This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/glK6ZuS9aqKDNeeSV_q0U4t5vXY.roa File: glK6ZuS9aqKDNeeSV_q0U4t5vXY.roa (raw, json) Hash identifier: s7+RSd0SFVoNOLR0ritAMahQjQAKwe5bQ1PhYBQniks= Subject key identifier: 82:52:BA:66:E4:BD:6A:A2:83:35:E7:92:57:FA:B4:53:8B:79:BD:76 Certificate issuer: /CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4 Certificate serial: 019B77C73E9BA46E9C5B8883E745903D589D Authority key identifier: D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/glK6ZuS9aqKDNeeSV_q0U4t5vXY.roa Signing time: Thu 01 Jan 2026 04:18:24 +0000 ROA not before: Thu 01 Jan 2026 04:18:24 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 3320 IP address blocks: 5.35.192.0/21 maxlen: 24 62.112.30.0/24 maxlen: 24 85.204.160.0/22 maxlen: 24 88.135.96.0/20 maxlen: 24 89.39.172.0/23 maxlen: 24 94.26.64.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.mft rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 02 Jan 2026 13:01:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c7:3e:9b:a4:6e:9c:5b:88:83:e7:45:90:3d:58:9d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4 Validity Not Before: Jan 1 04:18:24 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=8252ba66e4bd6aa28335e79257fab4538b79bd76 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:5a:ba:0a:6f:4a:ba:c3:ed:a9:5a:2c:a0:8e: 10:20:9e:7c:76:d9:f7:67:85:f7:b8:bb:a3:5d:c4: bf:51:5a:51:a9:05:4e:5b:9f:e2:3d:fe:83:d8:b3: 0e:be:63:f5:40:97:3e:a7:ea:ff:5d:87:49:11:1b: f6:76:84:2d:c0:26:37:c7:55:56:1b:93:81:08:a1: d2:da:41:71:16:d0:d6:44:52:6d:e2:09:30:7d:f3: 14:3b:7f:1a:84:74:19:82:13:87:49:10:0c:11:ad: ec:b5:04:33:98:2a:5c:29:55:c9:d4:64:0c:43:58: cd:7c:a2:71:03:9b:66:de:55:70:6c:8c:3a:60:28: e8:d8:8e:bf:95:d3:07:ce:c9:46:13:9f:8d:78:2a: ca:58:b9:76:02:ef:15:11:f7:d0:b2:f6:69:c4:0a: 84:72:8b:ab:aa:7f:76:75:0e:e4:1c:07:9f:e9:1c: 87:dc:8c:a3:3b:94:eb:91:3f:e8:e0:00:73:21:ef: 6a:6d:95:d9:31:76:1a:f0:cc:79:a3:3b:76:e4:fe: 44:85:13:9f:68:69:d6:45:9e:7d:06:50:ed:33:ac: 9b:37:62:7a:7c:83:0d:34:df:44:67:4e:06:06:34: 14:e2:39:fa:cd:4e:7b:d4:52:c7:ed:79:6d:35:f9: 4b:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 82:52:BA:66:E4:BD:6A:A2:83:35:E7:92:57:FA:B4:53:8B:79:BD:76 X509v3 Authority Key Identifier: keyid:D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/glK6ZuS9aqKDNeeSV_q0U4t5vXY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.35.192.0/21 62.112.30.0/24 85.204.160.0/22 