This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/bEtFnc7rnzCNJYBVd6ns7_KpUB4.roa File: bEtFnc7rnzCNJYBVd6ns7_KpUB4.roa (raw, json) Hash identifier: PfuSivsRFYIl84wqTHOi1o/Y41ISwKTYQsUGOVnvA8c= Subject key identifier: 6C:4B:45:9D:CE:EB:9F:30:8D:25:80:55:77:A9:EC:EF:F2:A9:50:1E Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10 Certificate serial: 019B7F84D900A27BC0C14B98FE114323BFE0 Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/bEtFnc7rnzCNJYBVd6ns7_KpUB4.roa Signing time: Fri 02 Jan 2026 16:22:51 +0000 ROA not before: Fri 02 Jan 2026 16:22:51 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 5065 IP address blocks: 2.58.168.0/24 maxlen: 24 2.58.169.0/24 maxlen: 24 77.242.150.0/24 maxlen: 24 77.242.156.0/24 maxlen: 24 77.242.158.0/24 maxlen: 24 83.137.159.0/24 maxlen: 24 88.151.57.0/24 maxlen: 24 88.151.58.0/24 maxlen: 24 88.209.217.0/24 maxlen: 24 92.52.214.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.mft rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 06:00:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:84:d9:00:a2:7b:c0:c1:4b:98:fe:11:43:23:bf:e0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10 Validity Not Before: Jan 2 16:22:51 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=6c4b459dceeb9f308d25805577a9eceff2a9501e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:ab:66:69:c8:ea:a3:13:e6:7f:e7:00:c8:05: 96:04:fd:46:5e:eb:a7:82:45:5b:8c:ad:ab:c3:63: 2d:01:17:66:f7:b5:d5:38:58:c6:c8:41:b3:68:28: 2e:86:da:44:c8:56:57:e5:d6:28:26:f2:b0:56:d5: c0:1b:4f:4c:24:69:1b:e0:c1:88:6f:83:54:57:9f: 80:15:92:11:28:21:15:56:b6:2e:46:52:0c:6e:51: 62:f1:ee:9f:01:34:11:7e:94:94:6d:c3:2f:55:e3: 7a:3f:9f:80:6c:b1:13:bf:5f:5f:3e:c1:24:9d:15: 5e:90:3e:6d:53:72:a2:a4:c3:17:ab:59:91:bc:7c: aa:70:f8:2f:0c:31:c9:ea:1b:8e:30:94:3a:69:09: 9a:28:a4:97:3d:ac:20:a4:fc:42:e5:89:88:73:99: 77:d1:0d:2e:0a:37:42:07:10:3b:a7:24:dc:2b:09: a6:f9:88:c5:cc:11:dd:81:c7:8f:55:cc:3e:c8:9d: 95:70:0a:e2:fa:32:02:66:f5:ec:bc:dd:c8:6b:83: 16:fa:4b:16:5f:88:fa:59:4a:df:d9:75:d3:2f:1d: 2e:c9:a5:04:af:0f:bd:98:de:ca:dc:5e:3a:5b:7b: 71:77:07:b2:0d:f4:53:12:f9:54:f6:7a:ca:ae:05: 72:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6C:4B:45:9D:CE:EB:9F:30:8D:25:80:55:77:A9:EC:EF:F2:A9:50:1E X509v3 Authority Key Identifier: keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/bEtFnc7rnzCNJYBVd6ns7_KpUB4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 2.58.168.0/23 