This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/BkOYswgZfHx9z8pPUTrNgNwLLlE.roa File: BkOYswgZfHx9z8pPUTrNgNwLLlE.roa (raw, json) Hash identifier: nvJ5cmkQxhgkb3E+SEvgYpIhbuIhfpcH9E9ZvEe6ZTE= Subject key identifier: 06:43:98:B3:08:19:7C:7C:7D:CF:CA:4F:51:3A:CD:80:DC:0B:2E:51 Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008 Certificate serial: 019B7EA6E0A5C1D521419DA5C2C3DAF19910 Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/BkOYswgZfHx9z8pPUTrNgNwLLlE.roa Signing time: Fri 02 Jan 2026 12:20:24 +0000 ROA not before: Fri 02 Jan 2026 12:20:24 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 202297 IP address blocks: 2a0c:9a40:8089::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.mft rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 20:29:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a6:e0:a5:c1:d5:21:41:9d:a5:c2:c3:da:f1:99:10 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008 Validity Not Before: Jan 2 12:20:24 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=064398b308197c7c7dcfca4f513acd80dc0b2e51 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:f0:28:ea:e4:71:64:ef:b9:9b:ca:38:bf:0d: 27:4d:ad:5d:21:22:67:9d:da:69:11:6d:97:26:2b: 40:91:05:29:2b:b2:21:53:5d:ec:d3:a2:5f:13:d2: c8:6a:40:5d:35:89:f4:52:d5:af:d5:11:6a:f8:24: 14:20:42:6e:38:18:9f:0a:03:2f:d6:50:02:86:fc: f8:7c:80:1b:0b:95:12:52:bd:b1:97:46:40:b1:9d: c1:92:49:f9:e6:79:97:8d:9c:1e:b6:17:51:9c:91: c7:6f:85:87:b0:22:cb:4d:45:17:be:32:e8:06:ac: b5:5a:66:54:50:38:c3:84:10:f9:e5:63:4a:9f:6d: a1:4e:27:8e:cc:74:ff:5e:dd:e1:d2:3b:3a:0d:fb: c0:95:5a:09:8e:3d:b3:48:c7:5c:02:82:69:1b:1a: 0f:44:a7:89:81:3c:a1:f5:23:c6:b6:0e:e2:04:a0: 8e:bc:8a:79:c3:f7:e8:50:25:ca:80:8d:ae:f0:29: 80:a7:cb:d1:32:6b:1c:5d:5e:a1:33:2a:09:15:b3: 61:8a:28:31:7f:af:8c:b7:96:a9:94:33:60:b8:38: ce:a6:4c:4c:cc:0b:1d:e7:44:b0:99:c6:d2:4a:d2: f5:1a:c5:20:b8:11:5d:92:13:7c:81:e8:d4:45:49: 45:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 06:43:98:B3:08:19:7C:7C:7D:CF:CA:4F:51:3A:CD:80:DC:0B:2E:51 X509v3 Authority Key Identifier: keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/BkOYswgZfHx9z8pPUTrNgNwLLlE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0c:9a40:8089::/48 Signature Algorithm: sha256WithRSAEncryption 63:3b:74:2e:4f:5b:6a:73:06:44:5b:7f:8f:6e:f6:d3:fa:f3: c6:8a:30:e1:82:9e:5c:c9:45:94:a9:14:c2:13:52:38:64:e9: 53:bb:cc:6f:1d:40:09:6e:f1:41:2e:b7:24:37:08:e8:be:aa: dc:7a:44:22:a9:33:3a:17:cb:1a:0b:62:81:96:83:2f:80:29: f5:ae:e4:6e:e2:46:84:3b:f8:61:e6:8a:bf:0d:df:30:66:7e: bc:5d:14:48:35:76:98:36:ef:19:b3:33:c2:55:47:24:9e:3e: e7:a7:e5:38:cd:73:1f:56:ed:9f:7c:15:c2:f8:42:2c:b6:38: 95:1f:ca:ec:c3:c2:43:c3:35:15:63:39:c6:30:b2:df:87:bd: f5:a2:84:c6:90:11:f6:c0:b4:4c:4d:a0:fd:a3:a0:8e:f9:e0: 82:28:c4:92:7e:33:a1:96:00:b2:b6:a3:d8:a3:09:6d:e5:7f: f5:2a:ef:bc:fa:33:b0:85:ae:a2:e3:24:f3:80:7e:e4:99:20: 04:fd:8d:39:02:2b:20:d7:0e:b2:ef:55:8a:4a:61:3b:cf:6e: 3a:76:70:58:fd:8f:19:28:9d:e5:2f:79:71:98:b5:8b:b8:7b: 23:7c:30:97:ba:81:ef:4c:a9:5c:5b:3b:92:1b:05:c7:e3:16: 4f:08:08:d1 -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt+puClwdUhQZ2lwsPa8ZkQMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl NDgwMDgwHhcNMjYwMTAyMTIyMDI0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwNjQzOThiMzA4MTk3YzdjN2RjZmNhNGY1MTNhY2Q4MGRjMGIyZTUxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsfAo6uRxZO+5m8o4vw0nTa1dISJn ndppEW2XJitAkQUpK7IhU13s06JfE9LIakBdNYn0UtWv1RFq+CQUIEJuOBifCgMv 1lAChvz4fIAbC5USUr2xl0ZAsZ3Bkkn55nmXjZwethdRnJHHb4WHsCLLTUUXvjLo Bqy1WmZUUDjDhBD55WNKn22hTieOzHT/Xt3h0js6DfvAlVoJjj2zSMdcAoJpGxoP RKeJgTyh9SPGtg7iBKCOvIp5w/foUCXKgI2u8CmAp8vRMmscXV6hMyoJFbNhiigx f6+Mt5aplDNguDjOpkxMzAsd50SwmcbSStL1GsUguBFdkhN8gejURUlF7wIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFAZDmLMIGXx8fc/KT1E6zYDcCy5RMB8GA1UdIwQY MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt YmY0ZTUyN2I5ZmE4LzEvQmtPWXN3Z1pmSHg5ejhwUFVUck5nTndMTGxFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4 LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgyaQICJ MA0GCSqGSIb3DQEBCwUAA4IBAQBjO3QuT1tqcwZEW3+PbvbT+vPGijDhgp5cyUWU qRTCE1I4ZOlTu8xvHUAJbvFBLrckNwjovqrcekQiqTM6F8saC2KBloMvgCn1ruRu 4kaEO/hh5oq/Dd8wZn68XRRINXaYNu8ZszPCVUcknj7np+U4zXMfVu2ffBXC+EIs tjiVH8rsw8JDwzUVYznGMLLfh731ooTGkBH2wLRMTaD9o6CO+eCCKMSSfjOhlgCy tqPYowlt5X/1Ku+8+jOwha6i4yTzgH7kmSAE/Y05Aisg1w6y71WKSmE7z246dnBY /Y8ZKJ3lL3lxmLWLuHsjfDCXuoHvTKlcWzuSGwXH4xZPCAjR -----END CERTIFICATE-----Generated at Tue Jan 20 06:03:49 2026 by rpki-client