU= Subject key identifier: 19:93:A4:D7:22:ED:4F:CE:52:B8:EB:17:C0:44:8F:E6:F8:E8:DF:A1 Certificate issuer: /CN=297ef9befd1a7e24c0cc9729987fc065d6b7132f Certificate serial: 019AA061CCE5AB161243061EE5E9EDFF15EB Authority key identifier: 29:7E:F9:BE:FD:1A:7E:24:C0:CC:97:29:98:7F:C0:65:D6:B7:13:2F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KX75vv0afiTAzJcpmH_AZda3Ey8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/GZOk1yLtT85SuOsXwESP5vjo36E.roa Signing time: Thu 20 Nov 2025 08:29:15 +0000 ROA not before: Thu 20 Nov 2025 08:29:15 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 44547 IP address blocks: 5.10.220.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/KX75vv0afiTAzJcpmH_AZda3Ey8.crl rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/KX75vv0afiTAzJcpmH_AZda3Ey8.mft rsync://rpki.ripe.net/repository/DEFAULT/KX75vv0afiTAzJcpmH_AZda3Ey8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 11:00:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:a0:61:cc:e5:ab:16:12:43:06:1e:e5:e9:ed:ff:15:eb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=297ef9befd1a7e24c0cc9729987fc065d6b7132f Validity Not Before: Nov 20 08:29:15 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=1993a4d722ed4fce52b8eb17c0448fe6f8e8dfa1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:ec:a4:a9:df:76:ee:93:38:a2:b8:11:6d:1f: 9c:a6:23:98:ff:b9:91:9a:79:dd:0a:39:34:3b:a8: a6:49:dd:2f:ba:b9:f7:ab:b8:14:88:6f:91:7e:e7: 90:99:ce:11:32:67:19:73:1c:c4:98:7e:06:b3:22: fc:7c:54:15:0f:58:00:d1:7f:06:f7:3a:c4:05:47: f1:35:38:54:59:f3:9b:4a:4b:e7:68:0d:b2:3e:f5: 9c:74:6f:cc:1f:5c:6a:b0:09:6a:03:ad:6e:0e:30: 4a:46:27:f3:66:04:14:c8:eb:36:21:37:15:47:56: de:b5:01:c7:52:00:9b:a5:2b:9f:67:3a:09:a7:77: b4:59:3d:cc:c1:d8:da:c1:f2:dd:24:35:80:d5:f0: 58:bf:68:f3:38:91:cd:20:d2:ce:b5:af:bb:84:28: 92:6f:ea:23:ed:cc:e9:3e:7e:d8:54:4d:4b:32:0d: 60:cd:cb:5d:92:0e:71:08:30:d6:62:23:de:51:6a: 8b:1b:ea:e9:4f:59:f0:c0:4e:04:fb:60:bc:0f:7c: ea:0b:57:ff:77:bf:6e:95:7b:07:c1:4b:6f:87:d7: 6a:43:b8:3b:33:b3:15:30:77:4e:9a:42:d3:32:4f: 1c:0a:2d:3a:6b:53:43:82:fc:6d:8f:be:77:38:28: 74:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 19:93:A4:D7:22:ED:4F:CE:52:B8:EB:17:C0:44:8F:E6:F8:E8:DF:A1 X509v3 Authority Key Identifier: keyid:29:7E:F9:BE:FD:1A:7E:24:C0:CC:97:29:98:7F:C0:65:D6:B7:13:2F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KX75vv0afiTAzJcpmH_AZda3Ey8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/GZOk1yLtT85SuOsXwESP5vjo36E.