This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/BE2mEMqXoD5W-rYoEN42UUzsleE.roa File: BE2mEMqXoD5W-rYoEN42UUzsleE.roa (raw, json) Hash identifier: FSSNupkI6ZKtnmsSmt58MJHjD7OKdKEzjPUgRieAqHM= Subject key identifier: 04:4D:A6:10:CA:97:A0:3E:56:FA:B6:28:10:DE:36:51:4C:EC:95:E1 Certificate issuer: /CN=458d12f095053c35876b88b47685d6435421fcf2 Certificate serial: 019B7DCB22F5768FD3B00A58A82D44C80521 Authority key identifier: 45:8D:12:F0:95:05:3C:35:87:6B:88:B4:76:85:D6:43:54:21:FC:F2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/BE2mEMqXoD5W-rYoEN42UUzsleE.roa Signing time: Fri 02 Jan 2026 08:20:23 +0000 ROA not before: Fri 02 Jan 2026 08:20:23 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 58329 IP address blocks: 31.214.157.0/24 maxlen: 24 79.132.128.0/24 maxlen: 24 79.132.129.0/24 maxlen: 24 79.132.132.0/24 maxlen: 24 79.132.133.0/24 maxlen: 24 185.158.249.0/24 maxlen: 24 193.242.210.0/23 maxlen: 23 194.76.225.0/24 maxlen: 24 2001:67c:2ae8::/48 maxlen: 48 2a0b:7140:6::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.crl rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.mft rsync://rpki.ripe.net/repository/DEFAULT/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 21 Jan 2026 17:01:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:cb:22:f5:76:8f:d3:b0:0a:58:a8:2d:44:c8:05:21 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=458d12f095053c35876b88b47685d6435421fcf2 Validity Not Before: Jan 2 08:20:23 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=044da610ca97a03e56fab62810de36514cec95e1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:cd:0e:60:6a:23:29:69:e3:dd:04:ff:89:97: b3:d2:3e:71:53:ac:04:ef:c1:65:c7:52:82:96:57: d7:f6:1e:d6:5c:e7:62:3b:45:b8:bc:97:c2:7c:e3: 6b:94:13:94:c3:23:ed:62:b0:cf:65:2f:0d:09:1f: 38:ad:e1:02:0c:79:79:21:63:18:d7:a0:3a:41:7e: b3:c4:00:ba:4d:8e:46:9c:7b:0c:48:3f:df:29:a9: d4:0b:38:dc:c6:da:5b:1b:81:c8:fa:9f:be:dd:32: 3e:35:c3:35:8f:1d:e2:04:93:b3:85:60:a0:16:35: a1:e5:2e:d1:94:47:0f:63:fc:ec:55:52:96:8a:d7: d4:a9:e5:b2:3c:4f:d2:75:1d:1b:b7:e5:10:01:85: 43:85:22:d5:be:8f:ad:d8:ef:1d:1f:cf:c9:25:a9: c5:76:cf:85:15:99:d4:90:7f:28:2c:8f:ae:fc:33: 63:ae:aa:f9:9a:fa:48:d9:ef:fd:91:0e:10:01:b4: 87:38:0f:02:cf:53:4f:82:1c:26:72:ed:ba:17:9b: 5a:cc:21:23:a3:91:6f:0d:e4:68:be:a4:c9:d2:70: d6:94:1c:d8:ca:14:6d:94:d8:99:91:84:90:39:d9: 1c:d6:08:00:b3:f4:c5:67:b1:be:d6:93:6d:31:3f: 19:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 04:4D:A6:10:CA:97:A0:3E:56:FA:B6:28:10:DE:36:51:4C:EC:95:E1 X509v3 Authority Key Identifier: keyid:45:8D:12:F0:95:05:3C:35:87:6B:88:B4:76:85:D6:43:54:21:FC:F2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/BE2mEMqXoD5W-rYoEN42UUzsleE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.214.157.0/24 