This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/BJcnFIC4ZMFkAp6HWfWbHNkS0BU.roa File: BJcnFIC4ZMFkAp6HWfWbHNkS0BU.roa (raw, json) Hash identifier: +rGIGfPhkYcmpiyXpFsKXmsq0w/WIIWiBMUCSq4gbIk= Subject key identifier: 04:97:27:14:80:B8:64:C1:64:02:9E:87:59:F5:9B:1C:D9:12:D0:15 Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d Certificate serial: 019BB7DED62813F2ADAC8314C1302AF1053C Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/BJcnFIC4ZMFkAp6HWfWbHNkS0BU.roa Signing time: Tue 13 Jan 2026 14:59:52 +0000 ROA not before: Tue 13 Jan 2026 14:59:52 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 0 IP address blocks: 45.66.228.0/24 maxlen: 24 45.66.231.0/24 maxlen: 24 45.89.247.0/24 maxlen: 24 45.141.158.0/24 maxlen: 24 81.161.238.0/24 maxlen: 24 85.217.130.0/23 maxlen: 24 87.120.87.0/24 maxlen: 24 87.120.126.0/24 maxlen: 24 87.120.166.0/24 maxlen: 24 87.121.60.0/23 maxlen: 23 87.121.132.0/22 maxlen: 24 87.121.165.0/24 maxlen: 24 91.92.248.0/21 maxlen: 24 92.119.196.0/23 maxlen: 24 92.249.50.0/24 maxlen: 24 93.123.74.0/23 maxlen: 24 93.123.109.0/24 maxlen: 24 185.222.160.0/24 maxlen: 24 193.25.216.0/24 maxlen: 24 194.31.222.0/24 maxlen: 24 194.55.186.0/24 maxlen: 24 194.169.175.0/24 maxlen: 24 212.73.149.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 14 Jan 2026 15:00:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:b7:de:d6:28:13:f2:ad:ac:83:14:c1:30:2a:f1:05:3c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d Validity Not Before: Jan 13 14:59:52 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=0497271480b864c164029e8759f59b1cd912d015 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:e2:11:c0:d3:e4:a5:62:f4:00:a1:bf:13:8e: 93:86:4d:bf:77:85:0f:57:64:fa:38:44:83:f9:3b: 3a:8e:ac:a9:3e:77:3c:5f:de:d7:2b:5a:17:aa:91: da:62:4c:bd:cd:f4:01:3e:96:72:83:9f:bf:69:1d: ee:bc:0d:6d:92:ec:e6:4a:69:cd:1f:f6:0c:fc:28: fc:ea:1f:a6:66:0c:7f:d8:24:fc:b7:ce:6b:e2:80: 53:41:bb:90:31:57:d1:ce:71:56:97:1e:27:d2:b2: 25:cb:a1:9e:c1:3e:3b:4b:76:b7:0c:34:d9:e4:a0: 2a:3e:98:1f:07:82:09:ed:68:2b:24:f0:d8:4b:eb: 40:b3:8d:89:d2:fd:3b:70:ac:6c:6f:86:ca:de:fe: 63:21:91:6f:ca:6e:fe:73:e8:99:c4:9c:ae:09:51: 84:60:16:82:22:4f:3c:35:af:52:d8:35:0e:9d:19: cb:4f:96:9a:2c:b5:d5:58:a4:62:a0:ae:e8:ef:60: 77:38:f3:cb:a1:a5:c7:be:ed:40:80:af:52:3b:a3: 53:de:45:21:d9:86:ef:26:45:d9:b3:58:e7:1c:cd: 27:45:d8:ae:4a:39:6b:58:dd:c9:0e:48:1b:22:9f: 91:3f:b0:a9:f5:df:2b:33:60:19:49:ae:ba:39:d1: ef:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 04:97:27:14:80:B8:64:C1:64:02:9E:87:59:F5:9B:1C:D9:12:D0:15 X509v3 Authority Key Identifier: keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/BJcnFIC4ZMFkAp6HWfWbHNkS0BU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.66.228.0/24 45.66.231.0/24 