This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/f2640a-46e7-4650-83c5-cc55b81302cf/1/p41RQcYNbaPi2saEgef3YI5x8B0.roa File: p41RQcYNbaPi2saEgef3YI5x8B0.roa (raw, json) Hash identifier: 7eEqYaOedzxXA/oXZBR0kzMmPS0dy4WRxb1ICMtpctQ= Subject key identifier: A7:8D:51:41:C6:0D:6D:A3:E2:DA:C6:84:81:E7:F7:60:8E:71:F0:1D Certificate issuer: /CN=bbbe9612d1440bc6c704e0465f0ef5d6ca7397a6 Certificate serial: 019B7EA54C3595F9CEAB67ED3955292CC1A4 Authority key identifier: BB:BE:96:12:D1:44:0B:C6:C7:04:E0:46:5F:0E:F5:D6:CA:73:97:A6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u76WEtFEC8bHBOBGXw711spzl6Y.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/f2640a-46e7-4650-83c5-cc55b81302cf/1/p41RQcYNbaPi2saEgef3YI5x8B0.roa Signing time: Fri 02 Jan 2026 12:18:40 +0000 ROA not before: Fri 02 Jan 2026 12:18:40 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 31272 IP address blocks: 5.255.32.0/20 maxlen: 32 37.25.96.0/19 maxlen: 32 46.33.224.0/19 maxlen: 32 77.247.16.0/20 maxlen: 32 80.252.240.0/20 maxlen: 32 109.104.160.0/19 maxlen: 32 141.101.0.0/19 maxlen: 32 185.35.100.0/22 maxlen: 32 185.147.60.0/22 maxlen: 32 185.147.196.0/22 maxlen: 32 185.148.56.0/22 maxlen: 32 185.159.160.0/22 maxlen: 32 212.92.224.0/19 maxlen: 32 217.77.208.0/20 maxlen: 32 2a00:bc00::/32 maxlen: 128 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/84/f2640a-46e7-4650-83c5-cc55b81302cf/1/u76WEtFEC8bHBOBGXw711spzl6Y.crl rsync://rpki.ripe.net/repository/DEFAULT/84/f2640a-46e7-4650-83c5-cc55b81302cf/1/u76WEtFEC8bHBOBGXw711spzl6Y.mft rsync://rpki.ripe.net/repository/DEFAULT/u76WEtFEC8bHBOBGXw711spzl6Y.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 03 Feb 2026 15:00:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a5:4c:35:95:f9:ce:ab:67:ed:39:55:29:2c:c1:a4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=bbbe9612d1440bc6c704e0465f0ef5d6ca7397a6 Validity Not Before: Jan 2 12:18:40 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=a78d5141c60d6da3e2dac68481e7f7608e71f01d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:eb:4f:7f:c8:07:f9:82:2e:be:eb:11:e1:10:79: 01:85:6f:68:22:75:4e:5d:15:65:3c:31:26:a2:ca: f8:9c:2b:d8:2b:6a:14:ca:cd:a9:75:5a:e2:c0:24: 11:69:25:e5:fe:69:60:50:cb:46:d7:e8:20:b0:f7: a3:9c:be:55:be:1c:9c:a5:91:b4:97:15:f5:d1:1a: 45:8c:f8:96:ac:8e:8b:c8:49:1b:22:6d:e5:3a:1a: 38:35:22:0f:d7:c3:0e:93:db:0e:25:60:d9:9a:a1: 7c:2b:c4:66:6d:da:0a:a2:39:41:20:c5:78:d8:09: db:08:9f:0d:82:e9:e8:c7:10:a4:1a:c1:90:df:e1: 1c:21:5d:e7:7c:39:8f:05:2f:74:24:95:9e:d1:ad: eb:f6:dd:21:17:85:1c:c3:8e:c1:48:fa:8c:d6:92: 99:bb:43:b8:82:28:b5:c1:b7:2b:be:52:f5:10:c4: 3a:b1:14:83:63:cf:db:84:06:df:96:17:b7:35:ff: 88:b2:26:e1:46:89:b8:bf:f7:8e:e0:c8:45:e1:eb: 9c:a4:1f:18:9a:0c:22:ff:46:c5:2f:b5:a5:1b:69: b2:65:6b:20:ef:6b:4e:53:d9:c0:34:8f:5d:bb:36: b9:d7:ed:27:d9:bf:ff:f9:50:b8:6c:4d:0f:eb:91: 48:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A7:8D:51:41:C6:0D:6D:A3:E2:DA:C6:84:81:E7:F7:60:8E:71:F0:1D X509v3 Authority Key Identifier: keyid:BB:BE:96:12:D1:44:0B:C6:C7:04:E0:46:5F:0E:F5:D6:CA:73:97:A6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u76WEtFEC8bHBOBGXw711spzl6Y.