This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/59cf71-9dce-4d54-aca7-c06d0360e114/1/bbBG2rue9lHstySItrWfZ8Okk2k.roa File: bbBG2rue9lHstySItrWfZ8Okk2k.roa (raw, json) Hash identifier: Lp3myBhOizyAmwsAgb6LWTVDSU9pHimrZnlM2WFEifs= Subject key identifier: 6D:B0:46:DA:BB:9E:F6:51:EC:B7:24:88:B6:B5:9F:67:C3:A4:93:69 Certificate issuer: /CN=232b703089e3800d9ed29124731ecba4e9ab454f Certificate serial: 019AFF3AB870AAE5F10CE4F567BAC44EBC60 Authority key identifier: 23:2B:70:30:89:E3:80:0D:9E:D2:91:24:73:1E:CB:A4:E9:AB:45:4F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IytwMInjgA2e0pEkcx7LpOmrRU8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/59cf71-9dce-4d54-aca7-c06d0360e114/1/bbBG2rue9lHstySItrWfZ8Okk2k.roa Signing time: Mon 08 Dec 2025 18:30:29 +0000 ROA not before: Mon 08 Dec 2025 18:30:29 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 206890 IP address blocks: 185.172.240.0/22 maxlen: 22 2a0d:4140::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/59cf71-9dce-4d54-aca7-c06d0360e114/1/IytwMInjgA2e0pEkcx7LpOmrRU8.crl rsync://rpki.ripe.net/repository/DEFAULT/38/59cf71-9dce-4d54-aca7-c06d0360e114/1/IytwMInjgA2e0pEkcx7LpOmrRU8.mft rsync://rpki.ripe.net/repository/DEFAULT/IytwMInjgA2e0pEkcx7LpOmrRU8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 09:01:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:ff:3a:b8:70:aa:e5:f1:0c:e4:f5:67:ba:c4:4e:bc:60 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=232b703089e3800d9ed29124731ecba4e9ab454f Validity Not Before: Dec 8 18:30:29 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=6db046dabb9ef651ecb72488b6b59f67c3a49369 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:94:f3:fd:90:ad:e7:87:03:5c:81:99:8d:71:08: be:84:0d:6b:5e:6b:8e:e3:83:fa:de:fb:82:8e:8c: 0c:59:81:3a:c7:6e:fe:66:ff:fd:ff:10:89:ca:9d: 26:7d:e4:d9:e2:3b:b1:23:c3:8e:80:5d:3a:19:60: da:f7:d9:37:76:84:35:ed:c2:23:ba:5a:4a:31:2c: f8:eb:c2:e8:e3:eb:9b:36:75:d6:f7:e4:9f:e0:46: 4b:c2:7c:fd:30:b8:83:90:52:20:45:a3:b1:7b:74: 63:43:39:58:32:77:a8:e3:e7:4f:79:e6:47:72:43: b9:b5:70:36:51:9a:b2:6f:50:b7:30:88:75:bc:0b: b9:3f:f2:4f:05:e9:96:ce:6a:45:a9:ac:75:ab:fa: 9b:ea:eb:f8:bd:88:28:c8:b2:b1:69:39:bb:4e:4b: 48:39:7d:0b:03:4b:d5:94:5c:ed:8e:b1:45:c7:26: 20:5a:72:00:09:fa:0e:78:5f:cc:ab:89:51:51:91: 0b:4c:bd:12:6f:e5:90:5c:81:a5:27:24:03:87:81: 0a:e3:2d:d5:da:82:78:d3:c7:04:73:ee:ef:11:cc: 26:55:54:05:2c:4c:18:3f:c1:f6:31:b9:b2:da:06: cf:5e:a7:4b:b1:da:a3:43:5c:62:60:c7:ad:d1:f9: 6a:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6D:B0:46:DA:BB:9E:F6:51:EC:B7:24:88:B6:B5:9F:67:C3:A4:93:69 X509v3 Authority Key Identifier: keyid:23:2B:70:30:89:E3:80:0D:9E:D2:91:24:73:1E:CB:A4:E9:AB:45:4F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IytwMInjgA2e0pEkcx7LpOmrRU8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/59cf71-9dce-4d54-aca7-c06d0360e114/1/bbBG2rue9lHstySItrWfZ8Okk2k.