This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/BSi4vQqrFQcYMyENyASDkv5w9iw.roa File: BSi4vQqrFQcYMyENyASDkv5w9iw.roa (raw, json) Hash identifier: 1EZyYCTh/Q/bm5JYsAPn3zIwNvI7zQ3OHTzlXoSku4Y= Subject key identifier: 05:28:B8:BD:0A:AB:15:07:18:33:21:0D:C8:04:83:92:FE:70:F6:2C Certificate issuer: /CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa Certificate serial: 019B7F15A507DEB0B19CC43A47B8BB4B3BB1 Authority key identifier: 6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/BSi4vQqrFQcYMyENyASDkv5w9iw.roa Signing time: Fri 02 Jan 2026 14:21:23 +0000 ROA not before: Fri 02 Jan 2026 14:21:23 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 55836 IP address blocks: 2.22.176.0/20 maxlen: 20 2.23.32.0/19 maxlen: 19 95.100.0.0/20 maxlen: 20 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.mft rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 00:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:15:a5:07:de:b0:b1:9c:c4:3a:47:b8:bb:4b:3b:b1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa Validity Not Before: Jan 2 14:21:23 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=0528b8bd0aab15071833210dc8048392fe70f62c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:35:1c:94:37:7b:70:c4:82:9e:03:e5:d0:88: c7:b8:2d:bd:20:24:d8:81:00:ca:a2:1f:f4:de:26: 60:46:6e:be:b0:fe:de:5e:d1:c7:a9:07:0a:6c:b0: 00:7d:fe:95:16:f4:29:cb:e9:fd:e1:60:ee:59:a8: 6c:4f:fe:e8:ce:ec:67:20:5e:97:57:90:73:ba:20: 30:c7:af:c7:97:e3:5c:dd:63:50:00:76:61:14:7b: 01:21:5e:7d:fd:6f:05:ed:4f:84:8c:db:a6:c6:fb: d0:53:44:89:ce:85:2d:5e:9d:be:90:45:12:c8:51: f9:a7:b7:90:cd:b3:af:bb:5a:1a:61:d8:ad:90:56: 6a:6b:45:fd:32:f9:08:61:0e:ad:0f:79:82:21:2a: 27:fb:d9:1b:69:3e:97:23:94:aa:13:2f:ac:95:3b: ce:5a:76:81:7d:d9:e2:6d:23:47:81:e6:93:a9:6f: cb:84:d6:40:e6:85:d4:a6:af:31:55:2f:86:88:b4: ef:ae:82:91:8f:0d:72:fd:7e:60:9c:e5:de:1e:07: 1d:21:42:f7:a7:82:06:45:64:bb:a6:d1:51:7c:fc: ab:c4:fe:e1:30:e1:b8:8c:0c:7a:3c:18:03:c1:75: 86:4e:b9:57:59:4e:1f:ee:c3:5c:b0:35:a5:69:63: 1d:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 05:28:B8:BD:0A:AB:15:07:18:33:21:0D:C8:04:83:92:FE:70:F6:2C X509v3 Authority Key Identifier: keyid:6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/BSi4vQqrFQcYMyENyASDkv5w9iw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 2.22.176.0/20 2.23.32.0/19 95.100.0.0/20 Signature Algorithm: sha256WithRSAEncryption 4a:67:e4:34:1d:01:be:61:e7:7b:da:1b:66:61:42:9b:d0:fd: c4:e7:8d:01:93:a3:0e:90:6d:68:03:37:d0:23:39:70:ba:b3: f4:9a:66:7d:93:5c:d5:b4:a7:d9:bb:50:85:a3:8a:b5:65:ad: fd:ba:9c:2e:3f:0f:7e:f8:eb:34:e1:19:06:bd:f7:a9:c8:17: 66:fd:43:3b:fb:19:a5:14:16:eb:25:28:b4:01:2a:79:5c:b3: 5b:25:2f:94:b5:91:41:94:f2:89:88:55:87:e7:91:1b:ac:c2: 8f:45:e9:d1:5f:41:cd:57:b1:6f:ed:35:ab:db:86:5f:0c:cc: a8:b2:5c:cd:f3:1f:5f:f4:26:4e:3e:35:5a:2c:e5:af:e6:83: 9a:c2:ca:59:68:a8:13:c9:9b:52:82:16:03:fd:fe:a4:a2:bf: 93:e7:ac:3a:1d:a6:c2:68:18:0b:f0:ed:fe:b6:6f:f1:4e:48: 15:c3:3f:76:c7:55:db:db:44:44:1b:01:1c:50:0e:36:2b:99: 4d:71:42:47:9d:5d:2b:c8:62:4a:fb:45:a9:b3:97:3e:98:2a: 25:ac:54:69:df:ba:a5:ac:a7:7d:cc:10:5b:5c:a3:45:e2:8d: 29:a3:dc:cd:80:af:52:de:a7:0b:e0:8b:75:b1:cf:c6:bd:64: 70:94:15:7b -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt/FaUH3rCxnMQ6R7i7SzuxMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZiNWZjYmJlYTQ4OTM3YTQ0MmJhYmRiMzMwMjEzMmM0YmM5 YmQ2YWEwHhcNMjYwMTAyMTQyMTIzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwNTI4YjhiZDBhYWIxNTA3MTgzMzIxMGRjODA0ODM5MmZlNzBmNjJjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnTUclDd7cMSCngPl0IjHuC29ICTY gQDKoh/03iZgRm6+sP7eXtHHqQcKbLAAff6VFvQpy+n94WDuWahsT/7ozuxnIF6X V5BzuiAwx6/Hl+Nc3WNQAHZhFHsBIV59/W8F7U+EjNumxvvQU0SJzoUtXp2+kEUS yFH5p7eQzbOvu1oaYditkFZqa0X9MvkIYQ6tD3mCISon+9kbaT6XI5SqEy+slTvO WnaBfdnibSNHgeaTqW/LhNZA5oXUpq8xVS+GiLTvroKRjw1y/X5gnOXeHgcdIUL3 p4IGRWS7ptFRfPyrxP7hMOG4jAx6PBgDwXWGTrlXWU4f7sNcsDWlaWMdPQIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFAUouL0KqxUHGDMhDcgEg5L+cPYsMB8GA1UdIwQY MBaAFGtfy76kiTekQrq9szAhMsS8m9aqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQt ODhkMWNhYzllNGYxLzEvQlNpNHZRcXJGUWNZTXlFTnlBU0RrdjV3OWl3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQtODhkMWNhYzllNGYx LzEvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQEAhawAwQF AhcgAwQEX2QAMA0GCSqGSIb3DQEBCwUAA4IBAQBKZ+Q0HQG+Yed72htmYUKb0P3E 540Bk6MOkG1oAzfQIzlwurP0mmZ9k1zVtKfZu1CFo4q1Za39upwuPw9++Os04RkG vfepyBdm/UM7+xmlFBbrJSi0ASp5XLNbJS+UtZFBlPKJiFWH55EbrMKPRenRX0HN V7Fv7TWr24ZfDMyoslzN8x9f9CZOPjVaLOWv5oOawspZaKgTyZtSghYD/f6kor+T 56w6HabCaBgL8O3+tm/xTkgVwz92x1Xb20REGwEcUA42K5lNcUJHnV0ryGJK+0Wp s5c+mColrFRp37qlrKd9zBBbXKNF4o0po9zNgK9S3qcL4It1sc/GvWRwlBV7 -----END CERTIFICATE-----Generated at Wed Jan 21 10:29:18 2026 by rpki-client