This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/a8947f-e52c-4de1-bade-70c0a506d797/1/bMlXKcrpw0hAr8yOAEfamyznAm4.roa File: bMlXKcrpw0hAr8yOAEfamyznAm4.roa (raw, json) Hash identifier: iYHtY1OHYePNt2uPM0XhPZrRDhJ0dgyEMWL61dDMqN0= Subject key identifier: 6C:C9:57:29:CA:E9:C3:48:40:AF:CC:8E:00:47:DA:9B:2C:E7:02:6E Certificate issuer: /CN=02b980c10d7110f91fff9e0eceb639d9e75b35e2 Certificate serial: 019B7A59A27CD5CCD0A2F0202766F67A9E7A Authority key identifier: 02:B9:80:C1:0D:71:10:F9:1F:FF:9E:0E:CE:B6:39:D9:E7:5B:35:E2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ArmAwQ1xEPkf_54OzrY52edbNeI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/a8947f-e52c-4de1-bade-70c0a506d797/1/bMlXKcrpw0hAr8yOAEfamyznAm4.roa Signing time: Thu 01 Jan 2026 16:17:33 +0000 ROA not before: Thu 01 Jan 2026 16:17:33 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 16509 IP address blocks: 109.224.233.0/24 maxlen: 24 193.111.200.0/24 maxlen: 24 195.74.60.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/a8947f-e52c-4de1-bade-70c0a506d797/1/ArmAwQ1xEPkf_54OzrY52edbNeI.crl rsync://rpki.ripe.net/repository/DEFAULT/cf/a8947f-e52c-4de1-bade-70c0a506d797/1/ArmAwQ1xEPkf_54OzrY52edbNeI.mft rsync://rpki.ripe.net/repository/DEFAULT/ArmAwQ1xEPkf_54OzrY52edbNeI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 01:01:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:59:a2:7c:d5:cc:d0:a2:f0:20:27:66:f6:7a:9e:7a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=02b980c10d7110f91fff9e0eceb639d9e75b35e2 Validity Not Before: Jan 1 16:17:33 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=6cc95729cae9c34840afcc8e0047da9b2ce7026e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:7c:76:a8:b4:61:00:a5:56:ae:6e:d3:e8:83: b8:71:b4:4d:8a:02:fe:52:b5:cd:3b:d3:f4:69:a5: 86:96:f6:ab:dc:fb:d2:0e:50:41:4c:77:7e:3e:70: be:4a:6d:00:2d:03:c5:eb:a3:43:e5:ba:f6:6b:1f: 67:78:fc:7b:7b:07:d3:02:f0:66:6d:25:df:e7:08: cb:a7:39:75:01:a7:39:eb:60:22:fd:30:30:7d:09: 13:f9:a6:5f:bd:9b:e2:d4:f5:68:b7:8a:cb:3d:0f: db:47:2d:2e:97:4f:e3:9d:80:32:60:c1:6f:58:5d: 97:7d:50:11:3a:97:44:87:25:42:af:d2:9c:d3:0e: 0b:c2:d1:f9:2a:d1:e4:4d:ec:61:bb:ab:8d:27:56: 70:c7:69:04:15:da:b4:26:e5:a3:35:ef:44:18:b0: 2c:ed:06:37:59:97:9b:53:99:f4:18:4c:37:80:91: 47:e4:93:e3:33:f7:05:66:df:78:42:2f:7e:bf:db: dd:43:4f:60:a8:41:de:cc:f6:51:f2:02:0b:2c:00: 3c:25:eb:dc:ba:4c:2f:40:e5:b1:fc:74:29:03:1a: f4:52:e7:51:a2:12:12:f6:03:45:a2:f8:12:fd:9c: e8:cf:2b:34:a6:ac:dd:72:56:48:02:57:d0:0d:77: e0:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6C:C9:57:29:CA:E9:C3:48:40:AF:CC:8E:00:47:DA:9B:2C:E7:02:6E X509v3 Authority Key Identifier: