This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/7a0151-ce20-48e6-9053-333a384d417d/1/BNM6KeFql-Ydq8vGXlt0w78-LM4.roa File: BNM6KeFql-Ydq8vGXlt0w78-LM4.roa (raw, json) Hash identifier: oiMAtbZ/3lDs7unsOpMUR0rJkCLWv1SgFkYJBCnCeLQ= Subject key identifier: 04:D3:3A:29:E1:6A:97:E6:1D:AB:CB:C6:5E:5B:74:C3:BF:3E:2C:CE Certificate issuer: /CN=0384e88fb79a3776cb0583e2b67a0bec6dfc68b8 Certificate serial: 019B8EBE0E559C90CDC87DDBFCAC7E471C71 Authority key identifier: 03:84:E8:8F:B7:9A:37:76:CB:05:83:E2:B6:7A:0B:EC:6D:FC:68:B8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A4Toj7eaN3bLBYPitnoL7G38aLg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/7a0151-ce20-48e6-9053-333a384d417d/1/BNM6KeFql-Ydq8vGXlt0w78-LM4.roa Signing time: Mon 05 Jan 2026 15:19:38 +0000 ROA not before: Mon 05 Jan 2026 15:19:38 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 44486 IP address blocks: 176.118.193.0/24 maxlen: 24 185.53.249.0/24 maxlen: 24 185.115.205.0/24 maxlen: 24 185.239.175.0/24 maxlen: 24 192.35.206.0/24 maxlen: 24 198.135.220.0/24 maxlen: 24 212.11.93.0/24 maxlen: 24 212.104.211.0/24 maxlen: 24 2a0c:a300::/29 maxlen: 29 2a12:ea80::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/69/7a0151-ce20-48e6-9053-333a384d417d/1/A4Toj7eaN3bLBYPitnoL7G38aLg.crl rsync://rpki.ripe.net/repository/DEFAULT/69/7a0151-ce20-48e6-9053-333a384d417d/1/A4Toj7eaN3bLBYPitnoL7G38aLg.mft rsync://rpki.ripe.net/repository/DEFAULT/A4Toj7eaN3bLBYPitnoL7G38aLg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 19 Jan 2026 00:00:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:8e:be:0e:55:9c:90:cd:c8:7d:db:fc:ac:7e:47:1c:71 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0384e88fb79a3776cb0583e2b67a0bec6dfc68b8 Validity Not Before: Jan 5 15:19:38 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=04d33a29e16a97e61dabcbc65e5b74c3bf3e2cce Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:3b:c8:4a:6c:f1:9b:81:cb:16:f3:31:6c:ec: 45:40:80:a5:7f:31:bd:ec:74:2f:1d:aa:07:dc:bf: a0:ae:d3:8f:63:ab:6f:57:6f:dd:c0:36:45:d9:57: f0:b1:f3:f5:e0:12:64:50:66:d1:17:9b:2f:1d:81: 7a:25:8d:72:f5:44:96:b7:af:74:9f:e1:06:c8:11: 35:c9:f6:6e:4c:6f:a8:d3:8a:a4:44:90:06:8c:76: 1f:1e:7b:18:71:f4:bd:b3:83:4b:6f:db:cd:ff:85: 0c:8a:97:b6:2e:cf:97:74:dd:7b:16:fc:c9:22:d6: ba:6f:c8:f4:05:1a:c1:05:47:e6:53:5b:39:00:70: 55:04:ac:7b:97:ae:b5:07:2b:41:7b:18:54:fc:91: d2:ce:86:ef:ac:0c:4e:72:f7:d5:76:89:01:0c:9c: 67:f0:bf:1e:b3:96:0f:7a:03:51:9c:61:61:e1:80: 8a:af:b7:21:e4:78:ff:ed:e4:1c:26:c2:8c:29:30: b3:93:a9:cd:68:52:0f:b3:80:f2:e7:b8:fd:e6:2b: 7b:42:d6:93:1c:6f:67:c5:37:f2:8f:d7:d9:95:90: 20:c5:22:19:fd:66:7a:57:50:4a:59:1c:d6:3e:0a: 3d:7a:bd:4c:53:61:30:c7:0f:52:da:f2:86:f5:8f: f0:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 04:D3:3A:29:E1:6A:97:E6:1D:AB:CB:C6:5E:5B:74:C3:BF:3E:2C:CE X509v3 Authority Key Identifier: