This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/bgZ3vRX-JFv5fE9qF1xUY7sESE4.roa File: bgZ3vRX-JFv5fE9qF1xUY7sESE4.roa (raw, json) Hash identifier: Mq7sKdMHcBtwCAWnUwHQ1xjASZS1lNn2Xrf5fuCPMtQ= Subject key identifier: 6E:06:77:BD:15:FE:24:5B:F9:7C:4F:6A:17:5C:54:63:BB:04:48:4E Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c Certificate serial: 019ACBA91A3E0CABF7A96CA8513E59FE49CF Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/bgZ3vRX-JFv5fE9qF1xUY7sESE4.roa Signing time: Fri 28 Nov 2025 18:10:48 +0000 ROA not before: Fri 28 Nov 2025 18:10:48 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 34567 IP address blocks: 2a0d:8cc0::/29 maxlen: 29 2a0d:ad40::/29 maxlen: 29 2a0d:b840::/29 maxlen: 29 2a0e:af40::/29 maxlen: 29 2a0e:e9c0::/29 maxlen: 29 2a0f:e180::/29 maxlen: 29 2a11:ec0::/29 maxlen: 29 2a11:17c0::/29 maxlen: 29 2a11:1c80::/29 maxlen: 29 2a11:2d00::/29 maxlen: 29 2a11:4540::/29 maxlen: 29 2a11:4f00::/29 maxlen: 29 2a11:64c0::/29 maxlen: 29 2a11:6b80::/29 maxlen: 29 2a11:77c0::/29 maxlen: 29 2a11:81c0::/29 maxlen: 29 2a11:86c0::/29 maxlen: 29 2a11:8740::/29 maxlen: 29 2a11:8980::/29 maxlen: 29 2a11:9040::/29 maxlen: 29 2a11:9580::/29 maxlen: 29 2a11:9640::/29 maxlen: 29 2a11:9f00::/29 maxlen: 29 2a11:a040::/29 maxlen: 29 2a11:a140::/29 maxlen: 29 2a11:b0c0::/29 maxlen: 29 2a11:b4c0::/29 maxlen: 29 2a11:b700::/29 maxlen: 29 2a11:bb00::/29 maxlen: 29 2a11:bbc0::/29 maxlen: 29 2a11:bdc0::/29 maxlen: 29 2a11:be40::/29 maxlen: 29 2a11:bf80::/29 maxlen: 29 2a11:c240::/29 maxlen: 29 2a11:c580::/29 maxlen: 29 2a11:c680::/29 maxlen: 29 2a11:cec0::/29 maxlen: 29 2a11:d340::/29 maxlen: 29 2a11:d880::/29 maxlen: 29 2a11:dac0::/29 maxlen: 29 2a11:df00::/29 maxlen: 29 2a11:e2c0::/29 maxlen: 29 2a11:e640::/29 maxlen: 29 2a11:e6c0::/29 maxlen: 29 2a11:e8c0::/29 maxlen: 29 2a11:eac0::/29 maxlen: 29 2a11:fa40::/29 maxlen: 29 2a11:fc40::/29 maxlen: 29 2a11:ff40::/29 maxlen: 29 2a12:580::/29 maxlen: 29 2a12:640::/29 maxlen: 29 2a12:900::/29 maxlen: 29 2a12:dc0::/29 maxlen: 29 2a12:e40::/29 maxlen: 29 2a12:e80::/29 maxlen: 29 2a12:11c0::/29 maxlen: 29 2a12:12c0::/29 maxlen: 29 2a12:1a80::/29 maxlen: 29 2a12:2800::/29 maxlen: 29 2a12:2b80::/29 maxlen: 29 2a12:2e80::/29 maxlen: 29 2a12:3c00::/29 maxlen: 29 2a12:6480::/29 maxlen: 29 2a12:8380::/29 maxlen: 29 2a12:8480::/29 maxlen: 29 2a12:8780::/29 maxlen: 29 2a12:8a00::/29 maxlen: 29 2a12:9200::/29 maxlen: 29 2a12:a500::/29 maxlen: 29 2a12:aa00::/29 maxlen: 29 2a12:af00::/29 maxlen: 29 2a12:b400::/29 maxlen: 29 2a12:b700::/29 maxlen: 29 2a12:bb00::/29 maxlen: 29 2a12:bc80::/29 maxlen: 29 2a12:c980::/29 maxlen: 29 2a12:cf80::/29 maxlen: 29 2a12:d080::/29 maxlen: 29 2a12:d200::/29 maxlen: 29 2a12:d800::/29 maxlen: 29 2a12:f980::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.mft rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 