This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/BeXnz09kWcwPcNj0hUt3HA1NQCg.roa File: BeXnz09kWcwPcNj0hUt3HA1NQCg.roa (raw, json) Hash identifier: +ok6xa/J0EM3VBgEYncDg/okmuih9jpYMgdds9/TV5I= Subject key identifier: 05:E5:E7:CF:4F:64:59:CC:0F:70:D8:F4:85:4B:77:1C:0D:4D:40:28 Certificate issuer: /CN=3af09ba33b5ae581b0d29323249314f76aa10511 Certificate serial: 019B7C80027DEB209C757E9F84F49FD62F88 Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/BeXnz09kWcwPcNj0hUt3HA1NQCg.roa Signing time: Fri 02 Jan 2026 02:18:42 +0000 ROA not before: Fri 02 Jan 2026 02:18:42 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 4755 IP address blocks: 81.255.178.0/24 maxlen: 24 90.115.208.0/24 maxlen: 24 90.115.209.0/24 maxlen: 24 194.2.56.0/24 maxlen: 24 194.2.57.0/24 maxlen: 24 194.2.86.0/24 maxlen: 24 194.3.4.0/24 maxlen: 24 194.250.98.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.mft rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 18:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:80:02:7d:eb:20:9c:75:7e:9f:84:f4:9f:d6:2f:88 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511 Validity Not Before: Jan 2 02:18:42 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=05e5e7cf4f6459cc0f70d8f4854b771c0d4d4028 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:4c:05:d2:f3:9d:d5:fd:d5:32:3d:13:ba:5d: 94:cf:c1:93:a1:5b:17:72:04:dc:92:7d:af:59:a2: 28:d0:6a:f6:ff:2f:a7:a2:64:bb:6e:74:de:66:e9: ee:71:87:20:32:d7:92:5c:9e:57:50:5c:e8:55:ee: e1:bc:65:83:a8:9a:cb:28:9f:a1:88:fb:42:bb:a6: 69:1d:00:3e:93:39:f3:c2:8d:0c:ca:b0:92:3c:fe: 26:72:8b:0f:8e:ca:03:13:28:85:ac:a2:ae:38:a1: ea:d0:a3:06:d2:23:f0:f7:c2:5e:b0:5a:bd:a4:ce: fb:81:ac:d3:2a:3d:56:6a:f3:3d:55:e7:be:cd:e5: 7e:09:e8:ab:18:93:cc:64:06:e1:3c:fb:c7:02:32: bf:64:7f:9c:0f:bb:10:d2:c3:b9:07:d4:e5:7e:33: 0d:0e:76:83:71:64:aa:f8:e3:a4:4c:0f:7f:71:81: 90:7f:a4:ae:c3:42:72:55:68:03:0c:df:45:aa:a4: 05:9e:64:dd:8f:46:69:19:3a:3e:bb:e7:bf:b2:cb: 20:8b:a3:09:bb:9a:0a:82:ff:e9:cc:53:17:50:f0: 5c:79:c8:95:22:d0:b9:36:97:b0:fa:61:63:5d:41: 5f:02:26:a3:26:76:37:11:a6:df:c3:14:92:4f:db: 62:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 05:E5:E7:CF:4F:64:59:CC:0F:70:D8:F4:85:4B:77:1C:0D:4D:40:28 X509v3 Authority Key Identifier: keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/BeXnz09kWcwPcNj0hUt3HA1NQCg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 81.255.178.0/24 90.115.208.0/23 194.2.56.0/23 