This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/bf8bca-c4a0-429d-9f4d-0eb6bbf65b1f/1/D8kmbrxGH990IEjHOfCChDR_0RI.roa File: D8kmbrxGH990IEjHOfCChDR_0RI.roa (raw, json) Hash identifier: av49JGDKCD6wMkJgxe4+rUguaf8/22rVV0DlSQeu/3g= Subject key identifier: 0F:C9:26:6E:BC:46:1F:DF:74:20:48:C7:39:F0:82:84:34:7F:D1:12 Certificate issuer: /CN=618855635e4794f5878e3b985fed8935ae06c5a1 Certificate serial: 019B7834A3FC3E2ED62D14897636713147F8 Authority key identifier: 61:88:55:63:5E:47:94:F5:87:8E:3B:98:5F:ED:89:35:AE:06:C5:A1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YYhVY15HlPWHjjuYX-2JNa4GxaE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/bf8bca-c4a0-429d-9f4d-0eb6bbf65b1f/1/D8kmbrxGH990IEjHOfCChDR_0RI.roa Signing time: Thu 01 Jan 2026 06:17:54 +0000 ROA not before: Thu 01 Jan 2026 06:17:54 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 15830 IP address blocks: 45.142.128.0/22 maxlen: 24 2a12:21c4::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c2/bf8bca-c4a0-429d-9f4d-0eb6bbf65b1f/1/YYhVY15HlPWHjjuYX-2JNa4GxaE.crl rsync://rpki.ripe.net/repository/DEFAULT/c2/bf8bca-c4a0-429d-9f4d-0eb6bbf65b1f/1/YYhVY15HlPWHjjuYX-2JNa4GxaE.mft rsync://rpki.ripe.net/repository/DEFAULT/YYhVY15HlPWHjjuYX-2JNa4GxaE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 18:00:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:34:a3:fc:3e:2e:d6:2d:14:89:76:36:71:31:47:f8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=618855635e4794f5878e3b985fed8935ae06c5a1 Validity Not Before: Jan 1 06:17:54 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=0fc9266ebc461fdf742048c739f08284347fd112 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:9c:cc:80:4c:70:68:2f:a5:4c:8a:bf:34:74: cf:e5:d5:88:d0:11:7b:a7:1b:1c:e4:3b:7d:56:0f: f6:c1:19:08:70:dd:a0:d4:cc:b5:e1:78:6a:d2:e9: ea:39:0a:b3:62:30:d4:bc:7f:8f:de:60:f9:ea:ab: ff:02:3c:7a:f4:b0:74:21:7b:bc:a4:b8:fd:5e:0d: 49:55:0c:cd:7f:88:40:45:e3:a5:1f:31:2f:85:28: 35:aa:23:c3:ff:0f:9a:8a:e6:c4:11:98:97:d1:a9: 4e:34:bc:8f:d0:da:eb:ca:9f:f2:18:07:d6:c3:31: 14:20:60:5b:d0:7d:b8:6e:50:79:41:de:30:fd:29: 43:3d:20:d4:8c:30:7d:b3:c3:10:4a:f8:3c:2a:3c: 40:46:18:7e:45:de:0a:7e:59:df:58:cf:cc:02:f6: 17:50:f7:aa:3b:c7:d3:b7:86:5d:6c:5d:78:00:d6: fb:5f:13:83:77:51:b8:22:67:27:cb:fa:84:41:5a: 09:62:08:13:02:74:b3:2b:d9:75:3f:a2:32:e5:55: 01:da:3b:0f:4e:21:3a:16:c1:5f:b5:b3:42:9f:5c: c3:25:2f:e3:c0:f7:95:98:2c:73:f4:e3:ec:bb:e5: c9:59:0c:68:61:1a:d3:85:ab:85:fa:4b:dd:2a:e1: 5c:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0F:C9:26:6E:BC:46:1F:DF:74:20:48:C7:39:F0:82:84:34:7F:D1:12 X509v3 Authority Key Identifier: