This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/0bab1f-92d6-42f0-b952-442c080ae541/1/BZiuGChYteIV3-RFWRWSz2y3d3A.roa File: BZiuGChYteIV3-RFWRWSz2y3d3A.roa (raw, json) Hash identifier: cNyCyKkwqm/596Q3tlgnaVI5Q+CFTR9OgN3nxKb0AOc= Subject key identifier: 05:98:AE:18:28:58:B5:E2:15:DF:E4:45:59:15:92:CF:6C:B7:77:70 Certificate issuer: /CN=36261c261756fa03ac57d1bfc4db856ef808975a Certificate serial: 019B78A2104C337868E52610950E142D36E9 Authority key identifier: 36:26:1C:26:17:56:FA:03:AC:57:D1:BF:C4:DB:85:6E:F8:08:97:5A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NiYcJhdW-gOsV9G_xNuFbvgIl1o.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/0bab1f-92d6-42f0-b952-442c080ae541/1/BZiuGChYteIV3-RFWRWSz2y3d3A.roa Signing time: Thu 01 Jan 2026 08:17:25 +0000 ROA not before: Thu 01 Jan 2026 08:17:25 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 20860 IP address blocks: 185.35.77.0/24 maxlen: 24 2a00:e120::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b5/0bab1f-92d6-42f0-b952-442c080ae541/1/NiYcJhdW-gOsV9G_xNuFbvgIl1o.crl rsync://rpki.ripe.net/repository/DEFAULT/b5/0bab1f-92d6-42f0-b952-442c080ae541/1/NiYcJhdW-gOsV9G_xNuFbvgIl1o.mft rsync://rpki.ripe.net/repository/DEFAULT/NiYcJhdW-gOsV9G_xNuFbvgIl1o.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 08:02:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a2:10:4c:33:78:68:e5:26:10:95:0e:14:2d:36:e9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=36261c261756fa03ac57d1bfc4db856ef808975a Validity Not Before: Jan 1 08:17:25 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=0598ae182858b5e215dfe445591592cf6cb77770 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:66:63:a0:e5:72:5a:7e:fa:54:79:65:a0:08: 83:92:32:f0:c6:6c:31:40:58:10:d3:bb:1c:14:4e: e3:e0:2d:30:31:00:0d:97:e5:a5:d2:fc:3c:65:71: a7:14:78:3b:d0:49:31:68:ea:85:ba:89:4f:c6:7e: f8:ca:8d:79:c4:b1:c3:66:63:6d:c9:ab:9c:e5:3e: 5f:f7:05:9a:ac:e4:69:dd:c0:3a:14:d3:1d:8b:1d: 98:5c:bb:ab:75:75:10:f3:cb:c9:c9:33:7f:a2:9c: 8f:9e:61:b2:3d:98:26:a0:79:c8:c1:43:81:6f:fe: 5f:51:87:e0:8a:b8:92:c7:4f:3c:c1:6d:f3:12:7b: 29:5e:46:d1:67:be:c5:c0:60:6a:8c:4b:ca:a3:b4: dc:c7:7a:d2:5c:99:2f:0e:fa:1d:22:cf:56:a4:b3: b5:e9:d3:85:f9:1a:86:76:e4:1e:e0:23:8c:10:c8: af:4b:68:5a:5b:3b:24:d3:f2:4b:fe:9f:b5:33:ad: b1:69:58:f2:7b:e7:f3:9e:25:2b:d0:5c:cb:48:01: 5f:a6:6b:a7:52:d9:38:35:9c:ad:62:94:aa:1a:8f: e5:1f:62:f0:e9:40:5b:ef:a7:8d:f0:ae:75:83:19: 6a:33:2a:e2:08:7f:26:c4:72:37:2e:71:ad:8b:07: e3:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 05:98:AE:18:28:58:B5:E2:15:DF:E4:45:59:15:92:CF:6C:B7:77:70 X509v3 Authority Key Identifier: keyid:36:26:1C:26:17:56:FA:03:AC:57:D1:BF:C4:DB:85:6E:F8:08:97:5A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NiYcJhdW-gOsV9G_xNuFbvgIl1o.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/0bab1f-92d6-42f0-b952-442c080ae541/1/BZiuGChYteIV3-RFWRWSz2y3d3A.