This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/d853d7-7785-4e6d-993c-7c6e4809df59/1/GNpQl66SlLD7k64oHfoj3L0otEQ.roa File: GNpQl66SlLD7k64oHfoj3L0otEQ.roa (raw, json) Hash identifier: fuge2Ih7rkHNFHBfjSZi6ZhVlTXhFgJG1F6DrgT5vw0= Subject key identifier: 18:DA:50:97:AE:92:94:B0:FB:93:AE:28:1D:FA:23:DC:BD:28:B4:44 Certificate issuer: /CN=997ad9f5cda66d961d1bceefc463e629ee819a5c Certificate serial: 019AB69FB35282A25DB7225966F7814B5BD4 Authority key identifier: 99:7A:D9:F5:CD:A6:6D:96:1D:1B:CE:EF:C4:63:E6:29:EE:81:9A:5C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mXrZ9c2mbZYdG87vxGPmKe6Bmlw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/d853d7-7785-4e6d-993c-7c6e4809df59/1/GNpQl66SlLD7k64oHfoj3L0otEQ.roa Signing time: Mon 24 Nov 2025 16:08:30 +0000 ROA not before: Mon 24 Nov 2025 16:08:30 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 211823 IP address blocks: 45.156.88.0/22 maxlen: 22 2a11:bc40::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/d853d7-7785-4e6d-993c-7c6e4809df59/1/mXrZ9c2mbZYdG87vxGPmKe6Bmlw.crl rsync://rpki.ripe.net/repository/DEFAULT/47/d853d7-7785-4e6d-993c-7c6e4809df59/1/mXrZ9c2mbZYdG87vxGPmKe6Bmlw.mft rsync://rpki.ripe.net/repository/DEFAULT/mXrZ9c2mbZYdG87vxGPmKe6Bmlw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 24 Dec 2025 13:00:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:b6:9f:b3:52:82:a2:5d:b7:22:59:66:f7:81:4b:5b:d4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=997ad9f5cda66d961d1bceefc463e629ee819a5c Validity Not Before: Nov 24 16:08:30 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=18da5097ae9294b0fb93ae281dfa23dcbd28b444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:39:ec:b6:07:8d:04:3c:47:d2:b2:15:ae:53: a5:da:e5:00:8d:19:c0:3a:84:e1:36:d5:2e:05:72: f9:a5:bd:2a:c8:eb:00:af:cf:06:a7:1d:9f:ff:69: 8f:97:5e:56:9b:9e:27:45:af:7b:2f:f1:03:cb:55: db:12:b5:dc:a4:ca:71:d3:6c:78:d5:92:a6:16:00: 0c:0e:ad:94:ce:3f:f6:15:2a:bc:87:28:6e:9b:f0: d7:7d:51:a0:7a:fe:9a:f1:3e:2b:ac:4a:0b:b6:d6: 64:a7:5f:c9:06:24:bd:a4:41:69:e7:8f:14:31:39: 35:ba:c1:3a:3a:2d:b0:0f:d2:bc:d4:c0:25:4a:54: 29:36:31:34:a6:bb:8d:f0:e0:a1:34:c2:0f:d8:12: 35:a0:5d:82:5c:3a:19:09:94:53:c6:94:b4:9d:c0: b9:ca:ce:e7:c6:a1:2f:85:e4:df:23:56:ff:d3:53: eb:d1:31:ae:2a:fb:21:76:b7:e9:eb:9e:eb:85:d2: 2e:ae:c9:21:f5:4f:23:cf:76:d8:c8:88:35:61:ae: 9a:85:35:ba:80:87:0d:90:9c:9a:0d:09:e6:d7:6b: 23:de:1f:6e:bd:9d:be:ff:b7:53:0c:87:21:eb:ef: f1:3f:47:6b:59:f5:58:49:c9:36:b8:27:ed:f0:cc: 84:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 18:DA:50:97:AE:92:94:B0:FB:93:AE:28:1D:FA:23:DC:BD:28:B4:44 X509v3 Authority Key Identifier: