This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/BwhABT7y5JaGECbRtT56FGDOviI.roa File: BwhABT7y5JaGECbRtT56FGDOviI.roa (raw, json) Hash identifier: LhKn6MNKiCa4zab74UuQAuRZGdaGadjJUWcHK0+EqNo= Subject key identifier: 07:08:40:05:3E:F2:E4:96:86:10:26:D1:B5:3E:7A:14:60:CE:BE:22 Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf Certificate serial: 019B7C136EE8AD99DB4E89CD91DB65CAF06E Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/BwhABT7y5JaGECbRtT56FGDOviI.roa Signing time: Fri 02 Jan 2026 00:20:06 +0000 ROA not before: Fri 02 Jan 2026 00:20:06 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 47583 IP address blocks: 85.31.60.0/24 maxlen: 24 85.31.61.0/24 maxlen: 24 85.31.62.0/24 maxlen: 24 85.31.63.0/24 maxlen: 24 185.124.108.0/24 maxlen: 24 185.124.109.0/24 maxlen: 24 185.124.110.0/24 maxlen: 24 185.124.111.0/24 maxlen: 24 185.124.136.0/24 maxlen: 24 185.124.137.0/24 maxlen: 24 185.124.138.0/24 maxlen: 24 185.124.139.0/24 maxlen: 24 185.162.52.0/24 maxlen: 24 185.162.53.0/24 maxlen: 24 185.162.54.0/24 maxlen: 24 185.162.55.0/24 maxlen: 24 185.166.36.0/24 maxlen: 24 185.166.37.0/24 maxlen: 24 185.166.38.0/24 maxlen: 24 185.166.39.0/24 maxlen: 24 185.199.52.0/24 maxlen: 24 185.199.53.0/24 maxlen: 24 185.210.234.0/24 maxlen: 24 185.230.64.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.mft rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 19:40:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:13:6e:e8:ad:99:db:4e:89:cd:91:db:65:ca:f0:6e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf Validity Not Before: Jan 2 00:20:06 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=070840053ef2e496861026d1b53e7a1460cebe22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:d6:d7:f4:bd:e3:0f:cb:4f:f9:1e:26:10:1f: eb:f1:b6:60:fd:18:23:96:21:d0:1a:28:5e:31:a9: 30:13:8e:f4:e4:68:d0:bc:8c:30:b0:2a:11:b3:46: eb:78:22:70:89:cd:e3:07:34:83:d3:bd:fc:4f:92: 84:a9:10:f1:8f:6c:d5:c1:2e:20:69:d9:11:9d:ff: e3:d1:e8:9a:83:a3:8b:22:38:3c:72:6a:d6:be:25: e6:fc:4f:f8:5b:64:a9:af:b1:44:78:5f:40:18:f5: 53:8e:56:a0:35:e8:d4:97:fc:4a:c7:ea:ae:48:16: a8:1e:4e:7d:37:4c:76:14:fe:c3:c2:ce:a7:3c:f5: fa:63:ef:48:e6:24:51:ff:a9:67:0b:79:8a:d2:5f: 92:36:6a:f7:45:65:76:a1:52:39:08:a1:0f:ea:bb: 4d:27:ba:ea:41:0a:71:40:c2:68:00:01:62:a5:b7: ad:2b:44:7d:30:3f:4d:6e:4b:5c:3a:16:2c:62:84: 4f:f1:9a:97:31:af:11:d7:ab:9a:d2:b5:76:8f:e5: 82:6b:0c:55:0e:26:50:68:76:97:0c:14:0b:62:1a: 25:63:05:58:32:5a:3b:91:cf:09:5a:30:93:c8:d3: e5:78:6f:30:ff:ca:53:3d:4b:ca:e9:0c:d7:ed:d5: 37:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 