This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/BfVNHWqEPlzaLXAUxndKGpZQISo.roa File: BfVNHWqEPlzaLXAUxndKGpZQISo.roa (raw, json) Hash identifier: iPfjs5sAMs8Z6poczMNyYY8Bje3i0GDrHxRTpq3hZxY= Subject key identifier: 05:F5:4D:1D:6A:84:3E:5C:DA:2D:70:14:C6:77:4A:1A:96:50:21:2A Certificate issuer: /CN=6b233d75508b4e85cccf44349a7cb703198d1d26 Certificate serial: 019B7C80823AE9903D9E984E8D5B7000FF66 Authority key identifier: 6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/BfVNHWqEPlzaLXAUxndKGpZQISo.roa Signing time: Fri 02 Jan 2026 02:19:15 +0000 ROA not before: Fri 02 Jan 2026 02:19:15 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 209854 IP address blocks: 146.66.210.0/24 maxlen: 24 178.157.109.0/24 maxlen: 24 188.74.130.0/24 maxlen: 24 188.74.131.0/24 maxlen: 24 188.119.160.0/24 maxlen: 24 188.119.161.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.crl rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.mft rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 08:02:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:80:82:3a:e9:90:3d:9e:98:4e:8d:5b:70:00:ff:66 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6b233d75508b4e85cccf44349a7cb703198d1d26 Validity Not Before: Jan 2 02:19:15 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=05f54d1d6a843e5cda2d7014c6774a1a9650212a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:02:69:6e:fd:b2:39:fa:90:ba:d2:cc:0b:31: 9b:17:0b:67:28:08:09:c2:e9:46:9c:9c:19:38:49: 8e:28:75:9b:30:86:f5:be:12:79:f8:e4:c2:56:cc: 69:dc:3a:19:e8:ec:5b:17:82:51:f9:a6:d8:18:75: 69:1e:19:52:86:35:b8:53:76:7d:2e:2b:6b:90:fc: 75:ba:39:76:ef:15:33:e1:c5:72:b3:57:81:d0:c4: 23:51:cf:5b:fd:aa:10:7e:e3:56:96:c6:72:68:68: c6:56:1b:36:8b:fc:be:2f:4d:d5:36:98:19:d0:3b: 0a:ec:c6:27:0d:a2:cf:a6:5d:e4:ba:1d:9f:7b:74: 65:df:e5:cf:f7:b9:a5:1c:c6:26:38:4c:8b:7a:86: 3d:ea:d9:77:87:6c:7b:22:e7:25:b5:36:39:45:14: 45:80:39:77:87:16:b4:cf:6e:74:ae:f1:cb:c2:a2: 1c:d8:dd:c3:e3:dc:9d:74:a3:ec:5e:a7:ad:2f:a5: bf:a0:b2:e5:00:f1:68:d7:77:7b:06:ef:40:b8:15: 48:00:e8:7d:ec:37:44:6a:55:a1:16:58:0d:36:bf: 04:27:89:6f:dd:83:58:ad:fd:8e:6b:f2:7f:b1:5b: d4:4d:5d:0a:cc:17:ba:6d:49:51:a7:9f:56:47:91: 91:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 05:F5:4D:1D:6A:84:3E:5C:DA:2D:70:14:C6:77:4A:1A:96:50:21:2A X509v3 Authority Key Identifier: keyid:6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/BfVNHWqEPlzaLXAUxndKGpZQISo.