This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/bawlKjjRUn-2VUvaXqgMqrmXIYE.roa File: bawlKjjRUn-2VUvaXqgMqrmXIYE.roa (raw, json) Hash identifier: 4v7xLDkhU1j/Z9g+fxPJmcjl4ID73clEnOAWrniIb90= Subject key identifier: 6D:AC:25:2A:38:D1:52:7F:B6:55:4B:DA:5E:A8:0C:AA:B9:97:21:81 Certificate issuer: /CN=1b2c219f3c297b775880c3b651a2003f9be6de5e Certificate serial: 019B7F146BC8CC8593B394F54A428E1AC62F Authority key identifier: 1B:2C:21:9F:3C:29:7B:77:58:80:C3:B6:51:A2:00:3F:9B:E6:DE:5E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gywhnzwpe3dYgMO2UaIAP5vm3l4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/bawlKjjRUn-2VUvaXqgMqrmXIYE.roa Signing time: Fri 02 Jan 2026 14:20:03 +0000 ROA not before: Fri 02 Jan 2026 14:20:03 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 216246 IP address blocks: 77.221.151.0/24 maxlen: 24 109.120.152.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/Gywhnzwpe3dYgMO2UaIAP5vm3l4.crl rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/Gywhnzwpe3dYgMO2UaIAP5vm3l4.mft rsync://rpki.ripe.net/repository/DEFAULT/Gywhnzwpe3dYgMO2UaIAP5vm3l4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 21 Jan 2026 05:01:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:14:6b:c8:cc:85:93:b3:94:f5:4a:42:8e:1a:c6:2f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1b2c219f3c297b775880c3b651a2003f9be6de5e Validity Not Before: Jan 2 14:20:03 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=6dac252a38d1527fb6554bda5ea80caab9972181 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:ee:15:f3:b5:72:b8:5d:40:60:2b:f3:12:bf: e0:e6:ac:dd:ae:df:38:64:ba:73:4f:df:54:c0:bf: 6d:0a:b1:87:f6:2b:0a:05:28:84:78:d1:1b:f9:aa: eb:f6:42:a8:ba:02:91:71:26:39:2c:98:62:0c:a7: 9b:51:2b:02:b1:e0:05:e9:a6:22:e6:39:a1:9d:9f: b3:e1:48:c3:fb:8f:ca:fa:e7:7e:6b:17:17:f6:2d: 32:eb:87:51:b2:5f:5c:e2:0d:1c:42:fa:a7:fe:aa: c9:82:c4:b2:03:b3:28:37:35:f7:2d:64:e8:a7:8e: 1e:08:a1:5e:20:71:c7:f5:54:12:0f:df:c8:f5:67: fe:72:2b:2e:a0:57:cd:33:3e:6e:33:b7:be:9b:9c: 27:ce:80:fd:8f:51:ef:90:50:bc:b3:dc:a9:73:22: 7a:dc:a2:77:bd:86:06:b2:0a:0e:21:da:18:b7:cf: c0:5b:68:4e:5a:90:e8:fb:10:13:63:9b:e8:c7:be: 82:88:c5:92:12:29:b5:8d:03:51:9c:11:1a:76:6e: 05:cc:00:13:71:5a:5d:51:a2:9f:28:55:bf:94:9e: b1:c3:b9:60:2b:a7:ea:3f:91:c7:b5:3d:b9:42:66: 7b:70:f4:ed:8b:8d:3e:af:f5:73:72:cb:c9:ff:b7: 0d:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6D:AC:25:2A:38:D1:52:7F:B6:55:4B:DA:5E:A8:0C:AA:B9:97:21:81 X509v3 Authority Key Identifier: keyid:1B:2C:21:9F:3C:29:7B:77:58:80:C3:B6:51:A2:00:3F:9B:E6:DE:5E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gywhnzwpe3dYgMO2UaIAP5vm3l4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/bawlKjjRUn-2VUvaXqgMqrmXIYE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/Gywhnzwpe3dYgMO2UaIAP5vm3l4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 