79.132.128.0/23 79.132.132.0/23 185.158.249.0/24 193.242.210.0/23 194.76.225.0/24 IPv6: 2001:67c:2ae8::/48 2a0b:7140:6::/48 Signature Algorithm: sha256WithRSAEncryption 61:e0:76:67:bf:07:71:ad:b6:ef:9c:4c:81:d6:60:5b:38:65: 2a:81:29:ec:3a:f7:e6:e5:3b:8d:a2:74:5d:0c:20:07:25:8d: 05:5c:04:7f:9c:c8:60:78:af:e1:25:25:bc:f6:28:de:bd:9f: 1b:b0:4d:22:b0:6d:d2:47:0f:75:5c:0a:80:81:de:aa:76:49: bc:f3:44:37:22:76:26:29:f0:72:61:9f:7d:29:cd:db:f8:d1: 4a:1d:c9:53:84:d5:11:1e:74:e3:5e:d8:86:12:4d:3c:3e:65: 82:02:1f:63:2d:d3:cb:3a:29:39:e6:a1:1a:93:9c:e7:45:c0: 94:00:34:6d:b3:e4:cb:46:67:55:dd:7a:8e:d5:14:de:92:d3: 3e:be:38:5c:12:eb:26:6d:2d:65:ff:00:ca:b3:31:78:c2:8f: 5c:ae:34:2e:8b:d4:58:93:59:79:1f:8e:f3:6c:d2:78:c2:a3: a4:51:ca:87:14:f9:ea:bc:f9:fb:a2:8c:58:2d:49:ff:76:66: a2:be:94:0a:74:51:2f:d5:89:af:a6:2c:40:56:9e:49:89:fa: a5:9b:cb:23:cc:09:65:c0:54:a0:a7:29:cc:e8:08:5f:63:58: 7d:03:46:52:59:3d:ee:e7:84:64:01:5e:e0:53:0b:70:e6:19: d6:b4:2d:c5 -----BEGIN CERTIFICATE----- MIIFNTCCBB2gAwIBAgISAZt9yyL1do/TsApYqC1EyAUhMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQ1OGQxMmYwOTUwNTNjMzU4NzZiODhiNDc2ODVkNjQzNTQy MWZjZjIwHhcNMjYwMTAyMDgyMDIzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwNDRkYTYxMGNhOTdhMDNlNTZmYWI2MjgxMGRlMzY1MTRjZWM5NWUxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2M0OYGojKWnj3QT/iZez0j5xU6wE 78Flx1KCllfX9h7WXOdiO0W4vJfCfONrlBOUwyPtYrDPZS8NCR84reECDHl5IWMY 16A6QX6zxAC6TY5GnHsMSD/fKanUCzjcxtpbG4HI+p++3TI+NcM1jx3iBJOzhWCg FjWh5S7RlEcPY/zsVVKWitfUqeWyPE/SdR0bt+UQAYVDhSLVvo+t2O8dH8/JJanF ds+FFZnUkH8oLI+u/DNjrqr5mvpI2e/9kQ4QAbSHOA8Cz1NPghwmcu26F5tazCEj o5FvDeRovqTJ0nDWlBzYyhRtlNiZkYSQOdkc1ggAs/TFZ7G+1pNtMT8ZeQIDAQAB o4ICQTCCAj0wHQYDVR0OBBYEFARNphDKl6A+Vvq2KBDeNlFM7JXhMB8GA1UdIwQY MBaAFEWNEvCVBTw1h2uItHaF1kNUIfzyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUlkwUzhKVUZQRFdIYTRpMGRvWFdRMVFoX1BJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS83Y2VjYzctZjYzZC00M2ZjLWIyMTkt Mzk1NTk1OWVhZjgxLzEvQkUybUVNcVhvRDVXLXJZb0VONDJVVXpzbGVFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYS83Y2VjYzctZjYzZC00M2ZjLWIyMTktMzk1NTk1OWVhZjgx LzEvUlkwUzhKVUZQRFdIYTRpMGRvWFdRMVFoX1BJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjAqBAIAATAkAwQAH9adAwQB T4SAAwQBT4SEAwQAuZ75AwQBwfLSAwQAwkzhMBgEAgACMBIDBwAgAQZ8KugDBwAq C3FAAAYwDQYJKoZIhvcNAQELBQADggEBAGHgdme/B3Gttu+cTIHWYFs4ZSqBKew6 9+blO42idF0MIAcljQVcBH+cyGB4r+ElJbz2KN69nxuwTSKwbdJHD3VcCoCB3qp2 SbzzRDcidiYp8HJhn30pzdv40UodyVOE1REedONe2IYSTTw+ZYICH2Mt08s6KTnm oRqTnOdFwJQANG2z5MtGZ1Xdeo7VFN6S0z6+OFwS6yZtLWX/AMqzMXjCj1yuNC6L 1FiTWXkfjvNs0njCo6RRyocU+eq8+fuijFgtSf92ZqK+lAp0US/Via+mLEBWnkmJ +qWbyyPMCWXAVKCnKczoCF9jWH0DRlJZPe7nhGQBXuBTC3DmGda0LcU= -----END CERTIFICATE-----Generated at Wed Jan 21 02:47:48 2026 by rpki-client