This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Bjof4dYIhMSTDkH_GtChkU5qpH8.roa File: Bjof4dYIhMSTDkH_GtChkU5qpH8.roa (raw, json) Hash identifier: q5+jqlequAqA1KtuwRf3DjpOFB0Y/CqxALc5lNEgPV8= Subject key identifier: 06:3A:1F:E1:D6:08:84:C4:93:0E:41:FF:1A:D0:A1:91:4E:6A:A4:7F Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2 Certificate serial: 019B7D5D27AD9D4AB2502337D31721270880 Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Bjof4dYIhMSTDkH_GtChkU5qpH8.roa Signing time: Fri 02 Jan 2026 06:20:15 +0000 ROA not before: Fri 02 Jan 2026 06:20:15 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 6233 IP address blocks: 193.19.108.0/24 maxlen: 24 194.242.2.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.mft rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 11:01:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5d:27:ad:9d:4a:b2:50:23:37:d3:17:21:27:08:80 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2 Validity Not Before: Jan 2 06:20:15 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=063a1fe1d60884c4930e41ff1ad0a1914e6aa47f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:cc:66:f3:11:4f:23:5d:d8:6b:d8:1a:10:03: 66:39:db:47:8e:e6:67:ed:9a:3b:4d:aa:9f:bb:10: ce:09:41:97:69:69:a2:2a:e6:ab:dc:49:87:ff:b7: 1a:6c:24:48:79:b6:de:f5:8f:91:3b:27:ba:1f:d0: 2b:fe:2c:2f:62:e2:6f:0c:ee:9b:41:aa:69:70:81: 12:ff:3d:b2:68:64:8d:32:00:9a:57:b0:ea:6a:dc: 0e:4f:15:46:a3:be:08:f7:86:51:9b:41:9d:f6:1f: 98:7c:f5:e2:a7:b8:e0:78:9e:38:5e:1a:15:20:00: 97:4c:26:6e:8f:a8:90:23:54:e6:1c:36:80:f3:b2: fb:4e:84:29:c4:da:3a:ed:e9:82:5b:9c:80:d7:68: 1f:50:b7:4b:37:25:9a:ca:3d:b1:2a:b9:47:60:a8: 12:c8:ea:a1:1f:17:a2:c8:8a:e4:71:d6:7d:6f:5d: 99:02:54:82:3f:4d:81:68:98:2f:b9:cf:02:39:6b: d9:14:15:a8:1c:0e:5e:ef:2c:af:07:e1:67:97:e2: f3:ba:dd:da:ad:3c:08:29:16:15:a6:2c:1e:50:5a: 9b:45:98:a6:64:d8:70:db:34:df:88:68:7e:86:22: 54:fb:18:c4:7b:0b:92:e6:26:03:40:c8:ba:ab:33: 4c:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 06:3A:1F:E1:D6:08:84:C4:93:0E:41:FF:1A:D0:A1:91:4E:6A:A4:7F X509v3 Authority Key Identifier: keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Bjof4dYIhMSTDkH_GtChkU5qpH8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 193.19.108.0/24 194.242.2.0/24 Signature Algorithm: sha256WithRSAEncryption 93:26:93:23:7b:20:1b:ae:76:b1:79:40:6c:a3:22:0b:4a:b5: 99:e4:b4:e5:28:52:50:3f:92:f3:18:94:94:61:a4:37:01:5e: 2a:66:93:31:89:a1:74:3a:4f:6b:b0:44:02:fb:1f:e0:b8:29: b6:1b:71:1e:98:c7:a8:1d:54:33:59:74:80:f4:7a:50:c4:59: 3f:0e:51:6d:cc:0e:63:e9:86:28:3e:30:67:45:36:f2:4b:a7: 35:53:75:4d:be:10:8f:4e:b8:56:f6:8d:47:70:3d:1f:b2:92: 59:76:bf:ef:14:0a:c2:a2:91:c9:12:1b:c5:cd:eb:ef:e9:3c: 8d:75:4f:e1:d8:fb:be:07:b8:cb:cc:e5:24:66:c9:0d:04:48: 90:02:e4:8d:96:58:1a:26:55:22:76:02:58:3a:31:d0:cc:ac: 44:86:21:32:af:8d:8a:d7:db:ce:de:03:c0:36:de:03:a9:e4: 2d:d3:5d:a3:dc:77:d5:ba:7c:e2:98:4f:ac:b6:07:09:66:73: 9c:89:69:e6:87:b3:14:b8:f4:31:d6:45:cb:33:9b:90:e1:60: f7:9b:36:fe:62:61:d3:49:b6:72:dd:e7:58:a4:7b:e2:13:b1: 6e:4d:a1:ca:39:9b:7a:e4:da:ac:92:76:34:51:2b:1b:aa:ff: c5:77:3e:ca -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt9XSetnUqyUCM30xchJwiAMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw NWIwZTIwHhcNMjYwMTAyMDYyMDE1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwNjNhMWZlMWQ2MDg4NGM0OTMwZTQxZmYxYWQwYTE5MTRlNmFhNDdmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1cxm8xFPI13Ya9gaEANmOdtHjuZn 7Zo7TaqfuxDOCUGXaWmiKuar3EmH/7cabCRIebbe9Y+ROye6H9Ar/iwvYuJvDO6b QappcIES/z2yaGSNMgCaV7DqatwOTxVGo74I94ZRm0Gd9h+YfPXip7jgeJ44XhoV IACXTCZuj6iQI1TmHDaA87L7ToQpxNo67emCW5yA12gfULdLNyWayj2xKrlHYKgS yOqhHxeiyIrkcdZ9b12ZAlSCP02BaJgvuc8COWvZFBWoHA5e7yyvB+Fnl+Lzut3a rTwIKRYVpiweUFqbRZimZNhw2zTfiGh+hiJU+xjEewuS5iYDQMi6qzNMpQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFAY6H+HWCITEkw5B/xrQoZFOaqR/MB8GA1UdIwQY MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt MmNjZWRiOTY2YTU4LzEvQmpvZjRkWUloTVNURGtIX0d0Q2hrVTVxcEg4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4 LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwRNsAwQA wvICMA0GCSqGSIb3DQEBCwUAA4IBAQCTJpMjeyAbrnaxeUBsoyILSrWZ5LTlKFJQ P5LzGJSUYaQ3AV4qZpMxiaF0Ok9rsEQC+x/guCm2G3EemMeoHVQzWXSA9HpQxFk/ DlFtzA5j6YYoPjBnRTbyS6c1U3VNvhCPTrhW9o1HcD0fspJZdr/vFArCopHJEhvF zevv6TyNdU/h2Pu+B7jLzOUkZskNBEiQAuSNllgaJlUidgJYOjHQzKxEhiEyr42K 19vO3gPANt4DqeQt012j3HfVunzimE+stgcJZnOciWnmh7MUuPQx1kXLM5uQ4WD3 mzb+YmHTSbZy3edYpHviE7FuTaHKOZt65NqsknY0USsbqv/Fdz7K -----END CERTIFICATE-----Generated at Mon Jan 19 19:58:16 2026 by rpki-client