This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/8fe4db-8c5b-40f5-9360-e596e524cabe/1/bYFNWMi4DStmMjoV0tL6j97Khao.roa File: bYFNWMi4DStmMjoV0tL6j97Khao.roa (raw, json) Hash identifier: 2j9NKfwDUmD4G/qj7URDaF2T8o11L7u7ZgoHRPOGxcM= Subject key identifier: 6D:81:4D:58:C8:B8:0D:2B:66:32:3A:15:D2:D2:FA:8F:DE:CA:85:AA Certificate issuer: /CN=5b797fcd8433b1f489f891194862fc36bfbef66b Certificate serial: 019B797EDBEDF7D61E334BB8265826E5F690 Authority key identifier: 5B:79:7F:CD:84:33:B1:F4:89:F8:91:19:48:62:FC:36:BF:BE:F6:6B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W3l_zYQzsfSJ-JEZSGL8Nr--9ms.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/8fe4db-8c5b-40f5-9360-e596e524cabe/1/bYFNWMi4DStmMjoV0tL6j97Khao.roa Signing time: Thu 01 Jan 2026 12:18:35 +0000 ROA not before: Thu 01 Jan 2026 12:18:35 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 215994 IP address blocks: 91.230.188.0/24 maxlen: 24 2a14:ba80::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/8fe4db-8c5b-40f5-9360-e596e524cabe/1/W3l_zYQzsfSJ-JEZSGL8Nr--9ms.crl rsync://rpki.ripe.net/repository/DEFAULT/b4/8fe4db-8c5b-40f5-9360-e596e524cabe/1/W3l_zYQzsfSJ-JEZSGL8Nr--9ms.mft rsync://rpki.ripe.net/repository/DEFAULT/W3l_zYQzsfSJ-JEZSGL8Nr--9ms.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 21:00:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7e:db:ed:f7:d6:1e:33:4b:b8:26:58:26:e5:f6:90 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5b797fcd8433b1f489f891194862fc36bfbef66b Validity Not Before: Jan 1 12:18:35 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=6d814d58c8b80d2b66323a15d2d2fa8fdeca85aa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:95:1f:7f:8c:7d:4e:b9:89:23:55:bd:38:ce:09: 68:33:fe:05:41:bc:91:79:3c:4f:ac:fa:2a:d0:49: 17:83:16:7b:2a:4c:25:c7:f0:4d:2e:41:2d:0a:75: b5:3f:d1:29:4b:b4:09:26:6b:1e:2f:33:71:b3:b9: 66:1b:d7:53:43:b4:b3:31:be:f4:47:08:f6:41:5f: 31:2f:9c:b2:8f:f4:71:d4:57:9d:1d:47:ee:e2:b8: b8:ea:28:d7:16:9b:0d:82:c8:3e:78:0b:01:c5:3f: 47:42:c2:28:02:d6:e5:91:19:b4:4e:25:a3:40:17: d2:c7:6c:dc:dd:09:15:23:00:26:da:fe:90:6f:ad: 53:05:d1:92:bb:b1:fa:51:b5:4d:a8:b3:7f:22:c0: b3:68:f5:1d:44:05:9b:8d:18:26:20:3d:55:ac:b7: d3:9e:9d:51:0b:e8:44:1a:e2:9d:09:98:40:bc:a2: 42:23:95:88:a4:b1:ca:9d:92:8b:1d:51:9e:2a:8c: 42:ba:84:6d:b6:d4:21:94:e7:41:f7:94:fa:6d:6a: 7a:ca:21:89:75:7a:66:53:4e:1c:7b:b8:97:4d:a7: 3b:e6:6b:9a:11:bd:27:8a:01:99:72:3a:ac:cc:f3: 53:70:de:fc:8e:c7:8f:1b:f0:d2:85:a2:59:e9:01: c7:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6D:81:4D:58:C8:B8:0D:2B:66:32:3A:15:D2:D2:FA:8F:DE:CA:85:AA X509v3 Authority Key Identifier: keyid:5B:79:7F:CD:84:33:B1:F4:89:F8:91:19:48:62:FC:36:BF:BE:F6:6B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W3l_zYQzsfSJ-JEZSGL8Nr--9ms.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/8fe4db-8c5b-40f5-9360-e596e524cabe/1/bYFNWMi4DStmMjoV0tL6j97Khao.