This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/BaNXpsDq6-N9oos8dJUS_8wrDB0.roa File: BaNXpsDq6-N9oos8dJUS_8wrDB0.roa (raw, json) Hash identifier: R59taLcL8XgECkHUD04YKkgGCAVhyLMLkoR8FN3GBXU= Subject key identifier: 05:A3:57:A6:C0:EA:EB:E3:7D:A2:8B:3C:74:95:12:FF:CC:2B:0C:1D Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07 Certificate serial: 019B78A27A60427D85BCC2E438EBD2500D6A Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/BaNXpsDq6-N9oos8dJUS_8wrDB0.roa Signing time: Thu 01 Jan 2026 08:17:52 +0000 ROA not before: Thu 01 Jan 2026 08:17:52 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 46450 IP address blocks: 45.67.145.0/24 maxlen: 24 45.248.53.0/24 maxlen: 24 162.218.93.0/24 maxlen: 24 162.218.95.0/24 maxlen: 24 185.198.89.0/24 maxlen: 24 185.198.90.0/24 maxlen: 24 185.198.91.0/24 maxlen: 24 212.60.16.0/23 maxlen: 23 217.197.168.0/24 maxlen: 24 217.197.171.0/24 maxlen: 24 2a07:c6c0:9::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.mft rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 12:01:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a2:7a:60:42:7d:85:bc:c2:e4:38:eb:d2:50:0d:6a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07 Validity Not Before: Jan 1 08:17:52 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=05a357a6c0eaebe37da28b3c749512ffcc2b0c1d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:56:a7:0f:c5:00:55:c3:eb:cc:18:ac:b4:02: 91:fa:6a:af:50:71:43:3e:47:2f:0c:0a:94:49:68: f6:35:66:73:67:e3:ea:7a:e8:50:07:e3:9d:ef:d4: 53:83:e7:0b:38:3c:40:82:ac:da:45:98:ff:d7:56: f5:34:5f:49:f8:41:71:bd:1e:05:90:ca:f0:38:5d: a3:20:ec:c8:59:db:8f:af:1b:23:e7:1a:ba:65:f1: c7:11:96:76:a4:ab:cf:9d:d1:3e:80:c5:58:6f:39: b4:94:6d:55:0a:09:d9:5a:0a:74:f4:9a:63:0e:33: 6d:1c:3c:86:1a:5d:b5:3c:83:ec:05:ae:71:eb:cf: 16:8e:ed:88:19:ad:53:1d:24:29:e4:0b:23:98:c6: f8:ee:17:31:71:32:14:24:20:8d:7b:d9:43:f1:ea: c6:59:93:9d:43:b6:49:3b:f2:45:4c:0f:63:f6:d7: ad:1d:8d:aa:3d:8f:75:97:15:7e:d2:34:0f:a0:a8: cc:14:a4:2c:b7:3c:c1:47:76:52:e0:7f:f1:b1:2b: f7:8c:5d:98:eb:07:72:0e:bf:cc:81:c4:a1:d2:41: 29:e9:3b:08:5d:d7:10:d3:73:97:c3:0d:c0:b9:72: a3:ab:bd:2b:72:ef:e6:50:05:45:0d:80:77:76:5a: 9c:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 05:A3:57:A6:C0:EA:EB:E3:7D:A2:8B:3C:74:95:12:FF:CC:2B:0C:1D X509v3 Authority Key Identifier: keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/BaNXpsDq6-N9oos8dJUS_8wrDB0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.67.145.0/24 