This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/bE94TCIYTfIl9kzaHRXzNiQoftE.roa File: bE94TCIYTfIl9kzaHRXzNiQoftE.roa (raw, json) Hash identifier: 4j0TvOQTsGRxrK5ktDw/14Kxmma5Wvzi7ywS8WE8N44= Subject key identifier: 6C:4F:78:4C:22:18:4D:F2:25:F6:4C:DA:1D:15:F3:36:24:28:7E:D1 Certificate issuer: /CN=21021b252222997bfe33b7e4b315ac8d5e067954 Certificate serial: 019B7E39285A6A6E64454D7499C73FEBC651 Authority key identifier: 21:02:1B:25:22:22:99:7B:FE:33:B7:E4:B3:15:AC:8D:5E:06:79:54 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/bE94TCIYTfIl9kzaHRXzNiQoftE.roa Signing time: Fri 02 Jan 2026 10:20:33 +0000 ROA not before: Fri 02 Jan 2026 10:20:33 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 205659 IP address blocks: 64.190.252.0/22 maxlen: 22 216.246.212.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.crl rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.mft rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 25 Jan 2026 14:14:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:39:28:5a:6a:6e:64:45:4d:74:99:c7:3f:eb:c6:51 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=21021b252222997bfe33b7e4b315ac8d5e067954 Validity Not Before: Jan 2 10:20:33 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=6c4f784c22184df225f64cda1d15f33624287ed1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:6e:95:fd:48:1a:ac:2d:20:7c:ce:09:94:d0: ef:18:50:fc:76:66:65:d4:f7:e6:ab:de:57:fb:13: 5e:a4:29:d1:4d:73:ca:2b:88:72:6e:2b:e2:08:69: 29:4b:94:12:d6:2e:8b:2f:ec:d9:60:51:9b:01:50: a0:1b:00:bf:a1:e6:65:1c:30:24:9c:d5:9f:ea:ba: 80:74:63:45:13:71:ac:d8:71:ae:df:5e:1c:c1:d5: 2c:5e:51:88:6f:5e:79:85:7f:f4:c6:9e:1f:cc:40: 30:f2:88:e3:04:92:74:a8:65:15:da:e4:b7:43:80: 61:f9:e6:52:4c:1e:4b:e2:8f:e1:65:fc:b1:a4:f5: 9c:93:bb:ac:60:bf:f1:31:f7:a4:f7:f0:3f:71:30: 5d:b5:82:d2:e6:b6:b2:ee:5b:50:17:6a:4c:70:30: d2:b5:c8:68:40:1b:bc:93:47:b2:99:95:2a:9c:72: 79:29:1d:47:38:57:7a:ea:49:e5:2c:2c:f9:ac:2e: 36:22:5e:6e:69:52:82:3c:36:bb:06:a2:c0:a3:76: 69:ce:0c:45:f6:1a:fe:df:b6:07:c6:59:07:98:96: e2:e6:66:b9:29:e7:14:8d:d1:d6:a1:21:8e:12:7d: 9f:b9:31:6a:41:d1:07:f3:27:88:bb:91:27:82:42: 38:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6C:4F:78:4C:22:18:4D:F2:25:F6:4C:DA:1D:15:F3:36:24:28:7E:D1 X509v3 Authority Key Identifier: keyid:21:02:1B:25:22:22:99:7B:FE:33:B7:E4:B3:15:AC:8D:5E:06:79:54 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/bE94TCIYTfIl9kzaHRXzNiQoftE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 64.190.252.0/22 216.246.212.0/22 Signature Algorithm: sha256WithRSAEncryption 4f:63:ee:39:64:f1:7f:d6:55:ac:2b:31:68:67:a6:20:cd:3d: b8:e1:c9:04:e2:31:7d:f1:b4:17:19:a0:d9:50:5d:eb:70:6f: 48:c7:5a:e5:bb:32:bc:39:36:2c:c8:19:67:ec:f8:44:b5:b2: c8:83:8c:04:7d:40:71:b3:0a:71:82:a7:ee:30:d0:a4:3d:a3: 21:8f:b9:ac:fe:45:90:07:06:b8:ab:1c:89:6d:b0:04:4a:f3: bf:f2:0b:b7:be:f1:c6:92:85:f5:08:37:21:24:c1:8b:f1:ed: e7:47:ca:35:32:58:c4:4d:17:94:c0:d9:4c:2b:03:f8:9e:09: f1:7c:10:9a:ff:55:3b:d9:1d:54:65:60:a4:ea:34:ca:c0:de: 1f:d0:61:79:4d:b2:18:0f:a8:9a:a3:4c:1f:d3:e3:ca:46:51: 4a:f0:be:c8:64:91:d7:4b:19:ee:7e:fc:d7:c9:ba:9c:3f:99: ca:04:78:60:6e:71:8b:bd:a4:c7:76:11:e6:61:4c:3f:ff:bf: f8:fa:13:63:01:a2:da:e8:7b:0d:06:a9:bd:d6:d7:39:22:79: 39:2e:08:56:a9:51:7e:47:27:c8:44:00:fb:d4:85:57:72:0e: bc:34:9f:89:bf:33:f9:b5:c4:cf:5a:b5:77:79:01:8c:0c:36: bf:8d:7e:6d -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt+OShaam5kRU10mcc/68ZRMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIxMDIxYjI1MjIyMjk5N2JmZTMzYjdlNGIzMTVhYzhkNWUw Njc5NTQwHhcNMjYwMTAyMTAyMDMzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2YzRmNzg0YzIyMTg0ZGYyMjVmNjRjZGExZDE1ZjMzNjI0Mjg3ZWQxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAym6V/UgarC0gfM4JlNDvGFD8dmZl 1Pfmq95X+xNepCnRTXPKK4hybiviCGkpS5QS1i6LL+zZYFGbAVCgGwC/oeZlHDAk nNWf6rqAdGNFE3Gs2HGu314cwdUsXlGIb155hX/0xp4fzEAw8ojjBJJ0qGUV2uS3 Q4Bh+eZSTB5L4o/hZfyxpPWck7usYL/xMfek9/A/cTBdtYLS5ray7ltQF2pMcDDS tchoQBu8k0eymZUqnHJ5KR1HOFd66knlLCz5rC42Il5uaVKCPDa7BqLAo3ZpzgxF 9hr+37YHxlkHmJbi5ma5KecUjdHWoSGOEn2fuTFqQdEH8yeIu5EngkI4wQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFGxPeEwiGE3yJfZM2h0V8zYkKH7RMB8GA1UdIwQY MBaAFCECGyUiIpl7/jO35LMVrI1eBnlUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSVFJYkpTSWltWHYtTTdma3N4V3NqVjRHZVZRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC81OTI5NGMtMGYyNC00MGM1LWI1YzMt NmVhYzYyZTYwZGY3LzEvYkU5NFRDSVlUZklsOWt6YUhSWHpOaVFvZnRFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81ZC81OTI5NGMtMGYyNC00MGM1LWI1YzMtNmVhYzYyZTYwZGY3 LzEvSVFJYkpTSWltWHYtTTdma3N4V3NqVjRHZVZRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCQL78AwQC 2PbUMA0GCSqGSIb3DQEBCwUAA4IBAQBPY+45ZPF/1lWsKzFoZ6YgzT244ckE4jF9 8bQXGaDZUF3rcG9Ix1rluzK8OTYsyBln7PhEtbLIg4wEfUBxswpxgqfuMNCkPaMh j7ms/kWQBwa4qxyJbbAESvO/8gu3vvHGkoX1CDchJMGL8e3nR8o1MljETReUwNlM KwP4ngnxfBCa/1U72R1UZWCk6jTKwN4f0GF5TbIYD6iao0wf0+PKRlFK8L7IZJHX SxnufvzXybqcP5nKBHhgbnGLvaTHdhHmYUw//7/4+hNjAaLa6HsNBqm91tc5Ink5 LghWqVF+RyfIRAD71IVXcg68NJ+JvzP5tcTPWrV3eQGMDDa/jX5t -----END CERTIFICATE-----Generated at Sun Jan 25 00:18:40 2026 by rpki-client