This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/09ccb4-2483-4ba7-9634-d6a5950cadf2/1/BErn-fY5VBXxD2VyEYJN-JdQUW4.roa File: BErn-fY5VBXxD2VyEYJN-JdQUW4.roa (raw, json) Hash identifier: suKr1RNc8jf4yYkym4zmqDLZzivo3iXfr9FhGIfjNng= Subject key identifier: 04:4A:E7:F9:F6:39:54:15:F1:0F:65:72:11:82:4D:F8:97:50:51:6E Certificate issuer: /CN=6ca977f854c63dc9f97a18be7b13002121a5d384 Certificate serial: 019B7D5C7D48C16755B3E1DE8A0260DF1C14 Authority key identifier: 6C:A9:77:F8:54:C6:3D:C9:F9:7A:18:BE:7B:13:00:21:21:A5:D3:84 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bKl3-FTGPcn5ehi-exMAISGl04Q.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/09ccb4-2483-4ba7-9634-d6a5950cadf2/1/BErn-fY5VBXxD2VyEYJN-JdQUW4.roa Signing time: Fri 02 Jan 2026 06:19:31 +0000 ROA not before: Fri 02 Jan 2026 06:19:31 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 199683 IP address blocks: 2a13:b487:1400::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/09ccb4-2483-4ba7-9634-d6a5950cadf2/1/bKl3-FTGPcn5ehi-exMAISGl04Q.crl rsync://rpki.ripe.net/repository/DEFAULT/19/09ccb4-2483-4ba7-9634-d6a5950cadf2/1/bKl3-FTGPcn5ehi-exMAISGl04Q.mft rsync://rpki.ripe.net/repository/DEFAULT/bKl3-FTGPcn5ehi-exMAISGl04Q.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 23 Jan 2026 00:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5c:7d:48:c1:67:55:b3:e1:de:8a:02:60:df:1c:14 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6ca977f854c63dc9f97a18be7b13002121a5d384 Validity Not Before: Jan 2 06:19:31 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=044ae7f9f6395415f10f657211824df89750516e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:fe:54:0b:fb:a6:e1:4a:a7:e2:09:69:bf:31: 81:03:81:98:1e:25:bf:61:47:f4:e3:79:ea:cb:c2: 23:9a:97:ce:06:aa:bd:ce:51:79:8f:e8:62:b3:a2: 4c:e2:48:d0:96:ac:10:ba:89:f4:27:13:41:f3:32: 1a:8f:33:71:52:70:d9:04:88:36:25:9b:11:be:8d: 6d:da:d7:57:07:79:17:9c:85:dc:dd:db:5f:68:d8: 47:6d:f6:27:4b:61:4d:fe:db:e8:9f:3c:79:61:86: 98:7a:5a:c1:6f:a8:61:e4:92:31:a0:f5:5d:e4:47: c6:10:bc:d7:bc:58:dc:c5:f7:de:98:87:a7:9f:02: f6:48:76:b3:74:fb:93:c6:db:37:8c:af:2f:9e:d7: 6a:61:85:1a:52:82:fc:17:aa:ae:25:3f:64:3b:81: 2a:fc:b3:d5:06:9e:26:eb:05:6f:08:98:ba:3b:1e: 1c:e6:54:7e:54:02:cd:e4:f8:71:09:76:7d:fe:ad: 2b:0b:da:1b:c7:a9:cc:05:10:8c:df:6e:a7:76:78: 01:cc:f0:ba:c0:71:73:73:89:9b:f5:44:a0:fd:79: 4c:74:eb:56:d9:5c:f1:da:10:ef:fa:a4:16:ab:b3: dd:2c:89:99:1e:2f:0f:e8:c9:eb:ff:32:45:6b:fd: 4b:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 04:4A:E7:F9:F6:39:54:15:F1:0F:65:72:11:82:4D:F8:97:50:51:6E X509v3 Authority Key Identifier: keyid:6C:A9:77:F8:54:C6:3D:C9:F9:7A:18:BE:7B:13:00:21:21:A5:D3:84 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bKl3-FTGPcn5ehi-exMAISGl04Q.