This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/e7725d-4c16-4867-8c4d-fc5590cb8f6b/1/bYWnNBJ88LbQXbWSQLO05IsIsMk.roa File: bYWnNBJ88LbQXbWSQLO05IsIsMk.roa (raw, json) Hash identifier: 8zUO33POztpiVvtW7T3x8U4nLE2YNCP2J0oxQWs2DYg= Subject key identifier: 6D:85:A7:34:12:7C:F0:B6:D0:5D:B5:92:40:B3:B4:E4:8B:08:B0:C9 Certificate issuer: /CN=b9f40ef7f13ec9a156efb0db396090bc75da9d43 Certificate serial: 019B7F15DFCFF774647B1BE1ADBC8F4AF7AC Authority key identifier: B9:F4:0E:F7:F1:3E:C9:A1:56:EF:B0:DB:39:60:90:BC:75:DA:9D:43 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ufQO9_E-yaFW77DbOWCQvHXanUM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/e7725d-4c16-4867-8c4d-fc5590cb8f6b/1/bYWnNBJ88LbQXbWSQLO05IsIsMk.roa Signing time: Fri 02 Jan 2026 14:21:38 +0000 ROA not before: Fri 02 Jan 2026 14:21:38 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 61437 IP address blocks: 185.200.156.0/22 maxlen: 24 2a09:a940::/29 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/e7725d-4c16-4867-8c4d-fc5590cb8f6b/1/ufQO9_E-yaFW77DbOWCQvHXanUM.crl rsync://rpki.ripe.net/repository/DEFAULT/4d/e7725d-4c16-4867-8c4d-fc5590cb8f6b/1/ufQO9_E-yaFW77DbOWCQvHXanUM.mft rsync://rpki.ripe.net/repository/DEFAULT/ufQO9_E-yaFW77DbOWCQvHXanUM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 12:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:15:df:cf:f7:74:64:7b:1b:e1:ad:bc:8f:4a:f7:ac Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b9f40ef7f13ec9a156efb0db396090bc75da9d43 Validity Not Before: Jan 2 14:21:38 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=6d85a734127cf0b6d05db59240b3b4e48b08b0c9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:62:8d:19:2b:c1:8e:ae:e6:b0:77:d4:e8:55: d6:34:e9:38:a7:5f:f2:a1:31:ae:1b:8a:1a:ac:49: 73:7a:15:16:7b:ee:28:dd:c5:ba:d2:78:ab:b9:af: 17:f4:6c:80:b7:99:77:c8:06:5f:58:09:74:f8:ff: 3c:46:78:50:24:41:54:f3:61:4a:d5:40:fe:75:90: a9:84:29:72:d6:50:31:dd:58:9a:b2:e6:fc:18:b2: 9f:57:68:b4:b0:96:44:ad:c2:bd:ff:7b:76:e9:37: 81:ad:57:25:c2:04:49:14:7d:41:09:d7:ed:9e:f9: d4:f3:e1:0b:5f:1d:ee:10:5c:5f:c9:b2:28:f3:71: 9a:69:6a:73:5b:76:62:44:3f:96:c6:d5:cf:dc:01: 0f:f6:ad:70:7d:c7:4f:82:a3:f1:b1:cc:f4:0e:a6: 5d:36:15:42:b2:e0:4c:c0:60:66:a4:22:20:73:10: 9e:98:0e:4f:bc:04:f5:bb:d5:82:54:41:93:61:12: 69:b3:f1:58:87:ad:0f:02:53:5f:78:dd:77:c2:cb: de:5e:1d:55:5b:16:be:f6:a2:6a:66:04:55:d1:f5: 5d:a8:3a:91:b7:b2:b7:a3:89:2a:68:ef:40:c6:b6: 90:65:9a:a4:2b:01:f0:f4:80:54:8b:a8:32:ee:0f: 88:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6D:85:A7:34:12:7C:F0:B6:D0:5D:B5:92:40:B3:B4:E4:8B:08:B0:C9 X509v3 Authority Key Identifier: keyid:B9:F4:0E:F7:F1:3E:C9:A1:56:EF:B0:DB:39:60:90:BC:75:DA:9D:43 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ufQO9_E-yaFW77DbOWCQvHXanUM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/e7725d-4c16-4867-8c4d-fc5590cb8f6b/1/bYWnNBJ88LbQXbWSQLO05IsIsMk.