This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/GHtx92XK6yIjK3lcHPo5sov-XWw.roa File: GHtx92XK6yIjK3lcHPo5sov-XWw.roa (raw, json) Hash identifier: 2moJc4PYALug9KGrlP5vC1bPAu6G097omiLInZPacKw= Subject key identifier: 18:7B:71:F7:65:CA:EB:22:23:2B:79:5C:1C:FA:39:B2:8B:FE:5D:6C Certificate issuer: /CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4 Certificate serial: 019B77C74F6DD0AAC5BC7135013029257874 Authority key identifier: D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/GHtx92XK6yIjK3lcHPo5sov-XWw.roa Signing time: Thu 01 Jan 2026 04:18:29 +0000 ROA not before: Thu 01 Jan 2026 04:18:29 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 212335 IP address blocks: 89.42.29.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.mft rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 02 Jan 2026 13:01:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c7:4f:6d:d0:aa:c5:bc:71:35:01:30:29:25:78:74 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4 Validity Not Before: Jan 1 04:18:29 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=187b71f765caeb22232b795c1cfa39b28bfe5d6c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f1:2c:ce:14:e0:6e:6d:8c:58:f7:8a:97:e8:20: e9:99:8c:6f:00:79:cd:f2:2c:3b:31:c4:34:0a:5b: df:ee:57:d7:dd:21:de:0e:f0:85:7e:4c:d3:bf:b7: 9a:92:c1:61:7d:54:9b:f4:de:a6:15:47:69:c0:bd: 0d:c5:07:75:55:c9:87:d4:1b:77:eb:98:36:e5:f5: 10:ef:55:e4:12:0e:c3:14:46:80:43:4b:95:6a:e4: ad:3a:fe:67:6e:87:ae:c8:ac:0e:40:cb:99:8c:3b: a2:27:7f:23:3d:a7:b6:c0:4b:38:35:c5:02:91:ea: 26:49:f0:3a:a6:52:4f:cb:b9:15:f9:d9:7a:2d:ea: 03:c4:a8:46:a5:56:9c:17:c8:88:ec:91:99:df:19: 97:c4:9a:c6:6b:02:7f:4a:1c:c5:71:b2:73:e3:97: 9b:b9:7a:d2:7a:39:77:30:78:09:d9:3f:ed:99:d2: f2:d3:cc:ba:19:54:c3:ab:d5:81:26:e7:a2:ff:d4: 2e:d0:01:4f:19:47:0a:a9:9e:da:97:28:6a:1d:94: e2:e2:5d:1d:69:3b:d3:49:dd:0c:a7:f5:05:60:3f: d5:58:1b:95:1c:5a:e6:8d:e1:11:90:8c:60:cf:af: 2d:73:1d:22:39:2c:a3:23:b8:f4:80:6c:a4:c4:4f: 68:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 18:7B:71:F7:65:CA:EB:22:23:2B:79:5C:1C:FA:39:B2:8B:FE:5D:6C X509v3 Authority Key Identifier: keyid:D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/GHtx92XK6yIjK3lcHPo5sov-XWw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 89.42.29.0/24 Signature Algorithm: sha256WithRSAEncryption 67:0c:c4:de:8e:75:7f:b0:f3:86:aa:ad:a5:01:19:38:3d:81: b3:3d:c1:42:38:9e:d6:30:7c:9c:3a:35:0f:77:e0:e0:12:9a: 93:35:d8:18:85:41:74:69:32:65:4e:aa:c4:c1:2c:dc:c2:e6: f9:4e:73:20:92:f7:09:d2:5a:58:36:86:9a:25:1c:d1:8b:49: f3:a3:0c:0a:5c:c3:77:79:c7:c8:bb:b1:2e:45:44:9f:d2:40: 4b:fb:60:1d:4f:8b:c9:a7:c2:36:8a:08:42:60:84:7b:8c:36: 7e:f1:a9:ff:2c:bd:20:7f:fb:b2:47:5c:b6:e8:c9:be:38:ee: ab:49:7a:e3:ac:e7:f0:73:13:62:96:28:46:5d:87:4b:ff:0d: d6:5c:2b:a4:7c:20:f6:38:4b:96:b8:5e:c9:56:56:17:fa:ee: 82:15:74:27:1d:22:92:4a:29:06:68:94:83:06:be:f9:6d:cc: f7:b0:e3:b6:e8:bc:31:05:24:49:70:d3:13:f4:57:54:89:72: 27:36:ff:01:27:5b:fe:09:77:10:8a:f6:c2:c6:19:1a:6d:7e: a3:c1:2b:20:ba:00:bf:10:ed:23:89:00:c0:c3:de:4e:6f:88: 68:97:ce:37:45:98:5f:f7:50:67:b7:b1:df:db:c4:29:b4:0b: 70:ba:c7:99 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt3x09t0KrFvHE1ATApJXh0MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ0OGEyN2Y0NGIxMDQwNGM1MmY2ZmZjNGUwOGRjODJiZjhi NWRlZTQwHhcNMjYwMTAxMDQxODI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxODdiNzFmNzY1Y2FlYjIyMjMyYjc5NWMxY2ZhMzliMjhiZmU1ZDZjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8SzOFOBubYxY94qX6CDpmYxvAHnN 8iw7McQ0Clvf7lfX3SHeDvCFfkzTv7eaksFhfVSb9N6mFUdpwL0NxQd1VcmH1Bt3 65g25fUQ71XkEg7DFEaAQ0uVauStOv5nboeuyKwOQMuZjDuiJ38jPae2wEs4NcUC keomSfA6plJPy7kV+dl6LeoDxKhGpVacF8iI7JGZ3xmXxJrGawJ/ShzFcbJz45eb uXrSejl3MHgJ2T/tmdLy08y6GVTDq9WBJuei/9Qu0AFPGUcKqZ7alyhqHZTi4l0d aTvTSd0Mp/UFYD/VWBuVHFrmjeERkIxgz68tcx0iOSyjI7j0gGykxE9oVwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFBh7cfdlyusiIyt5XBz6ObKL/l1sMB8GA1UdIwQY MBaAFNSKJ/RLEEBMUvb/xOCNyCv4td7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYt NTlmNTk4NGI2NGVhLzEvR0h0eDkyWEs2eUlqSzNsY0hQbzVzb3YtWFd3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYtNTlmNTk4NGI2NGVh LzEvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWSodMA0G CSqGSIb3DQEBCwUAA4IBAQBnDMTejnV/sPOGqq2lARk4PYGzPcFCOJ7WMHycOjUP d+DgEpqTNdgYhUF0aTJlTqrEwSzcwub5TnMgkvcJ0lpYNoaaJRzRi0nzowwKXMN3 ecfIu7EuRUSf0kBL+2AdT4vJp8I2ighCYIR7jDZ+8an/LL0gf/uyR1y26Mm+OO6r SXrjrOfwcxNilihGXYdL/w3WXCukfCD2OEuWuF7JVlYX+u6CFXQnHSKSSikGaJSD Br75bcz3sOO26LwxBSRJcNMT9FdUiXInNv8BJ1v+CXcQivbCxhkabX6jwSsgugC/ EO0jiQDAw95Ob4hol843RZhf91Bnt7Hf28QptAtwuseZ -----END CERTIFICATE-----Generated at Thu Jan 1 20:23:17 2026 by rpki-client