This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/d282be-7ca5-400f-be84-cfab10d30693/1/5bGobuYTEr_grBRZ_uakRYqcaIY.roa File: 5bGobuYTEr_grBRZ_uakRYqcaIY.roa (raw, json) Hash identifier: P0xoEeW+4dWO4aX2IUeMr6lTU6DbnVfKtmhtkPhqqzE= Subject key identifier: E5:B1:A8:6E:E6:13:12:BF:E0:AC:14:59:FE:E6:A4:45:8A:9C:68:86 Certificate issuer: /CN=b5344218a4880b500c033321e76bd78b4f3c1658 Certificate serial: 019B7DCA0275FC60F528ADCB0274F5043A64 Authority key identifier: B5:34:42:18:A4:88:0B:50:0C:03:33:21:E7:6B:D7:8B:4F:3C:16:58 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tTRCGKSIC1AMAzMh52vXi088Flg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/d282be-7ca5-400f-be84-cfab10d30693/1/5bGobuYTEr_grBRZ_uakRYqcaIY.roa Signing time: Fri 02 Jan 2026 08:19:09 +0000 ROA not before: Fri 02 Jan 2026 08:19:09 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 34615 IP address blocks: 192.109.30.0/24 maxlen: 24 192.109.37.0/24 maxlen: 24 192.109.38.0/24 maxlen: 24 2a0f:6c40::/32 maxlen: 32 2a0f:6c41::/32 maxlen: 32 2a0f:6c42::/32 maxlen: 32 2a0f:6c43::/32 maxlen: 32 2a0f:6c44::/32 maxlen: 32 2a0f:6c45::/32 maxlen: 32 2a0f:6c46::/32 maxlen: 32 2a0f:6c47::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/97/d282be-7ca5-400f-be84-cfab10d30693/1/tTRCGKSIC1AMAzMh52vXi088Flg.crl rsync://rpki.ripe.net/repository/DEFAULT/97/d282be-7ca5-400f-be84-cfab10d30693/1/tTRCGKSIC1AMAzMh52vXi088Flg.mft rsync://rpki.ripe.net/repository/DEFAULT/tTRCGKSIC1AMAzMh52vXi088Flg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 02 Feb 2026 21:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:ca:02:75:fc:60:f5:28:ad:cb:02:74:f5:04:3a:64 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b5344218a4880b500c033321e76bd78b4f3c1658 Validity Not Before: Jan 2 08:19:09 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=e5b1a86ee61312bfe0ac1459fee6a4458a9c6886 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:d0:3d:fc:5b:94:09:6c:26:b4:23:36:69:16: 51:58:89:85:b7:eb:cf:92:23:ed:be:b1:c4:d7:95: ef:86:a6:59:6b:a0:37:e3:f1:c6:4f:4f:9d:52:a5: 67:c8:fa:61:3a:e7:e9:4c:50:63:e9:ac:fc:95:38: 6e:d1:f3:46:fd:50:69:49:48:4c:28:47:30:f2:14: 56:dc:23:42:fc:d6:b9:04:e0:13:74:aa:b9:03:f5: 05:c1:ea:24:fc:26:61:e6:41:b6:b2:e5:e7:1d:e4: 35:30:47:d1:e8:16:10:2e:bf:de:37:06:db:46:90: 98:e1:0f:e6:90:be:de:0a:5b:8d:f9:75:07:e0:6f: 71:9a:c6:14:82:6a:5b:72:8f:20:bf:ea:6d:8c:4b: 28:ec:60:ff:b3:9f:e0:44:54:17:d5:ec:47:a3:25: 82:f2:f6:a2:e3:dc:b8:16:86:6c:9b:6e:86:5d:21: 6e:0f:10:dd:64:e1:c9:b8:87:8f:a5:87:03:3f:97: 33:39:21:51:ba:e9:55:f1:14:52:56:e5:35:37:ba: 19:25:f7:ef:94:70:63:5d:c2:39:7d:88:02:d5:79: f4:57:b6:0b:a6:dc:64:71:a3:5b:58:11:de:d5:1d: 74:16:42:86:41:a0:5e:16:72:8d:b9:47:35:e6:6e: c2:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E5:B1:A8:6E:E6:13:12:BF:E0:AC:14:59:FE:E6:A4:45:8A:9C:68:86 X509v3 Authority Key Identifier: keyid:B5:34:42:18:A4:88:0B:50:0C:03:33:21:E7:6B:D7:8B:4F:3C:16:58 