This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/G1oarEpQ1HehhIqRdk7DFAGgmiQ.roa File: G1oarEpQ1HehhIqRdk7DFAGgmiQ.roa (raw, json) Hash identifier: uEpsg4FN8OC2uVl2IWb3yRhEpeQlijnKosZ4kylGFR8= Subject key identifier: 1B:5A:1A:AC:4A:50:D4:77:A1:84:8A:91:76:4E:C3:14:01:A0:9A:24 Certificate issuer: /CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5 Certificate serial: 019B7BA49C3AA191E27DF375361E2D6EDAAA Authority key identifier: EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/G1oarEpQ1HehhIqRdk7DFAGgmiQ.roa Signing time: Thu 01 Jan 2026 22:19:03 +0000 ROA not before: Thu 01 Jan 2026 22:19:03 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 60591 IP address blocks: 45.87.219.0/24 maxlen: 24 45.135.234.0/24 maxlen: 24 194.62.19.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.crl rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.mft rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 18:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a4:9c:3a:a1:91:e2:7d:f3:75:36:1e:2d:6e:da:aa Signature Algorithm: sha256WithRSAEncryption Issuer: CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5 Validity Not Before: Jan 1 22:19:03 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=1b5a1aac4a50d477a1848a91764ec31401a09a24 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:d0:ca:06:3c:71:04:f3:02:eb:be:fe:ae:05: 71:bd:bf:0c:16:f6:ea:46:d4:64:e3:d2:a6:d7:f7: 52:e8:97:90:88:d3:97:f3:a9:05:fa:2b:09:b1:cd: 42:53:f2:42:dc:7f:52:74:06:be:db:4c:7a:2a:81: 71:90:c9:68:c2:fe:49:b3:9e:bc:45:fb:10:bc:7f: 97:5f:41:c9:b7:dc:2f:0c:9e:2f:c6:7e:ad:05:ae: f6:84:66:33:06:37:4e:64:21:9a:16:26:6c:e8:66: fd:49:27:05:f1:37:da:82:a9:94:92:ca:fc:3f:1c: 28:97:28:12:cd:10:92:fc:9a:9f:80:f4:46:a4:c3: aa:b8:9a:84:dc:a6:4b:0d:97:ff:cf:a3:81:7b:b4: 0a:d3:45:1a:a4:68:95:78:03:9e:6f:74:aa:90:28: b7:6d:3a:40:fa:43:6a:16:47:77:4f:b0:60:74:6f: c0:6d:22:2d:71:84:77:8f:f5:d8:1b:c6:c7:18:ea: 29:61:1a:79:3f:50:92:3f:39:cb:ba:4b:12:2a:76: 51:fc:bd:36:be:cb:6e:49:84:f8:95:fb:17:5f:c1: f5:d9:10:ee:cc:86:64:68:55:91:01:7e:0b:09:62: 3f:ca:d7:33:a1:74:99:df:c3:a5:e7:8c:8e:df:f7: 76:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1B:5A:1A:AC:4A:50:D4:77:A1:84:8A:91:76:4E:C3:14:01:A0:9A:24 X509v3 Authority Key Identifier: keyid:EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/G1oarEpQ1HehhIqRdk7DFAGgmiQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.87.219.0/24 45.135.234.0/24 194.62.19.0/24 Signature Algorithm: sha256WithRSAEncryption 8d:50:15:57:95:3d:1f:02:fa:12:50:15:14:9a:02:32:1e:b9: 91:c8:3c:1f:f0:89:38:b9:50:dd:41:2b:d7:e8:b9:ee:58:8e: 57:a7:27:ae:3b:33:a5:9a:f7:51:f7:d2:e1:87:fa:f0:1e:d5: 68:e3:d1:00:55:e2:53:26:20:3d:4d:67:60:cc:06:73:31:13: fa:e1:4b:55:89:ff:3e:d4:c9:0e:f6:da:99:ad:9d:41:ac:9b: b4:0a:3a:c1:87:6f:83:5f:cf:29:62:ec:98:8d:95:3a:5b:d4: 61:9e:42:ba:45:ce:b5:ea:04:dd:f7:af:88:84:75:ea:45:cf: a9:56:34:78:ec:54:42:98:43:e0:24:49:d4:47:ab:3a:88:25: 42:54:ae:7a:19:4d:b1:8e:2a:4c:7b:b0:55:82:9d:39:1b:56: 29:40:cc:30:a8:ca:86:17:13:52:33:83:4c:03:b2:ba:3d:d0: 05:72:ea:ec:96:d5:b8:2b:2b:4e:b4:a2:ca:f6:3e:8c:34:34: b6:57:47:ce:ca:42:40:61:dc:f8:44:be:9c:12:f2:21:43:bf: db:09:ac:01:fd:3f:b0:11:b4:30:3c:4f:c9:fb:9b:18:16:df: 26:b0:ec:aa:58:19:ea:cb:d2:31:1b:15:90:7e:9e:0b:a9:5d: 29:b3:7f:5b -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt7pJw6oZHiffN1Nh4tbtqqMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGVlYmJmMzE3ZTVmYWY1ZWYwMmM5Y2NlNzk1MjdkNWU3NGI4 YWJjYzUwHhcNMjYwMTAxMjIxOTAzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxYjVhMWFhYzRhNTBkNDc3YTE4NDhhOTE3NjRlYzMxNDAxYTA5YTI0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs9DKBjxxBPMC677+rgVxvb8MFvbq RtRk49Km1/dS6JeQiNOX86kF+isJsc1CU/JC3H9SdAa+20x6KoFxkMlowv5Js568 RfsQvH+XX0HJt9wvDJ4vxn6tBa72hGYzBjdOZCGaFiZs6Gb9SScF8TfagqmUksr8 PxwolygSzRCS/JqfgPRGpMOquJqE3KZLDZf/z6OBe7QK00UapGiVeAOeb3SqkCi3 bTpA+kNqFkd3T7BgdG/AbSItcYR3j/XYG8bHGOopYRp5P1CSPznLuksSKnZR/L02 vstuSYT4lfsXX8H12RDuzIZkaFWRAX4LCWI/ytczoXSZ38Ol54yO3/d21wIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFBtaGqxKUNR3oYSKkXZOwxQBoJokMB8GA1UdIwQY MBaAFO678xfl+vXvAsnM55Un1edLirzFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMt NmZlOWJmNjA1NjFjLzEvRzFvYXJFcFExSGVoaElxUmRrN0RGQUdnbWlRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMtNmZlOWJmNjA1NjFj LzEvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALVfbAwQA LYfqAwQAwj4TMA0GCSqGSIb3DQEBCwUAA4IBAQCNUBVXlT0fAvoSUBUUmgIyHrmR yDwf8Ik4uVDdQSvX6LnuWI5XpyeuOzOlmvdR99Lhh/rwHtVo49EAVeJTJiA9TWdg zAZzMRP64UtVif8+1MkO9tqZrZ1BrJu0CjrBh2+DX88pYuyYjZU6W9RhnkK6Rc61 6gTd96+IhHXqRc+pVjR47FRCmEPgJEnUR6s6iCVCVK56GU2xjipMe7BVgp05G1Yp QMwwqMqGFxNSM4NMA7K6PdAFcursltW4KytOtKLK9j6MNDS2V0fOykJAYdz4RL6c EvIhQ7/bCawB/T+wEbQwPE/J+5sYFt8msOyqWBnqy9IxGxWQfp4LqV0ps39b -----END CERTIFICATE-----Generated at Tue Jan 20 02:46:31 2026 by rpki-client