This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/bRCoZlZEjsn19N8iwX7NKYJdRec.roa File: bRCoZlZEjsn19N8iwX7NKYJdRec.roa (raw, json) Hash identifier: I2feAPuCgVuFJtjAk2KKGQzm8rIoyJnoWIWWnGv1SZs= Subject key identifier: 6D:10:A8:66:56:44:8E:C9:F5:F4:DF:22:C1:7E:CD:29:82:5D:45:E7 Certificate issuer: /CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f Certificate serial: 019B7F1609C46517E3552A6C62AD2053E0E1 Authority key identifier: 29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/bRCoZlZEjsn19N8iwX7NKYJdRec.roa Signing time: Fri 02 Jan 2026 14:21:49 +0000 ROA not before: Fri 02 Jan 2026 14:21:49 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 137235 IP address blocks: 85.239.145.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KdLa_xxbthoKyLPK6tS4ofooTQ8.crl rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KdLa_xxbthoKyLPK6tS4ofooTQ8.mft rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 18:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:16:09:c4:65:17:e3:55:2a:6c:62:ad:20:53:e0:e1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f Validity Not Before: Jan 2 14:21:49 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=6d10a86656448ec9f5f4df22c17ecd29825d45e7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:6e:83:ea:10:f6:87:d5:7d:17:99:10:b1:c7: be:5d:48:89:c3:2b:e8:ea:03:6b:f8:39:82:3f:53: ed:b2:9b:58:6c:07:b8:55:5f:45:51:9d:75:fe:be: 50:43:a9:ec:d8:02:21:bc:fd:45:9e:4a:d4:c1:3b: 42:6c:fe:d5:01:a5:4d:4e:e0:22:3e:84:b4:ab:3f: 76:22:8e:c9:9e:10:90:47:cc:4b:af:96:bd:57:df: 67:bc:0f:a1:bd:5e:3f:a9:55:67:6a:49:e4:8f:c9: 8d:05:cf:8a:8f:43:7a:fb:cd:86:db:d6:8d:42:b9: 51:98:0c:0a:f9:aa:5a:a8:9b:f5:23:2b:fb:1b:40: 11:a1:86:95:d5:b1:62:b9:3f:99:88:05:d2:84:e5: ca:f1:d4:6e:ae:d1:7e:c0:98:a8:09:7b:fc:41:68: 4f:6d:d2:54:6a:95:96:5e:9a:62:a9:da:86:db:a3: 23:8f:b1:a3:27:75:33:dc:da:34:79:e6:9b:95:9a: 29:43:65:43:7d:60:3f:34:e9:2b:03:1e:cb:1c:ab: f8:8d:f4:84:6f:2e:39:d0:2c:de:e8:6d:50:79:b4: 85:b7:7f:0c:99:0b:dc:29:99:6d:88:c0:20:a6:ee: 93:e6:32:49:18:fd:cd:95:8d:ca:6e:14:74:3b:7c: 87:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6D:10:A8:66:56:44:8E:C9:F5:F4:DF:22:C1:7E:CD:29:82:5D:45:E7 X509v3 Authority Key Identifier: keyid:29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/bRCoZlZEjsn19N8iwX7NKYJdRec.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KdLa_xxbthoKyLPK6tS4ofooTQ8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 85.239.145.0/24 Signature Algorithm: sha256WithRSAEncryption a0:88:1b:78:11:1f:6f:39:d3:13:0b:21:c8:4e:67:ad:42:16: 6e:a1:72:0b:29:7b:4e:9c:d1:3d:7c:72:39:39:d8:fe:91:70: 2a:f9:0a:9a:8c:37:76:fe:b2:27:8f:bd:ed:96:5b:bd:9d:36: 04:7b:41:6d:eb:41:7a:35:96:21:34:2b:d9:cf:a4:a5:b6:6a: 1d:e8:b4:d8:f9:9e:c3:f7:13:cc:da:44:d9:11:5a:16:77:7b: 33:57:b5:b5:7b:1f:f2:05:da:b8:6f:02:c8:7f:18:62:c6:f9: 3c:be:d6:53:38:f0:2d:01:68:50:e1:4a:39:4e:82:cc:51:24: 15:92:54:25:0e:0c:d4:34:85:1c:f3:8c:34:32:3e:e5:fc:ca: ba:20:d8:e7:41:a1:16:f3:4a:67:d0:00:96:08:a9:ac:1e:b3: fc:1c:38:e2:eb:a1:83:05:6c:85:dc:43:bd:dd:90:2f:b2:c1: c0:c8:16:50:3a:4a:d7:81:42:6c:6f:18:3f:13:dc:db:af:e7: 1b:ba:05:22:79:a1:a4:f3:77:b0:5a:bd:85:65:ea:59:38:33: 38:08:4d:5f:1c:e5:f5:3a:7d:42:cb:35:35:9c:06:3b:d4:d7: 18:f9:a8:28:72:62:f9:ca:2a:90:3d:ac:a1:7e:a3:ee:53:47: 2a:75:b2:b0 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt/FgnEZRfjVSpsYq0gU+DhMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI5ZDJkYWZmMWM1YmI2MWEwYWM4YjNjYWVhZDRiOGExZmEy ODRkMGYwHhcNMjYwMTAyMTQyMTQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2ZDEwYTg2NjU2NDQ4ZWM5ZjVmNGRmMjJjMTdlY2QyOTgyNWQ0NWU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn26D6hD2h9V9F5kQsce+XUiJwyvo 6gNr+DmCP1PtsptYbAe4VV9FUZ11/r5QQ6ns2AIhvP1FnkrUwTtCbP7VAaVNTuAi PoS0qz92Io7JnhCQR8xLr5a9V99nvA+hvV4/qVVnaknkj8mNBc+Kj0N6+82G29aN QrlRmAwK+apaqJv1Iyv7G0ARoYaV1bFiuT+ZiAXShOXK8dRurtF+wJioCXv8QWhP bdJUapWWXppiqdqG26Mjj7GjJ3Uz3No0eeablZopQ2VDfWA/NOkrAx7LHKv4jfSE by450Cze6G1QebSFt38MmQvcKZltiMAgpu6T5jJJGP3NlY3KbhR0O3yHnQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFG0QqGZWRI7J9fTfIsF+zSmCXUXnMB8GA1UdIwQY MBaAFCnS2v8cW7YaCsizyurUuKH6KE0PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3Zjgt NGY1N2Q5Y2Y1Y2FhLzEvYlJDb1psWkVqc24xOU44aXdYN05LWUpkUmVjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3ZjgtNGY1N2Q5Y2Y1Y2Fh LzEvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVe+RMA0G CSqGSIb3DQEBCwUAA4IBAQCgiBt4ER9vOdMTCyHITmetQhZuoXILKXtOnNE9fHI5 Odj+kXAq+QqajDd2/rInj73tllu9nTYEe0Ft60F6NZYhNCvZz6Sltmod6LTY+Z7D 9xPM2kTZEVoWd3szV7W1ex/yBdq4bwLIfxhixvk8vtZTOPAtAWhQ4Uo5ToLMUSQV klQlDgzUNIUc84w0Mj7l/Mq6INjnQaEW80pn0ACWCKmsHrP8HDji66GDBWyF3EO9 3ZAvssHAyBZQOkrXgUJsbxg/E9zbr+cbugUieaGk83ewWr2FZepZODM4CE1fHOX1 On1CyzU1nAY71NcY+agocmL5yiqQPayhfqPuU0cqdbKw -----END CERTIFICATE-----Generated at Mon Jan 19 23:21:46 2026 by rpki-client