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tTRCGKSIC1AMAzMh52vXi088Flg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/d282be-7ca5-400f-be84-cfab10d30693/1/5bGobuYTEr_grBRZ_uakRYqcaIY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/97/d282be-7ca5-400f-be84-cfab10d30693/1/tTRCGKSIC1AMAzMh52vXi088Flg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 192.109.30.0/24 192.109.37.0-192.109.38.255 IPv6: 2a0f:6c40::/29 Signature Algorithm: sha256WithRSAEncryption 42:11:ee:8e:3f:a1:0e:a0:61:23:20:94:1f:1f:27:e9:44:ff: 27:f4:1b:1d:48:f8:be:bd:2f:e1:a7:82:dc:73:84:64:e2:d6: e7:f1:89:54:8b:c7:50:f7:ca:e2:fa:a1:fd:64:5c:32:0f:dd: 87:90:04:6b:1f:78:a7:2b:88:0b:5c:20:84:82:f6:4b:22:6f: 55:7f:1f:4d:8c:8a:b7:ed:2c:0f:61:22:10:ff:33:8e:72:5f: 1f:e3:83:fe:da:ab:bd:3b:45:51:77:05:90:12:0d:4e:37:fe: 84:56:b4:e5:01:a9:7c:a0:94:3e:42:3a:db:52:4d:d1:48:ef: 44:f2:7e:54:92:3f:50:cc:96:62:4f:2a:bd:74:b2:e5:4d:ce: 1f:0a:73:5c:1b:ff:11:e4:b0:4c:18:2b:17:f4:36:aa:6a:23: b6:37:84:15:65:10:bc:97:f3:4c:1f:63:13:18:7c:a5:71:33: fe:74:93:6f:3b:57:50:ed:3b:23:a5:08:07:53:6e:2d:0f:ca: 08:9a:27:3d:76:2b:25:4c:69:e7:db:91:0b:49:d3:fb:0f:bd: 90:b4:b3:3e:26:f6:3c:97:72:b1:cb:2a:b0:aa:a4:a7:e9:83: 29:c8:a7:de:d1:fd:fa:ae:43:77:92:7b:50:12:ac:59:b8:47: 87:fd:2c:a8 -----BEGIN CERTIFICATE----- MIIFGjCCBAKgAwIBAgISAZt9ygJ1/GD1KK3LAnT1BDpkMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI1MzQ0MjE4YTQ4ODBiNTAwYzAzMzMyMWU3NmJkNzhiNGYz YzE2NTgwHhcNMjYwMTAyMDgxOTA5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhlNWIxYTg2ZWU2MTMxMmJmZTBhYzE0NTlmZWU2YTQ0NThhOWM2ODg2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs9A9/FuUCWwmtCM2aRZRWImFt+vP kiPtvrHE15XvhqZZa6A34/HGT0+dUqVnyPphOufpTFBj6az8lThu0fNG/VBpSUhM KEcw8hRW3CNC/Na5BOATdKq5A/UFweok/CZh5kG2suXnHeQ1MEfR6BYQLr/eNwbb RpCY4Q/mkL7eCluN+XUH4G9xmsYUgmpbco8gv+ptjEso7GD/s5/gRFQX1exHoyWC 8vai49y4FoZsm26GXSFuDxDdZOHJuIePpYcDP5czOSFRuulV8RRSVuU1N7oZJffv lHBjXcI5fYgC1Xn0V7YLptxkcaNbWBHe1R10FkKGQaBeFnKNuUc15m7CIwIDAQAB o4ICJjCCAiIwHQYDVR0OBBYEFOWxqG7mExK/4KwUWf7mpEWKnGiGMB8GA1UdIwQY MBaAFLU0QhikiAtQDAMzIedr14tPPBZYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdFRSQ0dLU0lDMUFNQXpNaDUydlhpMDg4RmxnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9kMjgyYmUtN2NhNS00MDBmLWJlODQt Y2ZhYjEwZDMwNjkzLzEvNWJHb2J1WVRFcl9nckJSWl91YWtSWXFjYUlZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85Ny9kMjgyYmUtN2NhNS00MDBmLWJlODQtY2ZhYjEwZDMwNjkz LzEvdFRSQ0dLU0lDMUFNQXpNaDUydlhpMDg4RmxnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQAwG0eMAwD BADAbSUDBADAbSYwDQQCAAIwBwMFAyoPbEAwDQYJKoZIhvcNAQELBQADggEBAEIR 7o4/oQ6gYSMglB8fJ+lE/yf0Gx1I+L69L+GngtxzhGTi1ufxiVSLx1D3yuL6of1k XDIP3YeQBGsfeKcriAtcIISC9ksib1V/H02MirftLA9hIhD/M45yXx/jg/7aq707 RVF3BZASDU43/oRWtOUBqXyglD5COttSTdFI70TyflSSP1DMlmJPKr10suVNzh8K c1wb/xHksEwYKxf0NqpqI7Y3hBVlELyX80wfYxMYfKVxM/50k287V1DtOyOlCAdT bi0PygiaJz12KyVMaefbkQtJ0/sPvZC0sz4m9jyXcrHLKrCqpKfpgynIp97R/fqu Q3eSe1ASrFm4R4f9LKg= -----END CERTIFICATE-----Generated at Mon Feb 2 08:05:13 2026 by rpki-client