This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/_bFFpYb8xNQtTH_3yPe_MDsPOZk.roa File: _bFFpYb8xNQtTH_3yPe_MDsPOZk.roa (raw, json) Hash identifier: kDuaFVmunVmsMM4Jp1RzmY+vtuYMYvEW+p089DaIgrM= Subject key identifier: FD:B1:45:A5:86:FC:C4:D4:2D:4C:7F:F7:C8:F7:BF:30:3B:0F:39:99 Certificate issuer: /CN=297ef9befd1a7e24c0cc9729987fc065d6b7132f Certificate serial: 019B78A22C209EA6FD836C089E22EE81488F Authority key identifier: 29:7E:F9:BE:FD:1A:7E:24:C0:CC:97:29:98:7F:C0:65:D6:B7:13:2F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KX75vv0afiTAzJcpmH_AZda3Ey8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/_bFFpYb8xNQtTH_3yPe_MDsPOZk.roa Signing time: Thu 01 Jan 2026 08:17:32 +0000 ROA not before: Thu 01 Jan 2026 08:17:32 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 26383 IP address blocks: 5.10.213.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/KX75vv0afiTAzJcpmH_AZda3Ey8.crl rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/KX75vv0afiTAzJcpmH_AZda3Ey8.mft rsync://rpki.ripe.net/repository/DEFAULT/KX75vv0afiTAzJcpmH_AZda3Ey8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 10 Jan 2026 02:01:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a2:2c:20:9e:a6:fd:83:6c:08:9e:22:ee:81:48:8f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=297ef9befd1a7e24c0cc9729987fc065d6b7132f Validity Not Before: Jan 1 08:17:32 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=fdb145a586fcc4d42d4c7ff7c8f7bf303b0f3999 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:91:c2:1c:8d:93:6b:7a:93:6e:7f:a3:2c:c6:ea: 34:bd:b1:43:f3:c8:e6:88:02:3e:a4:48:fe:d1:ef: 87:16:b2:40:65:88:4e:92:ae:c2:61:7d:60:89:50: f3:38:73:8c:a9:78:47:83:96:2c:f2:fa:4e:a2:9f: d4:a4:12:f8:51:99:0e:7b:fe:6f:69:8f:2a:31:df: 23:6e:26:9f:c3:49:81:b7:05:04:8d:4d:fd:a2:f7: 8d:de:96:df:84:59:f3:d4:36:f7:6d:ea:62:7f:db: e2:62:99:0f:4e:d6:1d:42:cd:34:82:c4:e1:98:3f: 5f:b8:c2:5e:7a:e8:d7:e9:c8:1b:80:ed:86:6a:d2: 69:ab:b2:35:fa:15:aa:4d:aa:0b:c8:24:cd:cd:db: a8:bc:84:5a:dd:0a:31:85:3b:c5:b0:b2:92:96:4e: aa:67:7d:c2:e9:8b:ef:7a:a4:6b:89:1a:12:74:ae: f1:49:b2:f1:a3:60:56:24:fa:27:57:27:3b:7a:07: cd:07:01:2c:01:c5:6d:89:6e:c2:5e:a8:71:07:55: 5d:da:f9:6f:7d:95:b6:80:18:be:e9:15:2d:38:fb: e3:fe:f0:48:4d:8f:ec:e0:51:4e:67:17:52:23:35: 73:c1:e1:5d:58:d7:91:51:f4:ea:1d:52:5d:7f:f1: e3:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FD:B1:45:A5:86:FC:C4:D4:2D:4C:7F:F7:C8:F7:BF:30:3B:0F:39:99 X509v3 Authority Key Identifier: keyid:29:7E:F9:BE:FD:1A:7E:24:C0:CC:97:29:98:7F:C0:65:D6:B7:13:2F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KX75vv0afiTAzJcpmH_AZda3Ey8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/_bFFpYb8xNQtTH_3yPe_MDsPOZk.