This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/BjY0UIUDYHmtHwBNhaObIWAI358.roa File: BjY0UIUDYHmtHwBNhaObIWAI358.roa (raw, json) Hash identifier: OvPE9LHEEN/9/jOSuoQZt3aJ0JqPRafOAp/r5JidHtY= Subject key identifier: 06:36:34:50:85:03:60:79:AD:1F:00:4D:85:A3:9B:21:60:08:DF:9F Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10 Certificate serial: 019B7F84D941400363D890793977968D54F0 Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/BjY0UIUDYHmtHwBNhaObIWAI358.roa Signing time: Fri 02 Jan 2026 16:22:51 +0000 ROA not before: Fri 02 Jan 2026 16:22:51 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 5511 IP address blocks: 83.137.156.0/24 maxlen: 24 88.151.56.0/24 maxlen: 24 88.151.59.0/24 maxlen: 24 88.209.244.0/24 maxlen: 24 88.209.246.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.mft rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 19 Jan 2026 03:00:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:84:d9:41:40:03:63:d8:90:79:39:77:96:8d:54:f0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10 Validity Not Before: Jan 2 16:22:51 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=0636345085036079ad1f004d85a39b216008df9f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f0:a6:05:ba:c2:d5:4c:9e:e0:9c:41:ae:04:9f: a2:82:0c:f8:ce:bb:6f:a4:87:e1:cf:8d:49:1e:4e: df:4f:43:d1:9c:56:70:8e:96:47:68:f0:1f:37:49: 6e:2a:0e:cb:4f:02:0e:89:26:92:bf:ab:e8:af:64: f7:9a:e7:0c:d5:b0:10:f4:3d:70:8c:62:f2:e4:b4: 16:f3:f6:ab:f1:f1:6c:42:45:43:d3:39:a3:0e:91: 6e:ae:ad:6c:36:6d:d9:d3:76:37:57:26:42:f9:cd: bc:ad:f8:09:1d:ac:5b:b1:47:a2:79:32:c1:91:1a: 47:89:81:68:19:83:fb:15:29:8e:05:40:d4:79:cd: 0d:d0:a0:b3:78:b1:49:eb:69:51:c1:18:67:9c:b4: aa:bf:23:e1:fc:ef:69:c0:4f:33:a0:b9:f4:6c:e3: a0:5c:c2:f0:e1:e8:e9:fc:a6:b5:be:c2:6e:61:8f: e7:2f:36:bd:1f:00:d9:54:cf:23:95:1c:80:f6:79: 41:a0:0c:10:12:74:49:6c:fe:98:2d:8c:f8:b9:93: 1c:dc:5c:f5:c3:f5:67:29:37:e2:e0:38:4a:46:6c: ab:f4:39:b4:31:63:b4:61:cc:a5:6b:f8:f0:e3:7e: bf:72:0d:ee:81:c4:76:fe:20:f6:5f:9f:2d:48:a6: 74:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 06:36:34:50:85:03:60:79:AD:1F:00:4D:85:A3:9B:21:60:08:DF:9F X509v3 Authority Key Identifier: keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/BjY0UIUDYHmtHwBNhaObIWAI358.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 83.137.156.0/24 88.151.56.0/24 88.151.59.0/24 88.209.244.0/24 88.209.246.0/24 Signature Algorithm: sha256WithRSAEncryption 8d:5d:e3:74:3a:cc:94:fc:e4:07:dc:1c:09:e8:97:96:dc:ce: 68:44:b8:3e:8e:bf:3b:b8:37:7a:55:32:1a:9d:b8:14:0f:7a: 73:c6:65:2e:46:ca:4e:34:75:d6:7c:56:70:14:eb:0f:f5:0d: c2:cb:c4:e6:aa:54:42:d4:45:12:55:c2:4a:5e:06:28:48:6e: ac:53:d8:46:1b:d6:00:45:a0:d3:14:17:34:eb:78:35:2e:fa: da:99:aa:ef:6e:c5:71:5f:9b:12:c2:03:e5:cf:7d:c4:7a:f5: 3b:60:17:25:a5:50:29:1c:e9:dd:7d:bb:82:33:b5:48:62:0b: bf:41:b5:28:8d:cd:ce:f0:e2:84:c2:e4:0e:1d:50:23:e2:35: 05:79:2f:07:2b:a3:32:1a:fb:36:6d:7a:34:e9:f8:9f:7a:fa: 2a:b6:c6:01:c4:08:be:c6:85:a0:b9:62:f0:90:09:f6:39:45: d9:10:af:46:b5:8c:3e:31:2d:e4:43:a6:c0:51:1f:59:ba:b7: 90:3a:42:96:16:e0:e7:b8:83:bc:52:38:51:a1:2d:4b:01:93: 95:e5:2f:b2:54:3b:37:e8:e9:23:23:14:78:22:bf:cb:c2:e2: e8:f0:a3:0a:93:ab:ab:cd:4d:5e:16:82:70:a9:75:0d:66:c7: 38:d2:c6:b0 -----BEGIN CERTIFICATE----- MIIFFTCCA/2gAwIBAgISAZt/hNlBQANj2JB5OXeWjVTwMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx MWRhMTAwHhcNMjYwMTAyMTYyMjUxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwNjM2MzQ1MDg1MDM2MDc5YWQxZjAwNGQ4NWEzOWIyMTYwMDhkZjlmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8KYFusLVTJ7gnEGuBJ+iggz4zrtv pIfhz41JHk7fT0PRnFZwjpZHaPAfN0luKg7LTwIOiSaSv6vor2T3mucM1bAQ9D1w jGLy5LQW8/ar8fFsQkVD0zmjDpFurq1sNm3Z03Y3VyZC+c28rfgJHaxbsUeieTLB kRpHiYFoGYP7FSmOBUDUec0N0KCzeLFJ62lRwRhnnLSqvyPh/O9pwE8zoLn0bOOg XMLw4ejp/Ka1vsJuYY/nLza9HwDZVM8jlRyA9nlBoAwQEnRJbP6YLYz4uZMc3Fz1 w/VnKTfi4DhKRmyr9Dm0MWO0Ycyla/jw436/cg3ugcR2/iD2X58tSKZ0zQIDAQAB o4ICITCCAh0wHQYDVR0OBBYEFAY2NFCFA2B5rR8ATYWjmyFgCN+fMB8GA1UdIwQY MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt N2U0ZDZmNmY2ZTY2LzEvQmpZMFVJVURZSG10SHdCTmhhT2JJV0FJMzU4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2 LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAU4mcAwQA WJc4AwQAWJc7AwQAWNH0AwQAWNH2MA0GCSqGSIb3DQEBCwUAA4IBAQCNXeN0OsyU /OQH3BwJ6JeW3M5oRLg+jr87uDd6VTIanbgUD3pzxmUuRspONHXWfFZwFOsP9Q3C y8TmqlRC1EUSVcJKXgYoSG6sU9hGG9YARaDTFBc063g1LvramarvbsVxX5sSwgPl z33EevU7YBclpVApHOndfbuCM7VIYgu/QbUojc3O8OKEwuQOHVAj4jUFeS8HK6My Gvs2bXo06fifevoqtsYBxAi+xoWguWLwkAn2OUXZEK9GtYw+MS3kQ6bAUR9ZureQ OkKWFuDnuIO8UjhRoS1LAZOV5S+yVDs36OkjIxR4Ir/LwuLo8KMKk6urzU1eFoJw qXUNZsc40saw -----END CERTIFICATE-----Generated at Sun Jan 18 11:04:36 2026 by rpki-client