This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/GSKltRzwqtq3uwngFid9BSmSjOQ.roa File: GSKltRzwqtq3uwngFid9BSmSjOQ.roa (raw, json) Hash identifier: owxd0Yzk+D3Jqg2uwdZTTNJRtIg1v+dauGeh8S+XVZ8= Subject key identifier: 19:22:A5:B5:1C:F0:AA:DA:B7:BB:09:E0:16:27:7D:05:29:92:8C:E4 Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003 Certificate serial: 019A8F6BCCDB7B2A246BD8BCD5EBCE0164F8 Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/GSKltRzwqtq3uwngFid9BSmSjOQ.roa Signing time: Mon 17 Nov 2025 01:26:37 +0000 ROA not before: Mon 17 Nov 2025 01:26:37 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 215730 IP address blocks: 64.188.91.0/24 maxlen: 24 144.31.0.0/21 maxlen: 24 144.31.90.0/24 maxlen: 24 144.31.94.0/24 maxlen: 24 144.31.125.0/24 maxlen: 24 193.23.193.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.mft rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 11:00:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:8f:6b:cc:db:7b:2a:24:6b:d8:bc:d5:eb:ce:01:64:f8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003 Validity Not Before: Nov 17 01:26:37 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=1922a5b51cf0aadab7bb09e016277d0529928ce4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:38:34:17:cd:7e:8d:78:42:65:56:84:66:ed: 19:49:fc:16:bb:c8:4c:55:24:b1:d3:ca:8e:e0:ad: d9:cc:db:bd:12:8c:e9:97:c0:45:b7:f3:d2:a8:c4: e4:a9:d8:c9:5f:86:82:db:77:2c:b6:c4:7a:94:24: 86:96:66:b6:b1:c9:29:d1:c9:2e:b2:6c:3a:96:77: 4f:85:d9:5d:e1:85:b2:ac:9b:fd:16:9b:2a:37:77: c1:65:8b:11:0f:2d:66:77:c0:0f:f2:b3:88:41:f9: 3b:b5:61:4a:09:6e:e6:18:ce:9e:48:39:4c:40:a1: 3b:80:68:60:64:50:9d:e8:a2:85:1e:5c:52:f1:2d: 03:05:ea:4d:c8:b4:52:43:3f:f9:2f:26:ee:26:e3: 6d:fa:b9:96:71:8f:b7:84:d9:b7:78:05:07:3a:07: a4:b2:40:ef:ff:4c:57:8b:6c:58:f6:fe:3a:a3:9b: bb:42:e2:c8:b7:9a:b5:9b:cc:5b:74:7f:6c:56:72: 8c:5a:06:d6:0c:71:01:83:1e:d2:2f:ae:d1:ec:1f: ab:ea:4a:fb:11:a1:9f:d6:e1:ce:74:36:94:d6:d9: 22:de:e6:3e:d0:4b:14:f6:aa:19:b0:bb:ba:12:fb: 7d:99:87:36:6e:65:f3:70:1c:5a:1a:2b:b8:2c:3d: 1f:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 19:22:A5:B5:1C:F0:AA:DA:B7:BB:09:E0:16:27:7D:05:29:92:8C:E4 X509v3 Authority Key Identifier: keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/GSKltRzwqtq3uwngFid9BSmSjOQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 64.188.91.0/24 144.31.0.0/21 