keyid:03:84:E8:8F:B7:9A:37:76:CB:05:83:E2:B6:7A:0B:EC:6D:FC:68:B8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A4Toj7eaN3bLBYPitnoL7G38aLg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/7a0151-ce20-48e6-9053-333a384d417d/1/BNM6KeFql-Ydq8vGXlt0w78-LM4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/69/7a0151-ce20-48e6-9053-333a384d417d/1/A4Toj7eaN3bLBYPitnoL7G38aLg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 176.118.193.0/24 185.53.249.0/24 185.115.205.0/24 185.239.175.0/24 192.35.206.0/24 198.135.220.0/24 212.11.93.0/24 212.104.211.0/24 IPv6: 2a0c:a300::/29 2a12:ea80::/29 Signature Algorithm: sha256WithRSAEncryption 74:72:45:0d:4e:67:1f:07:82:bc:59:34:1d:dd:bf:79:03:14: 29:7f:1e:4b:3b:25:c6:46:fd:69:ca:fe:ab:c4:6a:df:a5:85: d2:42:de:61:ae:7d:dd:8f:b1:64:29:54:02:29:1a:d0:77:98: 87:a9:d1:2e:3a:3b:a2:a4:19:1b:03:0b:69:e6:df:b1:7f:8b: 3f:b2:70:a2:15:82:14:aa:17:4f:95:75:8d:07:61:aa:94:26: ca:1c:28:90:02:11:4c:88:ae:b1:f9:88:27:25:10:6b:e3:13: 04:4f:0b:0d:c1:49:c5:f2:3f:03:e9:b4:9a:c3:40:fe:59:ca: 14:17:5f:ee:a1:17:cd:30:c3:4b:91:1f:1c:40:55:d6:4e:65: 48:e5:84:4a:ef:05:a2:86:37:3c:7e:d5:2e:bf:86:c1:9b:2e: 12:93:04:e7:76:a4:f1:96:42:73:65:c7:61:4b:d8:d3:93:2c: 66:c0:02:8b:c3:ee:77:06:b7:54:a4:c4:8e:b3:dd:97:8a:d3: ec:32:43:da:74:7d:3a:b8:0e:6c:90:0c:0c:ed:31:98:d7:48: ec:62:1e:23:28:fe:38:42:8f:d4:9c:e1:93:c4:91:f9:1b:b1: 7b:f2:a0:94:17:1c:c4:19:28:9d:ce:f6:84:19:85:7c:e4:89: 12:1b:61:c4 -----BEGIN CERTIFICATE----- MIIFPTCCBCWgAwIBAgISAZuOvg5VnJDNyH3b/Kx+RxxxMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDAzODRlODhmYjc5YTM3NzZjYjA1ODNlMmI2N2EwYmVjNmRm YzY4YjgwHhcNMjYwMTA1MTUxOTM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwNGQzM2EyOWUxNmE5N2U2MWRhYmNiYzY1ZTViNzRjM2JmM2UyY2NlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsjvISmzxm4HLFvMxbOxFQIClfzG9 7HQvHaoH3L+grtOPY6tvV2/dwDZF2VfwsfP14BJkUGbRF5svHYF6JY1y9USWt690 n+EGyBE1yfZuTG+o04qkRJAGjHYfHnsYcfS9s4NLb9vN/4UMipe2Ls+XdN17FvzJ Ita6b8j0BRrBBUfmU1s5AHBVBKx7l661BytBexhU/JHSzobvrAxOcvfVdokBDJxn 8L8es5YPegNRnGFh4YCKr7ch5Hj/7eQcJsKMKTCzk6nNaFIPs4Dy57j95it7QtaT HG9nxTfyj9fZlZAgxSIZ/WZ6V1BKWRzWPgo9er1MU2Ewxw9S2vKG9Y/wFQIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFATTOinhapfmHavLxl5bdMO/PizOMB8GA1UdIwQY MBaAFAOE6I+3mjd2ywWD4rZ6C+xt/Gi4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQTRUb2o3ZWFOM2JMQllQaXRub0w3RzM4YUxnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS83YTAxNTEtY2UyMC00OGU2LTkwNTMt MzMzYTM4NGQ0MTdkLzEvQk5NNktlRnFsLVlkcTh2R1hsdDB3NzgtTE00LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82OS83YTAxNTEtY2UyMC00OGU2LTkwNTMtMzMzYTM4NGQ0MTdk LzEvQTRUb2o3ZWFOM2JMQllQaXRub0w3RzM4YUxnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjA2BAIAATAwAwQAsHbBAwQA uTX5AwQAuXPNAwQAue+vAwQAwCPOAwQAxofcAwQA1AtdAwQA1GjTMBQEAgACMA4D BQMqDKMAAwUDKhLqgDANBgkqhkiG9w0BAQsFAAOCAQEAdHJFDU5nHweCvFk0Hd2/ eQMUKX8eSzslxkb9acr+q8Rq36WF0kLeYa593Y+xZClUAika0HeYh6nRLjo7oqQZ GwMLaebfsX+LP7JwohWCFKoXT5V1jQdhqpQmyhwokAIRTIiusfmIJyUQa+MTBE8L DcFJxfI/A+m0msNA/lnKFBdf7qEXzTDDS5EfHEBV1k5lSOWESu8FooY3PH7VLr+G wZsuEpME53ak8ZZCc2XHYUvY05MsZsACi8Pudwa3VKTEjrPdl4rT7DJD2nR9OrgO bJAMDO0xmNdI7GIeIyj+OEKP1Jzhk8SR+Ruxe/KglBccxBkonc72hBmFfOSJEhth xA== -----END CERTIFICATE-----Generated at Sun Jan 18 08:35:26 2026 by rpki-client