194.2.86.0/24 194.3.4.0/24 194.250.98.0/24 Signature Algorithm: sha256WithRSAEncryption 2b:d5:59:a4:f0:aa:7e:a3:de:8f:0a:f6:1b:dd:2c:c5:f8:40: 95:68:49:ad:17:8f:fd:20:86:f1:6b:98:08:99:58:33:46:ce: 43:0d:68:81:83:84:78:5d:b2:fa:8b:a4:85:b4:46:e3:0b:18: 14:fb:4f:1a:7c:e6:59:11:25:e1:74:60:10:6a:b8:c5:9b:d1: 3a:57:73:4b:b4:61:98:e1:8c:a3:b5:20:f4:6e:d1:82:b9:cb: c7:c5:c5:d2:d5:ec:d0:ef:81:b3:7e:9b:0f:2e:83:6d:92:81: fa:41:ef:48:44:8a:e8:2a:bd:77:ce:75:b4:79:bb:c8:b3:b2: 3d:11:56:ad:0e:65:77:59:76:a9:3d:16:66:f1:91:63:7a:5b: bd:ca:58:fb:52:bd:61:46:5c:83:09:e9:89:9f:1f:4c:9e:cc: 99:22:86:6a:d9:4c:8b:5b:02:00:36:2a:de:d5:13:ab:90:e6: 99:e9:28:39:6a:ba:a1:f1:0d:5c:92:0d:b9:05:81:8c:7d:48: bf:52:59:e4:7c:67:dc:9d:1a:65:fd:bd:07:61:cd:6c:f9:ae: b9:ff:73:7a:1d:51:30:05:99:94:b5:5b:ad:06:79:ee:45:d6: bb:c7:f4:33:ac:64:c3:02:d3:4d:40:11:87:ba:03:13:65:7e: c0:21:be:bf -----BEGIN CERTIFICATE----- MIIFGzCCBAOgAwIBAgISAZt8gAJ96yCcdX6fhPSf1i+IMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNhZjA5YmEzM2I1YWU1ODFiMGQyOTMyMzI0OTMxNGY3NmFh MTA1MTEwHhcNMjYwMTAyMDIxODQyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwNWU1ZTdjZjRmNjQ1OWNjMGY3MGQ4ZjQ4NTRiNzcxYzBkNGQ0MDI4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArkwF0vOd1f3VMj0Tul2Uz8GToVsX cgTckn2vWaIo0Gr2/y+nomS7bnTeZunucYcgMteSXJ5XUFzoVe7hvGWDqJrLKJ+h iPtCu6ZpHQA+kznzwo0MyrCSPP4mcosPjsoDEyiFrKKuOKHq0KMG0iPw98JesFq9 pM77gazTKj1WavM9Vee+zeV+CeirGJPMZAbhPPvHAjK/ZH+cD7sQ0sO5B9TlfjMN DnaDcWSq+OOkTA9/cYGQf6Suw0JyVWgDDN9FqqQFnmTdj0ZpGTo+u+e/sssgi6MJ u5oKgv/pzFMXUPBceciVItC5Npew+mFjXUFfAiajJnY3EabfwxSST9ti/QIDAQAB o4ICJzCCAiMwHQYDVR0OBBYEFAXl589PZFnMD3DY9IVLdxwNTUAoMB8GA1UdIwQY MBaAFDrwm6M7WuWBsNKTIySTFPdqoQURMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQt NDU5MzVmNTA2YTEyLzEvQmVYbnowOWtXY3dQY05qMGhVdDNIQTFOUUNnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQtNDU5MzVmNTA2YTEy LzEvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAUf+yAwQB WnPQAwQBwgI4AwQAwgJWAwQAwgMEAwQAwvpiMA0GCSqGSIb3DQEBCwUAA4IBAQAr 1Vmk8Kp+o96PCvYb3SzF+ECVaEmtF4/9IIbxa5gImVgzRs5DDWiBg4R4XbL6i6SF tEbjCxgU+08afOZZESXhdGAQarjFm9E6V3NLtGGY4YyjtSD0btGCucvHxcXS1ezQ 74GzfpsPLoNtkoH6Qe9IRIroKr13znW0ebvIs7I9EVatDmV3WXapPRZm8ZFjelu9 ylj7Ur1hRlyDCemJnx9MnsyZIoZq2UyLWwIANire1ROrkOaZ6Sg5arqh8Q1ckg25 BYGMfUi/UlnkfGfcnRpl/b0HYc1s+a65/3N6HVEwBZmUtVutBnnuRda7x/QzrGTD AtNNQBGHugMTZX7AIb6/ -----END CERTIFICATE-----Generated at Tue Jan 20 02:56:32 2026 by rpki-client