77.221.151.0/24 109.120.152.0/24 Signature Algorithm: sha256WithRSAEncryption 3b:e4:1f:3d:82:87:9b:a6:39:05:1c:55:69:0e:27:13:60:ae: 12:24:43:1a:07:9b:63:8f:ef:97:18:bf:b5:d5:bd:fb:f6:6b: 2c:f4:15:1f:59:02:d4:ba:70:67:99:7b:98:c6:a0:44:5c:ae: a6:1b:1f:70:4c:b8:2e:59:8a:81:79:ba:41:01:7b:10:f6:e7: ee:89:a1:c2:91:85:79:50:6b:de:8e:3c:cd:e1:dc:63:4e:40: 5e:65:db:32:78:6c:92:48:74:84:f0:fc:e0:f2:17:f2:97:1c: f7:06:10:13:79:78:46:b9:75:b7:50:a2:3d:1f:ae:ea:7d:37: e1:00:06:0d:47:40:8f:fc:e2:34:98:24:0a:db:d9:77:59:fe: b4:22:e3:ba:1b:a9:65:99:ac:35:08:3b:96:76:fc:30:22:f9: e1:13:fe:9e:a6:8a:f3:5c:3d:95:68:f2:63:03:15:ec:71:ae: 61:f9:5d:27:cc:04:67:10:1f:6a:c7:b9:80:fb:c1:37:ad:c1: be:e5:97:01:53:e1:b0:87:44:a2:08:ea:ff:f6:73:eb:48:db: 74:a3:5c:ac:bd:db:45:f0:55:8e:fb:5a:ac:7b:ed:2a:03:97: bc:2a:3c:d3:e5:80:87:89:06:dc:56:64:e2:76:62:d8:dd:2b: 28:69:9d:b5 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt/FGvIzIWTs5T1SkKOGsYvMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFiMmMyMTlmM2MyOTdiNzc1ODgwYzNiNjUxYTIwMDNmOWJl NmRlNWUwHhcNMjYwMTAyMTQyMDAzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2ZGFjMjUyYTM4ZDE1MjdmYjY1NTRiZGE1ZWE4MGNhYWI5OTcyMTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0O4V87VyuF1AYCvzEr/g5qzdrt84 ZLpzT99UwL9tCrGH9isKBSiEeNEb+arr9kKougKRcSY5LJhiDKebUSsCseAF6aYi 5jmhnZ+z4UjD+4/K+ud+axcX9i0y64dRsl9c4g0cQvqn/qrJgsSyA7MoNzX3LWTo p44eCKFeIHHH9VQSD9/I9Wf+cisuoFfNMz5uM7e+m5wnzoD9j1HvkFC8s9ypcyJ6 3KJ3vYYGsgoOIdoYt8/AW2hOWpDo+xATY5vox76CiMWSEim1jQNRnBEadm4FzAAT cVpdUaKfKFW/lJ6xw7lgK6fqP5HHtT25QmZ7cPTti40+r/VzcsvJ/7cN1wIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFG2sJSo40VJ/tlVL2l6oDKq5lyGBMB8GA1UdIwQY MBaAFBssIZ88KXt3WIDDtlGiAD+b5t5eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvR3l3aG56d3BlM2RZZ01PMlVhSUFQNXZtM2w0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9iMTFhNDAtNDhlOS00ZTA2LWJmMTEt OTJjODFmMjJlNzEyLzEvYmF3bEtqalJVbi0yVlV2YVhxZ01xcm1YSVlFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Zi9iMTFhNDAtNDhlOS00ZTA2LWJmMTEtOTJjODFmMjJlNzEy LzEvR3l3aG56d3BlM2RZZ01PMlVhSUFQNXZtM2w0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQATd2XAwQA bXiYMA0GCSqGSIb3DQEBCwUAA4IBAQA75B89goebpjkFHFVpDicTYK4SJEMaB5tj j++XGL+11b379mss9BUfWQLUunBnmXuYxqBEXK6mGx9wTLguWYqBebpBAXsQ9ufu iaHCkYV5UGvejjzN4dxjTkBeZdsyeGySSHSE8Pzg8hfylxz3BhATeXhGuXW3UKI9 H67qfTfhAAYNR0CP/OI0mCQK29l3Wf60IuO6G6llmaw1CDuWdvwwIvnhE/6eporz XD2VaPJjAxXsca5h+V0nzARnEB9qx7mA+8E3rcG+5ZcBU+Gwh0SiCOr/9nPrSNt0 o1ysvdtF8FWO+1qse+0qA5e8KjzT5YCHiQbcVmTidmLY3SsoaZ21 -----END CERTIFICATE-----Generated at Tue Jan 20 14:14:20 2026 by rpki-client