45.89.247.0/24 45.141.158.0/24 81.161.238.0/24 85.217.130.0/23 87.120.87.0/24 87.120.126.0/24 87.120.166.0/24 87.121.60.0/23 87.121.132.0/22 87.121.165.0/24 91.92.248.0/21 92.119.196.0/23 92.249.50.0/24 93.123.74.0/23 93.123.109.0/24 185.222.160.0/24 193.25.216.0/24 194.31.222.0/24 194.55.186.0/24 194.169.175.0/24 212.73.149.0/24 Signature Algorithm: sha256WithRSAEncryption 31:32:91:95:10:84:a2:4b:9c:e4:90:aa:20:96:d9:cb:f0:55: 98:c6:7b:09:35:e8:9f:49:e2:10:ae:6d:eb:c2:08:86:57:24: 70:9f:47:ac:8d:1d:05:fc:de:fe:a9:cf:4b:38:20:a0:1f:8c: 2d:68:fa:87:ed:bb:00:65:80:b4:59:b2:18:d7:1b:fd:5f:2c: 41:60:2c:79:0c:68:6d:b2:21:bd:b0:66:12:ab:67:0e:31:cc: c1:cd:10:00:81:21:e0:1d:d8:ff:70:cb:a2:2c:cb:d0:12:f5: ba:97:f0:60:70:64:43:f8:56:88:a2:ff:75:b9:fd:7f:ec:d1: 2d:59:f8:02:1a:31:61:72:7b:42:7a:ec:88:d7:72:40:57:5c: d2:8c:73:c2:62:e5:81:e1:f9:1a:b6:00:df:64:fb:cc:ca:7a: ea:9b:7e:76:1a:4a:fa:ec:98:fb:59:5c:0a:a7:0b:30:6f:28: c3:bc:2e:9c:47:a8:e2:6f:65:e3:72:fe:0a:76:43:90:c4:a3: 8d:7c:e4:a2:b9:7a:d8:18:ef:8a:2d:b8:06:a9:52:95:fd:ac: e4:ef:31:7c:e9:ab:80:7d:4b:f1:a3:d0:08:dc:3a:17:bf:5e: a3:cf:a3:de:a4:c6:2c:0e:56:aa:a0:69:4a:50:0e:97:7e:a0: 23:ab:dc:8a -----BEGIN CERTIFICATE----- MIIFhjCCBG6gAwIBAgISAZu33tYoE/KtrIMUwTAq8QU8MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3 NzVlOWQwHhcNMjYwMTEzMTQ1OTUyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwNDk3MjcxNDgwYjg2NGMxNjQwMjllODc1OWY1OWIxY2Q5MTJkMDE1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnuIRwNPkpWL0AKG/E46Thk2/d4UP V2T6OESD+Ts6jqypPnc8X97XK1oXqpHaYky9zfQBPpZyg5+/aR3uvA1tkuzmSmnN H/YM/Cj86h+mZgx/2CT8t85r4oBTQbuQMVfRznFWlx4n0rIly6GewT47S3a3DDTZ 5KAqPpgfB4IJ7WgrJPDYS+tAs42J0v07cKxsb4bK3v5jIZFvym7+c+iZxJyuCVGE YBaCIk88Na9S2DUOnRnLT5aaLLXVWKRioK7o72B3OPPLoaXHvu1AgK9SO6NT3kUh 2YbvJkXZs1jnHM0nRdiuSjlrWN3JDkgbIp+RP7Cp9d8rM2AZSa66OdHvmQIDAQAB o4ICkjCCAo4wHQYDVR0OBBYEFASXJxSAuGTBZAKeh1n1mxzZEtAVMB8GA1UdIwQY MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct Y2QzY2E1OTc1NzEyLzEvQkpjbkZJQzRaTUZrQXA2SFdmV2JITmtTMEJVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIGnBggrBgEFBQcBBwEB/wSBlzCBlDCBkQQCAAEwgYoDBAAt QuQDBAAtQucDBAAtWfcDBAAtjZ4DBABRoe4DBAFV2YIDBABXeFcDBABXeH4DBABX eKYDBAFXeTwDBAJXeYQDBABXeaUDBANbXPgDBAFcd8QDBABc+TIDBAFde0oDBABd e20DBAC53qADBADBGdgDBADCH94DBADCN7oDBADCqa8DBADUSZUwDQYJKoZIhvcN AQELBQADggEBADEykZUQhKJLnOSQqiCW2cvwVZjGewk16J9J4hCubevCCIZXJHCf R6yNHQX83v6pz0s4IKAfjC1o+oftuwBlgLRZshjXG/1fLEFgLHkMaG2yIb2wZhKr Zw4xzMHNEACBIeAd2P9wy6Isy9AS9bqX8GBwZEP4Voii/3W5/X/s0S1Z+AIaMWFy e0J67IjXckBXXNKMc8Ji5YHh+Rq2AN9k+8zKeuqbfnYaSvrsmPtZXAqnCzBvKMO8 LpxHqOJvZeNy/gp2Q5DEo4185KK5etgY74otuAapUpX9rOTvMXzpq4B9S/Gj0Ajc Ohe/XqPPo96kxiwOVqqgaUpQDpd+oCOr3Io= -----END CERTIFICATE-----Generated at Wed Jan 14 00:20:07 2026 by rpki-client