This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/GxvKzvrYfrVWjaz2Lqi6nawr3Yw.roa File: GxvKzvrYfrVWjaz2Lqi6nawr3Yw.roa (raw, json) Hash identifier: 70exkaFIdUkaii54d4GFdCApT0j6GgO9TFizg2OQ3B8= Subject key identifier: 1B:1B:CA:CE:FA:D8:7E:B5:56:8D:AC:F6:2E:A8:BA:9D:AC:2B:DD:8C Certificate issuer: /CN=57c670c8db32dd748df797c5c93013d8c91fa839 Certificate serial: 019B7C8091389B662A06095EDDD9324D42E5 Authority key identifier: 57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/GxvKzvrYfrVWjaz2Lqi6nawr3Yw.roa Signing time: Fri 02 Jan 2026 02:19:19 +0000 ROA not before: Fri 02 Jan 2026 02:19:19 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 401163 IP address blocks: 2a00:e460::/29 maxlen: 48 2a0b:d900::/29 maxlen: 48 2a0c:65c0::/29 maxlen: 48 2a0c:6980::/29 maxlen: 48 2a13:97c0::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.crl rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.mft rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 00:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:80:91:38:9b:66:2a:06:09:5e:dd:d9:32:4d:42:e5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=57c670c8db32dd748df797c5c93013d8c91fa839 Validity Not Before: Jan 2 02:19:19 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=1b1bcacefad87eb5568dacf62ea8ba9dac2bdd8c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:bf:e7:ea:47:be:46:b7:33:60:9b:8f:e0:3a: d2:95:78:26:f9:80:58:ab:25:02:8d:25:13:73:8b: 3a:a2:26:0e:59:17:d6:2c:5d:23:90:9a:71:28:32: 02:42:82:7e:d8:94:16:78:3c:fb:5f:36:b5:a5:35: 77:92:3d:99:e6:cc:84:1f:11:9e:9c:a5:ac:ca:72: b2:38:90:2b:c9:7a:ef:8a:75:f5:b0:09:20:f7:d2: 5e:0e:eb:ef:6f:0f:d2:b7:00:ce:b5:b9:0e:cd:a8: 2e:a0:c9:37:09:5a:17:18:af:f5:ed:28:3d:4d:6d: 72:24:42:c6:b8:3c:2a:98:e1:ed:fe:13:23:12:af: 3d:d3:5b:34:7b:72:29:6d:48:55:e5:43:e1:83:cf: 2d:48:1b:26:c1:cf:fe:cc:c1:10:bc:4e:ab:59:65: ef:f8:4f:f6:07:e8:ce:59:3b:bf:ad:bd:07:02:25: 06:e3:62:b6:e8:f0:75:4c:b7:00:65:7e:65:00:d4: 8f:46:d9:67:9c:a2:0f:03:e0:1c:6e:31:9f:21:0c: a6:4e:01:c6:f0:56:5e:e1:23:6b:87:b5:a3:73:62: 67:36:ff:df:74:77:ca:0f:d7:e2:c3:bc:3a:57:28: dd:44:00:26:35:c9:00:22:88:6d:71:27:a6:f4:5b: 98:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1B:1B:CA:CE:FA:D8:7E:B5:56:8D:AC:F6:2E:A8:BA:9D:AC:2B:DD:8C X509v3 Authority Key Identifier: keyid:57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/GxvKzvrYfrVWjaz2Lqi6nawr3Yw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a00:e460::/29 2a0b:d900::/29 