This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/c06f09-9072-4d57-9b64-d05be8c5a4b1/1/bkcUPSVyK1GtBOw35C6fpsJHCPw.roa File: bkcUPSVyK1GtBOw35C6fpsJHCPw.roa (raw, json) Hash identifier: 14nbBDwXuaYsul3Mhzz1OYQgsUX4OxdsMQADV56Zhh0= Subject key identifier: 6E:47:14:3D:25:72:2B:51:AD:04:EC:37:E4:2E:9F:A6:C2:47:08:FC Certificate issuer: /CN=d9a7cd9b7872a1c7aa262b3fad1a907650252832 Certificate serial: 019B7C7FC37D1748BEA910B19AF644C61328 Authority key identifier: D9:A7:CD:9B:78:72:A1:C7:AA:26:2B:3F:AD:1A:90:76:50:25:28:32 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2afNm3hyoceqJis_rRqQdlAlKDI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/c06f09-9072-4d57-9b64-d05be8c5a4b1/1/bkcUPSVyK1GtBOw35C6fpsJHCPw.roa Signing time: Fri 02 Jan 2026 02:18:26 +0000 ROA not before: Fri 02 Jan 2026 02:18:26 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 49296 IP address blocks: 185.71.4.0/24 maxlen: 24 185.71.5.0/24 maxlen: 24 185.71.6.0/24 maxlen: 24 185.71.7.0/24 maxlen: 24 217.148.224.0/20 maxlen: 20 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/c06f09-9072-4d57-9b64-d05be8c5a4b1/1/2afNm3hyoceqJis_rRqQdlAlKDI.crl rsync://rpki.ripe.net/repository/DEFAULT/8a/c06f09-9072-4d57-9b64-d05be8c5a4b1/1/2afNm3hyoceqJis_rRqQdlAlKDI.mft rsync://rpki.ripe.net/repository/DEFAULT/2afNm3hyoceqJis_rRqQdlAlKDI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 20:00:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:7f:c3:7d:17:48:be:a9:10:b1:9a:f6:44:c6:13:28 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d9a7cd9b7872a1c7aa262b3fad1a907650252832 Validity Not Before: Jan 2 02:18:26 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=6e47143d25722b51ad04ec37e42e9fa6c24708fc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:12:ef:b3:81:b7:d5:60:d2:d6:92:1d:e8:af: ad:09:aa:16:10:e0:b8:82:2e:2a:59:23:a6:70:32: db:5b:7d:ed:54:f4:ab:65:96:27:a3:f2:ea:9e:f0: e3:33:63:df:47:0b:be:84:51:b4:6f:c5:e3:93:d3: f3:08:77:34:1f:16:59:95:36:a5:67:9d:93:22:4c: 47:b9:af:4a:59:1d:ce:01:c1:6f:0f:29:ea:9c:71: 92:0f:d6:72:89:1b:d7:8c:80:b1:4a:8a:9e:35:08: f9:18:05:e0:1a:05:95:b4:b1:4c:9c:11:1b:e7:72: 38:7a:2c:1c:b5:7b:5f:95:7a:2e:5f:2b:63:45:77: 43:01:4a:71:9d:29:56:73:f2:32:7d:04:d5:60:c6: 55:6f:6b:1d:13:bd:7e:ba:6b:aa:ce:83:62:6e:c1: d9:2e:a4:d5:7d:44:0b:5c:27:14:26:62:43:ed:ec: 2b:10:a8:d6:86:02:fb:9b:19:48:dd:76:a5:ae:a3: cc:d8:e2:57:18:ad:0c:be:17:8f:59:61:b8:ca:d5: 5c:8b:ed:6c:08:50:c0:01:48:40:18:e3:cb:b8:18: ce:05:ea:ec:2b:d7:c2:c1:f0:08:41:38:e0:06:fe: 55:9a:f2:da:ca:bb:1e:34:02:db:37:ce:b5:96:4f: d4:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6E:47:14:3D:25:72:2B:51:AD:04:EC:37:E4:2E:9F:A6:C2:47:08:FC X509v3 Authority Key Identifier: keyid:D9:A7:CD:9B:78:72:A1:C7:AA:26:2B:3F:AD:1A:90:76:50:25:28:32 