This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/kG-gzSXw7Xcgy38pq49Fm5F8epM.roa File: kG-gzSXw7Xcgy38pq49Fm5F8epM.roa (raw, json) Hash identifier: Z0TU07wUa+vgV6kUb5uXIDhabfu1OKz9XCZUoBsYQ8k= Subject key identifier: 90:6F:A0:CD:25:F0:ED:77:20:CB:7F:29:AB:8F:45:9B:91:7C:7A:93 Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10 Certificate serial: 019B7F84D9E969F68B540EF23824E2325925 Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/kG-gzSXw7Xcgy38pq49Fm5F8epM.roa Signing time: Fri 02 Jan 2026 16:22:51 +0000 ROA not before: Fri 02 Jan 2026 16:22:51 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 6079 IP address blocks: 88.209.194.0/24 maxlen: 24 88.209.216.0/24 maxlen: 24 92.52.219.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.mft rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 06:00:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:84:d9:e9:69:f6:8b:54:0e:f2:38:24:e2:32:59:25 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10 Validity Not Before: Jan 2 16:22:51 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=906fa0cd25f0ed7720cb7f29ab8f459b917c7a93 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8c:47:70:f9:03:a0:9b:37:96:55:83:db:e2:2b: 68:90:59:46:fc:6e:76:d0:c5:30:18:b8:ea:77:06: bb:dd:2b:b6:5c:08:33:87:88:a5:0c:e7:53:4f:d6: 02:89:c9:a2:8b:11:c6:ae:43:6d:18:58:f5:19:67: 94:8d:4a:ba:a2:53:b1:fb:f5:2e:c9:bc:83:6d:75: 1b:da:b4:69:aa:d4:b7:bd:e3:86:74:22:aa:77:6c: 81:1b:94:6c:31:4d:5d:ec:f2:bb:2a:98:c7:1c:e8: be:50:96:25:2b:a5:78:96:8b:e2:f5:5d:c8:6c:6e: 50:21:cb:7e:62:b5:a6:a6:79:9c:ef:38:cb:67:52: b7:68:5f:21:9d:91:35:61:6c:03:1c:fb:4c:7b:1c: 4b:71:c5:2e:73:aa:6f:8e:58:24:21:61:c4:8d:08: 8e:5c:86:8f:13:04:fd:de:78:c7:08:24:67:52:25: 79:66:4a:38:b0:ac:fa:e1:e3:b4:de:1c:68:b7:c2: 7a:96:47:f9:97:e1:f8:2b:00:8d:b7:9c:bc:96:8b: 9a:00:a9:64:2f:d5:6e:4d:02:84:dc:79:4d:2f:2d: ea:5a:e0:80:17:ff:cd:be:f0:c4:93:fd:66:24:b9: 2e:60:ce:bf:bf:79:75:75:fc:f5:e7:0a:88:37:f9: f1:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:6F:A0:CD:25:F0:ED:77:20:CB:7F:29:AB:8F:45:9B:91:7C:7A:93 X509v3 Authority Key Identifier: keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/kG-gzSXw7Xcgy38pq49Fm5F8epM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 88.209.194.0/24 88.209.216.0/24 92.52.219.0/24 Signature Algorithm: sha256WithRSAEncryption 50:3e:01:24:53:18:20:c0:e3:da:97:fe:64:d7:0c:24:33:37: 18:ca:5a:96:2a:bf:bb:a4:ec:5b:88:8c:5d:6c:7f:7b:9b:4d: c1:ea:33:85:75:77:79:52:2c:27:12:46:96:70:63:c6:80:f5: a8:e4:cd:b5:a2:e1:b3:83:b6:33:74:37:48:fe:38:23:54:1b: f7:85:6b:76:c7:5f:09:22:b6:25:33:ac:da:78:b0:e6:59:a3: 33:6c:02:1e:6f:fe:d9:44:4b:55:d2:26:b4:5f:c5:c5:e3:dd: 20:60:db:23:54:4c:06:80:c6:0b:d5:0a:c6:20:bc:82:3f:50: 02:e8:e0:e8:1a:72:8b:5f:b6:69:57:1a:ab:26:c8:fc:21:97: f1:4d:b7:28:0d:ac:db:c4:ed:44:7c:6c:fd:a2:64:aa:8e:ca: ed:8d:b4:b8:4d:4a:06:ff:04:38:f2:95:ed:82:f5:68:e5:f4: 5f:1c:9c:78:5e:10:bd:d4:25:b6:2a:4a:66:a5:13:7c:ea:f3: fe:84:e1:94:54:94:9b:13:22:c8:53:6c:ed:47:3a:5a:2f:06: 88:6e:c5:b1:fe:ce:52:4b:c3:d2:88:de:44:49:59:f2:ab:a9: 4d:42:8f:68:34:c7:5d:e3:26:e3:a2:a9:49:c2:5c:23:4a:a4: 7f:f3:76:1b -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt/hNnpafaLVA7yOCTiMlklMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx MWRhMTAwHhcNMjYwMTAyMTYyMjUxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5MDZmYTBjZDI1ZjBlZDc3MjBjYjdmMjlhYjhmNDU5YjkxN2M3YTkzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjEdw+QOgmzeWVYPb4itokFlG/G52 0MUwGLjqdwa73Su2XAgzh4ilDOdTT9YCicmiixHGrkNtGFj1GWeUjUq6olOx+/Uu ybyDbXUb2rRpqtS3veOGdCKqd2yBG5RsMU1d7PK7KpjHHOi+UJYlK6V4lovi9V3I bG5QIct+YrWmpnmc7zjLZ1K3aF8hnZE1YWwDHPtMexxLccUuc6pvjlgkIWHEjQiO XIaPEwT93njHCCRnUiV5Zko4sKz64eO03hxot8J6lkf5l+H4KwCNt5y8louaAKlk L9VuTQKE3HlNLy3qWuCAF//NvvDEk/1mJLkuYM6/v3l1dfz15wqIN/nxWQIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFJBvoM0l8O13IMt/KauPRZuRfHqTMB8GA1UdIwQY MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt N2U0ZDZmNmY2ZTY2LzEva0ctZ3pTWHc3WGNneTM4cHE0OUZtNUY4ZXBNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2 LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWNHCAwQA WNHYAwQAXDTbMA0GCSqGSIb3DQEBCwUAA4IBAQBQPgEkUxggwOPal/5k1wwkMzcY ylqWKr+7pOxbiIxdbH97m03B6jOFdXd5UiwnEkaWcGPGgPWo5M21ouGzg7YzdDdI /jgjVBv3hWt2x18JIrYlM6zaeLDmWaMzbAIeb/7ZREtV0ia0X8XF490gYNsjVEwG gMYL1QrGILyCP1AC6ODoGnKLX7ZpVxqrJsj8IZfxTbcoDazbxO1EfGz9omSqjsrt jbS4TUoG/wQ48pXtgvVo5fRfHJx4XhC91CW2KkpmpRN86vP+hOGUVJSbEyLIU2zt RzpaLwaIbsWx/s5SS8PSiN5ESVnyq6lNQo9oNMdd4ybjoqlJwlwjSqR/83Yb -----END CERTIFICATE-----Generated at Mon Jan 19 16:54:45 2026 by rpki-client