144.31.90.0/24 144.31.94.0/24 144.31.125.0/24 193.23.193.0/24 Signature Algorithm: sha256WithRSAEncryption 5c:da:fc:21:30:1f:8c:59:ee:c3:ae:dc:6a:e5:25:82:d6:09: 03:9f:ab:9c:53:88:1a:7e:f3:ff:48:bc:7c:ba:77:e2:9b:12: 5e:12:55:fa:95:c8:25:4b:77:e8:ae:bc:6d:2b:41:c1:f0:5b: 97:2e:a7:74:2e:3c:b4:6d:46:93:b2:df:4b:95:c0:a0:52:3e: eb:17:78:2e:e4:d4:ff:f7:33:e5:49:62:4c:da:15:42:ab:75: f5:23:c1:1d:0e:d4:d6:d3:e7:5f:9d:8a:9f:27:45:e4:b1:5d: 80:cd:35:e2:76:17:be:1b:15:66:15:52:de:90:7d:88:de:fc: 91:e3:cb:ab:46:15:34:70:a0:27:cd:6e:f2:f0:ae:36:f3:ae: a2:39:f9:09:c9:b9:18:fd:08:b3:3e:87:12:3f:be:d3:e7:63: 6d:9a:71:0c:fa:21:43:8f:db:8c:46:06:8d:c7:8a:b1:51:e0: d8:00:d1:de:3a:d1:59:63:81:98:b9:18:c1:0c:91:f6:8a:e4: e1:4e:67:a9:78:02:40:1e:ae:55:76:b6:53:11:3c:d0:a9:fe: be:89:4c:63:f5:10:b0:b3:24:5b:ae:9d:c3:82:6a:e4:cd:63: 49:7e:c2:2d:9f:50:84:66:cc:10:85:8a:27:b6:8d:cb:51:2f: fd:0e:36:32 -----BEGIN CERTIFICATE----- MIIFGzCCBAOgAwIBAgISAZqPa8zbeyoka9i81evOAWT4MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4 NDAwMDMwHhcNMjUxMTE3MDEyNjM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxOTIyYTViNTFjZjBhYWRhYjdiYjA5ZTAxNjI3N2QwNTI5OTI4Y2U0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzzg0F81+jXhCZVaEZu0ZSfwWu8hM VSSx08qO4K3ZzNu9Eozpl8BFt/PSqMTkqdjJX4aC23cstsR6lCSGlma2sckp0cku smw6lndPhdld4YWyrJv9FpsqN3fBZYsRDy1md8AP8rOIQfk7tWFKCW7mGM6eSDlM QKE7gGhgZFCd6KKFHlxS8S0DBepNyLRSQz/5LybuJuNt+rmWcY+3hNm3eAUHOgek skDv/0xXi2xY9v46o5u7QuLIt5q1m8xbdH9sVnKMWgbWDHEBgx7SL67R7B+r6kr7 EaGf1uHOdDaU1tki3uY+0EsU9qoZsLu6Evt9mYc2bmXzcBxaGiu4LD0f+QIDAQAB o4ICJzCCAiMwHQYDVR0OBBYEFBkipbUc8Krat7sJ4BYnfQUpkozkMB8GA1UdIwQY MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt MTQzOTY3YThmZTA4LzEvR1NLbHRSendxdHEzdXduZ0ZpZDlCU21Tak9RLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4 LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAQLxbAwQD kB8AAwQAkB9aAwQAkB9eAwQAkB99AwQAwRfBMA0GCSqGSIb3DQEBCwUAA4IBAQBc 2vwhMB+MWe7Drtxq5SWC1gkDn6ucU4gafvP/SLx8unfimxJeElX6lcglS3forrxt K0HB8FuXLqd0Ljy0bUaTst9LlcCgUj7rF3gu5NT/9zPlSWJM2hVCq3X1I8EdDtTW 0+dfnYqfJ0XksV2AzTXidhe+GxVmFVLekH2I3vyR48urRhU0cKAnzW7y8K42866i OfkJybkY/QizPocSP77T52NtmnEM+iFDj9uMRgaNx4qxUeDYANHeOtFZY4GYuRjB DJH2iuThTmepeAJAHq5VdrZTETzQqf6+iUxj9RCwsyRbrp3DgmrkzWNJfsItn1CE ZswQhYonto3LUS/9DjYy -----END CERTIFICATE-----Generated at Fri Dec 5 17:53:25 2025 by rpki-client