keyid:61:88:55:63:5E:47:94:F5:87:8E:3B:98:5F:ED:89:35:AE:06:C5:A1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YYhVY15HlPWHjjuYX-2JNa4GxaE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/bf8bca-c4a0-429d-9f4d-0eb6bbf65b1f/1/D8kmbrxGH990IEjHOfCChDR_0RI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/bf8bca-c4a0-429d-9f4d-0eb6bbf65b1f/1/YYhVY15HlPWHjjuYX-2JNa4GxaE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.142.128.0/22 IPv6: 2a12:21c4::/32 Signature Algorithm: sha256WithRSAEncryption 2d:e0:e9:31:f0:0b:25:88:f5:d5:86:11:22:5c:b0:d8:2d:12: a2:9c:a1:c5:48:39:bf:10:c6:d8:e7:80:10:3e:ab:d9:5a:f7: e5:01:eb:5a:92:97:db:c6:75:c9:c6:36:24:be:9b:56:95:52: b5:5d:79:68:b9:35:84:61:89:1f:1f:a1:3a:58:54:ce:70:e9: ef:6e:6c:b5:b7:58:b3:24:c6:ca:97:96:b5:6d:06:24:74:cb: 42:8b:4b:fc:c5:bf:dd:0f:97:25:de:1f:30:43:69:6b:0c:b8: 6e:0e:16:3d:f4:89:8c:4a:10:f0:b3:89:65:e5:c1:27:02:f2: 2e:bf:56:2a:ce:01:b8:e8:46:88:00:4d:89:0f:af:ca:a2:db: 78:7e:7f:80:0c:f8:55:f8:94:2b:96:e1:ed:58:c4:b7:4e:a6: 1b:d5:1b:d0:6d:9c:13:f9:eb:25:e6:3a:06:ea:74:65:a4:da: 99:2e:3a:7c:82:61:cd:2e:73:3f:07:32:45:3c:8f:50:06:d4: 24:60:7e:d6:3e:3e:fa:9d:61:40:11:5a:f3:b4:97:82:a5:8e: 33:99:34:79:41:96:61:34:6e:a1:85:43:70:44:ee:9d:de:8d: 4f:17:c6:9e:2d:44:56:c3:aa:2d:4d:dd:54:c5:36:b8:e8:d8: 07:7c:a3:a3 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt4NKP8Pi7WLRSJdjZxMUf4MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYxODg1NTYzNWU0Nzk0ZjU4NzhlM2I5ODVmZWQ4OTM1YWUw NmM1YTEwHhcNMjYwMTAxMDYxNzU0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwZmM5MjY2ZWJjNDYxZmRmNzQyMDQ4YzczOWYwODI4NDM0N2ZkMTEyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5pzMgExwaC+lTIq/NHTP5dWI0BF7 pxsc5Dt9Vg/2wRkIcN2g1My14Xhq0unqOQqzYjDUvH+P3mD56qv/Ajx69LB0IXu8 pLj9Xg1JVQzNf4hAReOlHzEvhSg1qiPD/w+aiubEEZiX0alONLyP0Nrryp/yGAfW wzEUIGBb0H24blB5Qd4w/SlDPSDUjDB9s8MQSvg8KjxARhh+Rd4KflnfWM/MAvYX UPeqO8fTt4ZdbF14ANb7XxODd1G4Imcny/qEQVoJYggTAnSzK9l1P6Iy5VUB2jsP TiE6FsFftbNCn1zDJS/jwPeVmCxz9OPsu+XJWQxoYRrThauF+kvdKuFcewIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFA/JJm68Rh/fdCBIxznwgoQ0f9ESMB8GA1UdIwQY MBaAFGGIVWNeR5T1h447mF/tiTWuBsWhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWVloVlkxNUhsUFdIamp1WVgtMkpOYTRHeGFFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi9iZjhiY2EtYzRhMC00MjlkLTlmNGQt MGViNmJiZjY1YjFmLzEvRDhrbWJyeEdIOTkwSUVqSE9mQ0NoRFJfMFJJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jMi9iZjhiY2EtYzRhMC00MjlkLTlmNGQtMGViNmJiZjY1YjFm LzEvWVloVlkxNUhsUFdIamp1WVgtMkpOYTRHeGFFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLY6AMA0E AgACMAcDBQAqEiHEMA0GCSqGSIb3DQEBCwUAA4IBAQAt4Okx8AsliPXVhhEiXLDY LRKinKHFSDm/EMbY54AQPqvZWvflAetakpfbxnXJxjYkvptWlVK1XXlouTWEYYkf H6E6WFTOcOnvbmy1t1izJMbKl5a1bQYkdMtCi0v8xb/dD5cl3h8wQ2lrDLhuDhY9 9ImMShDws4ll5cEnAvIuv1YqzgG46EaIAE2JD6/Kott4fn+ADPhV+JQrluHtWMS3 TqYb1RvQbZwT+esl5joG6nRlpNqZLjp8gmHNLnM/BzJFPI9QBtQkYH7WPj76nWFA EVrztJeCpY4zmTR5QZZhNG6hhUNwRO6d3o1PF8aeLURWw6otTd1UxTa46NgHfKOj -----END CERTIFICATE-----Generated at Sat Jan 3 04:53:31 2026 by rpki-client