This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/bIKyF2Q2GTRRfkCcfpg-PYm-LAk.roa File: bIKyF2Q2GTRRfkCcfpg-PYm-LAk.roa (raw, json) Hash identifier: S0GM3HoDdp+EGNSxNl3mIV/O8dn7DSvjLXDYeT6IM4U= Subject key identifier: 6C:82:B2:17:64:36:19:34:51:7E:40:9C:7E:98:3E:3D:89:BE:2C:09 Certificate issuer: /CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4 Certificate serial: 019B77C73DDEFD5074534F758ED8C557BFA4 Authority key identifier: D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/bIKyF2Q2GTRRfkCcfpg-PYm-LAk.roa Signing time: Thu 01 Jan 2026 04:18:24 +0000 ROA not before: Thu 01 Jan 2026 04:18:24 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 2856 IP address blocks: 5.35.192.0/21 maxlen: 24 85.204.160.0/22 maxlen: 24 89.39.172.0/23 maxlen: 24 94.26.64.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.mft rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 02 Jan 2026 13:01:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c7:3d:de:fd:50:74:53:4f:75:8e:d8:c5:57:bf:a4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4 Validity Not Before: Jan 1 04:18:24 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=6c82b21764361934517e409c7e983e3d89be2c09 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:06:44:27:18:7f:ee:58:d4:20:50:e6:83:20: f5:9b:b5:90:d4:3a:df:34:1e:72:19:b1:a0:b5:a0: f4:b2:6c:ca:71:e7:06:b0:c6:03:17:49:ee:89:ce: 1d:d0:dd:6c:bd:f9:a1:6c:ed:2c:02:43:f9:49:0c: 5d:b6:e7:f4:9c:b5:06:e9:9f:47:8b:89:1c:c9:13: b6:e4:bf:bc:3d:0c:11:b8:37:a7:97:6e:ae:75:4b: b5:5f:64:90:fb:0c:ae:9d:0c:37:75:46:34:db:c4: 64:03:a6:3b:41:5e:65:4a:34:f1:ca:96:47:2d:cf: 6f:bb:3d:c1:b5:c1:28:cc:b1:34:c1:90:e9:b3:65: 60:ed:a3:6b:7e:be:79:62:e1:21:65:af:e0:db:f8: c1:c8:86:71:88:3f:b3:80:70:db:d0:c1:04:9a:26: ca:4c:78:f4:3f:7f:dd:83:40:0d:c0:e8:52:a4:a3: 5f:4f:89:74:64:0f:80:da:3d:9a:23:e8:26:7d:b9: dd:b0:1b:09:82:22:f9:28:e0:73:63:b5:0e:0f:8d: 8c:48:ed:08:9e:f1:df:34:1c:f1:8b:a5:20:5c:37: de:ec:85:22:37:9b:3c:29:77:c9:59:cc:93:ca:14: c9:4b:e1:74:c0:d7:30:3e:48:b6:b0:9c:61:53:f6: 35:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6C:82:B2:17:64:36:19:34:51:7E:40:9C:7E:98:3E:3D:89:BE:2C:09 X509v3 Authority Key Identifier: keyid:D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/bIKyF2Q2GTRRfkCcfpg-PYm-LAk.