08:00:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:cb:a9:1a:3e:0c:ab:f7:a9:6c:a8:51:3e:59:fe:49:cf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c Validity Not Before: Nov 28 18:10:48 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=6e0677bd15fe245bf97c4f6a175c5463bb04484e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:37:19:cb:21:2a:b0:15:cf:ee:13:49:cc:e9: be:cf:83:4e:1e:c8:5d:72:27:d5:17:e7:66:a2:cb: e1:43:7f:ec:b0:2e:55:8a:5d:db:7a:27:0e:f6:94: 0f:8a:20:95:5c:60:59:44:d0:a0:0b:1d:6f:87:7c: eb:2b:8e:63:35:2d:11:08:6b:5f:1a:c7:59:fb:f0: 76:be:fc:4e:84:dc:27:ef:96:d6:ea:b6:b6:ef:a4: b6:6a:f8:47:5e:8c:f6:7d:c3:a7:2f:81:53:bd:f9: 06:42:ff:c4:2f:6d:96:e9:0c:2e:46:e7:93:2f:52: 2b:20:3e:35:11:fd:e3:7b:1c:db:1f:10:6c:2e:2f: ce:5c:3f:db:12:e3:a2:50:1e:53:c1:fe:7a:a5:ad: e5:55:fe:7d:da:8b:53:47:79:a9:b4:c8:ee:88:7a: b0:71:71:bf:a5:04:d3:a8:b0:ae:59:bd:83:ea:4d: 00:66:59:27:f6:52:38:62:5a:1c:b3:3e:46:ec:ef: 43:86:e1:74:bf:56:ef:b5:07:aa:23:dc:0f:7a:bc: b7:d4:af:3f:63:f8:f2:f1:b4:9e:bd:a3:04:82:c1: d8:c6:7e:85:3e:04:a3:c7:be:15:9c:71:45:0c:fe: ba:62:7f:ed:36:dc:08:ca:55:bd:11:51:67:c6:0b: 49:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6E:06:77:BD:15:FE:24:5B:F9:7C:4F:6A:17:5C:54:63:BB:04:48:4E X509v3 Authority Key Identifier: keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/bgZ3vRX-JFv5fE9qF1xUY7sESE4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0d:8cc0::/29 2a0d:ad40::/29 2a0d:b840::/29 2a0e:af40::/29 2a0e:e9c0::/29 2a0f:e180::/29 2a11:ec0::/29 2a11:17c0::/29 2a11:1c80::/29 2a11:2d00::/29 2a11:4540::/29 2a11:4f00::/29 2a11:64c0::/29 2a11:6b80::/29 2a11:77c0::/29 2a11:81c0::/29 2a11:86c0::/29 2a11:8740::/29 2a11:8980::/29 2a11:9040::/29 2a11:9580::/29 2a11:9640::/29 2a11:9f00::/29 2a11:a040::/29 2a11:a140::/29 2a11:b0c0::/29 2a11:b4c0::/29 2a11:b700::/29 2a11:bb00::/29 2a11:bbc0::/29 2a11:bdc0::/29 2a11:be40::/29 2a11:bf80::/29 2a11:c240::/29 2a11:c580::/29 2a11:c680::/29 2a11:cec0::/29 2a11:d340::/29 2a11:d880::/29 2a11:dac0::/29 2a11:df00::/29 2a11:e2c0::/29 2a11:e640::/29 2a11:e6c0::/29 2a11:e8c0::/29 2a11:eac0::/29 2a11:fa40::/29 2a11:fc40::/29 2a11:ff40::/29 2a12:580::/29 2a12:640::/29 2a12:900::/29 2a12:dc0::/29 2a12:e40::/29 2a12:e80::/29 2a12:11c0::/29 2a12:12c0::/29 2a12:1a80::/29 2a12:2800::/29 2a12:2b80::/29 2a12:2e80::/29 2a12:3c00::/29 2a12:6480::/29 2a12:8380::/29 2a12:8480::/29 2a12:8780::/29 2a12:8a00::/29 2a12:9200::/29 2a12:a500::/29 2a12:aa00::/29 2a12:af00::/29 2a12:b400::/29 2a12:b700::/29 2a12:bb00::/29 2a12:bc80::/29 2a12:c980::/29 2a12:cf80::/29 2a12:d080::/29 2a12:d200::/29 2a12:d800::/29 2a12:f980::/29 Signature Algorithm: sha256WithRSAEncryption 18:94:4a:a3:44:62:17:d1:16:24:ad:7b:c1:3f:cc:b6:6a:e8: 4e:c0:d3:e8:f2:df:91:52:97:f6:d4:7b:10:39:6e:6f:0a:31: 