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/8fe4db-8c5b-40f5-9360-e596e524cabe/1/W3l_zYQzsfSJ-JEZSGL8Nr--9ms.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.230.188.0/24 IPv6: 2a14:ba80::/29 Signature Algorithm: sha256WithRSAEncryption 28:67:d0:d7:5e:24:f0:12:33:ac:81:5d:bd:10:83:e6:dd:be: 99:fa:14:55:0a:30:49:c2:14:6e:05:ef:ab:b4:7d:51:1a:4a: 30:bc:e3:39:bd:0e:1e:39:8a:8c:ec:65:7c:97:dc:31:a4:f9: 7c:09:6f:53:80:9d:9a:0c:f4:5b:0d:f7:58:9d:97:e1:21:9b: f7:76:7f:93:c1:8f:ef:94:61:a0:0c:42:2f:4a:64:43:ee:f6: 96:08:73:6b:9b:7d:49:f9:d5:4e:10:9d:0f:6c:28:a1:42:6f: fe:8f:d5:85:7f:8f:f2:e0:59:2a:de:5f:c1:c0:fc:f9:42:e1: 32:62:a6:63:40:eb:3b:90:be:1f:f8:0e:4f:60:90:b9:f6:d1: 78:56:b4:2f:1a:3b:d3:a6:15:cf:15:a2:f4:8b:01:34:58:a6: 26:73:22:93:31:41:cd:0c:92:32:76:ff:2b:9a:82:9a:61:22: e3:12:c7:85:97:f1:68:e3:38:2f:d5:1a:a7:21:62:ad:a4:56: e7:5e:5a:f9:35:dd:ed:0b:0b:68:9f:d6:bb:3b:83:2d:47:88: cb:9c:33:32:12:4d:94:de:c7:17:52:ae:ed:dc:9e:5b:72:88: 16:65:df:74:b0:eb:97:29:e9:a4:7e:14:a5:48:2c:57:8b:20: 4f:89:86:cd -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt5ftvt99YeM0u4Jlgm5faQMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDViNzk3ZmNkODQzM2IxZjQ4OWY4OTExOTQ4NjJmYzM2YmZi ZWY2NmIwHhcNMjYwMTAxMTIxODM1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2ZDgxNGQ1OGM4YjgwZDJiNjYzMjNhMTVkMmQyZmE4ZmRlY2E4NWFhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlR9/jH1OuYkjVb04zgloM/4FQbyR eTxPrPoq0EkXgxZ7Kkwlx/BNLkEtCnW1P9EpS7QJJmseLzNxs7lmG9dTQ7SzMb70 Rwj2QV8xL5yyj/Rx1FedHUfu4ri46ijXFpsNgsg+eAsBxT9HQsIoAtblkRm0TiWj QBfSx2zc3QkVIwAm2v6Qb61TBdGSu7H6UbVNqLN/IsCzaPUdRAWbjRgmID1VrLfT np1RC+hEGuKdCZhAvKJCI5WIpLHKnZKLHVGeKoxCuoRtttQhlOdB95T6bWp6yiGJ dXpmU04ce7iXTac75muaEb0nigGZcjqszPNTcN78jsePG/DShaJZ6QHHvQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFG2BTVjIuA0rZjI6FdLS+o/eyoWqMB8GA1UdIwQY MBaAFFt5f82EM7H0ifiRGUhi/Da/vvZrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVzNsX3pZUXpzZlNKLUpFWlNHTDhOci0tOW1zLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC84ZmU0ZGItOGM1Yi00MGY1LTkzNjAt ZTU5NmU1MjRjYWJlLzEvYllGTldNaTREU3RtTWpvVjB0TDZqOTdLaGFvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iNC84ZmU0ZGItOGM1Yi00MGY1LTkzNjAtZTU5NmU1MjRjYWJl LzEvVzNsX3pZUXpzZlNKLUpFWlNHTDhOci0tOW1zLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAW+a8MA0E AgACMAcDBQMqFLqAMA0GCSqGSIb3DQEBCwUAA4IBAQAoZ9DXXiTwEjOsgV29EIPm 3b6Z+hRVCjBJwhRuBe+rtH1RGkowvOM5vQ4eOYqM7GV8l9wxpPl8CW9TgJ2aDPRb DfdYnZfhIZv3dn+TwY/vlGGgDEIvSmRD7vaWCHNrm31J+dVOEJ0PbCihQm/+j9WF f4/y4Fkq3l/BwPz5QuEyYqZjQOs7kL4f+A5PYJC59tF4VrQvGjvTphXPFaL0iwE0 WKYmcyKTMUHNDJIydv8rmoKaYSLjEseFl/Fo4zgv1RqnIWKtpFbnXlr5Nd3tCwto n9a7O4MtR4jLnDMyEk2U3scXUq7t3J5bcogWZd90sOuXKemkfhSlSCxXiyBPiYbN -----END CERTIFICATE-----Generated at Tue Feb 10 06:04:00 2026 by rpki-client