88.135.96.0/20 89.39.172.0/23 94.26.64.0/23 Signature Algorithm: sha256WithRSAEncryption 4f:02:f6:f6:e1:80:2d:53:58:d6:3c:91:09:f5:ea:66:18:5b: 61:20:7e:ec:26:24:4f:c1:44:24:f8:99:c0:bc:a3:34:f6:c1: 8c:a8:b7:70:0b:59:75:08:1c:c3:ef:17:df:38:80:17:7c:20: f4:3a:cc:79:0e:8a:fb:b6:06:25:1f:fc:60:96:7d:00:12:a9: 8f:e4:9d:43:04:c6:17:79:38:0f:b9:cf:90:06:2e:0a:36:6a: d3:cc:a2:07:50:53:e9:d1:31:5f:16:31:2e:eb:ed:43:a9:7c: 79:0c:9d:82:ef:c5:fa:fc:38:14:0e:9a:51:a2:9c:88:80:d8: 59:c2:63:15:df:b1:25:84:02:3f:54:b3:67:77:42:20:a2:3c: 96:53:64:0c:fd:af:05:d7:b8:1f:6c:9d:f2:e0:73:53:0a:01: 6e:84:55:90:c2:fd:7a:7f:ae:bb:a0:65:ed:15:5c:c4:72:6a: e7:c5:d2:5c:a1:62:85:0c:af:c5:44:62:e2:a3:30:2b:66:6b: 87:e6:a7:d7:eb:df:0d:1e:e7:44:9b:ff:c9:eb:d2:ff:6f:88: 12:e2:ca:47:bb:26:46:a4:0c:1a:b8:26:be:0b:ec:80:38:89: de:3e:7c:4b:29:82:db:9b:59:dd:cb:9b:2d:af:d4:8e:5e:be: 19:9e:e4:ef -----BEGIN CERTIFICATE----- MIIFGzCCBAOgAwIBAgISAZt3xz6bpG6cW4iD50WQPVidMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ0OGEyN2Y0NGIxMDQwNGM1MmY2ZmZjNGUwOGRjODJiZjhi NWRlZTQwHhcNMjYwMTAxMDQxODI0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4MjUyYmE2NmU0YmQ2YWEyODMzNWU3OTI1N2ZhYjQ1MzhiNzliZDc2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0lq6Cm9KusPtqVosoI4QIJ58dtn3 Z4X3uLujXcS/UVpRqQVOW5/iPf6D2LMOvmP1QJc+p+r/XYdJERv2doQtwCY3x1VW G5OBCKHS2kFxFtDWRFJt4gkwffMUO38ahHQZghOHSRAMEa3stQQzmCpcKVXJ1GQM Q1jNfKJxA5tm3lVwbIw6YCjo2I6/ldMHzslGE5+NeCrKWLl2Au8VEffQsvZpxAqE courqn92dQ7kHAef6RyH3IyjO5TrkT/o4ABzIe9qbZXZMXYa8Mx5ozt25P5EhROf aGnWRZ59BlDtM6ybN2J6fIMNNN9EZ04GBjQU4jn6zU571FLH7XltNflLmQIDAQAB o4ICJzCCAiMwHQYDVR0OBBYEFIJSumbkvWqigzXnklf6tFOLeb12MB8GA1UdIwQY MBaAFNSKJ/RLEEBMUvb/xOCNyCv4td7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYt NTlmNTk4NGI2NGVhLzEvZ2xLNlp1UzlhcUtETmVlU1ZfcTBVNHQ1dlhZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYtNTlmNTk4NGI2NGVh LzEvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQDBSPAAwQA PnAeAwQCVcygAwQEWIdgAwQBWSesAwQBXhpAMA0GCSqGSIb3DQEBCwUAA4IBAQBP Avb24YAtU1jWPJEJ9epmGFthIH7sJiRPwUQk+JnAvKM09sGMqLdwC1l1CBzD7xff OIAXfCD0Osx5Dor7tgYlH/xgln0AEqmP5J1DBMYXeTgPuc+QBi4KNmrTzKIHUFPp 0TFfFjEu6+1DqXx5DJ2C78X6/DgUDppRopyIgNhZwmMV37ElhAI/VLNnd0IgojyW U2QM/a8F17gfbJ3y4HNTCgFuhFWQwv16f667oGXtFVzEcmrnxdJcoWKFDK/FRGLi ozArZmuH5qfX698NHudEm//J69L/b4gS4spHuyZGpAwauCa+C+yAOInePnxLKYLb m1ndy5str9SOXr4ZnuTv -----END CERTIFICATE-----Generated at Thu Jan 1 20:30:06 2026 by rpki-client