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/09ccb4-2483-4ba7-9634-d6a5950cadf2/1/BErn-fY5VBXxD2VyEYJN-JdQUW4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/19/09ccb4-2483-4ba7-9634-d6a5950cadf2/1/bKl3-FTGPcn5ehi-exMAISGl04Q.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a13:b487:1400::/40 Signature Algorithm: sha256WithRSAEncryption 4d:5a:f2:17:ed:23:94:b9:ca:05:ef:a0:fd:bc:1c:9e:19:f0: 5a:52:8d:51:17:dd:c9:18:a4:74:57:61:d6:0d:b2:95:f6:4b: e1:7f:e3:2e:b8:50:b9:8b:3c:0a:0f:41:e9:86:df:3f:e2:29: 38:b7:2d:ae:b9:28:d4:ae:94:7d:e0:91:13:e9:07:4c:d1:e6: 93:6f:be:e1:fc:e4:54:f7:38:c7:ae:e4:c1:89:bf:19:ad:29: 51:4c:f8:b8:5e:fb:f1:c2:f3:65:78:26:91:e5:e1:ee:68:79: 27:20:1b:ce:8d:47:a2:af:0a:0a:c1:f5:2b:5c:bc:3b:45:ce: 37:50:8d:3c:56:0c:b2:36:85:c1:86:58:62:0c:0c:62:16:e0: d7:2a:ef:6f:b0:3d:8a:fa:ab:92:75:88:df:29:89:4f:c4:a3: be:ed:df:6e:81:a9:27:a6:93:68:21:26:e6:c2:ef:92:76:46: 07:03:be:ee:c6:57:1e:67:6e:91:60:25:23:19:72:4f:6d:dc: 94:05:65:52:41:c9:3b:e7:57:e9:c8:a2:67:97:cf:1a:eb:76: 65:d6:41:2b:5e:19:9c:dc:0c:ae:31:e6:45:88:3d:75:cf:ae: 76:8e:4d:8d:23:e2:55:c0:c1:26:ab:ac:8a:1e:02:b3:d0:c3: f9:28:f3:56 -----BEGIN CERTIFICATE----- MIIE/zCCA+egAwIBAgISAZt9XH1IwWdVs+HeigJg3xwUMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZjYTk3N2Y4NTRjNjNkYzlmOTdhMThiZTdiMTMwMDIxMjFh NWQzODQwHhcNMjYwMTAyMDYxOTMxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwNDRhZTdmOWY2Mzk1NDE1ZjEwZjY1NzIxMTgyNGRmODk3NTA1MTZlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw/5UC/um4Uqn4glpvzGBA4GYHiW/ YUf043nqy8IjmpfOBqq9zlF5j+his6JM4kjQlqwQuon0JxNB8zIajzNxUnDZBIg2 JZsRvo1t2tdXB3kXnIXc3dtfaNhHbfYnS2FN/tvonzx5YYaYelrBb6hh5JIxoPVd 5EfGELzXvFjcxffemIennwL2SHazdPuTxts3jK8vntdqYYUaUoL8F6quJT9kO4Eq /LPVBp4m6wVvCJi6Ox4c5lR+VALN5PhxCXZ9/q0rC9obx6nMBRCM326ndngBzPC6 wHFzc4mb9USg/XlMdOtW2Vzx2hDv+qQWq7PdLImZHi8P6Mnr/zJFa/1LfQIDAQAB o4ICCzCCAgcwHQYDVR0OBBYEFARK5/n2OVQV8Q9lchGCTfiXUFFuMB8GA1UdIwQY MBaAFGypd/hUxj3J+XoYvnsTACEhpdOEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYktsMy1GVEdQY241ZWhpLWV4TUFJU0dsMDRRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8wOWNjYjQtMjQ4My00YmE3LTk2MzQt ZDZhNTk1MGNhZGYyLzEvQkVybi1mWTVWQlh4RDJWeUVZSk4tSmRRVVc0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xOS8wOWNjYjQtMjQ4My00YmE3LTk2MzQtZDZhNTk1MGNhZGYy LzEvYktsMy1GVEdQY241ZWhpLWV4TUFJU0dsMDRRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhO0hxQw DQYJKoZIhvcNAQELBQADggEBAE1a8hftI5S5ygXvoP28HJ4Z8FpSjVEX3ckYpHRX YdYNspX2S+F/4y64ULmLPAoPQemG3z/iKTi3La65KNSulH3gkRPpB0zR5pNvvuH8 5FT3OMeu5MGJvxmtKVFM+Lhe+/HC82V4JpHl4e5oeScgG86NR6KvCgrB9StcvDtF zjdQjTxWDLI2hcGGWGIMDGIW4Ncq72+wPYr6q5J1iN8piU/Eo77t326BqSemk2gh JubC75J2RgcDvu7GVx5nbpFgJSMZck9t3JQFZVJByTvnV+nIomeXzxrrdmXWQSte GZzcDK4x5kWIPXXPrnaOTY0j4lXAwSarrIoeArPQw/ko81Y= -----END CERTIFICATE-----Generated at Thu Jan 22 06:18:42 2026 by rpki-client