keyid:02:B9:80:C1:0D:71:10:F9:1F:FF:9E:0E:CE:B6:39:D9:E7:5B:35:E2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ArmAwQ1xEPkf_54OzrY52edbNeI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/a8947f-e52c-4de1-bade-70c0a506d797/1/bMlXKcrpw0hAr8yOAEfamyznAm4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/a8947f-e52c-4de1-bade-70c0a506d797/1/ArmAwQ1xEPkf_54OzrY52edbNeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 109.224.233.0/24 193.111.200.0/24 195.74.60.0/24 Signature Algorithm: sha256WithRSAEncryption 58:8c:f9:04:67:ba:0b:e3:b4:1d:d7:dd:2d:a1:d4:15:99:e1: 88:57:cf:78:8b:f4:41:ec:20:a0:8e:0d:6f:6e:2c:c7:79:f3: a6:07:c2:8a:6e:92:c2:9c:a6:e5:97:65:4a:1e:8b:a1:4e:c5: d8:ad:df:e4:f8:a0:e7:66:eb:0d:cc:41:7e:98:aa:af:c3:d8: b7:be:62:86:8a:17:db:6f:ec:31:08:46:5e:5c:4d:62:4d:95: c0:17:68:e0:e6:7b:ee:bb:5c:ac:bd:83:7e:56:79:a4:dc:2c: d0:35:63:32:f5:c0:7a:44:9f:90:fa:67:d5:f4:fe:ce:3c:93: c6:64:ae:44:3c:5c:2a:a8:48:f9:6d:59:e4:de:1f:bc:5a:37: 60:34:3a:08:21:4a:5e:d2:8b:56:75:e4:e3:d3:5e:77:8b:0c: 18:8d:20:6f:41:a1:1d:55:0f:e8:57:09:d0:88:04:26:b0:2f: 09:17:b3:9f:6f:10:d1:3c:48:62:e5:b6:dd:5e:7c:23:ed:9e: 65:2b:bf:79:e2:dd:aa:23:ff:4f:8f:39:e5:db:3a:a3:5f:23: bf:61:3f:5b:db:42:d1:0f:76:1c:3a:a5:95:3a:16:31:9d:98: a7:dd:7d:44:10:a4:1b:1e:a5:64:f5:84:47:9a:b1:e8:47:00: 23:7d:21:54 -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt6WaJ81czQovAgJ2b2ep56MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDAyYjk4MGMxMGQ3MTEwZjkxZmZmOWUwZWNlYjYzOWQ5ZTc1 YjM1ZTIwHhcNMjYwMTAxMTYxNzMzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2Y2M5NTcyOWNhZTljMzQ4NDBhZmNjOGUwMDQ3ZGE5YjJjZTcwMjZlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnXx2qLRhAKVWrm7T6IO4cbRNigL+ UrXNO9P0aaWGlvar3PvSDlBBTHd+PnC+Sm0ALQPF66ND5br2ax9nePx7ewfTAvBm bSXf5wjLpzl1Aac562Ai/TAwfQkT+aZfvZvi1PVot4rLPQ/bRy0ul0/jnYAyYMFv WF2XfVAROpdEhyVCr9Kc0w4LwtH5KtHkTexhu6uNJ1Zwx2kEFdq0JuWjNe9EGLAs 7QY3WZebU5n0GEw3gJFH5JPjM/cFZt94Qi9+v9vdQ09gqEHezPZR8gILLAA8Jevc ukwvQOWx/HQpAxr0UudRohIS9gNFovgS/Zzozys0pqzdclZIAlfQDXfgmwIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFGzJVynK6cNIQK/MjgBH2pss5wJuMB8GA1UdIwQY MBaAFAK5gMENcRD5H/+eDs62OdnnWzXiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQXJtQXdRMXhFUGtmXzU0T3pyWTUyZWRiTmVJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9hODk0N2YtZTUyYy00ZGUxLWJhZGUt NzBjMGE1MDZkNzk3LzEvYk1sWEtjcnB3MGhBcjh5T0FFZmFteXpuQW00LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jZi9hODk0N2YtZTUyYy00ZGUxLWJhZGUtNzBjMGE1MDZkNzk3 LzEvQXJtQXdRMXhFUGtmXzU0T3pyWTUyZWRiTmVJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAbeDpAwQA wW/IAwQAw0o8MA0GCSqGSIb3DQEBCwUAA4IBAQBYjPkEZ7oL47Qd190todQVmeGI V894i/RB7CCgjg1vbizHefOmB8KKbpLCnKbll2VKHouhTsXYrd/k+KDnZusNzEF+ mKqvw9i3vmKGihfbb+wxCEZeXE1iTZXAF2jg5nvuu1ysvYN+Vnmk3CzQNWMy9cB6 RJ+Q+mfV9P7OPJPGZK5EPFwqqEj5bVnk3h+8WjdgNDoIIUpe0otWdeTj0153iwwY jSBvQaEdVQ/oVwnQiAQmsC8JF7OfbxDRPEhi5bbdXnwj7Z5lK7954t2qI/9Pjznl 2zqjXyO/YT9b20LRD3YcOqWVOhYxnZin3X1EEKQbHqVk9YRHmrHoRwAjfSFU -----END CERTIFICATE-----Generated at Fri Jan 2 09:27:25 2026 by rpki-client