This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/3cc9b4-1eff-48c9-b2f6-a01e9e6dcbf2/1/bdlW9rGcnc760E8tAJjg2CUKj0w.roa File: bdlW9rGcnc760E8tAJjg2CUKj0w.roa (raw, json) Hash identifier: IsdmnqvpxQ+ZG+0hIJARCiBh3q+bZgkvzh3TXDLVbNU= Subject key identifier: 6D:D9:56:F6:B1:9C:9D:CE:FA:D0:4F:2D:00:98:E0:D8:25:0A:8F:4C Certificate issuer: /CN=050b1e38c704bd08e3b9d17f590367b1d1f03c4a Certificate serial: 019B7910194059464545164472C6D949AE48 Authority key identifier: 05:0B:1E:38:C7:04:BD:08:E3:B9:D1:7F:59:03:67:B1:D1:F0:3C:4A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BQseOMcEvQjjudF_WQNnsdHwPEo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/3cc9b4-1eff-48c9-b2f6-a01e9e6dcbf2/1/bdlW9rGcnc760E8tAJjg2CUKj0w.roa Signing time: Thu 01 Jan 2026 10:17:36 +0000 ROA not before: Thu 01 Jan 2026 10:17:36 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 9121 IP address blocks: 128.127.168.0/24 maxlen: 24 128.127.169.0/24 maxlen: 24 128.127.170.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1d/3cc9b4-1eff-48c9-b2f6-a01e9e6dcbf2/1/BQseOMcEvQjjudF_WQNnsdHwPEo.crl rsync://rpki.ripe.net/repository/DEFAULT/1d/3cc9b4-1eff-48c9-b2f6-a01e9e6dcbf2/1/BQseOMcEvQjjudF_WQNnsdHwPEo.mft rsync://rpki.ripe.net/repository/DEFAULT/BQseOMcEvQjjudF_WQNnsdHwPEo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 07:01:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:10:19:40:59:46:45:45:16:44:72:c6:d9:49:ae:48 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=050b1e38c704bd08e3b9d17f590367b1d1f03c4a Validity Not Before: Jan 1 10:17:36 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=6dd956f6b19c9dcefad04f2d0098e0d8250a8f4c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:08:4a:3c:a6:bd:81:00:40:ca:3b:0e:77:ff: da:28:2d:d4:6e:4a:f2:32:26:a5:b0:04:6a:71:9c: 84:86:da:d7:2b:e6:43:d2:b5:55:48:68:43:c4:29: da:d6:15:b6:02:17:70:d6:52:c2:8f:ca:2f:b4:16: be:8f:ee:c2:a0:e4:65:77:37:7a:02:9c:5d:54:db: d3:82:72:66:d5:d5:2f:16:44:f2:53:7a:95:f3:45: 65:4a:a0:9c:a7:5d:b9:08:28:77:d9:27:23:e6:67: fc:c5:ae:68:6e:1b:ba:0d:a9:66:23:f9:f3:b2:0c: 95:34:97:7b:03:39:83:22:a2:9f:c1:f6:07:87:96: 47:d6:f9:63:c2:24:06:07:10:d0:ee:b5:a9:7f:cf: 4b:b8:57:53:a9:65:7a:ad:47:9b:de:80:4d:3f:bc: 55:1c:02:26:eb:c1:93:c4:7b:ae:6e:21:c2:02:f3: a1:35:aa:9e:74:1d:76:ba:9a:0a:1e:eb:e6:07:bf: d2:bf:de:16:a0:6a:19:15:43:90:51:e5:b2:a9:cd: 99:aa:10:b3:3a:c7:87:da:a5:1e:6a:3e:59:21:82: 8d:ae:ea:25:fe:81:95:2a:c7:eb:02:93:b3:92:e6: 27:2d:33:52:09:86:6e:c0:ec:10:4d:5a:23:fb:a2: 76:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6D:D9:56:F6:B1:9C:9D:CE:FA:D0:4F:2D:00:98:E0:D8:25:0A:8F:4C X509v3 Authority Key Identifier: keyid:05:0B:1E:38:C7:04:BD:08:E3:B9:D1:7F:59:03:67:B1:D1:F0:3C:4A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BQseOMcEvQjjudF_WQNnsdHwPEo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/3cc9b4-1eff-48c9-b2f6-a01e9e6dcbf2/1/bdlW9rGcnc760E8tAJjg2CUKj0w.