45.248.53.0/24 162.218.93.0/24 162.218.95.0/24 185.198.89.0-185.198.91.255 212.60.16.0/23 217.197.168.0/24 217.197.171.0/24 IPv6: 2a07:c6c0:9::/48 Signature Algorithm: sha256WithRSAEncryption 85:94:d9:d9:fd:d2:3b:1f:dd:ec:fe:76:80:51:c2:93:2d:47: 9a:f9:df:c3:dd:3f:e4:66:17:a8:bd:ce:78:4d:de:6f:4f:85: fe:a4:fb:49:4e:d7:fa:94:28:5e:ef:2e:b6:02:fe:ad:ce:b1: 33:fe:f3:48:20:77:3f:1c:8f:9d:18:4c:e1:77:6d:f7:7c:2b: ae:59:8f:f6:5f:45:1e:8a:99:79:9f:11:82:94:66:09:ef:59: 41:22:56:1e:85:47:2d:1c:70:e9:b7:71:4e:b4:93:80:13:39: 86:ce:f3:57:ed:bd:92:f4:a0:1c:4a:e0:40:16:f9:22:4e:19: ed:b9:52:2a:79:8f:e6:45:86:4e:df:42:1d:8d:7d:47:52:56: 4d:05:fd:60:1a:28:2e:85:18:cf:85:28:0c:ad:27:28:4c:2d: c1:c3:61:25:60:e2:4a:4b:56:23:69:84:74:93:26:0e:ad:92: 8f:d5:82:5e:e2:84:b6:78:9b:aa:93:04:97:a4:58:1d:44:bd: 91:92:52:b6:e6:e4:22:49:9a:82:d1:95:08:4b:7c:1f:c3:b3: e4:82:1b:5f:72:a2:04:e5:dc:95:7f:01:80:e3:63:a8:7b:58: 42:07:3b:2a:a8:76:41:9d:97:33:5b:2e:fa:87:be:fb:b7:93: 96:d6:51:dc -----BEGIN CERTIFICATE----- MIIFQDCCBCigAwIBAgISAZt4onpgQn2FvMLkOOvSUA1qMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy ZGJmMDcwHhcNMjYwMTAxMDgxNzUyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwNWEzNTdhNmMwZWFlYmUzN2RhMjhiM2M3NDk1MTJmZmNjMmIwYzFkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxVanD8UAVcPrzBistAKR+mqvUHFD PkcvDAqUSWj2NWZzZ+PqeuhQB+Od79RTg+cLODxAgqzaRZj/11b1NF9J+EFxvR4F kMrwOF2jIOzIWduPrxsj5xq6ZfHHEZZ2pKvPndE+gMVYbzm0lG1VCgnZWgp09Jpj DjNtHDyGGl21PIPsBa5x688Wju2IGa1THSQp5AsjmMb47hcxcTIUJCCNe9lD8erG WZOdQ7ZJO/JFTA9j9tetHY2qPY91lxV+0jQPoKjMFKQstzzBR3ZS4H/xsSv3jF2Y 6wdyDr/MgcSh0kEp6TsIXdcQ03OXww3AuXKjq70rcu/mUAVFDYB3dlqcGwIDAQAB o4ICTDCCAkgwHQYDVR0OBBYEFAWjV6bA6uvjfaKLPHSVEv/MKwwdMB8GA1UdIwQY MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt ZjNlNTA2YWVhYTAxLzEvQmFOWHBzRHE2LU45b29zOGRKVVNfOHdyREIwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMGIGCCsGAQUFBwEHAQH/BFMwUTA+BAIAATA4AwQALUORAwQA Lfg1AwQAotpdAwQAotpfMAwDBAC5xlkDBAK5xlgDBAHUPBADBADZxagDBADZxasw DwQCAAIwCQMHACoHxsAACTANBgkqhkiG9w0BAQsFAAOCAQEAhZTZ2f3SOx/d7P52 gFHCky1Hmvnfw90/5GYXqL3OeE3eb0+F/qT7SU7X+pQoXu8utgL+rc6xM/7zSCB3 PxyPnRhM4Xdt93wrrlmP9l9FHoqZeZ8RgpRmCe9ZQSJWHoVHLRxw6bdxTrSTgBM5 hs7zV+29kvSgHErgQBb5Ik4Z7blSKnmP5kWGTt9CHY19R1JWTQX9YBooLoUYz4Uo DK0nKEwtwcNhJWDiSktWI2mEdJMmDq2Sj9WCXuKEtnibqpMEl6RYHUS9kZJStubk IkmagtGVCEt8H8Oz5IIbX3KiBOXclX8BgONjqHtYQgc7Kqh2QZ2XM1su+oe++7eT ltZR3A== -----END CERTIFICATE-----Generated at Mon Jan 19 19:56:39 2026 by rpki-client