This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/09ccb4-2483-4ba7-9634-d6a5950cadf2/1/BfGhYoXLz-5I0FN0nL8DXjOx6EU.roa File: BfGhYoXLz-5I0FN0nL8DXjOx6EU.roa (raw, json) Hash identifier: Ss4hP6Q3/Oalsvet7/zlDLfrMD1Bv1uUMHsdssewtYI= Subject key identifier: 05:F1:A1:62:85:CB:CF:EE:48:D0:53:74:9C:BF:03:5E:33:B1:E8:45 Certificate issuer: /CN=6ca977f854c63dc9f97a18be7b13002121a5d384 Certificate serial: 019B7D5C777619F56AB2742665C9B237CA29 Authority key identifier: 6C:A9:77:F8:54:C6:3D:C9:F9:7A:18:BE:7B:13:00:21:21:A5:D3:84 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bKl3-FTGPcn5ehi-exMAISGl04Q.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/09ccb4-2483-4ba7-9634-d6a5950cadf2/1/BfGhYoXLz-5I0FN0nL8DXjOx6EU.roa Signing time: Fri 02 Jan 2026 06:19:30 +0000 ROA not before: Fri 02 Jan 2026 06:19:30 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 20473 IP address blocks: 2a13:b483::/32 maxlen: 48 2a13:b484::/31 maxlen: 48 2a13:b486::/32 maxlen: 48 2a13:b487:1e00::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/09ccb4-2483-4ba7-9634-d6a5950cadf2/1/bKl3-FTGPcn5ehi-exMAISGl04Q.crl rsync://rpki.ripe.net/repository/DEFAULT/19/09ccb4-2483-4ba7-9634-d6a5950cadf2/1/bKl3-FTGPcn5ehi-exMAISGl04Q.mft rsync://rpki.ripe.net/repository/DEFAULT/bKl3-FTGPcn5ehi-exMAISGl04Q.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 23 Jan 2026 00:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5c:77:76:19:f5:6a:b2:74:26:65:c9:b2:37:ca:29 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6ca977f854c63dc9f97a18be7b13002121a5d384 Validity Not Before: Jan 2 06:19:30 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=05f1a16285cbcfee48d053749cbf035e33b1e845 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:98:07:7f:c1:f1:1f:74:d1:37:1d:a5:01:d7: 89:e3:4a:e8:68:e3:be:d8:4b:7e:82:42:85:d6:c1: 31:57:f8:28:7a:3e:ab:85:2d:93:83:80:9a:a9:59: 90:3e:f0:3a:8e:ab:6d:73:91:e6:cd:14:2a:5b:50: 0d:7c:06:66:6c:13:2d:ab:48:93:45:f1:0d:37:a4: a5:f6:d6:03:ed:95:2a:24:b0:5d:e1:7e:ff:1d:53: 0e:b1:1d:fc:50:93:88:31:93:f3:c0:a8:8e:2c:e9: f8:87:ce:d4:c3:b3:62:61:0f:88:70:59:06:83:7f: 10:e7:6c:25:a4:23:73:93:ea:bd:0e:d4:84:63:37: 4c:53:62:f5:9e:06:9d:b0:cf:f1:47:a7:15:61:f1: a4:cb:db:51:bd:d6:00:50:69:21:63:21:b7:59:a1: bc:a4:90:83:ed:bc:f2:29:08:25:a6:cf:f2:09:3c: f1:a3:39:39:b4:07:3d:2e:24:67:dc:98:9f:48:1d: 63:38:e7:6d:9b:9f:96:4b:3b:a3:51:18:0a:b9:88: 24:1e:69:a6:be:63:9b:0c:d0:24:72:bd:8f:6b:2c: c0:52:c0:df:0d:0f:4f:b1:6d:01:53:49:0c:2c:27: 70:da:28:d8:89:89:fc:64:41:b3:f1:90:b8:7c:d7: 7d:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 05:F1:A1:62:85:CB:CF:EE:48:D0:53:74:9C:BF:03:5E:33:B1:E8:45 X509v3 Authority Key Identifier: keyid:6C:A9:77:F8:54:C6:3D:C9:F9:7A:18:BE:7B:13:00:21:21:A5:D3:84 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bKl3-FTGPcn5ehi-exMAISGl04Q.