keyid:99:7A:D9:F5:CD:A6:6D:96:1D:1B:CE:EF:C4:63:E6:29:EE:81:9A:5C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mXrZ9c2mbZYdG87vxGPmKe6Bmlw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/d853d7-7785-4e6d-993c-7c6e4809df59/1/GNpQl66SlLD7k64oHfoj3L0otEQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/47/d853d7-7785-4e6d-993c-7c6e4809df59/1/mXrZ9c2mbZYdG87vxGPmKe6Bmlw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.156.88.0/22 IPv6: 2a11:bc40::/29 Signature Algorithm: sha256WithRSAEncryption 21:dd:5e:ee:f9:24:ad:f1:6f:85:15:6b:52:f6:a0:67:27:7d: 89:38:81:6d:ea:f5:90:29:e2:89:ca:2a:ea:18:80:c9:2d:64: 1e:41:1f:83:9e:80:5b:b7:5c:36:a6:30:f7:2d:27:f9:f8:87: dd:1e:d7:bd:48:5b:57:4c:3a:89:7d:f0:85:94:37:af:fe:2b: 91:96:cd:cd:88:d2:c0:55:c2:ee:27:96:da:86:9a:86:4a:23: 6c:ce:e9:0b:ce:62:2c:9e:68:c2:4c:c6:6d:c5:89:06:31:a6: b3:db:d6:cd:ad:65:e1:24:4f:24:1f:38:15:c6:a6:29:05:d8: f5:10:14:03:5f:f5:2e:2e:5b:78:a3:9d:21:1a:a3:e5:f9:86: 56:36:97:34:11:b0:65:f3:9e:f9:da:48:72:69:ab:52:3f:7e: 64:15:99:42:2e:af:44:fc:72:aa:b9:27:7a:12:e7:a9:f8:22: 61:99:d9:45:81:75:1b:59:f2:ce:2d:a7:66:db:06:de:c8:e6: 8d:fc:53:dd:d7:d9:cf:bd:34:29:62:11:4b:ab:af:dc:e0:b3: ca:25:84:50:c5:57:1b:c1:d5:bc:da:28:de:39:b1:17:0a:62: 19:cd:e5:2e:27:9a:df:d2:d8:94:fa:3b:28:73:a2:c7:f3:e2: 36:ad:28:3d -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZq2n7NSgqJdtyJZZveBS1vUMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk5N2FkOWY1Y2RhNjZkOTYxZDFiY2VlZmM0NjNlNjI5ZWU4 MTlhNWMwHhcNMjUxMTI0MTYwODMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxOGRhNTA5N2FlOTI5NGIwZmI5M2FlMjgxZGZhMjNkY2JkMjhiNDQ0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmznstgeNBDxH0rIVrlOl2uUAjRnA OoThNtUuBXL5pb0qyOsAr88Gpx2f/2mPl15Wm54nRa97L/EDy1XbErXcpMpx02x4 1ZKmFgAMDq2Uzj/2FSq8hyhum/DXfVGgev6a8T4rrEoLttZkp1/JBiS9pEFp548U MTk1usE6Oi2wD9K81MAlSlQpNjE0pruN8OChNMIP2BI1oF2CXDoZCZRTxpS0ncC5 ys7nxqEvheTfI1b/01Pr0TGuKvshdrfp657rhdIurskh9U8jz3bYyIg1Ya6ahTW6 gIcNkJyaDQnm12sj3h9uvZ2+/7dTDIch6+/xP0drWfVYSck2uCft8MyECQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFBjaUJeukpSw+5OuKB36I9y9KLREMB8GA1UdIwQY MBaAFJl62fXNpm2WHRvO78Rj5inugZpcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbVhyWjljMm1iWllkRzg3dnhHUG1LZTZCbWx3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9kODUzZDctNzc4NS00ZTZkLTk5M2Mt N2M2ZTQ4MDlkZjU5LzEvR05wUWw2NlNsTEQ3azY0b0hmb2ozTDBvdEVRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Ny9kODUzZDctNzc4NS00ZTZkLTk5M2MtN2M2ZTQ4MDlkZjU5 LzEvbVhyWjljMm1iWllkRzg3dnhHUG1LZTZCbWx3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLZxYMA0E AgACMAcDBQMqEbxAMA0GCSqGSIb3DQEBCwUAA4IBAQAh3V7u+SSt8W+FFWtS9qBn J32JOIFt6vWQKeKJyirqGIDJLWQeQR+DnoBbt1w2pjD3LSf5+IfdHte9SFtXTDqJ ffCFlDev/iuRls3NiNLAVcLuJ5bahpqGSiNszukLzmIsnmjCTMZtxYkGMaaz29bN rWXhJE8kHzgVxqYpBdj1EBQDX/UuLlt4o50hGqPl+YZWNpc0EbBl85752khyaatS P35kFZlCLq9E/HKquSd6Euep+CJhmdlFgXUbWfLOLadm2wbeyOaN/FPd19nPvTQp YhFLq6/c4LPKJYRQxVcbwdW82ijeObEXCmIZzeUuJ5rf0tiU+jsoc6LH8+I2rSg9 -----END CERTIFICATE-----Generated at Tue Dec 23 16:50:45 2025 by rpki-client