This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/bsx4FJoKXOBGtYfRQPeaP9fokuA.roa File: bsx4FJoKXOBGtYfRQPeaP9fokuA.roa (raw, json) Hash identifier: q36gfKZfIIkmCBj7MHa3B98hJW+E9SLJkVHBSknoDJo= Subject key identifier: 6E:CC:78:14:9A:0A:5C:E0:46:B5:87:D1:40:F7:9A:3F:D7:E8:92:E0 Certificate issuer: /CN=b72945f57103153a07854e74e227f2aec1c5f430 Certificate serial: 019B7FF196C0588B2E2A4CB5C22DB448CA21 Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/bsx4FJoKXOBGtYfRQPeaP9fokuA.roa Signing time: Fri 02 Jan 2026 18:21:37 +0000 ROA not before: Fri 02 Jan 2026 18:21:37 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 204104 IP address blocks: 46.38.138.0/24 maxlen: 24 46.38.143.0/24 maxlen: 24 109.94.164.0/24 maxlen: 24 212.80.8.0/24 maxlen: 24 212.80.9.0/24 maxlen: 24 212.80.10.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.mft rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 21 Jan 2026 23:01:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:f1:96:c0:58:8b:2e:2a:4c:b5:c2:2d:b4:48:ca:21 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430 Validity Not Before: Jan 2 18:21:37 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=6ecc78149a0a5ce046b587d140f79a3fd7e892e0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:53:d1:76:9c:14:36:af:83:4f:4e:7e:72:5b: 6e:7e:17:5b:58:d4:f6:be:0c:19:43:d8:44:40:7f: 2d:4e:49:a4:dd:2d:1a:a6:fc:4f:ea:bc:b4:80:a5: 7d:4e:59:70:8b:77:02:50:07:2b:4e:4f:fc:9c:14: d7:bb:2e:8e:14:5d:a6:ed:6e:c1:37:35:64:29:e6: 82:7c:19:2d:d0:96:02:28:c6:e7:82:b9:41:2c:9d: ad:32:be:46:ed:a4:98:6a:1e:34:e7:86:fb:81:2e: ae:a5:a2:b6:85:c8:fd:54:6a:0a:63:86:11:30:fc: 62:1c:c6:f4:ed:ee:98:b8:df:f2:9c:d2:36:f1:d8: 37:8f:4a:cc:af:3b:df:03:26:80:14:98:f3:90:6f: cd:61:94:d0:0a:e7:a4:ff:1a:eb:0b:cd:a3:da:19: 89:1b:a9:72:20:2e:be:59:39:cb:83:b9:86:9f:07: d0:92:d2:1f:98:a7:f0:9f:d3:36:3e:ba:90:f3:67: 6c:ac:2e:a9:11:74:a4:b4:d0:12:95:5d:a0:86:5d: 21:53:2e:eb:e5:e2:15:ac:5e:7f:f3:24:47:72:a7: 57:ee:9d:67:70:81:ef:10:79:9b:0c:d3:d8:5d:e8: 85:63:73:a0:43:57:cc:b1:05:f6:72:6f:c9:c0:4e: 48:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6E:CC:78:14:9A:0A:5C:E0:46:B5:87:D1:40:F7:9A:3F:D7:E8:92:E0 X509v3 Authority Key Identifier: keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/bsx4FJoKXOBGtYfRQPeaP9fokuA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 46.38.138.0/24 46.38.143.0/24 109.94.164.0/24 