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/f2640a-46e7-4650-83c5-cc55b81302cf/1/p41RQcYNbaPi2saEgef3YI5x8B0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/84/f2640a-46e7-4650-83c5-cc55b81302cf/1/u76WEtFEC8bHBOBGXw711spzl6Y.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.255.32.0/20 37.25.96.0/19 46.33.224.0/19 77.247.16.0/20 80.252.240.0/20 109.104.160.0/19 141.101.0.0/19 185.35.100.0/22 185.147.60.0/22 185.147.196.0/22 185.148.56.0/22 185.159.160.0/22 212.92.224.0/19 217.77.208.0/20 IPv6: 2a00:bc00::/32 Signature Algorithm: sha256WithRSAEncryption 1c:0f:89:de:38:45:68:23:e6:c7:0a:2f:e2:3d:3f:39:79:8e: 57:ff:25:cd:c6:fe:cd:c5:e0:f0:9d:a5:86:af:e4:cb:c6:e3: 5b:90:13:be:13:ee:24:69:bf:84:e9:80:24:53:ec:cd:ca:eb: c9:2c:b7:1f:2f:ca:60:6d:0f:d5:b9:33:42:fc:1b:73:4d:18: 5a:80:e2:f6:d8:b4:6d:76:a7:7e:3e:a8:6b:3e:b2:1f:82:cb: 9e:ed:ee:99:1f:1f:11:80:9a:12:78:76:28:fc:31:87:b1:a8: 9e:88:8a:e2:2e:59:fb:7d:45:ab:c7:75:41:57:e0:c0:b5:57: d7:e2:b8:14:51:b0:6e:3b:b1:49:e3:5f:6f:ae:fb:cd:88:f9: 05:c7:3a:1e:c5:d4:42:2c:ea:97:b9:9a:bf:ce:d0:15:96:39: 5e:52:31:82:dc:8a:96:ed:ee:94:36:66:29:45:86:a4:ad:40: d6:fe:9f:d0:20:f7:67:77:fa:f4:55:9d:2d:e5:ef:bf:5b:c0: 84:7f:d0:5a:4b:36:86:8a:2d:a9:eb:0a:a2:00:f4:87:ba:e4: 22:b5:f4:dc:b8:98:6c:80:b5:58:9b:0a:0b:2b:58:35:f6:7b: 4b:e6:19:5a:82:82:73:cf:43:7b:23:30:b3:d1:f7:66:33:57: ea:0a:70:26 -----BEGIN CERTIFICATE----- MIIFWjCCBEKgAwIBAgISAZt+pUw1lfnOq2ftOVUpLMGkMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGJiYmU5NjEyZDE0NDBiYzZjNzA0ZTA0NjVmMGVmNWQ2Y2E3 Mzk3YTYwHhcNMjYwMTAyMTIxODQwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhNzhkNTE0MWM2MGQ2ZGEzZTJkYWM2ODQ4MWU3Zjc2MDhlNzFmMDFkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA609/yAf5gi6+6xHhEHkBhW9oInVO XRVlPDEmosr4nCvYK2oUys2pdVriwCQRaSXl/mlgUMtG1+ggsPejnL5VvhycpZG0 lxX10RpFjPiWrI6LyEkbIm3lOho4NSIP18MOk9sOJWDZmqF8K8RmbdoKojlBIMV4 2AnbCJ8NgunoxxCkGsGQ3+EcIV3nfDmPBS90JJWe0a3r9t0hF4Ucw47BSPqM1pKZ u0O4gii1wbcrvlL1EMQ6sRSDY8/bhAbflhe3Nf+IsibhRom4v/eO4MhF4eucpB8Y mgwi/0bFL7WlG2myZWsg72tOU9nANI9duza51+0n2b//+VC4bE0P65FIQQIDAQAB o4ICZjCCAmIwHQYDVR0OBBYEFKeNUUHGDW2j4trGhIHn92COcfAdMB8GA1UdIwQY MBaAFLu+lhLRRAvGxwTgRl8O9dbKc5emMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdTc2V0V0RkVDOGJIQk9CR1h3NzExc3B6bDZZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC9mMjY0MGEtNDZlNy00NjUwLTgzYzUt Y2M1NWI4MTMwMmNmLzEvcDQxUlFjWU5iYVBpMnNhRWdlZjNZSTV4OEIwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84NC9mMjY0MGEtNDZlNy00NjUwLTgzYzUtY2M1NWI4MTMwMmNm LzEvdTc2V0V0RkVDOGJIQk9CR1h3NzExc3B6bDZZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMHwGCCsGAQUFBwEHAQH/BG0wazBaBAIAATBUAwQEBf8gAwQF JRlgAwQFLiHgAwQETfcQAwQEUPzwAwQFbWigAwQFjWUAAwQCuSNkAwQCuZM8AwQC uZPEAwQCuZQ4AwQCuZ+gAwQF1FzgAwQE2U3QMA0EAgACMAcDBQAqALwAMA0GCSqG SIb3DQEBCwUAA4IBAQAcD4neOEVoI+bHCi/iPT85eY5X/yXNxv7NxeDwnaWGr+TL xuNbkBO+E+4kab+E6YAkU+zNyuvJLLcfL8pgbQ/VuTNC/BtzTRhagOL22LRtdqd+ PqhrPrIfgsue7e6ZHx8RgJoSeHYo/DGHsaieiIriLln7fUWrx3VBV+DAtVfX4rgU UbBuO7FJ419vrvvNiPkFxzoexdRCLOqXuZq/ztAVljleUjGC3IqW7e6UNmYpRYak rUDW/p/QIPdnd/r0VZ0t5e+/W8CEf9BaSzaGii2p6wqiAPSHuuQitfTcuJhsgLVY mwoLK1g19ntL5hlagoJzz0N7IzCz0fdmM1fqCnAm -----END CERTIFICATE-----Generated at Tue Feb 3 00:01:26 2026 by rpki-client