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2afNm3hyoceqJis_rRqQdlAlKDI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/c06f09-9072-4d57-9b64-d05be8c5a4b1/1/bkcUPSVyK1GtBOw35C6fpsJHCPw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/c06f09-9072-4d57-9b64-d05be8c5a4b1/1/2afNm3hyoceqJis_rRqQdlAlKDI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.71.4.0/22 217.148.224.0/20 Signature Algorithm: sha256WithRSAEncryption 9d:43:3a:88:c1:f0:ae:a0:08:7b:5b:72:ca:90:12:bb:2f:15: 47:e9:e2:bc:4d:c4:06:a0:f5:8e:e2:55:69:a1:9f:8e:06:9e: 6d:d5:2a:75:c4:9b:f7:73:ab:07:25:dd:78:0b:b6:56:61:3d: a9:e0:17:50:e9:1a:a4:2c:21:f0:77:0c:80:f9:8c:d8:71:18: a2:73:9e:a5:e8:b6:10:9e:2c:4a:f0:ce:54:7e:61:a0:de:e3: be:ea:3d:e4:b9:ca:30:81:c0:d3:87:45:e3:ad:32:69:16:29: 4b:08:db:48:8a:2d:97:e9:47:80:79:51:4f:70:7f:61:0e:35: ea:4f:56:e8:72:9e:75:cc:7f:ea:15:9f:d0:20:00:e6:f0:1c: 71:71:ba:40:2e:64:7a:20:fc:c1:3c:48:09:e5:4d:84:55:d4: c1:24:8d:e5:17:eb:f8:eb:5e:32:35:11:b0:4f:3a:fe:05:f1: 66:b3:25:4e:53:aa:c4:ed:25:a2:be:16:a4:43:dd:cd:cb:16: ea:61:b6:4a:4d:1c:d0:ef:88:71:47:ee:a4:46:02:e1:b9:0c: 35:3b:76:fd:cf:d4:48:08:e0:2b:5f:e6:cb:2e:9e:96:3c:35: 24:70:6c:c3:61:c1:d1:a5:da:d8:23:99:52:31:07:3e:23:ec: ff:44:f8:ef -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt8f8N9F0i+qRCxmvZExhMoMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ5YTdjZDliNzg3MmExYzdhYTI2MmIzZmFkMWE5MDc2NTAy NTI4MzIwHhcNMjYwMTAyMDIxODI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2ZTQ3MTQzZDI1NzIyYjUxYWQwNGVjMzdlNDJlOWZhNmMyNDcwOGZjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwxLvs4G31WDS1pId6K+tCaoWEOC4 gi4qWSOmcDLbW33tVPSrZZYno/LqnvDjM2PfRwu+hFG0b8Xjk9PzCHc0HxZZlTal Z52TIkxHua9KWR3OAcFvDynqnHGSD9ZyiRvXjICxSoqeNQj5GAXgGgWVtLFMnBEb 53I4eiwctXtflXouXytjRXdDAUpxnSlWc/IyfQTVYMZVb2sdE71+umuqzoNibsHZ LqTVfUQLXCcUJmJD7ewrEKjWhgL7mxlI3XalrqPM2OJXGK0MvhePWWG4ytVci+1s CFDAAUhAGOPLuBjOBersK9fCwfAIQTjgBv5VmvLayrseNALbN861lk/UFwIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFG5HFD0lcitRrQTsN+Qun6bCRwj8MB8GA1UdIwQY MBaAFNmnzZt4cqHHqiYrP60akHZQJSgyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMmFmTm0zaHlvY2VxSmlzX3JScVFkbEFsS0RJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9jMDZmMDktOTA3Mi00ZDU3LTliNjQt ZDA1YmU4YzVhNGIxLzEvYmtjVVBTVnlLMUd0Qk93MzVDNmZwc0pIQ1B3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84YS9jMDZmMDktOTA3Mi00ZDU3LTliNjQtZDA1YmU4YzVhNGIx LzEvMmFmTm0zaHlvY2VxSmlzX3JScVFkbEFsS0RJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuUcEAwQE 2ZTgMA0GCSqGSIb3DQEBCwUAA4IBAQCdQzqIwfCuoAh7W3LKkBK7LxVH6eK8TcQG oPWO4lVpoZ+OBp5t1Sp1xJv3c6sHJd14C7ZWYT2p4BdQ6RqkLCHwdwyA+YzYcRii c56l6LYQnixK8M5UfmGg3uO+6j3kucowgcDTh0XjrTJpFilLCNtIii2X6UeAeVFP cH9hDjXqT1bocp51zH/qFZ/QIADm8BxxcbpALmR6IPzBPEgJ5U2EVdTBJI3lF+v4 614yNRGwTzr+BfFmsyVOU6rE7SWivhakQ93NyxbqYbZKTRzQ74hxR+6kRgLhuQw1 O3b9z9RICOArX+bLLp6WPDUkcGzDYcHRpdrYI5lSMQc+I+z/RPjv -----END CERTIFICATE-----Generated at Tue Jan 27 03:59:03 2026 by rpki-client