77.242.150.0/24 77.242.156.0/24 77.242.158.0/24 83.137.159.0/24 88.151.57.0-88.151.58.255 88.209.217.0/24 92.52.214.0/24 Signature Algorithm: sha256WithRSAEncryption b3:23:d1:43:54:cd:c0:b0:ed:1e:9a:a8:ef:3a:03:fc:f3:1c: b6:51:f0:8c:fb:b1:97:81:c3:07:76:53:30:4a:f8:d8:81:4d: ff:46:cb:3b:97:d4:c2:16:bf:d1:27:2b:0d:c4:51:35:41:42: 5d:76:f8:1d:2c:f6:69:d9:a8:ae:c2:ae:3b:78:24:d6:dd:5a: 0c:d2:88:56:58:fd:89:3b:66:91:9a:7d:9e:c3:c6:a1:8e:4a: f3:ef:1e:a7:01:0e:76:ab:89:f7:99:c9:17:ac:c3:6c:36:d9: 71:13:e7:e0:33:e8:71:79:96:dd:54:f6:e4:4f:3f:8b:00:a1: 13:96:8c:25:3b:ee:16:3d:58:1c:ea:1e:1c:0a:28:03:b5:78: ed:0a:56:ac:e1:ff:44:af:1a:fc:03:2e:6a:a0:49:7d:ce:68: bc:51:af:13:0c:b5:5c:8c:ad:29:6c:b5:50:35:a0:a2:a6:54: 6b:12:80:d2:3c:33:bb:96:e0:07:34:eb:8a:c0:44:d4:49:98: 03:a2:78:56:74:f9:85:32:2e:d8:c6:9c:35:58:7f:6e:19:03: 32:66:e7:f5:4b:e1:d1:78:a9:91:62:d6:f2:b4:5f:13:29:07: 67:c8:65:4c:8e:25:2f:73:d7:fe:47:8c:07:bb:96:bf:ca:ac: d2:e1:68:39 -----BEGIN CERTIFICATE----- MIIFLzCCBBegAwIBAgISAZt/hNkAonvAwUuY/hFDI7/gMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx MWRhMTAwHhcNMjYwMTAyMTYyMjUxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2YzRiNDU5ZGNlZWI5ZjMwOGQyNTgwNTU3N2E5ZWNlZmYyYTk1MDFlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA36tmacjqoxPmf+cAyAWWBP1GXuun gkVbjK2rw2MtARdm97XVOFjGyEGzaCguhtpEyFZX5dYoJvKwVtXAG09MJGkb4MGI b4NUV5+AFZIRKCEVVrYuRlIMblFi8e6fATQRfpSUbcMvVeN6P5+AbLETv19fPsEk nRVekD5tU3KipMMXq1mRvHyqcPgvDDHJ6huOMJQ6aQmaKKSXPawgpPxC5YmIc5l3 0Q0uCjdCBxA7pyTcKwmm+YjFzBHdgcePVcw+yJ2VcAri+jICZvXsvN3Ia4MW+ksW X4j6WUrf2XXTLx0uyaUErw+9mN7K3F46W3txdweyDfRTEvlU9nrKrgVy3wIDAQAB o4ICOzCCAjcwHQYDVR0OBBYEFGxLRZ3O658wjSWAVXep7O/yqVAeMB8GA1UdIwQY MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt N2U0ZDZmNmY2ZTY2LzEvYkV0Rm5jN3JuekNOSllCVmQ2bnM3X0twVUI0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2 LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQBAjqoAwQA TfKWAwQATfKcAwQATfKeAwQAU4mfMAwDBABYlzkDBABYlzoDBABY0dkDBABcNNYw DQYJKoZIhvcNAQELBQADggEBALMj0UNUzcCw7R6aqO86A/zzHLZR8Iz7sZeBwwd2 UzBK+NiBTf9GyzuX1MIWv9EnKw3EUTVBQl12+B0s9mnZqK7Crjt4JNbdWgzSiFZY /Yk7ZpGafZ7DxqGOSvPvHqcBDnarifeZyResw2w22XET5+Az6HF5lt1U9uRPP4sA oROWjCU77hY9WBzqHhwKKAO1eO0KVqzh/0SvGvwDLmqgSX3OaLxRrxMMtVyMrSls tVA1oKKmVGsSgNI8M7uW4Ac064rARNRJmAOieFZ0+YUyLtjGnDVYf24ZAzJm5/VL 4dF4qZFi1vK0XxMpB2fIZUyOJS9z1/5HjAe7lr/KrNLhaDk= -----END CERTIFICATE-----Generated at Mon Jan 19 11:25:45 2026 by rpki-client