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/38/59cf71-9dce-4d54-aca7-c06d0360e114/1/IytwMInjgA2e0pEkcx7LpOmrRU8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.172.240.0/22 IPv6: 2a0d:4140::/29 Signature Algorithm: sha256WithRSAEncryption 87:9c:61:d1:cb:33:23:2a:e3:83:38:06:e3:33:4a:29:40:14: 54:14:85:73:25:df:51:3f:75:73:03:9e:9a:1f:26:91:6f:65: f9:3b:33:c6:90:1b:aa:84:24:64:00:91:8e:02:7e:02:e2:8e: 32:6b:ff:b3:4a:16:88:9d:83:57:59:34:72:f5:23:b5:d5:1b: 41:d1:9f:bf:8c:c8:e3:9c:7c:c0:9e:9e:07:d1:fb:f7:ac:f9: d5:9a:0d:0a:e0:c3:23:71:23:94:10:e5:38:a3:18:ee:8d:75: 58:99:83:8d:c1:ad:0e:66:69:cb:e5:a6:e3:f2:0e:6a:c4:76: f2:88:c4:3a:80:8e:0b:fe:d2:4c:95:4d:a6:aa:3f:c9:ed:98: 9a:78:5e:c5:26:98:c7:24:8e:88:14:8c:bc:99:8e:08:11:2c: f9:fb:7c:ed:5d:62:64:91:3a:94:0a:fa:60:3e:7c:c3:e2:41: 8f:cf:e1:e9:10:eb:47:42:61:93:98:ad:20:85:1d:b7:ab:11: 5f:af:7e:f7:5d:2c:16:35:52:3b:3e:a2:8d:2d:45:88:e6:06: 48:31:c1:85:2c:47:a5:da:a6:53:c5:d3:70:bd:7a:0f:4c:02: a0:a5:8a:69:d4:9d:13:cb:44:05:bd:72:dc:18:4b:88:2e:5b: bf:f2:da:78 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZr/OrhwquXxDOT1Z7rETrxgMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIzMmI3MDMwODllMzgwMGQ5ZWQyOTEyNDczMWVjYmE0ZTlh YjQ1NGYwHhcNMjUxMjA4MTgzMDI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2ZGIwNDZkYWJiOWVmNjUxZWNiNzI0ODhiNmI1OWY2N2MzYTQ5MzY5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlPP9kK3nhwNcgZmNcQi+hA1rXmuO 44P63vuCjowMWYE6x27+Zv/9/xCJyp0mfeTZ4juxI8OOgF06GWDa99k3doQ17cIj ulpKMSz468Lo4+ubNnXW9+Sf4EZLwnz9MLiDkFIgRaOxe3RjQzlYMneo4+dPeeZH ckO5tXA2UZqyb1C3MIh1vAu5P/JPBemWzmpFqax1q/qb6uv4vYgoyLKxaTm7TktI OX0LA0vVlFztjrFFxyYgWnIACfoOeF/Mq4lRUZELTL0Sb+WQXIGlJyQDh4EK4y3V 2oJ408cEc+7vEcwmVVQFLEwYP8H2Mbmy2gbPXqdLsdqjQ1xiYMet0flqFQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFG2wRtq7nvZR7LckiLa1n2fDpJNpMB8GA1UdIwQY MBaAFCMrcDCJ44ANntKRJHMey6Tpq0VPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSXl0d01JbmpnQTJlMHBFa2N4N0xwT21yUlU4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC81OWNmNzEtOWRjZS00ZDU0LWFjYTct YzA2ZDAzNjBlMTE0LzEvYmJCRzJydWU5bEhzdHlTSXRyV2ZaOE9razJrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zOC81OWNmNzEtOWRjZS00ZDU0LWFjYTctYzA2ZDAzNjBlMTE0 LzEvSXl0d01JbmpnQTJlMHBFa2N4N0xwT21yUlU4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuazwMA0E AgACMAcDBQMqDUFAMA0GCSqGSIb3DQEBCwUAA4IBAQCHnGHRyzMjKuODOAbjM0op QBRUFIVzJd9RP3VzA56aHyaRb2X5OzPGkBuqhCRkAJGOAn4C4o4ya/+zShaInYNX WTRy9SO11RtB0Z+/jMjjnHzAnp4H0fv3rPnVmg0K4MMjcSOUEOU4oxjujXVYmYON wa0OZmnL5abj8g5qxHbyiMQ6gI4L/tJMlU2mqj/J7ZiaeF7FJpjHJI6IFIy8mY4I ESz5+3ztXWJkkTqUCvpgPnzD4kGPz+HpEOtHQmGTmK0ghR23qxFfr373XSwWNVI7 PqKNLUWI5gZIMcGFLEel2qZTxdNwvXoPTAKgpYpp1J0Ty0QFvXLcGEuILlu/8tp4 -----END CERTIFICATE-----Generated at Fri Dec 26 17:16:18 2025 by rpki-client