2a0c:65c0::/29 2a0c:6980::/29 2a13:97c0::/29 Signature Algorithm: sha256WithRSAEncryption 83:12:13:7e:cf:79:f6:1d:50:80:71:43:87:47:94:4c:28:2b: 5c:47:1e:40:88:d6:25:0b:ab:b3:58:1c:d2:d7:1e:cf:30:ef: 7d:2e:f9:9b:78:51:ad:b6:5f:35:72:5a:cd:ff:bb:af:33:d1: fe:e3:01:ff:05:d7:07:5a:61:7b:c6:83:67:b7:16:9d:16:e5: 97:2f:a7:c9:eb:e2:54:b8:9a:61:65:1c:a2:30:84:b5:6b:7a: f0:8d:f2:d8:81:d5:43:5e:c4:08:77:cc:cd:4a:3a:1f:7a:45: 2f:7f:e8:ce:ce:a8:fa:6c:72:14:63:2f:cc:14:a9:5f:8c:e5: 8d:f9:76:a0:dc:a0:c5:83:cb:97:e8:90:7a:2a:94:0a:38:f0: b4:38:5c:3c:31:0d:a4:9d:50:13:52:4d:44:b1:5f:cb:80:17: ad:c9:4b:bb:38:3d:03:3d:3f:2f:1b:55:f8:2e:bc:7e:52:52: 08:13:bc:26:44:01:52:10:97:99:d7:16:c0:65:25:52:2e:7e: a6:f1:89:8b:5f:16:c1:08:3b:25:b9:08:28:c8:23:fb:e8:8a: ea:71:d9:c6:c7:81:bf:96:95:5b:e1:44:83:14:1a:b8:08:3c: 45:07:6c:f4:eb:b4:1c:f9:7d:da:0e:81:89:61:c0:45:64:f3: d1:fd:dc:d3 -----BEGIN CERTIFICATE----- MIIFGjCCBAKgAwIBAgISAZt8gJE4m2YqBgle3dkyTULlMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDU3YzY3MGM4ZGIzMmRkNzQ4ZGY3OTdjNWM5MzAxM2Q4Yzkx ZmE4MzkwHhcNMjYwMTAyMDIxOTE5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxYjFiY2FjZWZhZDg3ZWI1NTY4ZGFjZjYyZWE4YmE5ZGFjMmJkZDhjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnb/n6ke+RrczYJuP4DrSlXgm+YBY qyUCjSUTc4s6oiYOWRfWLF0jkJpxKDICQoJ+2JQWeDz7Xza1pTV3kj2Z5syEHxGe nKWsynKyOJAryXrvinX1sAkg99JeDuvvbw/StwDOtbkOzaguoMk3CVoXGK/17Sg9 TW1yJELGuDwqmOHt/hMjEq8901s0e3IpbUhV5UPhg88tSBsmwc/+zMEQvE6rWWXv +E/2B+jOWTu/rb0HAiUG42K26PB1TLcAZX5lANSPRtlnnKIPA+AcbjGfIQymTgHG 8FZe4SNrh7Wjc2JnNv/fdHfKD9fiw7w6VyjdRAAmNckAIohtcSem9FuYRQIDAQAB o4ICJjCCAiIwHQYDVR0OBBYEFBsbys762H61Vo2s9i6oup2sK92MMB8GA1UdIwQY MBaAFFfGcMjbMt10jfeXxckwE9jJH6g5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQt MzA0OTVmNDAzNzg0LzEvR3h2S3p2cllmclZXamF6MkxxaTZuYXdyM1l3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQtMzA0OTVmNDAzNzg0 LzEvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzApBAIAAjAjAwUDKgDkYAMF AyoL2QADBQMqDGXAAwUDKgxpgAMFAyoTl8AwDQYJKoZIhvcNAQELBQADggEBAIMS E37PefYdUIBxQ4dHlEwoK1xHHkCI1iULq7NYHNLXHs8w730u+Zt4Ua22XzVyWs3/ u68z0f7jAf8F1wdaYXvGg2e3Fp0W5Zcvp8nr4lS4mmFlHKIwhLVrevCN8tiB1UNe xAh3zM1KOh96RS9/6M7OqPpschRjL8wUqV+M5Y35dqDcoMWDy5fokHoqlAo48LQ4 XDwxDaSdUBNSTUSxX8uAF63JS7s4PQM9Py8bVfguvH5SUggTvCZEAVIQl5nXFsBl JVIufqbxiYtfFsEIOyW5CCjII/voiupx2cbHgb+WlVvhRIMUGrgIPEUHbPTrtBz5 fdoOgYlhwEVk89H93NM= -----END CERTIFICATE-----Generated at Wed Jan 21 08:08:02 2026 by rpki-client