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/0bab1f-92d6-42f0-b952-442c080ae541/1/NiYcJhdW-gOsV9G_xNuFbvgIl1o.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.35.77.0/24 IPv6: 2a00:e120::/32 Signature Algorithm: sha256WithRSAEncryption 19:0c:be:28:69:3c:0a:5d:24:6d:3f:8c:6b:0c:51:45:ae:ad: eb:b4:95:e7:f9:8f:36:96:fb:76:e7:50:dc:eb:1b:d2:54:d8: 60:6d:9b:12:b1:77:3d:25:2b:25:40:ff:87:c7:1e:13:8f:98: c6:38:9e:6f:73:1d:cf:23:e8:39:fd:47:1b:10:04:20:73:6c: 61:79:02:26:30:31:70:5e:4c:05:5c:f3:56:fa:c0:61:a9:f0: 01:02:48:5b:2d:63:f0:52:19:16:17:19:0e:1c:a0:6e:ce:33: 6a:1b:57:3d:ed:dd:27:7c:9a:cd:aa:b7:b8:f7:1f:dd:52:62: 1b:00:50:c6:df:4f:5b:8e:1a:47:1d:a5:36:95:5b:ad:bf:ba: 28:26:16:13:87:34:dc:5c:16:58:f3:b1:da:19:f8:ec:34:c1: 1a:bd:c3:e4:a5:80:0a:d4:3d:d4:cc:96:91:36:49:be:20:df: 92:8c:46:ce:27:d9:f4:7c:d2:22:ba:ba:ab:80:24:8e:7d:a9: f4:a3:9b:bd:f4:6f:a6:d2:54:d2:27:74:a6:58:f6:bb:55:fa: 0a:c4:ad:ca:16:05:d0:65:84:5f:0a:c1:48:8e:69:fe:05:8b: 82:13:44:78:35:3d:06:d9:53:87:5b:2a:32:84:59:c5:4c:18: 44:0d:1d:59 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt4ohBMM3ho5SYQlQ4ULTbpMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM2MjYxYzI2MTc1NmZhMDNhYzU3ZDFiZmM0ZGI4NTZlZjgw ODk3NWEwHhcNMjYwMTAxMDgxNzI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwNTk4YWUxODI4NThiNWUyMTVkZmU0NDU1OTE1OTJjZjZjYjc3NzcwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnmZjoOVyWn76VHlloAiDkjLwxmwx QFgQ07scFE7j4C0wMQANl+Wl0vw8ZXGnFHg70EkxaOqFuolPxn74yo15xLHDZmNt yauc5T5f9wWarORp3cA6FNMdix2YXLurdXUQ88vJyTN/opyPnmGyPZgmoHnIwUOB b/5fUYfgiriSx088wW3zEnspXkbRZ77FwGBqjEvKo7Tcx3rSXJkvDvodIs9WpLO1 6dOF+RqGduQe4COMEMivS2haWzsk0/JL/p+1M62xaVjye+fzniUr0FzLSAFfpmun Utk4NZytYpSqGo/lH2Lw6UBb76eN8K51gxlqMyriCH8mxHI3LnGtiwfjBQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFAWYrhgoWLXiFd/kRVkVks9st3dwMB8GA1UdIwQY MBaAFDYmHCYXVvoDrFfRv8TbhW74CJdaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTmlZY0poZFctZ09zVjlHX3hOdUZidmdJbDFvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS8wYmFiMWYtOTJkNi00MmYwLWI5NTIt NDQyYzA4MGFlNTQxLzEvQlppdUdDaFl0ZUlWMy1SRldSV1N6MnkzZDNBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iNS8wYmFiMWYtOTJkNi00MmYwLWI5NTItNDQyYzA4MGFlNTQx LzEvTmlZY0poZFctZ09zVjlHX3hOdUZidmdJbDFvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuSNNMA0E AgACMAcDBQAqAOEgMA0GCSqGSIb3DQEBCwUAA4IBAQAZDL4oaTwKXSRtP4xrDFFF rq3rtJXn+Y82lvt251Dc6xvSVNhgbZsSsXc9JSslQP+Hxx4Tj5jGOJ5vcx3PI+g5 /UcbEAQgc2xheQImMDFwXkwFXPNW+sBhqfABAkhbLWPwUhkWFxkOHKBuzjNqG1c9 7d0nfJrNqre49x/dUmIbAFDG309bjhpHHaU2lVutv7ooJhYThzTcXBZY87HaGfjs NMEavcPkpYAK1D3UzJaRNkm+IN+SjEbOJ9n0fNIiurqrgCSOfan0o5u99G+m0lTS J3SmWPa7VfoKxK3KFgXQZYRfCsFIjmn+BYuCE0R4NT0G2VOHWyoyhFnFTBhEDR1Z -----END CERTIFICATE-----Generated at Mon Jan 19 17:29:55 2026 by rpki-client