212.80.8.0-212.80.10.255 Signature Algorithm: sha256WithRSAEncryption 70:27:73:59:c4:4e:7f:07:f4:e7:05:1c:fd:7f:f4:77:6c:05: 76:0b:3f:f4:d0:c6:7c:b4:79:b1:c9:fa:b2:66:a3:df:9e:8d: 25:7d:a8:1b:cb:63:2f:4f:a3:a9:c7:b7:fd:32:fb:e2:6d:71: 80:ec:89:6d:56:63:b7:74:46:2a:88:b7:72:e0:ba:24:75:ee: 24:f6:17:89:d9:9a:39:66:6c:4c:e1:03:07:14:7a:e0:d6:bd: af:f0:11:19:a9:13:2a:c0:d4:53:3d:e1:6d:96:49:2e:89:fe: fa:33:03:7e:4c:e2:90:fc:fa:5c:73:1c:2c:70:1a:f0:ea:cc: 95:6b:33:bf:6f:58:8f:89:d9:bc:82:7c:1c:e5:58:38:3f:89: 53:6d:68:42:3c:94:8e:3d:1e:dc:1e:67:0f:e7:a5:36:cf:9e: 53:37:d4:8f:17:f8:59:a2:e9:1f:a5:e1:60:ba:60:67:96:d3: 9f:e9:f2:13:c4:9c:04:6a:f8:1c:4c:40:78:6b:0b:d4:1e:90: 49:20:0a:e5:eb:d6:76:8d:57:aa:77:b1:ac:da:57:39:51:dd: ca:82:0e:71:ed:03:21:5c:80:eb:3c:b1:5d:f5:e6:cf:1f:3d: 43:c8:44:49:47:46:1b:f1:f0:9d:09:a7:a2:ac:d1:2a:b2:d6: 1d:02:23:0b -----BEGIN CERTIFICATE----- MIIFFzCCA/+gAwIBAgISAZt/8ZbAWIsuKky1wi20SMohMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI3Mjk0NWY1NzEwMzE1M2EwNzg1NGU3NGUyMjdmMmFlYzFj NWY0MzAwHhcNMjYwMTAyMTgyMTM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2ZWNjNzgxNDlhMGE1Y2UwNDZiNTg3ZDE0MGY3OWEzZmQ3ZTg5MmUwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1VPRdpwUNq+DT05+cltufhdbWNT2 vgwZQ9hEQH8tTkmk3S0apvxP6ry0gKV9Tllwi3cCUAcrTk/8nBTXuy6OFF2m7W7B NzVkKeaCfBkt0JYCKMbngrlBLJ2tMr5G7aSYah4054b7gS6upaK2hcj9VGoKY4YR MPxiHMb07e6YuN/ynNI28dg3j0rMrzvfAyaAFJjzkG/NYZTQCuek/xrrC82j2hmJ G6lyIC6+WTnLg7mGnwfQktIfmKfwn9M2PrqQ82dsrC6pEXSktNASlV2ghl0hUy7r 5eIVrF5/8yRHcqdX7p1ncIHvEHmbDNPYXeiFY3OgQ1fMsQX2cm/JwE5I7wIDAQAB o4ICIzCCAh8wHQYDVR0OBBYEFG7MeBSaClzgRrWH0UD3mj/X6JLgMB8GA1UdIwQY MBaAFLcpRfVxAxU6B4VOdOIn8q7BxfQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEt MmEwOWNjNTNhODA1LzEvYnN4NEZKb0tYT0JHdFlmUlFQZWFQOWZva3VBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEtMmEwOWNjNTNhODA1 LzEvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQALiaKAwQA LiaPAwQAbV6kMAwDBAPUUAgDBADUUAowDQYJKoZIhvcNAQELBQADggEBAHAnc1nE Tn8H9OcFHP1/9HdsBXYLP/TQxny0ebHJ+rJmo9+ejSV9qBvLYy9Po6nHt/0y++Jt cYDsiW1WY7d0RiqIt3LguiR17iT2F4nZmjlmbEzhAwcUeuDWva/wERmpEyrA1FM9 4W2WSS6J/vozA35M4pD8+lxzHCxwGvDqzJVrM79vWI+J2byCfBzlWDg/iVNtaEI8 lI49HtweZw/npTbPnlM31I8X+Fmi6R+l4WC6YGeW05/p8hPEnARq+BxMQHhrC9Qe kEkgCuXr1naNV6p3sazaVzlR3cqCDnHtAyFcgOs8sV315s8fPUPIRElHRhvx8J0J p6Ks0Sqy1h0CIws= -----END CERTIFICATE-----Generated at Wed Jan 21 04:03:08 2026 by rpki-client