This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/bfPaEY1lqv-_K8yjxCtHns9QIFg.roa File: bfPaEY1lqv-_K8yjxCtHns9QIFg.roa (raw, json) Hash identifier: Qm43CNfTzEnLDYsynkUSTWFmlzb0wf+zV5J81PwzwVg= Subject key identifier: 6D:F3:DA:11:8D:65:AA:FF:BF:2B:CC:A3:C4:2B:47:9E:CF:50:20:58 Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec Certificate serial: 019B7AC7CB0FFB4B9559BF99A12BBAEDB094 Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/bfPaEY1lqv-_K8yjxCtHns9QIFg.roa Signing time: Thu 01 Jan 2026 18:17:52 +0000 ROA not before: Thu 01 Jan 2026 18:17:52 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 35484 IP address blocks: 85.254.150.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.mft rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 16:55:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:c7:cb:0f:fb:4b:95:59:bf:99:a1:2b:ba:ed:b0:94 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec Validity Not Before: Jan 1 18:17:52 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=6df3da118d65aaffbf2bcca3c42b479ecf502058 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:cb:cf:37:e6:2e:ed:6d:d0:9b:9d:32:b0:d0: fd:14:1a:af:de:be:d7:8c:91:4d:96:ef:71:ec:dd: e4:d1:fe:34:d0:d9:b4:22:d7:f9:37:85:22:66:0c: 9a:2a:8e:16:b7:6c:dc:7c:e9:bc:a5:f1:9a:eb:33: c9:b9:8f:d1:40:1b:62:e6:f2:50:32:99:42:7d:c2: 55:8b:ca:d7:55:05:7c:ca:dd:ad:7a:d5:52:8a:7c: 35:59:db:9f:38:b5:da:7d:45:9a:e1:91:21:4c:14: 72:bc:59:6d:54:fd:93:3f:af:69:32:a8:c4:28:e8: cd:b1:d8:69:84:57:7e:da:5a:3a:c1:c8:90:3f:92: f3:10:b6:66:cc:14:e4:1b:7d:aa:7e:b0:f9:c7:c4: 52:7b:f2:94:54:63:6a:22:88:6e:1e:5f:10:8f:d0: 85:53:b1:33:77:3e:e1:03:86:a1:ad:65:f1:e4:fd: 47:03:b9:d2:f5:2f:09:e5:8f:6b:cf:c2:10:0d:99: 7b:be:03:8d:65:ec:b9:41:ff:c6:88:1a:f9:3e:58: d5:77:df:e8:2b:ff:03:9f:44:13:29:eb:89:14:1e: 93:6b:55:31:1b:0b:89:8c:08:35:64:7f:9d:56:e6: f1:61:c9:5c:6e:fe:24:9d:69:fd:76:ca:6a:52:79: 37:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6D:F3:DA:11:8D:65:AA:FF:BF:2B:CC:A3:C4:2B:47:9E:CF:50:20:58 X509v3 Authority Key Identifier: keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/bfPaEY1lqv-_K8yjxCtHns9QIFg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 85.254.150.0/24 Signature Algorithm: sha256WithRSAEncryption b6:02:82:82:42:30:a0:9e:55:14:cb:b4:18:7a:15:bf:03:2c: a1:42:32:6c:d3:e6:d5:ed:2a:a9:ad:e0:af:f5:2e:c0:15:1a: e8:47:92:3d:ba:60:91:2a:fa:92:7d:c1:76:a9:78:ad:f1:62: 00:6c:6f:af:66:da:f8:ed:d6:af:26:a3:bc:69:a0:c4:04:eb: ed:15:9b:14:93:5e:74:eb:9b:22:52:41:ba:a2:36:a7:0d:02: fe:33:c5:77:66:b0:5a:14:90:9a:c1:bb:21:bd:f1:03:0d:02: 4a:23:b5:31:58:f1:f4:62:e1:c6:64:66:31:5b:d8:48:b3:13: 91:87:c6:b8:d5:24:56:c4:6a:d3:17:e3:58:48:89:88:1e:d7: 94:0c:1a:43:c4:9b:ef:49:20:e4:38:f8:10:ce:80:71:e9:b4: 3a:67:f1:5f:c7:3d:28:10:cc:81:56:6f:19:7f:ae:ec:eb:bb: ee:90:d9:91:75:e8:4c:d7:f6:d4:c7:d7:05:7a:bf:b1:09:99: 32:bf:a1:a9:b3:12:c3:2c:a6:aa:b9:f7:b3:8f:3a:1a:a6:ea: 20:a3:e8:4b:0a:07:43:0b:c8:87:13:41:10:56:aa:38:d8:f9: 50:b1:ce:22:4e:ef:6f:a0:1b:a9:54:b9:0e:b8:f8:01:00:88: 8a:55:d5:e0 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt6x8sP+0uVWb+ZoSu67bCUMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm YzQxZWMwHhcNMjYwMTAxMTgxNzUyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2ZGYzZGExMThkNjVhYWZmYmYyYmNjYTNjNDJiNDc5ZWNmNTAyMDU4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt8vPN+Yu7W3Qm50ysND9FBqv3r7X jJFNlu9x7N3k0f400Nm0Itf5N4UiZgyaKo4Wt2zcfOm8pfGa6zPJuY/RQBti5vJQ MplCfcJVi8rXVQV8yt2tetVSinw1WdufOLXafUWa4ZEhTBRyvFltVP2TP69pMqjE KOjNsdhphFd+2lo6wciQP5LzELZmzBTkG32qfrD5x8RSe/KUVGNqIohuHl8Qj9CF U7Ezdz7hA4ahrWXx5P1HA7nS9S8J5Y9rz8IQDZl7vgONZey5Qf/GiBr5PljVd9/o K/8Dn0QTKeuJFB6Ta1UxGwuJjAg1ZH+dVubxYclcbv4knWn9dspqUnk38QIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFG3z2hGNZar/vyvMo8QrR57PUCBYMB8GA1UdIwQY MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt NTU1NGQ2ZTE2ODZmLzEvYmZQYUVZMWxxdi1fSzh5anhDdEhuczlRSUZnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVf6WMA0G CSqGSIb3DQEBCwUAA4IBAQC2AoKCQjCgnlUUy7QYehW/AyyhQjJs0+bV7SqpreCv 9S7AFRroR5I9umCRKvqSfcF2qXit8WIAbG+vZtr47davJqO8aaDEBOvtFZsUk150 65siUkG6ojanDQL+M8V3ZrBaFJCawbshvfEDDQJKI7UxWPH0YuHGZGYxW9hIsxOR h8a41SRWxGrTF+NYSImIHteUDBpDxJvvSSDkOPgQzoBx6bQ6Z/Ffxz0oEMyBVm8Z f67s67vukNmRdehM1/bUx9cFer+xCZkyv6GpsxLDLKaqufezjzoapuogo+hLCgdD C8iHE0EQVqo42PlQsc4iTu9voBupVLkOuPgBAIiKVdXg -----END CERTIFICATE-----Generated at Mon Jan 19 20:01:02 2026 by rpki-client