This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/ebbac9-fee7-4f3b-8cd5-7a41254eaaca/1/bniESOAwEJ3WL8_KzHYZ3-fFUKE.roa File: bniESOAwEJ3WL8_KzHYZ3-fFUKE.roa (raw, json) Hash identifier: t+surPIg+2rXPUx8NHZjclxfI1SSYNmZtqZYBFqewLY= Subject key identifier: 6E:78:84:48:E0:30:10:9D:D6:2F:CF:CA:CC:76:19:DF:E7:C5:50:A1 Certificate issuer: /CN=b72588c00eef715809eb5fdd6d6717cc28c0dfac Certificate serial: 019B76EB92D8356DC88D51A764897AADD645 Authority key identifier: B7:25:88:C0:0E:EF:71:58:09:EB:5F:DD:6D:67:17:CC:28:C0:DF:AC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tyWIwA7vcVgJ61_dbWcXzCjA36w.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/ebbac9-fee7-4f3b-8cd5-7a41254eaaca/1/bniESOAwEJ3WL8_KzHYZ3-fFUKE.roa Signing time: Thu 01 Jan 2026 00:18:28 +0000 ROA not before: Thu 01 Jan 2026 00:18:28 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 42775 IP address blocks: 178.236.136.0/23 maxlen: 23 185.39.192.0/22 maxlen: 22 2a02:1710:2::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/ebbac9-fee7-4f3b-8cd5-7a41254eaaca/1/tyWIwA7vcVgJ61_dbWcXzCjA36w.crl rsync://rpki.ripe.net/repository/DEFAULT/28/ebbac9-fee7-4f3b-8cd5-7a41254eaaca/1/tyWIwA7vcVgJ61_dbWcXzCjA36w.mft rsync://rpki.ripe.net/repository/DEFAULT/tyWIwA7vcVgJ61_dbWcXzCjA36w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 10:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:76:eb:92:d8:35:6d:c8:8d:51:a7:64:89:7a:ad:d6:45 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b72588c00eef715809eb5fdd6d6717cc28c0dfac Validity Not Before: Jan 1 00:18:28 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=6e788448e030109dd62fcfcacc7619dfe7c550a1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:10:14:6c:0b:34:34:c7:cb:fc:a2:ae:3e:ae: db:f7:8d:6d:f3:5b:49:5c:03:cc:56:27:d5:7d:6e: 75:93:8a:96:0c:39:97:5c:a2:7b:87:c3:6d:b5:d0: 65:c3:cd:43:a1:6a:82:99:09:d4:0a:e7:6a:14:6e: 57:99:1d:b2:4e:33:c0:d7:ec:a4:18:1a:1e:62:ff: c7:d5:69:03:6f:0d:64:a6:28:ab:57:70:c0:e5:f9: 13:c6:d8:f5:ed:3d:c5:63:ce:cb:6a:7c:d7:2a:f1: 6b:f6:f6:c9:79:7b:2b:f4:9f:12:f3:72:48:f8:64: c2:6b:d3:e9:a1:2b:67:d7:38:27:58:5c:7f:be:6e: 8e:36:5e:88:c3:0a:60:cb:3e:6a:39:ee:9e:9c:69: 67:8f:f9:16:dd:3d:d9:3f:1b:0b:a6:4a:01:b2:81: a9:1e:4e:20:af:79:8a:e1:6f:31:8b:b1:69:6e:0c: 58:28:2c:15:19:d4:ac:59:00:1c:28:6b:40:3d:ac: 30:58:72:f9:a4:0d:67:42:60:be:07:60:3c:3d:bf: 5f:ae:5f:bc:93:58:bb:ad:3a:ee:30:3b:1c:71:36: 90:19:3c:1f:94:f0:f4:60:91:7f:ad:e0:53:5d:b3: e6:fb:3d:5d:7c:36:24:85:1c:09:8f:e0:08:66:64: 63:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6E:78:84:48:E0:30:10:9D:D6:2F:CF:CA:CC:76:19:DF:E7:C5:50:A1 X509v3 Authority Key Identifier: keyid:B7:25:88:C0:0E:EF:71:58:09:EB:5F:DD:6D:67:17:CC:28:C0:DF:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tyWIwA7vcVgJ61_dbWcXzCjA36w.