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/KX75vv0afiTAzJcpmH_AZda3Ey8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.10.220.0/24 Signature Algorithm: sha256WithRSAEncryption 30:63:f4:fb:72:3d:93:4c:32:fe:da:3b:3c:7c:1f:02:a9:7b: 82:b7:6b:19:d8:dd:64:55:e5:21:53:8e:76:16:ff:3c:20:79: 41:e4:bb:13:9a:27:21:27:5e:c3:31:27:78:a2:a3:7f:e4:5e: a7:93:0b:ed:97:cb:93:a8:2e:74:37:98:c6:eb:11:4c:53:20: 70:0d:e5:f9:24:10:6a:6e:1a:08:7c:71:b9:07:cd:b2:16:50: ef:7f:c7:54:94:fe:bf:a4:a9:39:84:fe:62:d5:c8:ab:11:ed: 8e:a0:70:35:e3:79:2f:88:7d:d9:48:1e:bc:a0:ba:7c:13:5c: f4:eb:e3:d0:2a:66:98:20:cb:57:69:b3:ab:1f:1c:99:0e:86: 60:7e:ae:14:e1:a2:b3:3d:07:8b:ce:70:25:e9:ee:a1:6e:30: 96:3f:ff:55:4c:2c:bd:5c:02:e3:4b:01:1f:7a:72:eb:14:7d: e6:d2:4d:49:55:5c:cc:2b:b3:63:9e:2d:35:19:6c:6b:8c:54: 7e:42:02:50:04:13:66:45:34:cf:67:c0:84:f6:77:c0:6d:6a: c5:f7:88:5e:8e:6d:fe:02:20:01:ea:2a:b5:40:a3:70:e8:62: 09:ee:d1:fb:6b:99:95:eb:a9:ff:45:a4:87:22:f6:1d:22:58: 32:8b:6f:5b -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZqgYczlqxYSQwYe5ent/xXrMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI5N2VmOWJlZmQxYTdlMjRjMGNjOTcyOTk4N2ZjMDY1ZDZi NzEzMmYwHhcNMjUxMTIwMDgyOTE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxOTkzYTRkNzIyZWQ0ZmNlNTJiOGViMTdjMDQ0OGZlNmY4ZThkZmExMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmuykqd927pM4orgRbR+cpiOY/7mR mnndCjk0O6imSd0vurn3q7gUiG+RfueQmc4RMmcZcxzEmH4GsyL8fFQVD1gA0X8G 9zrEBUfxNThUWfObSkvnaA2yPvWcdG/MH1xqsAlqA61uDjBKRifzZgQUyOs2ITcV R1betQHHUgCbpSufZzoJp3e0WT3MwdjawfLdJDWA1fBYv2jzOJHNINLOta+7hCiS b+oj7czpPn7YVE1LMg1gzctdkg5xCDDWYiPeUWqLG+rpT1nwwE4E+2C8D3zqC1f/ d79ulXsHwUtvh9dqQ7g7M7MVMHdOmkLTMk8cCi06a1NDgvxtj753OCh0OwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFBmTpNci7U/OUrjrF8BEj+b46N+hMB8GA1UdIwQY MBaAFCl++b79Gn4kwMyXKZh/wGXWtxMvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS1g3NXZ2MGFmaVRBekpjcG1IX0FaZGEzRXk4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS9iZTQ5MDktNzQ1Zi00ZDBjLWJmYWIt ZGVlNzY4NjAwMTNkLzEvR1pPazF5THRUODVTdU9zWHdFU1A1dmpvMzZFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83YS9iZTQ5MDktNzQ1Zi00ZDBjLWJmYWItZGVlNzY4NjAwMTNk LzEvS1g3NXZ2MGFmaVRBekpjcG1IX0FaZGEzRXk4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABQrcMA0G CSqGSIb3DQEBCwUAA4IBAQAwY/T7cj2TTDL+2js8fB8CqXuCt2sZ2N1kVeUhU452 Fv88IHlB5LsTmichJ17DMSd4oqN/5F6nkwvtl8uTqC50N5jG6xFMUyBwDeX5JBBq bhoIfHG5B82yFlDvf8dUlP6/pKk5hP5i1cirEe2OoHA143kviH3ZSB68oLp8E1z0 6+PQKmaYIMtXabOrHxyZDoZgfq4U4aKzPQeLznAl6e6hbjCWP/9VTCy9XALjSwEf enLrFH3m0k1JVVzMK7Njni01GWxrjFR+QgJQBBNmRTTPZ8CE9nfAbWrF94hejm3+ AiAB6iq1QKNw6GIJ7tH7a5mV66n/RaSHIvYdIlgyi29b -----END CERTIFICATE-----Generated at Fri Dec 5 18:22:20 2025 by rpki-client