07:08:40:05:3E:F2:E4:96:86:10:26:D1:B5:3E:7A:14:60:CE:BE:22 X509v3 Authority Key Identifier: keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/BwhABT7y5JaGECbRtT56FGDOviI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 85.31.60.0/22 185.124.108.0/22 185.124.136.0/22 185.162.52.0/22 185.166.36.0/22 185.199.52.0/23 185.210.234.0/24 185.230.64.0/24 Signature Algorithm: sha256WithRSAEncryption 44:ab:a3:ce:ec:bd:e5:df:1b:48:11:0a:d2:b8:78:41:f5:05: 81:c3:59:c9:c0:3b:ca:34:91:5a:6b:60:7f:eb:83:8f:57:b0: ac:25:8d:1f:88:b2:ed:9a:69:8c:ba:54:27:ce:d5:bd:8a:11: 25:45:65:f2:38:2e:37:cf:c3:26:8f:7e:e8:b3:39:9c:fc:40: e8:4d:b0:e9:b5:fa:1d:e9:c0:0f:0b:e1:9b:0d:4f:58:33:c9: 32:69:80:cf:0a:9a:49:4a:50:37:cf:42:e7:1a:1c:f8:95:ec: 98:91:cb:52:1b:cf:56:0a:49:47:0a:26:ac:3d:83:19:b1:80: 80:7c:df:b3:0b:5c:bd:c0:03:82:92:ed:af:bb:89:af:ed:a9: ee:38:df:f3:cb:40:9a:1c:d2:35:ff:9e:ca:3c:0c:e0:a6:51: ad:b4:39:b9:ad:f8:4d:9a:fd:6c:9a:dc:63:53:d0:a3:80:13: 26:9b:fb:f1:a8:9f:73:77:39:d9:19:2a:d8:65:fc:0b:c6:75: b8:0c:21:cb:a2:fc:0b:05:ba:cd:64:64:98:f0:49:44:b9:4c: cf:66:81:da:18:75:37:cb:ca:41:fe:48:4c:2f:ac:13:85:45: 67:32:53:92:8c:e2:b3:16:8f:f5:ca:fd:3e:f8:41:a8:46:15: fc:ba:8e:d5 -----BEGIN CERTIFICATE----- MIIFJzCCBA+gAwIBAgISAZt8E27orZnbTonNkdtlyvBuMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx MTRjYWYwHhcNMjYwMTAyMDAyMDA2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwNzA4NDAwNTNlZjJlNDk2ODYxMDI2ZDFiNTNlN2ExNDYwY2ViZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmtbX9L3jD8tP+R4mEB/r8bZg/Rgj liHQGiheMakwE4705GjQvIwwsCoRs0breCJwic3jBzSD0738T5KEqRDxj2zVwS4g adkRnf/j0eiag6OLIjg8cmrWviXm/E/4W2Spr7FEeF9AGPVTjlagNejUl/xKx+qu SBaoHk59N0x2FP7Dws6nPPX6Y+9I5iRR/6lnC3mK0l+SNmr3RWV2oVI5CKEP6rtN J7rqQQpxQMJoAAFipbetK0R9MD9NbktcOhYsYoRP8ZqXMa8R16ua0rV2j+WCawxV DiZQaHaXDBQLYholYwVYMlo7kc8JWjCTyNPleG8w/8pTPUvK6QzX7dU3HwIDAQAB o4ICMzCCAi8wHQYDVR0OBBYEFAcIQAU+8uSWhhAm0bU+ehRgzr4iMB8GA1UdIwQY MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt YjQzNDJiYTkxYWJjLzEvQndoQUJUN3k1SmFHRUNiUnRUNTZGR0RPdmlJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQCVR88AwQC uXxsAwQCuXyIAwQCuaI0AwQCuaYkAwQBucc0AwQAudLqAwQAueZAMA0GCSqGSIb3 DQEBCwUAA4IBAQBEq6PO7L3l3xtIEQrSuHhB9QWBw1nJwDvKNJFaa2B/64OPV7Cs JY0fiLLtmmmMulQnztW9ihElRWXyOC43z8Mmj37oszmc/EDoTbDptfod6cAPC+Gb DU9YM8kyaYDPCppJSlA3z0LnGhz4leyYkctSG89WCklHCiasPYMZsYCAfN+zC1y9 wAOCku2vu4mv7anuON/zy0CaHNI1/57KPAzgplGttDm5rfhNmv1smtxjU9CjgBMm m/vxqJ9zdznZGSrYZfwLxnW4DCHLovwLBbrNZGSY8ElEuUzPZoHaGHU3y8pB/khM L6wThUVnMlOSjOKzFo/1yv0++EGoRhX8uo7V -----END CERTIFICATE-----Generated at Fri Jan 2 23:47:28 2026 by rpki-client