This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/f96baf-41f3-4986-b93a-417b4fa564ea/1/GxZT3TgjmIKtK7JQv_iwpTOXSpw.roa File: GxZT3TgjmIKtK7JQv_iwpTOXSpw.roa (raw, json) Hash identifier: wlz5MW9CjtjeRzCliv1fAr4V5uA0E+YvY/dHxPuCPaY= Subject key identifier: 1B:16:53:DD:38:23:98:82:AD:2B:B2:50:BF:F8:B0:A5:33:97:4A:9C Certificate issuer: /CN=35902c9b640fc6d57c237714ed24da17f2d3e474 Certificate serial: 019B7D5D363A5DFC274C2E1E5D60709F0803 Authority key identifier: 35:90:2C:9B:64:0F:C6:D5:7C:23:77:14:ED:24:DA:17:F2:D3:E4:74 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NZAsm2QPxtV8I3cU7STaF_LT5HQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/f96baf-41f3-4986-b93a-417b4fa564ea/1/GxZT3TgjmIKtK7JQv_iwpTOXSpw.roa Signing time: Fri 02 Jan 2026 06:20:19 +0000 ROA not before: Fri 02 Jan 2026 06:20:19 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 16007 IP address blocks: 185.120.132.0/22 maxlen: 22 217.25.192.0/20 maxlen: 20 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e2/f96baf-41f3-4986-b93a-417b4fa564ea/1/NZAsm2QPxtV8I3cU7STaF_LT5HQ.crl rsync://rpki.ripe.net/repository/DEFAULT/e2/f96baf-41f3-4986-b93a-417b4fa564ea/1/NZAsm2QPxtV8I3cU7STaF_LT5HQ.mft rsync://rpki.ripe.net/repository/DEFAULT/NZAsm2QPxtV8I3cU7STaF_LT5HQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 12:00:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5d:36:3a:5d:fc:27:4c:2e:1e:5d:60:70:9f:08:03 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=35902c9b640fc6d57c237714ed24da17f2d3e474 Validity Not Before: Jan 2 06:20:19 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=1b1653dd38239882ad2bb250bff8b0a533974a9c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:49:53:4e:40:2c:c3:16:6f:9c:1e:10:5c:9b: a0:57:a5:9d:82:3f:6f:aa:c9:2e:89:aa:2c:98:78: 65:4f:44:a1:56:ff:5d:2e:85:43:08:4a:d0:80:cc: 3a:4f:06:63:1d:3c:d5:42:c6:27:02:b9:a1:f2:44: 0d:2c:0a:b0:ba:95:20:cd:63:fa:8e:68:4a:7a:11: 13:f8:2e:0c:a9:cd:0f:c2:5f:ee:e3:2e:0c:ca:c5: ff:9c:65:34:e3:e3:16:d6:51:01:85:7d:43:ea:e5: 35:34:35:c0:aa:77:36:22:1b:ef:8e:ae:a9:f3:1f: 5e:b4:0f:52:7a:5f:71:78:99:e0:64:a5:3d:4e:c3: 5b:6a:b3:c2:61:2b:4a:86:64:38:5b:f1:c5:9d:84: c8:74:11:b0:40:a3:93:f6:88:a3:fb:25:7b:d6:f8: f3:81:18:f2:b2:4c:2e:5e:ee:0a:0a:8b:3d:eb:8c: 11:9f:64:8f:30:0d:d9:a9:50:b4:c2:3a:96:b8:d4: 19:13:bc:57:8c:02:43:7d:37:56:43:98:f4:a9:b3: f9:25:29:ad:94:36:3f:23:14:a0:6d:e9:85:6f:5c: 47:76:18:0c:46:1d:8f:d7:f6:bf:c8:49:14:ce:71: ae:04:bd:19:8e:0f:08:f7:cd:33:32:ac:fb:fc:0a: e5:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1B:16:53:DD:38:23:98:82:AD:2B:B2:50:BF:F8:B0:A5:33:97:4A:9C X509v3 Authority Key Identifier: keyid:35:90:2C:9B:64:0F:C6:D5:7C:23:77:14:ED:24:DA:17:F2:D3:E4:74 