This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/4a7539-b149-48e9-88e7-060ac0890966/1/bUXJJvXZD8HG86LeZV98-RJ1Y8A.roa File: bUXJJvXZD8HG86LeZV98-RJ1Y8A.roa (raw, json) Hash identifier: LD+kXEg0Yv3J8X5RNHtOf1eUf3fGuk+QTSdoYbzqlLc= Subject key identifier: 6D:45:C9:26:F5:D9:0F:C1:C6:F3:A2:DE:65:5F:7C:F9:12:75:63:C0 Certificate issuer: /CN=dd1daecd30aeb74652bbdda5dad9676ce488aa49 Certificate serial: 019B7A5B3F9FCAA09F6DDFFE77CA4826BDDD Authority key identifier: DD:1D:AE:CD:30:AE:B7:46:52:BB:DD:A5:DA:D9:67:6C:E4:88:AA:49 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3R2uzTCut0ZSu92l2tlnbOSIqkk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/4a7539-b149-48e9-88e7-060ac0890966/1/bUXJJvXZD8HG86LeZV98-RJ1Y8A.roa Signing time: Thu 01 Jan 2026 16:19:18 +0000 ROA not before: Thu 01 Jan 2026 16:19:18 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 21343 IP address blocks: 91.223.19.0/24 maxlen: 24 185.158.208.0/22 maxlen: 24 194.110.204.0/24 maxlen: 24 195.234.112.0/22 maxlen: 24 2a02:2278:ff00::/40 maxlen: 56 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/99/4a7539-b149-48e9-88e7-060ac0890966/1/3R2uzTCut0ZSu92l2tlnbOSIqkk.crl rsync://rpki.ripe.net/repository/DEFAULT/99/4a7539-b149-48e9-88e7-060ac0890966/1/3R2uzTCut0ZSu92l2tlnbOSIqkk.mft rsync://rpki.ripe.net/repository/DEFAULT/3R2uzTCut0ZSu92l2tlnbOSIqkk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 21:05:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5b:3f:9f:ca:a0:9f:6d:df:fe:77:ca:48:26:bd:dd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dd1daecd30aeb74652bbdda5dad9676ce488aa49 Validity Not Before: Jan 1 16:19:18 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=6d45c926f5d90fc1c6f3a2de655f7cf9127563c0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:d5:9a:e9:0e:a8:e4:d7:98:fd:e1:af:0a:76: c9:f5:c7:a2:ba:59:3c:63:d7:58:2e:24:26:21:31: 94:14:08:36:ee:54:1c:48:2d:e2:23:be:28:df:99: 52:50:38:37:df:78:88:37:6a:67:8b:ef:36:be:f0: a3:01:1e:f1:4a:1d:de:72:7a:54:9b:4d:2e:87:c1: a7:5c:4d:df:7b:6a:e0:ee:8d:24:b9:5a:32:63:fb: ff:f0:67:5b:7d:5e:73:00:b6:d6:1f:f1:cf:66:d5: b9:74:7a:b9:22:6d:47:e9:89:94:9a:f2:78:af:d5: e3:47:20:de:69:dc:3e:b4:77:2d:7d:80:8e:d6:a4: 72:92:62:71:26:1a:14:f3:7b:29:92:f8:0a:b5:2a: d1:05:0a:3a:3c:49:ae:02:cd:0c:e5:26:45:74:ca: f6:1a:54:dc:e3:d5:31:93:a8:9e:27:2a:89:5d:69: c1:1d:cd:5a:19:e9:57:08:96:4e:b9:10:42:5b:e7: 6f:8b:02:d8:5e:2c:24:29:80:f6:55:18:4a:e5:e2: 94:67:e0:49:14:ba:d2:86:23:da:11:20:7d:06:59: be:79:a8:4a:1b:61:5c:7a:cd:9d:eb:fe:9d:cf:bb: dc:c9:af:ee:4a:cf:70:28:d5:9b:ea:75:45:02:58: 89:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6D:45:C9:26:F5:D9:0F:C1:C6:F3:A2:DE:65:5F:7C:F9:12:75:63:C0 X509v3 Authority Key Identifier: keyid:DD:1D:AE:CD:30:AE:B7:46:52:BB:DD:A5:DA:D9:67:6C:E4:88:AA:49 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3R2uzTCut0ZSu92l2tlnbOSIqkk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/4a7539-b149-48e9-88e7-060ac0890966/1/bUXJJvXZD8HG86LeZV98-RJ1Y8A.