This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/f58ac8-53e9-4ca6-acb2-be57d7dfa0de/1/bdnGFt0hHzKvmqEY93Eh959DQNM.roa File: bdnGFt0hHzKvmqEY93Eh959DQNM.roa (raw, json) Hash identifier: Uc8DaiaZyUQDwe1ODSCGoQeREP5FCzxxss2vrZnDmR0= Subject key identifier: 6D:D9:C6:16:DD:21:1F:32:AF:9A:A1:18:F7:71:21:F7:9F:43:40:D3 Certificate issuer: /CN=621310302018a387c692146a35efd33a6ed6b1ef Certificate serial: 019B797F1F32AE4E804CA1E0E5398D841E44 Authority key identifier: 62:13:10:30:20:18:A3:87:C6:92:14:6A:35:EF:D3:3A:6E:D6:B1:EF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YhMQMCAYo4fGkhRqNe_TOm7Wse8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/f58ac8-53e9-4ca6-acb2-be57d7dfa0de/1/bdnGFt0hHzKvmqEY93Eh959DQNM.roa Signing time: Thu 01 Jan 2026 12:18:52 +0000 ROA not before: Thu 01 Jan 2026 12:18:52 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 42831 IP address blocks: 185.99.20.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/f58ac8-53e9-4ca6-acb2-be57d7dfa0de/1/YhMQMCAYo4fGkhRqNe_TOm7Wse8.crl rsync://rpki.ripe.net/repository/DEFAULT/25/f58ac8-53e9-4ca6-acb2-be57d7dfa0de/1/YhMQMCAYo4fGkhRqNe_TOm7Wse8.mft rsync://rpki.ripe.net/repository/DEFAULT/YhMQMCAYo4fGkhRqNe_TOm7Wse8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 18:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7f:1f:32:ae:4e:80:4c:a1:e0:e5:39:8d:84:1e:44 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=621310302018a387c692146a35efd33a6ed6b1ef Validity Not Before: Jan 1 12:18:52 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=6dd9c616dd211f32af9aa118f77121f79f4340d3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:0b:17:c9:ad:a9:80:47:7e:93:bf:81:51:91: 34:06:63:6c:5c:be:3a:8f:c7:75:6a:92:14:c5:ce: 7f:b8:a6:dd:19:a6:6a:00:e9:95:36:a3:3c:68:45: 9c:4e:99:83:33:6f:24:61:db:9e:e6:54:08:72:aa: 67:10:23:a7:16:61:a3:06:d4:df:60:b6:20:ee:57: 85:43:6a:8b:f3:72:19:5c:dc:f4:bf:ab:6e:44:99: 55:74:75:90:d5:9c:8e:1f:16:c3:cf:a4:f5:7b:61: 1e:29:98:bd:60:93:0d:c2:a2:8c:0c:7e:88:61:92: a6:d3:cf:44:97:d0:db:4c:2e:09:ab:2b:68:93:75: 87:05:03:10:7d:c3:7d:4e:13:52:87:7e:f6:c9:64: 6d:3a:22:b6:ad:3f:c1:08:50:53:f4:23:3d:bc:03: b0:fc:fd:82:5e:4b:20:24:aa:e2:eb:2b:36:08:ec: dc:6e:f7:60:33:72:70:24:79:67:72:ae:3a:3b:63: 94:6b:6b:6e:6b:3f:8b:00:3e:84:1c:e9:3e:23:ef: aa:dc:94:2f:5e:c5:93:7f:a2:e1:cd:1a:48:e1:b7: 2a:d5:54:fe:16:24:a0:48:78:22:ee:1a:2d:0d:1c: 0c:c0:53:a8:d9:90:d7:a3:bc:25:50:a7:2b:21:56: 14:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6D:D9:C6:16:DD:21:1F:32:AF:9A:A1:18:F7:71:21:F7:9F:43:40:D3 X509v3 Authority Key Identifier: keyid:62:13:10:30:20:18:A3:87:C6:92:14:6A:35:EF:D3:3A:6E:D6:B1:EF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YhMQMCAYo4fGkhRqNe_TOm7Wse8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/f58ac8-53e9-4ca6-acb2-be57d7dfa0de/1/bdnGFt0hHzKvmqEY93Eh959DQNM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/25/f58ac8-53e9-4ca6-acb2-be57d7dfa0de/1/YhMQMCAYo4fGkhRqNe_TOm7Wse8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.99.20.0/24 Signature Algorithm: sha256WithRSAEncryption 76:b3:c7:2f:62:de:71:10:98:de:6a:3a:28:a6:9b:a9:e7:07: 33:f6:30:09:2b:c4:43:9b:de:50:ff:84:fc:ca:fc:15:b4:01: 69:30:ae:58:1d:5c:b1:e3:ac:d9:5c:5b:0a:15:c4:f4:bc:02: 96:11:cc:ce:22:3c:d2:ba:7d:e9:61:44:9c:e5:1f:4e:76:ff: f8:c7:f3:55:e9:a1:1b:2b:c0:80:ae:78:9f:f7:18:76:51:48: e4:0f:ed:85:6a:61:e4:5d:96:56:82:1d:2b:ff:77:d0:2c:94: 58:47:80:19:ef:20:2f:88:d7:4c:9e:ee:87:27:c0:7c:03:3e: 52:cb:a8:26:7f:0f:1e:32:2f:f5:91:0c:1a:10:57:75:5b:a7: 96:1a:bb:b6:5b:c6:94:fc:97:66:da:8c:22:dd:5b:52:1c:b1: b3:c3:5c:bc:4e:38:dc:88:3d:60:67:6d:46:45:70:0f:01:3f: 8e:6c:be:1f:e8:cc:91:f9:e8:58:fd:f8:59:b7:b9:30:93:4c: 94:9a:47:d7:49:fa:2c:f1:73:1a:53:8d:f9:38:48:32:10:23: 5a:ef:8f:f2:5b:5e:28:ad:f1:b7:b9:33:c6:b6:35:e4:c3:af: e1:13:6e:3e:b6:b5:86:2e:c0:fb:ba:4b:31:87:7b:dc:ce:e7: 7d:59:da:be -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt5fx8yrk6ATKHg5TmNhB5EMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYyMTMxMDMwMjAxOGEzODdjNjkyMTQ2YTM1ZWZkMzNhNmVk NmIxZWYwHhcNMjYwMTAxMTIxODUyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2ZGQ5YzYxNmRkMjExZjMyYWY5YWExMThmNzcxMjFmNzlmNDM0MGQzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyAsXya2pgEd+k7+BUZE0BmNsXL46 j8d1apIUxc5/uKbdGaZqAOmVNqM8aEWcTpmDM28kYdue5lQIcqpnECOnFmGjBtTf YLYg7leFQ2qL83IZXNz0v6tuRJlVdHWQ1ZyOHxbDz6T1e2EeKZi9YJMNwqKMDH6I YZKm089El9DbTC4Jqytok3WHBQMQfcN9ThNSh372yWRtOiK2rT/BCFBT9CM9vAOw /P2CXksgJKri6ys2COzcbvdgM3JwJHlncq46O2OUa2tuaz+LAD6EHOk+I++q3JQv XsWTf6LhzRpI4bcq1VT+FiSgSHgi7hotDRwMwFOo2ZDXo7wlUKcrIVYUfwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFG3ZxhbdIR8yr5qhGPdxIfefQ0DTMB8GA1UdIwQY MBaAFGITEDAgGKOHxpIUajXv0zpu1rHvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWWhNUU1DQVlvNGZHa2hScU5lX1RPbTdXc2U4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9mNThhYzgtNTNlOS00Y2E2LWFjYjIt YmU1N2Q3ZGZhMGRlLzEvYmRuR0Z0MGhIekt2bXFFWTkzRWg5NTlEUU5NLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNS9mNThhYzgtNTNlOS00Y2E2LWFjYjItYmU1N2Q3ZGZhMGRl LzEvWWhNUU1DQVlvNGZHa2hScU5lX1RPbTdXc2U4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuWMUMA0G CSqGSIb3DQEBCwUAA4IBAQB2s8cvYt5xEJjeajooppup5wcz9jAJK8RDm95Q/4T8 yvwVtAFpMK5YHVyx46zZXFsKFcT0vAKWEczOIjzSun3pYUSc5R9Odv/4x/NV6aEb K8CArnif9xh2UUjkD+2FamHkXZZWgh0r/3fQLJRYR4AZ7yAviNdMnu6HJ8B8Az5S y6gmfw8eMi/1kQwaEFd1W6eWGru2W8aU/Jdm2owi3VtSHLGzw1y8TjjciD1gZ21G RXAPAT+ObL4f6MyR+ehY/fhZt7kwk0yUmkfXSfos8XMaU435OEgyECNa74/yW14o rfG3uTPGtjXkw6/hE24+trWGLsD7uksxh3vczud9Wdq+ -----END CERTIFICATE-----Generated at Mon Jan 19 23:21:48 2026 by rpki-client