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/3cc9b4-1eff-48c9-b2f6-a01e9e6dcbf2/1/BQseOMcEvQjjudF_WQNnsdHwPEo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 128.127.168.0-128.127.170.255 Signature Algorithm: sha256WithRSAEncryption 42:60:bd:a2:be:4e:57:d3:96:83:dc:db:2d:30:b9:3b:e7:cb: e4:e0:fd:84:da:75:6e:52:f6:b3:07:ca:2c:50:58:36:6d:42: ba:bb:0a:7d:19:33:46:f9:10:26:55:5f:8f:e1:0f:06:6f:96: a4:09:e5:17:b9:9c:c2:87:3f:18:05:3a:30:b7:dd:dd:d6:82: d2:9d:fd:df:7c:15:73:f8:50:f8:fa:84:02:e5:68:03:98:71: c1:4f:17:9a:80:3e:61:ea:82:0d:9e:35:82:fc:af:ec:f0:c4: 62:40:f1:ae:91:3d:12:4e:41:69:6d:16:8c:d6:c1:bd:0b:94: 9b:55:d1:9d:cb:f8:7e:1b:9e:83:97:51:d9:eb:f7:d5:73:5d: 81:b0:a5:e0:85:38:95:57:79:50:b3:28:22:d4:e8:84:0f:33: 12:e0:5f:87:83:35:9e:e0:0b:4e:79:90:98:ec:0e:e0:5d:69: 52:18:c8:23:29:0b:d7:8c:02:30:ae:0c:04:55:4e:e8:56:d8: 9c:58:fe:78:12:e8:77:e8:05:07:9d:88:d0:0c:40:1d:80:31: 09:50:42:cf:1e:30:21:b4:e0:8e:dd:cc:c2:64:78:50:bb:ef: 4f:57:b9:d8:6d:3b:42:98:0e:78:22:9f:0e:0a:51:5e:dd:0c: fe:1d:69:99 -----BEGIN CERTIFICATE----- MIIFBTCCA+2gAwIBAgISAZt5EBlAWUZFRRZEcsbZSa5IMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA1MGIxZTM4YzcwNGJkMDhlM2I5ZDE3ZjU5MDM2N2IxZDFm MDNjNGEwHhcNMjYwMTAxMTAxNzM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2ZGQ5NTZmNmIxOWM5ZGNlZmFkMDRmMmQwMDk4ZTBkODI1MGE4ZjRjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtwhKPKa9gQBAyjsOd//aKC3Ubkry MialsARqcZyEhtrXK+ZD0rVVSGhDxCna1hW2Ahdw1lLCj8ovtBa+j+7CoORldzd6 ApxdVNvTgnJm1dUvFkTyU3qV80VlSqCcp125CCh32Scj5mf8xa5obhu6DalmI/nz sgyVNJd7AzmDIqKfwfYHh5ZH1vljwiQGBxDQ7rWpf89LuFdTqWV6rUeb3oBNP7xV HAIm68GTxHuubiHCAvOhNaqedB12upoKHuvmB7/Sv94WoGoZFUOQUeWyqc2ZqhCz OseH2qUeaj5ZIYKNruol/oGVKsfrApOzkuYnLTNSCYZuwOwQTVoj+6J26QIDAQAB o4ICETCCAg0wHQYDVR0OBBYEFG3ZVvaxnJ3O+tBPLQCY4NglCo9MMB8GA1UdIwQY MBaAFAULHjjHBL0I47nRf1kDZ7HR8DxKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQlFzZU9NY0V2UWpqdWRGX1dRTm5zZEh3UEVvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC8zY2M5YjQtMWVmZi00OGM5LWIyZjYt YTAxZTllNmRjYmYyLzEvYmRsVzlyR2NuYzc2MEU4dEFKamcyQ1VLajB3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xZC8zY2M5YjQtMWVmZi00OGM5LWIyZjYtYTAxZTllNmRjYmYy LzEvQlFzZU9NY0V2UWpqdWRGX1dRTm5zZEh3UEVvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAOAf6gD BACAf6owDQYJKoZIhvcNAQELBQADggEBAEJgvaK+TlfTloPc2y0wuTvny+Tg/YTa dW5S9rMHyixQWDZtQrq7Cn0ZM0b5ECZVX4/hDwZvlqQJ5Re5nMKHPxgFOjC33d3W gtKd/d98FXP4UPj6hALlaAOYccFPF5qAPmHqgg2eNYL8r+zwxGJA8a6RPRJOQWlt FozWwb0LlJtV0Z3L+H4bnoOXUdnr99VzXYGwpeCFOJVXeVCzKCLU6IQPMxLgX4eD NZ7gC055kJjsDuBdaVIYyCMpC9eMAjCuDARVTuhW2JxY/ngS6HfoBQediNAMQB2A MQlQQs8eMCG04I7dzMJkeFC7709XudhtO0KYDnginw4KUV7dDP4daZk= -----END CERTIFICATE-----Generated at Wed Jan 21 13:17:56 2026 by rpki-client