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/99/4a7539-b149-48e9-88e7-060ac0890966/1/3R2uzTCut0ZSu92l2tlnbOSIqkk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.223.19.0/24 185.158.208.0/22 194.110.204.0/24 195.234.112.0/22 IPv6: 2a02:2278:ff00::/40 Signature Algorithm: sha256WithRSAEncryption 7f:d3:24:1a:f9:13:ca:22:76:92:28:74:86:42:0f:df:fe:5b: 58:9f:51:c2:6f:04:a1:c8:16:fa:47:d3:2b:ea:44:20:b2:eb: 9e:10:10:ef:07:66:a9:08:70:9f:ab:d8:a6:13:33:c2:c2:b2: f3:b7:0e:a5:85:dc:73:73:41:42:0a:88:4f:e9:83:81:37:f4: 02:21:ae:2d:b3:a3:d7:0d:3f:33:4a:bb:16:8f:57:d0:1b:a3: 90:9f:51:e8:f2:92:1a:29:bd:5e:2e:01:d1:47:fc:10:be:00: 3d:00:ac:dd:56:31:f0:7f:cd:c6:cd:bf:3c:5b:37:59:fb:f2: 3a:42:fd:98:fc:97:d9:c6:79:04:e4:70:b8:f6:6c:44:59:28: 1b:0f:0a:c2:29:51:10:d8:ff:07:9f:86:09:41:3c:0b:f9:bd: 0c:d7:8d:13:47:56:33:ac:2b:2a:ca:bc:67:38:5e:51:fb:a3: 64:3e:00:2c:fc:ed:8b:57:a1:8e:56:b4:33:44:7f:6c:61:eb: 4e:92:eb:aa:bf:e0:79:2c:b0:ca:0b:19:ac:34:9b:3b:7c:85: 35:24:e7:3a:c1:81:3d:96:f4:1b:3a:bd:41:c2:1e:2c:ec:19: a5:68:e3:1f:95:c7:4d:90:8b:23:db:63:56:3e:a7:87:3f:da: 4a:27:45:7b -----BEGIN CERTIFICATE----- MIIFHzCCBAegAwIBAgISAZt6Wz+fyqCfbd/+d8pIJr3dMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRkMWRhZWNkMzBhZWI3NDY1MmJiZGRhNWRhZDk2NzZjZTQ4 OGFhNDkwHhcNMjYwMTAxMTYxOTE4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2ZDQ1YzkyNmY1ZDkwZmMxYzZmM2EyZGU2NTVmN2NmOTEyNzU2M2MwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArNWa6Q6o5NeY/eGvCnbJ9ceiulk8 Y9dYLiQmITGUFAg27lQcSC3iI74o35lSUDg333iIN2pni+82vvCjAR7xSh3ecnpU m00uh8GnXE3fe2rg7o0kuVoyY/v/8GdbfV5zALbWH/HPZtW5dHq5Im1H6YmUmvJ4 r9XjRyDeadw+tHctfYCO1qRykmJxJhoU83spkvgKtSrRBQo6PEmuAs0M5SZFdMr2 GlTc49Uxk6ieJyqJXWnBHc1aGelXCJZOuRBCW+dviwLYXiwkKYD2VRhK5eKUZ+BJ FLrShiPaESB9Blm+eahKG2Fces2d6/6dz7vcya/uSs9wKNWb6nVFAliJowIDAQAB o4ICKzCCAicwHQYDVR0OBBYEFG1FySb12Q/BxvOi3mVffPkSdWPAMB8GA1UdIwQY MBaAFN0drs0wrrdGUrvdpdrZZ2zkiKpJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM1IydXpUQ3V0MFpTdTkybDJ0bG5iT1NJcWtrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS80YTc1MzktYjE0OS00OGU5LTg4ZTct MDYwYWMwODkwOTY2LzEvYlVYSkp2WFpEOEhHODZMZVpWOTgtUkoxWThBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85OS80YTc1MzktYjE0OS00OGU5LTg4ZTctMDYwYWMwODkwOTY2 LzEvM1IydXpUQ3V0MFpTdTkybDJ0bG5iT1NJcWtrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAeBAIAATAYAwQAW98TAwQC uZ7QAwQAwm7MAwQCw+pwMA4EAgACMAgDBgAqAiJ4/zANBgkqhkiG9w0BAQsFAAOC AQEAf9MkGvkTyiJ2kih0hkIP3/5bWJ9Rwm8EocgW+kfTK+pEILLrnhAQ7wdmqQhw n6vYphMzwsKy87cOpYXcc3NBQgqIT+mDgTf0AiGuLbOj1w0/M0q7Fo9X0BujkJ9R 6PKSGim9Xi4B0Uf8EL4APQCs3VYx8H/Nxs2/PFs3WfvyOkL9mPyX2cZ5BORwuPZs RFkoGw8KwilRENj/B5+GCUE8C/m9DNeNE0dWM6wrKsq8ZzheUfujZD4ALPzti1eh jla0M0R/bGHrTpLrqr/geSywygsZrDSbO3yFNSTnOsGBPZb0Gzq9QcIeLOwZpWjj H5XHTZCLI9tjVj6nhz/aSidFew== -----END CERTIFICATE-----Generated at Tue Feb 10 03:57:18 2026 by rpki-client