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/e7725d-4c16-4867-8c4d-fc5590cb8f6b/1/ufQO9_E-yaFW77DbOWCQvHXanUM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.200.156.0/22 IPv6: 2a09:a940::/29 Signature Algorithm: sha256WithRSAEncryption 31:78:ca:76:ca:72:f9:d3:25:30:97:1f:1b:bc:58:17:6c:5e: 0b:4b:2b:fb:ea:37:f9:f3:a1:21:ce:a9:30:47:31:66:e2:9d: d2:e2:17:ca:80:8a:60:95:0f:4c:c9:a1:1c:7f:84:a5:17:fd: b3:1c:eb:11:43:95:9f:30:50:19:2f:4e:69:bb:45:c3:b2:a4: b3:40:90:2f:24:3f:42:97:71:e0:b8:85:e6:70:29:51:1e:67: fe:47:7c:6a:e3:b8:67:f7:b4:30:4d:51:62:98:b5:0d:e1:72: 42:3d:7a:06:64:30:58:f7:0d:cc:bf:1a:d5:51:d1:a6:d1:d9: 72:ac:be:b6:c1:90:81:6d:6c:46:80:64:b4:30:61:30:a1:ce: f2:fa:9b:a8:62:79:c6:58:cf:78:a2:4a:17:c0:e0:0f:15:c7: 3e:f2:68:88:97:be:7a:e2:b5:da:c3:0f:50:44:3f:a9:96:2c: 92:9a:0f:2a:81:2d:7d:51:fe:a3:68:56:bc:89:5b:07:98:76: fa:f6:fe:45:c0:e8:87:c6:36:25:8c:dc:07:f9:b6:27:87:5d: 44:83:ee:6d:24:cd:1e:fc:01:53:a6:16:ac:ba:32:66:2a:72: 0a:c3:34:b7:1a:34:a6:b1:da:8d:0d:87:a2:4e:4c:ec:1c:c2: f8:7f:5b:ca -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt/Fd/P93RkexvhrbyPSvesMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI5ZjQwZWY3ZjEzZWM5YTE1NmVmYjBkYjM5NjA5MGJjNzVk YTlkNDMwHhcNMjYwMTAyMTQyMTM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2ZDg1YTczNDEyN2NmMGI2ZDA1ZGI1OTI0MGIzYjRlNDhiMDhiMGM5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqGKNGSvBjq7msHfU6FXWNOk4p1/y oTGuG4oarElzehUWe+4o3cW60nirua8X9GyAt5l3yAZfWAl0+P88RnhQJEFU82FK 1UD+dZCphCly1lAx3Viasub8GLKfV2i0sJZErcK9/3t26TeBrVclwgRJFH1BCdft nvnU8+ELXx3uEFxfybIo83GaaWpzW3ZiRD+WxtXP3AEP9q1wfcdPgqPxscz0DqZd NhVCsuBMwGBmpCIgcxCemA5PvAT1u9WCVEGTYRJps/FYh60PAlNfeN13wsveXh1V Wxa+9qJqZgRV0fVdqDqRt7K3o4kqaO9AxraQZZqkKwHw9IBUi6gy7g+IHQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFG2FpzQSfPC20F21kkCztOSLCLDJMB8GA1UdIwQY MBaAFLn0DvfxPsmhVu+w2zlgkLx12p1DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdWZRTzlfRS15YUZXNzdEYk9XQ1F2SFhhblVNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC9lNzcyNWQtNGMxNi00ODY3LThjNGQt ZmM1NTkwY2I4ZjZiLzEvYllXbk5CSjg4TGJRWGJXU1FMTzA1SXNJc01rLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80ZC9lNzcyNWQtNGMxNi00ODY3LThjNGQtZmM1NTkwY2I4ZjZi LzEvdWZRTzlfRS15YUZXNzdEYk9XQ1F2SFhhblVNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCucicMA0E AgACMAcDBQMqCalAMA0GCSqGSIb3DQEBCwUAA4IBAQAxeMp2ynL50yUwlx8bvFgX bF4LSyv76jf586EhzqkwRzFm4p3S4hfKgIpglQ9MyaEcf4SlF/2zHOsRQ5WfMFAZ L05pu0XDsqSzQJAvJD9Cl3HguIXmcClRHmf+R3xq47hn97QwTVFimLUN4XJCPXoG ZDBY9w3MvxrVUdGm0dlyrL62wZCBbWxGgGS0MGEwoc7y+puoYnnGWM94okoXwOAP Fcc+8miIl7564rXaww9QRD+pliySmg8qgS19Uf6jaFa8iVsHmHb69v5FwOiHxjYl jNwH+bYnh11Eg+5tJM0e/AFTphasujJmKnIKwzS3GjSmsdqNDYeiTkzsHML4f1vK -----END CERTIFICATE-----Generated at Fri Jan 2 18:34:05 2026 by rpki-client