This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/Bn04BFcMPFN1TqHi3csM-ALPIfs.roa File: Bn04BFcMPFN1TqHi3csM-ALPIfs.roa (raw, json) Hash identifier: +INhzeZUw2CmtEj9Af/bdJ+8Ap6m7pDf8RJiS9DpoYM= Subject key identifier: 06:7D:38:04:57:0C:3C:53:75:4E:A1:E2:DD:CB:0C:F8:02:CF:21:FB Certificate issuer: /CN=37949ac84d0b86910f4fd3cf5962927d83450aeb Certificate serial: 019B7E39001FC86F17285180BE6C8C384EBA Authority key identifier: 37:94:9A:C8:4D:0B:86:91:0F:4F:D3:CF:59:62:92:7D:83:45:0A:EB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N5SayE0LhpEPT9PPWWKSfYNFCus.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/Bn04BFcMPFN1TqHi3csM-ALPIfs.roa Signing time: Fri 02 Jan 2026 10:20:23 +0000 ROA not before: Fri 02 Jan 2026 10:20:23 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 203 IP address blocks: 91.205.116.0/22 maxlen: 24 109.234.0.0/21 maxlen: 24 185.148.224.0/22 maxlen: 24 193.242.174.0/23 maxlen: 24 2a07:6200:1::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/N5SayE0LhpEPT9PPWWKSfYNFCus.crl rsync://rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/N5SayE0LhpEPT9PPWWKSfYNFCus.mft rsync://rpki.ripe.net/repository/DEFAULT/N5SayE0LhpEPT9PPWWKSfYNFCus.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 23 Jan 2026 00:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:39:00:1f:c8:6f:17:28:51:80:be:6c:8c:38:4e:ba Signature Algorithm: sha256WithRSAEncryption Issuer: CN=37949ac84d0b86910f4fd3cf5962927d83450aeb Validity Not Before: Jan 2 10:20:23 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=067d3804570c3c53754ea1e2ddcb0cf802cf21fb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:b4:b1:3f:61:11:88:40:68:8b:5c:f8:2c:41: 5c:88:a9:5a:36:96:d7:21:29:32:ef:d7:10:bd:32: ab:8c:e8:9f:c1:01:15:a8:e7:83:da:db:87:29:5a: 7a:83:fc:ca:1d:2d:a8:57:b3:27:da:30:43:83:c2: 18:19:35:3f:e1:17:4f:04:6d:7e:55:b0:a4:ff:d9: 03:26:7e:a9:2d:ef:43:40:17:81:a0:07:21:ff:f8: 99:df:94:b3:3e:9d:d6:72:51:ee:ae:bf:2b:22:af: c2:be:5d:cd:cf:43:7e:3a:f0:bb:28:be:22:b1:d1: 4c:cc:85:3c:b1:c3:39:63:81:fa:9c:f5:4b:18:fe: 86:a2:8a:f1:a7:ba:10:2e:4f:4a:e8:40:49:bc:98: be:69:3c:7e:ef:c8:f7:30:38:4e:4f:8c:fc:56:96: d7:b7:2f:11:f2:3f:e3:68:22:d0:6a:30:e2:fd:ef: e9:14:cc:30:7d:50:03:cc:a6:c7:73:b7:6b:a3:c3: c1:38:d1:d6:56:1b:e7:b9:a5:45:04:32:bd:1c:5c: 35:f8:b9:c3:d9:2f:0a:6a:73:02:d9:6e:5f:b9:f9: e9:cf:d8:ac:ff:56:24:e8:14:d0:9f:b7:20:76:28: 19:85:d1:4e:49:f4:64:68:11:0c:aa:7a:6c:ac:85: 3f:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 06:7D:38:04:57:0C:3C:53:75:4E:A1:E2:DD:CB:0C:F8:02:CF:21:FB X509v3 Authority Key Identifier: keyid:37:94:9A:C8:4D:0B:86:91:0F:4F:D3:CF:59:62:92:7D:83:45:0A:EB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N5SayE0LhpEPT9PPWWKSfYNFCus.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/Bn04BFcMPFN1TqHi3csM-ALPIfs.