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 146.66.210.0/24 178.157.109.0/24 188.74.130.0/23 188.119.160.0/23 Signature Algorithm: sha256WithRSAEncryption 7f:11:32:7c:69:e0:74:af:b5:8a:cd:bb:64:2d:08:a1:ee:0b: 92:e2:82:bc:4b:45:9d:22:5c:82:da:d0:a9:c3:3b:db:eb:3b: 8c:ca:f4:70:a2:e1:a1:1f:8b:59:d5:21:ed:43:e6:c5:d4:53: 99:09:2d:22:65:6c:f2:f2:a1:09:f9:55:90:69:e5:8d:cd:a8: 77:8d:72:8d:31:a8:26:29:81:b3:e3:cb:fc:17:fc:20:04:87: 6d:fc:ce:be:2f:93:1e:52:98:70:99:df:7e:c3:0c:f1:84:99: a5:fa:45:59:4d:1f:52:1c:0e:5e:06:21:d6:52:5f:39:0b:c7: f2:ad:2d:a4:5b:8f:ab:44:6c:d9:fd:0e:ac:19:e3:18:48:0a: fd:9d:9d:4e:dc:1b:3d:aa:90:0a:dd:4b:15:ca:73:60:9b:c1: 49:42:12:5b:6a:4d:43:ee:6e:96:27:8e:b7:d2:4a:8b:52:31: 69:d4:a8:cb:a7:e6:50:10:4a:5e:73:5f:5e:98:bd:84:b6:9c: 9c:01:cb:08:37:40:0c:98:6c:64:b9:e1:3d:22:36:aa:af:30: 92:67:ba:bd:13:ac:1f:b2:c1:2c:a3:c9:a6:da:c3:a6:09:58: cb:13:f5:fb:93:94:21:31:6d:a7:38:a2:09:fa:02:c5:79:e1: b3:6d:f8:40 -----BEGIN CERTIFICATE----- MIIFDzCCA/egAwIBAgISAZt8gII66ZA9nphOjVtwAP9mMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZiMjMzZDc1NTA4YjRlODVjY2NmNDQzNDlhN2NiNzAzMTk4 ZDFkMjYwHhcNMjYwMTAyMDIxOTE1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwNWY1NGQxZDZhODQzZTVjZGEyZDcwMTRjNjc3NGExYTk2NTAyMTJhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsAJpbv2yOfqQutLMCzGbFwtnKAgJ wulGnJwZOEmOKHWbMIb1vhJ5+OTCVsxp3DoZ6OxbF4JR+abYGHVpHhlShjW4U3Z9 LitrkPx1ujl27xUz4cVys1eB0MQjUc9b/aoQfuNWlsZyaGjGVhs2i/y+L03VNpgZ 0DsK7MYnDaLPpl3kuh2fe3Rl3+XP97mlHMYmOEyLeoY96tl3h2x7IucltTY5RRRF gDl3hxa0z250rvHLwqIc2N3D49yddKPsXqetL6W/oLLlAPFo13d7Bu9AuBVIAOh9 7DdEalWhFlgNNr8EJ4lv3YNYrf2Oa/J/sVvUTV0KzBe6bUlRp59WR5GRiQIDAQAB o4ICGzCCAhcwHQYDVR0OBBYEFAX1TR1qhD5c2i1wFMZ3ShqWUCEqMB8GA1UdIwQY MBaAFGsjPXVQi06FzM9ENJp8twMZjR0mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEt ZmE5Y2I1MWNkMGYxLzEvQmZWTkhXcUVQbHphTFhBVXhuZEtHcFpRSVNvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEtZmE5Y2I1MWNkMGYx LzEvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAkkLSAwQA sp1tAwQBvEqCAwQBvHegMA0GCSqGSIb3DQEBCwUAA4IBAQB/ETJ8aeB0r7WKzbtk LQih7guS4oK8S0WdIlyC2tCpwzvb6zuMyvRwouGhH4tZ1SHtQ+bF1FOZCS0iZWzy 8qEJ+VWQaeWNzah3jXKNMagmKYGz48v8F/wgBIdt/M6+L5MeUphwmd9+wwzxhJml +kVZTR9SHA5eBiHWUl85C8fyrS2kW4+rRGzZ/Q6sGeMYSAr9nZ1O3Bs9qpAK3UsV ynNgm8FJQhJbak1D7m6WJ4630kqLUjFp1KjLp+ZQEEpec19emL2EtpycAcsIN0AM mGxkueE9IjaqrzCSZ7q9E6wfssEso8mm2sOmCVjLE/X7k5QhMW2nOKIJ+gLFeeGz bfhA -----END CERTIFICATE-----Generated at Mon Jan 19 17:32:53 2026 by rpki-client