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/ebbac9-fee7-4f3b-8cd5-7a41254eaaca/1/bniESOAwEJ3WL8_KzHYZ3-fFUKE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/28/ebbac9-fee7-4f3b-8cd5-7a41254eaaca/1/tyWIwA7vcVgJ61_dbWcXzCjA36w.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 178.236.136.0/23 185.39.192.0/22 IPv6: 2a02:1710:2::/48 Signature Algorithm: sha256WithRSAEncryption 37:3a:4c:e6:21:f4:9c:87:37:40:78:89:e5:3c:41:39:5b:73: 5f:46:48:26:52:c2:0d:5d:a2:69:fd:08:98:72:89:85:37:77: 69:a4:96:a2:4e:10:a0:03:84:f5:2f:c6:c4:0a:cd:22:1f:41: f1:5d:79:92:69:27:91:c2:03:3e:7f:e4:3e:aa:c8:22:e4:10: 9f:a2:6a:61:b5:5a:9a:ab:06:9d:41:f1:93:e1:cd:71:3a:54: ad:16:50:91:21:18:de:68:b3:e9:77:61:b3:5c:da:0a:8b:19: dc:bd:d8:c7:2d:98:2c:37:dc:73:30:88:ae:4b:69:51:de:cb: 03:e7:3a:b0:26:63:53:41:e7:83:19:5a:cb:30:dd:4f:91:7b: ab:c7:db:fe:97:bc:95:b4:fc:2c:0a:76:67:ff:ba:66:7f:01: 4a:0f:3e:61:fa:25:cd:2a:ac:60:b4:34:8d:2b:07:57:1e:d4: 87:62:cf:b0:ce:dc:47:b7:0e:77:37:c8:ab:b1:03:77:a8:c2: f9:2d:e2:21:07:e6:b5:69:27:51:73:82:44:51:01:3c:8c:6e: b0:fa:fe:8d:21:0b:30:f3:4d:f2:db:53:c0:04:b3:e1:03:4b: fc:1c:64:a7:3d:51:08:d3:9e:8c:56:91:cd:24:55:12:27:1c: 48:ec:be:fb -----BEGIN CERTIFICATE----- MIIFFDCCA/ygAwIBAgISAZt265LYNW3IjVGnZIl6rdZFMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI3MjU4OGMwMGVlZjcxNTgwOWViNWZkZDZkNjcxN2NjMjhj MGRmYWMwHhcNMjYwMTAxMDAxODI4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2ZTc4ODQ0OGUwMzAxMDlkZDYyZmNmY2FjYzc2MTlkZmU3YzU1MGExMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwhAUbAs0NMfL/KKuPq7b941t81tJ XAPMVifVfW51k4qWDDmXXKJ7h8NttdBlw81DoWqCmQnUCudqFG5XmR2yTjPA1+yk GBoeYv/H1WkDbw1kpiirV3DA5fkTxtj17T3FY87LanzXKvFr9vbJeXsr9J8S83JI +GTCa9PpoStn1zgnWFx/vm6ONl6Iwwpgyz5qOe6enGlnj/kW3T3ZPxsLpkoBsoGp Hk4gr3mK4W8xi7FpbgxYKCwVGdSsWQAcKGtAPawwWHL5pA1nQmC+B2A8Pb9frl+8 k1i7rTruMDsccTaQGTwflPD0YJF/reBTXbPm+z1dfDYkhRwJj+AIZmRj0wIDAQAB o4ICIDCCAhwwHQYDVR0OBBYEFG54hEjgMBCd1i/Pysx2Gd/nxVChMB8GA1UdIwQY MBaAFLcliMAO73FYCetf3W1nF8wowN+sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdHlXSXdBN3ZjVmdKNjFfZGJXY1h6Q2pBMzZ3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9lYmJhYzktZmVlNy00ZjNiLThjZDUt N2E0MTI1NGVhYWNhLzEvYm5pRVNPQXdFSjNXTDhfS3pIWVozLWZGVUtFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yOC9lYmJhYzktZmVlNy00ZjNiLThjZDUtN2E0MTI1NGVhYWNh LzEvdHlXSXdBN3ZjVmdKNjFfZGJXY1h6Q2pBMzZ3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQBsuyIAwQC uSfAMA8EAgACMAkDBwAqAhcQAAIwDQYJKoZIhvcNAQELBQADggEBADc6TOYh9JyH N0B4ieU8QTlbc19GSCZSwg1domn9CJhyiYU3d2mklqJOEKADhPUvxsQKzSIfQfFd eZJpJ5HCAz5/5D6qyCLkEJ+iamG1WpqrBp1B8ZPhzXE6VK0WUJEhGN5os+l3YbNc 2gqLGdy92MctmCw33HMwiK5LaVHeywPnOrAmY1NB54MZWssw3U+Re6vH2/6XvJW0 /CwKdmf/umZ/AUoPPmH6Jc0qrGC0NI0rB1ce1Idiz7DO3Ee3Dnc3yKuxA3eowvkt 4iEH5rVpJ1FzgkRRATyMbrD6/o0hCzDzTfLbU8AEs+EDS/wcZKc9UQjTnoxWkc0k VRInHEjsvvs= -----END CERTIFICATE-----Generated at Mon Jan 26 16:22:18 2026 by rpki-client