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/KX75vv0afiTAzJcpmH_AZda3Ey8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.10.213.0/24 Signature Algorithm: sha256WithRSAEncryption 45:54:0f:ca:f4:c7:64:b7:21:43:35:d3:f5:cb:e9:f6:65:2c: 68:c9:84:31:46:1a:ec:4b:d9:9d:eb:2b:5f:7d:0f:26:15:e7: d7:79:15:0a:f5:2d:e2:eb:31:04:a7:ce:3d:2c:cc:b4:0a:a8: 74:0c:ac:fc:a3:31:dc:fa:16:e2:0d:2e:7d:0e:2b:aa:ed:b4: 94:7f:b5:08:3d:46:f3:5a:89:92:d2:0f:88:3b:60:5f:79:bc: 84:ba:b8:89:e2:27:46:60:4e:a2:5a:7d:1b:d8:b5:94:87:3f: 79:57:cb:f8:74:5d:d0:a5:6c:78:05:41:96:3a:27:65:b3:cd: 0c:d2:12:e1:d2:9e:24:6a:f8:44:0d:ac:0a:14:a9:72:8f:4d: 05:d3:b3:c8:2a:81:52:89:a0:6e:19:55:c5:0a:52:2b:22:88: 85:bc:72:32:bf:c7:03:4b:2c:bd:3f:dc:4b:ba:dd:b9:b9:d8: 67:e0:30:e6:0b:9a:d5:f4:0b:a4:02:a4:3c:a4:56:85:53:4d: aa:c2:d1:7a:5a:ab:07:e8:f4:a0:ba:90:3c:f2:90:cf:e1:35: ae:46:fc:77:61:da:3b:62:8d:30:ee:ce:99:58:39:82:bf:bc: bc:19:f2:c9:2c:dd:97:55:dd:47:9f:ed:67:20:04:5e:ab:24: 42:89:37:da -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt4oiwgnqb9g2wIniLugUiPMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI5N2VmOWJlZmQxYTdlMjRjMGNjOTcyOTk4N2ZjMDY1ZDZi NzEzMmYwHhcNMjYwMTAxMDgxNzMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmZGIxNDVhNTg2ZmNjNGQ0MmQ0YzdmZjdjOGY3YmYzMDNiMGYzOTk5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkcIcjZNrepNuf6Msxuo0vbFD88jm iAI+pEj+0e+HFrJAZYhOkq7CYX1giVDzOHOMqXhHg5Ys8vpOop/UpBL4UZkOe/5v aY8qMd8jbiafw0mBtwUEjU39oveN3pbfhFnz1Db3bepif9viYpkPTtYdQs00gsTh mD9fuMJeeujX6cgbgO2GatJpq7I1+hWqTaoLyCTNzduovIRa3QoxhTvFsLKSlk6q Z33C6YvveqRriRoSdK7xSbLxo2BWJPonVyc7egfNBwEsAcVtiW7CXqhxB1Vd2vlv fZW2gBi+6RUtOPvj/vBITY/s4FFOZxdSIzVzweFdWNeRUfTqHVJdf/HjfQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFP2xRaWG/MTULUx/98j3vzA7DzmZMB8GA1UdIwQY MBaAFCl++b79Gn4kwMyXKZh/wGXWtxMvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS1g3NXZ2MGFmaVRBekpjcG1IX0FaZGEzRXk4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS9iZTQ5MDktNzQ1Zi00ZDBjLWJmYWIt ZGVlNzY4NjAwMTNkLzEvX2JGRnBZYjh4TlF0VEhfM3lQZV9NRHNQT1prLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83YS9iZTQ5MDktNzQ1Zi00ZDBjLWJmYWItZGVlNzY4NjAwMTNk LzEvS1g3NXZ2MGFmaVRBekpjcG1IX0FaZGEzRXk4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABQrVMA0G CSqGSIb3DQEBCwUAA4IBAQBFVA/K9MdktyFDNdP1y+n2ZSxoyYQxRhrsS9md6ytf fQ8mFefXeRUK9S3i6zEEp849LMy0Cqh0DKz8ozHc+hbiDS59Diuq7bSUf7UIPUbz WomS0g+IO2BfebyEuriJ4idGYE6iWn0b2LWUhz95V8v4dF3QpWx4BUGWOidls80M 0hLh0p4kavhEDawKFKlyj00F07PIKoFSiaBuGVXFClIrIoiFvHIyv8cDSyy9P9xL ut25udhn4DDmC5rV9AukAqQ8pFaFU02qwtF6WqsH6PSgupA88pDP4TWuRvx3Ydo7 Yo0w7s6ZWDmCv7y8GfLJLN2XVd1Hn+1nIAReqyRCiTfa -----END CERTIFICATE-----Generated at Fri Jan 9 08:22:20 2026 by rpki-client