3e:7f:a9:90:1d:8b:8b:f9:16:8e:b7:71:b7:da:bf:97:a1:cc: 9f:f9:9c:70:e3:c3:61:e1:2a:66:de:b1:89:8d:a1:6e:8b:d9: 86:4d:18:f5:ac:c5:93:52:99:50:ec:d2:75:c9:36:ad:d4:13: 2c:de:9e:0e:db:3b:89:a0:2e:09:26:3f:0e:6b:54:37:2b:c2: 65:f7:d2:da:de:9d:f3:b5:7e:44:c8:9f:9f:60:ac:e1:82:02: f3:b9:23:8b:4f:b9:f2:31:58:a3:c8:3f:b5:f8:da:45:a5:8c: 5e:50:24:0d:05:0d:60:2b:49:bc:06:57:6b:a1:45:81:e7:a3: c0:b6:d1:bd:67:5e:c0:e3:23:1d:bd:6c:a2:2f:fe:d8:f0:86: 2f:cb:24:75:0e:26:e7:f3:a2:d4:24:be:a4:42:f9:65:70:12: 49:b7:c5:4d:fb:a0:80:cd:e8:1a:92:32:d4:70:b4:31:eb:e1: 34:91:6e:9d:5c:d0:59:4c:90:3d:17:1b:f2:7e:76:e1:da:1c: e3:9c:bf:7b:9d:da:bd:21:d3:3f:ca:67:46:22:ce:1e:7c:d3: 64:c0:f4:a0 -----BEGIN CERTIFICATE----- MIIHODCCBiCgAwIBAgISAZrLqRo+DKv3qWyoUT5Z/knPMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4 ZmNjNGMwHhcNMjUxMTI4MTgxMDQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2ZTA2NzdiZDE1ZmUyNDViZjk3YzRmNmExNzVjNTQ2M2JiMDQ0ODRlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyDcZyyEqsBXP7hNJzOm+z4NOHshd cifVF+dmosvhQ3/ssC5Vil3beicO9pQPiiCVXGBZRNCgCx1vh3zrK45jNS0RCGtf GsdZ+/B2vvxOhNwn75bW6ra276S2avhHXoz2fcOnL4FTvfkGQv/EL22W6QwuRueT L1IrID41Ef3jexzbHxBsLi/OXD/bEuOiUB5Twf56pa3lVf592otTR3mptMjuiHqw cXG/pQTTqLCuWb2D6k0AZlkn9lI4Ylocsz5G7O9DhuF0v1bvtQeqI9wPery31K8/ Y/jy8bSevaMEgsHYxn6FPgSjx74VnHFFDP66Yn/tNtwIylW9EVFnxgtJbQIDAQAB o4IERDCCBEAwHQYDVR0OBBYEFG4Gd70V/iRb+XxPahdcVGO7BEhOMB8GA1UdIwQY MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt MjM5ZDJmZTM5OGIxLzEvYmdaM3ZSWC1KRnY1ZkU5cUYxeFVZN3NFU0U0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIICWAYIKwYBBQUHAQcBAf8EggJHMIICQzCCAj8EAgACMIIC NwMFAyoNjMADBQMqDa1AAwUDKg24QAMFAyoOr0ADBQMqDunAAwUDKg/hgAMFAyoR DsADBQMqERfAAwUDKhEcgAMFAyoRLQADBQMqEUVAAwUDKhFPAAMFAyoRZMADBQMq EWuAAwUDKhF3wAMFAyoRgcADBQMqEYbAAwUDKhGHQAMFAyoRiYADBQMqEZBAAwUD KhGVgAMFAyoRlkADBQMqEZ8AAwUDKhGgQAMFAyoRoUADBQMqEbDAAwUDKhG0wAMF AyoRtwADBQMqEbsAAwUDKhG7wAMFAyoRvcADBQMqEb5AAwUDKhG/gAMFAyoRwkAD BQMqEcWAAwUDKhHGgAMFAyoRzsADBQMqEdNAAwUDKhHYgAMFAyoR2sADBQMqEd8A AwUDKhHiwAMFAyoR5kADBQMqEebAAwUDKhHowAMFAyoR6sADBQMqEfpAAwUDKhH8 QAMFAyoR/0ADBQMqEgWAAwUDKhIGQAMFAyoSCQADBQMqEg3AAwUDKhIOQAMFAyoS DoADBQMqEhHAAwUDKhISwAMFAyoSGoADBQMqEigAAwUDKhIrgAMFAyoSLoADBQMq EjwAAwUDKhJkgAMFAyoSg4ADBQMqEoSAAwUDKhKHgAMFAyoSigADBQMqEpIAAwUD KhKlAAMFAyoSqgADBQMqEq8AAwUDKhK0AAMFAyoStwADBQMqErsAAwUDKhK8gAMF AyoSyYADBQMqEs+AAwUDKhLQgAMFAyoS0gADBQMqEtgAAwUDKhL5gDANBgkqhkiG 9w0BAQsFAAOCAQEAGJRKo0RiF9EWJK17wT/MtmroTsDT6PLfkVKX9tR7EDlubwox Pn+pkB2Li/kWjrdxt9q/l6HMn/mccOPDYeEqZt6xiY2hbovZhk0Y9azFk1KZUOzS dck2rdQTLN6eDts7iaAuCSY/DmtUNyvCZffS2t6d87V+RMifn2Cs4YIC87kji0+5 8jFYo8g/tfjaRaWMXlAkDQUNYCtJvAZXa6FFgeejwLbRvWdewOMjHb1soi/+2PCG L8skdQ4m5/Oi1CS+pEL5ZXASSbfFTfuggM3oGpIy1HC0MevhNJFunVzQWUyQPRcb 8n524doc45y/e53avSHTP8pnRiLOHnzTZMD0oA== -----END CERTIFICATE-----Generated at Fri Dec 5 13:23:15 2025 by rpki-client