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZAsm2QPxtV8I3cU7STaF_LT5HQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/f96baf-41f3-4986-b93a-417b4fa564ea/1/GxZT3TgjmIKtK7JQv_iwpTOXSpw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/f96baf-41f3-4986-b93a-417b4fa564ea/1/NZAsm2QPxtV8I3cU7STaF_LT5HQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.120.132.0/22 217.25.192.0/20 Signature Algorithm: sha256WithRSAEncryption 1b:6e:62:17:3a:f4:08:61:56:2b:ff:69:98:64:07:ea:f5:62: d4:e2:be:41:98:64:cc:9c:1c:1b:ef:d7:90:1f:46:f6:c0:50: 29:40:06:f3:17:96:dc:13:95:74:11:e5:0d:1d:fb:49:d3:82: 9d:27:2f:69:d4:bf:74:36:9a:38:33:55:77:1e:2a:31:f5:69: ec:74:30:d2:9b:d9:6b:76:60:40:69:b2:c3:16:20:07:36:07: 46:e8:82:e5:a2:d2:d4:5e:82:f8:1e:60:a2:bd:51:04:e7:84: ba:71:8e:70:c9:5a:9f:ba:74:e0:32:a8:22:5b:c3:04:d6:33: 5e:0a:5d:b1:66:1b:c2:25:5d:ef:58:bf:da:a0:2b:55:b3:8c: e1:e4:f3:bb:0a:8c:0e:ba:29:99:7f:37:ad:95:41:5d:70:93: 18:c9:61:d1:fa:9f:e7:70:bc:19:77:09:6d:09:bd:52:31:d0: 92:48:08:7c:f3:9a:6a:6a:03:c3:0c:70:36:60:17:7e:e3:ca: 40:d8:7b:ee:1f:34:45:a7:42:60:12:a0:11:32:9e:d1:a7:89: 47:a5:8e:80:f2:5a:fe:d4:c3:40:db:81:e1:91:77:2d:71:aa: 00:20:a7:21:48:f7:bd:0c:5f:fa:7d:a1:f3:c4:33:52:a6:55: e6:ab:51:75 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt9XTY6XfwnTC4eXWBwnwgDMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM1OTAyYzliNjQwZmM2ZDU3YzIzNzcxNGVkMjRkYTE3ZjJk M2U0NzQwHhcNMjYwMTAyMDYyMDE5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxYjE2NTNkZDM4MjM5ODgyYWQyYmIyNTBiZmY4YjBhNTMzOTc0YTljMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmUlTTkAswxZvnB4QXJugV6Wdgj9v qskuiaosmHhlT0ShVv9dLoVDCErQgMw6TwZjHTzVQsYnArmh8kQNLAqwupUgzWP6 jmhKehET+C4Mqc0Pwl/u4y4MysX/nGU04+MW1lEBhX1D6uU1NDXAqnc2Ihvvjq6p 8x9etA9Sel9xeJngZKU9TsNbarPCYStKhmQ4W/HFnYTIdBGwQKOT9oij+yV71vjz gRjyskwuXu4KCos964wRn2SPMA3ZqVC0wjqWuNQZE7xXjAJDfTdWQ5j0qbP5JSmt lDY/IxSgbemFb1xHdhgMRh2P1/a/yEkUznGuBL0Zjg8I980zMqz7/ArlBwIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFBsWU904I5iCrSuyUL/4sKUzl0qcMB8GA1UdIwQY MBaAFDWQLJtkD8bVfCN3FO0k2hfy0+R0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTlpBc20yUVB4dFY4STNjVTdTVGFGX0xUNUhRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9mOTZiYWYtNDFmMy00OTg2LWI5M2Et NDE3YjRmYTU2NGVhLzEvR3haVDNUZ2ptSUt0SzdKUXZfaXdwVE9YU3B3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lMi9mOTZiYWYtNDFmMy00OTg2LWI5M2EtNDE3YjRmYTU2NGVh LzEvTlpBc20yUVB4dFY4STNjVTdTVGFGX0xUNUhRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuXiEAwQE 2RnAMA0GCSqGSIb3DQEBCwUAA4IBAQAbbmIXOvQIYVYr/2mYZAfq9WLU4r5BmGTM nBwb79eQH0b2wFApQAbzF5bcE5V0EeUNHftJ04KdJy9p1L90Npo4M1V3Hiox9Wns dDDSm9lrdmBAabLDFiAHNgdG6ILlotLUXoL4HmCivVEE54S6cY5wyVqfunTgMqgi W8ME1jNeCl2xZhvCJV3vWL/aoCtVs4zh5PO7CowOuimZfzetlUFdcJMYyWHR+p/n cLwZdwltCb1SMdCSSAh885pqagPDDHA2YBd+48pA2HvuHzRFp0JgEqARMp7Rp4lH pY6A8lr+1MNA24HhkXctcaoAIKchSPe9DF/6faHzxDNSplXmq1F1 -----END CERTIFICATE-----Generated at Mon Feb 9 22:31:38 2026 by rpki-client