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/09ccb4-2483-4ba7-9634-d6a5950cadf2/1/BfGhYoXLz-5I0FN0nL8DXjOx6EU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/19/09ccb4-2483-4ba7-9634-d6a5950cadf2/1/bKl3-FTGPcn5ehi-exMAISGl04Q.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a13:b483::-2a13:b486:ffff:ffff:ffff:ffff:ffff:ffff 2a13:b487:1e00::/40 Signature Algorithm: sha256WithRSAEncryption aa:4f:11:e7:16:d0:eb:69:fa:fd:b8:22:97:4d:2f:9e:8c:98: 7a:b1:ff:e0:0a:02:5b:62:df:f7:14:a9:a8:f0:d0:92:b0:ac: b5:de:28:55:8c:39:c2:60:79:08:5a:f6:6f:57:61:16:75:a0: a3:d2:8c:e2:98:9c:3b:27:82:e5:47:40:c1:1a:a0:9e:87:51: 47:cf:45:7a:30:8a:d6:09:68:6a:91:1f:97:2f:1f:de:5d:39: 59:7b:4d:49:55:c1:fa:92:48:8a:3f:22:e5:4a:70:53:aa:65: 45:bc:f2:6a:80:6e:d1:b4:1d:e3:3a:c2:e4:fd:42:4c:40:f2: 74:fb:01:a0:f3:9f:9d:8a:03:c5:fc:a0:76:0c:a6:f4:97:e9: 82:04:ad:ea:ba:6d:8d:84:22:34:0c:01:52:f1:74:d0:bd:e1: 82:e8:3d:3a:0f:16:5a:1d:00:89:6a:6f:51:3a:9a:d8:36:c6: d5:ee:5e:2c:56:98:12:b4:44:fa:02:4d:96:c1:e6:02:8a:24: 51:d7:58:39:81:d8:9e:75:71:03:27:d1:cb:e7:2f:1c:49:5c: 80:bf:6d:3b:79:b3:bf:f1:bf:e8:0a:2d:72:08:31:8a:4d:ec: 0e:e0:41:8f:74:e7:a3:e8:f5:2d:3e:f8:cf:9c:06:b2:ed:31: eb:c5:83:44 -----BEGIN CERTIFICATE----- MIIFDzCCA/egAwIBAgISAZt9XHd2GfVqsnQmZcmyN8opMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZjYTk3N2Y4NTRjNjNkYzlmOTdhMThiZTdiMTMwMDIxMjFh NWQzODQwHhcNMjYwMTAyMDYxOTMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwNWYxYTE2Mjg1Y2JjZmVlNDhkMDUzNzQ5Y2JmMDM1ZTMzYjFlODQ1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAppgHf8HxH3TRNx2lAdeJ40roaOO+ 2Et+gkKF1sExV/goej6rhS2Tg4CaqVmQPvA6jqttc5HmzRQqW1ANfAZmbBMtq0iT RfENN6Sl9tYD7ZUqJLBd4X7/HVMOsR38UJOIMZPzwKiOLOn4h87Uw7NiYQ+IcFkG g38Q52wlpCNzk+q9DtSEYzdMU2L1ngadsM/xR6cVYfGky9tRvdYAUGkhYyG3WaG8 pJCD7bzyKQglps/yCTzxozk5tAc9LiRn3JifSB1jOOdtm5+WSzujURgKuYgkHmmm vmObDNAkcr2PayzAUsDfDQ9PsW0BU0kMLCdw2ijYiYn8ZEGz8ZC4fNd9dwIDAQAB o4ICGzCCAhcwHQYDVR0OBBYEFAXxoWKFy8/uSNBTdJy/A14zsehFMB8GA1UdIwQY MBaAFGypd/hUxj3J+XoYvnsTACEhpdOEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYktsMy1GVEdQY241ZWhpLWV4TUFJU0dsMDRRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8wOWNjYjQtMjQ4My00YmE3LTk2MzQt ZDZhNTk1MGNhZGYyLzEvQmZHaFlvWEx6LTVJMEZOMG5MOERYak94NkVVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xOS8wOWNjYjQtMjQ4My00YmE3LTk2MzQtZDZhNTk1MGNhZGYy LzEvYktsMy1GVEdQY241ZWhpLWV4TUFJU0dsMDRRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAAjAYMA4DBQAqE7SD AwUAKhO0hgMGACoTtIceMA0GCSqGSIb3DQEBCwUAA4IBAQCqTxHnFtDrafr9uCKX TS+ejJh6sf/gCgJbYt/3FKmo8NCSsKy13ihVjDnCYHkIWvZvV2EWdaCj0ozimJw7 J4LlR0DBGqCeh1FHz0V6MIrWCWhqkR+XLx/eXTlZe01JVcH6kkiKPyLlSnBTqmVF vPJqgG7RtB3jOsLk/UJMQPJ0+wGg85+digPF/KB2DKb0l+mCBK3qum2NhCI0DAFS 8XTQveGC6D06DxZaHQCJam9ROprYNsbV7l4sVpgStET6Ak2WweYCiiRR11g5gdie dXEDJ9HL5y8cSVyAv207ebO/8b/oCi1yCDGKTewO4EGPdOej6PUtPvjPnAay7THr xYNE -----END CERTIFICATE-----Generated at Thu Jan 22 06:17:40 2026 by rpki-client