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.35.192.0/21 85.204.160.0/22 89.39.172.0/23 94.26.64.0/23 Signature Algorithm: sha256WithRSAEncryption 87:e1:5d:26:1d:1c:a7:44:c6:a0:8e:ba:b7:57:5a:92:32:4d: 9d:bc:08:61:92:84:0a:74:44:45:62:86:36:11:1c:de:6f:dc: 7a:14:41:dd:80:98:6b:b4:de:a1:65:08:84:5b:0a:4e:5b:46: 01:a3:a0:2f:08:d2:be:d7:e5:57:c9:c3:29:a2:16:7c:5f:48: 58:a2:d1:9f:2e:98:07:a9:26:7e:83:ef:68:25:5d:78:72:cd: a7:c3:a2:5d:6b:b8:99:b8:44:f7:76:c5:16:4e:06:52:ec:5c: ea:70:bb:76:b8:64:0b:52:7b:36:44:50:29:c6:e3:f4:fc:84: 79:2d:cc:56:b3:67:3e:da:2b:07:d0:2e:b4:87:c4:67:d2:c5: 59:da:d4:99:8d:34:66:6d:cd:1a:78:d2:a2:0d:69:ad:1e:f6: df:14:48:63:3e:06:a4:da:fd:6b:5e:8a:72:88:6f:8f:fd:a4: ec:8f:14:81:53:3a:8a:24:56:4e:e7:93:d4:e9:9e:86:b7:c6: 74:fb:4f:28:88:46:6b:0b:33:03:97:cb:c0:ce:ce:ee:55:d2: f3:ed:01:4f:33:92:e9:5f:67:c7:c1:96:ce:ff:ca:15:9c:6e: b7:b4:cf:40:10:88:72:1b:e1:40:da:83:7d:16:25:4b:d3:22: f6:0f:17:a6 -----BEGIN CERTIFICATE----- MIIFDzCCA/egAwIBAgISAZt3xz3e/VB0U091jtjFV7+kMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ0OGEyN2Y0NGIxMDQwNGM1MmY2ZmZjNGUwOGRjODJiZjhi NWRlZTQwHhcNMjYwMTAxMDQxODI0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2YzgyYjIxNzY0MzYxOTM0NTE3ZTQwOWM3ZTk4M2UzZDg5YmUyYzA5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmAZEJxh/7ljUIFDmgyD1m7WQ1Drf NB5yGbGgtaD0smzKcecGsMYDF0nuic4d0N1svfmhbO0sAkP5SQxdtuf0nLUG6Z9H i4kcyRO25L+8PQwRuDenl26udUu1X2SQ+wyunQw3dUY028RkA6Y7QV5lSjTxypZH Lc9vuz3BtcEozLE0wZDps2Vg7aNrfr55YuEhZa/g2/jByIZxiD+zgHDb0MEEmibK THj0P3/dg0ANwOhSpKNfT4l0ZA+A2j2aI+gmfbndsBsJgiL5KOBzY7UOD42MSO0I nvHfNBzxi6UgXDfe7IUiN5s8KXfJWcyTyhTJS+F0wNcwPki2sJxhU/Y1OQIDAQAB o4ICGzCCAhcwHQYDVR0OBBYEFGyCshdkNhk0UX5AnH6YPj2JviwJMB8GA1UdIwQY MBaAFNSKJ/RLEEBMUvb/xOCNyCv4td7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYt NTlmNTk4NGI2NGVhLzEvYklLeUYyUTJHVFJSZmtDY2ZwZy1QWW0tTEFrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYtNTlmNTk4NGI2NGVh LzEvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDBSPAAwQC VcygAwQBWSesAwQBXhpAMA0GCSqGSIb3DQEBCwUAA4IBAQCH4V0mHRynRMagjrq3 V1qSMk2dvAhhkoQKdERFYoY2ERzeb9x6FEHdgJhrtN6hZQiEWwpOW0YBo6AvCNK+ 1+VXycMpohZ8X0hYotGfLpgHqSZ+g+9oJV14cs2nw6Jda7iZuET3dsUWTgZS7Fzq cLt2uGQLUns2RFApxuP0/IR5LcxWs2c+2isH0C60h8Rn0sVZ2tSZjTRmbc0aeNKi DWmtHvbfFEhjPgak2v1rXopyiG+P/aTsjxSBUzqKJFZO55PU6Z6Gt8Z0+08oiEZr CzMDl8vAzs7uVdLz7QFPM5LpX2fHwZbO/8oVnG63tM9AEIhyG+FA2oN9FiVL0yL2 Dxem -----END CERTIFICATE-----Generated at Thu Jan 1 20:23:18 2026 by rpki-client