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/N5SayE0LhpEPT9PPWWKSfYNFCus.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.205.116.0/22 109.234.0.0/21 185.148.224.0/22 193.242.174.0/23 IPv6: 2a07:6200:1::/48 Signature Algorithm: sha256WithRSAEncryption 82:4e:92:6f:d7:84:a8:16:5a:59:ac:2e:74:f5:dd:d1:63:70: 1b:a4:14:91:e4:f5:7c:27:7e:86:b5:da:2b:44:9c:8a:8d:f0: ca:fa:c2:12:42:83:e8:4f:cc:ee:a1:2d:c7:f5:a8:99:27:cc: 83:37:f1:6a:31:d3:2b:e1:da:4b:ad:47:5f:63:9e:1b:b0:15: d7:9c:c1:f3:f6:6c:a8:bc:fc:f6:f8:3e:03:d9:55:a7:eb:e7: c7:31:4c:37:a6:81:2c:0f:9d:64:e0:11:f1:b5:b2:85:fa:53: ff:90:b7:b7:bf:41:9a:e0:05:d4:ae:c8:19:64:3c:2f:f3:2c: 08:47:d6:d5:9e:b0:7a:6b:88:58:42:46:e7:8c:cf:f5:b3:f2: 59:6a:c4:13:35:d5:2d:eb:bf:31:57:57:e4:ee:1e:82:68:26: ef:e1:fc:c7:be:6c:54:5c:29:2f:36:d3:c5:b5:14:61:72:76: ad:94:cc:41:26:d0:b8:b2:d2:7c:9f:f1:4a:4e:02:2f:7f:fc: 46:da:3c:3b:89:d8:bc:6f:5a:6c:f8:17:87:94:06:2b:05:1b: 7a:55:48:a3:46:7e:92:17:d6:c7:4b:de:46:3c:0d:0a:4b:e3: 36:d8:f0:d2:d1:fe:5e:f6:05:7d:9c:5e:bd:70:d2:8b:e6:59: ab:76:85:bb -----BEGIN CERTIFICATE----- MIIFIDCCBAigAwIBAgISAZt+OQAfyG8XKFGAvmyMOE66MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM3OTQ5YWM4NGQwYjg2OTEwZjRmZDNjZjU5NjI5MjdkODM0 NTBhZWIwHhcNMjYwMTAyMTAyMDIzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwNjdkMzgwNDU3MGMzYzUzNzU0ZWExZTJkZGNiMGNmODAyY2YyMWZiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwrSxP2ERiEBoi1z4LEFciKlaNpbX ISky79cQvTKrjOifwQEVqOeD2tuHKVp6g/zKHS2oV7Mn2jBDg8IYGTU/4RdPBG1+ VbCk/9kDJn6pLe9DQBeBoAch//iZ35SzPp3WclHurr8rIq/Cvl3Nz0N+OvC7KL4i sdFMzIU8scM5Y4H6nPVLGP6Goorxp7oQLk9K6EBJvJi+aTx+78j3MDhOT4z8VpbX ty8R8j/jaCLQajDi/e/pFMwwfVADzKbHc7dro8PBONHWVhvnuaVFBDK9HFw1+LnD 2S8KanMC2W5fufnpz9is/1Yk6BTQn7cgdigZhdFOSfRkaBEMqnpsrIU/zQIDAQAB o4ICLDCCAigwHQYDVR0OBBYEFAZ9OARXDDxTdU6h4t3LDPgCzyH7MB8GA1UdIwQY MBaAFDeUmshNC4aRD0/Tz1likn2DRQrrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTjVTYXlFMExocEVQVDlQUFdXS1NmWU5GQ3VzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9jMjhlYTQtMDU5Yy00OWRkLTkyNzgt YTRkYjM5NmM4OTg3LzEvQm4wNEJGY01QRk4xVHFIaTNjc00tQUxQSWZzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82NC9jMjhlYTQtMDU5Yy00OWRkLTkyNzgtYTRkYjM5NmM4OTg3 LzEvTjVTYXlFMExocEVQVDlQUFdXS1NmWU5GQ3VzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAeBAIAATAYAwQCW810AwQD beoAAwQCuZTgAwQBwfKuMA8EAgACMAkDBwAqB2IAAAEwDQYJKoZIhvcNAQELBQAD ggEBAIJOkm/XhKgWWlmsLnT13dFjcBukFJHk9Xwnfoa12itEnIqN8Mr6whJCg+hP zO6hLcf1qJknzIM38Wox0yvh2kutR19jnhuwFdecwfP2bKi8/Pb4PgPZVafr58cx TDemgSwPnWTgEfG1soX6U/+Qt7e/QZrgBdSuyBlkPC/zLAhH1tWesHpriFhCRueM z/Wz8llqxBM11S3rvzFXV+TuHoJoJu/h/Me+bFRcKS8208W1FGFydq2UzEEm0Liy 0nyf8UpOAi9//EbaPDuJ2LxvWmz4F4eUBisFG3pVSKNGfpIX1sdL3kY8DQpL4zbY 8NLR/l72BX2cXr1w0ovmWat2hbs= -----END CERTIFICATE-----Generated at Thu Jan 22 09:48:35 2026 by rpki-client