This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/bbb1c6-9f91-4346-b616-c2dc7a058e30/1/dBHYUyrQZG5vTatsRMBA19NHm_c.roa File: dBHYUyrQZG5vTatsRMBA19NHm_c.roa (raw, json) Hash identifier: 8k3QIlP09rDzyL3WPR0T1GCqxvLRw8qsbYX3pzeDEZ0= Subject key identifier: 74:11:D8:53:2A:D0:64:6E:6F:4D:AB:6C:44:C0:40:D7:D3:47:9B:F7 Certificate issuer: /CN=061bb0916c853801f22ce723bc2cc418869db7d0 Certificate serial: 019B7F83E07144B070844BBB2668B2BBC62C Authority key identifier: 06:1B:B0:91:6C:85:38:01:F2:2C:E7:23:BC:2C:C4:18:86:9D:B7:D0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BhuwkWyFOAHyLOcjvCzEGIadt9A.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/bbb1c6-9f91-4346-b616-c2dc7a058e30/1/dBHYUyrQZG5vTatsRMBA19NHm_c.roa Signing time: Fri 02 Jan 2026 16:21:47 +0000 ROA not before: Fri 02 Jan 2026 16:21:47 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 25098 IP address blocks: 2001:678:b04::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e7/bbb1c6-9f91-4346-b616-c2dc7a058e30/1/BhuwkWyFOAHyLOcjvCzEGIadt9A.crl rsync://rpki.ripe.net/repository/DEFAULT/e7/bbb1c6-9f91-4346-b616-c2dc7a058e30/1/BhuwkWyFOAHyLOcjvCzEGIadt9A.mft rsync://rpki.ripe.net/repository/DEFAULT/BhuwkWyFOAHyLOcjvCzEGIadt9A.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 09 Jan 2026 00:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:83:e0:71:44:b0:70:84:4b:bb:26:68:b2:bb:c6:2c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=061bb0916c853801f22ce723bc2cc418869db7d0 Validity Not Before: Jan 2 16:21:47 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=7411d8532ad0646e6f4dab6c44c040d7d3479bf7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:87:36:bf:e2:ab:76:ff:c5:ef:1d:66:73:5b: 6d:7c:a5:27:1f:87:f2:1e:74:53:b1:c8:e5:04:64: 3a:96:e6:68:27:5e:87:e3:5b:60:53:df:b1:62:6c: f1:5c:6b:f0:47:03:e3:b2:a7:de:0b:de:83:f1:d5: 87:9d:92:fa:de:24:bf:22:32:2a:a9:2c:74:64:c7: 3e:65:35:b1:67:f4:ed:41:67:f4:77:7e:24:60:d0: da:83:09:b9:c1:1c:73:f6:6a:e6:71:a4:a1:b3:d6: fc:ef:7d:15:5a:41:b0:47:5a:cf:99:6c:25:a5:2b: c6:14:e8:ba:2c:ce:f1:0d:c5:b1:f9:93:c8:ab:34: 1d:a6:06:da:ae:1e:6a:be:7c:e7:c9:1f:c8:a3:da: 28:6e:1f:5a:d2:73:24:fb:3f:c5:2b:31:a6:0f:5f: 49:11:6b:bb:fc:81:99:06:bd:f9:5a:0c:82:88:51: 70:7b:2f:b1:a2:74:41:3c:24:b8:2b:48:99:4a:ce: 85:72:46:26:cc:fd:31:a8:ac:2b:f1:c9:fc:c3:06: 84:64:67:b6:c4:58:ce:8c:49:77:b5:10:8b:aa:6a: 2b:b2:0f:38:e0:43:f3:54:2b:21:dc:50:c1:fa:69: 7f:eb:16:ef:dd:78:4f:0b:a1:09:54:ec:47:3a:4e: e6:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 74:11:D8:53:2A:D0:64:6E:6F:4D:AB:6C:44:C0:40:D7:D3:47:9B:F7 X509v3 Authority Key Identifier: keyid:06:1B:B0:91:6C:85:38:01:F2:2C:E7:23:BC:2C:C4:18:86:9D:B7:D0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BhuwkWyFOAHyLOcjvCzEGIadt9A.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/bbb1c6-9f91-4346-b616-c2dc7a058e30/1/dBHYUyrQZG5vTatsRMBA19NHm_c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/bbb1c6-9f91-4346-b616-c2dc7a058e30/1/BhuwkWyFOAHyLOcjvCzEGIadt9A.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:678:b04::/48 Signature Algorithm: sha256WithRSAEncryption 34:3d:15:39:6d:1f:3b:77:bb:c3:1f:4c:e9:36:05:40:97:28: cc:66:a1:5f:60:44:00:d4:c3:76:46:9c:0a:27:13:89:d9:d6: d8:52:b7:7e:d3:6b:cd:f9:65:78:52:cf:57:ef:8b:4d:60:bb: ac:bd:25:8e:9f:d1:84:28:11:9e:23:12:29:52:4f:9e:81:55: 1b:9e:43:19:49:30:82:fc:93:ca:cf:d9:e2:40:5e:3b:83:02: a4:e5:93:28:e2:ca:98:c6:7f:2e:67:b8:aa:8e:d3:e5:53:d3: f9:d5:66:d7:bc:2f:2e:e0:a2:ba:2b:2e:19:46:81:aa:52:ca: 75:09:90:eb:76:63:e3:7b:cb:ea:5b:00:52:41:d8:6d:bb:1b: 4e:5a:0b:82:68:ca:0e:f3:e4:f1:18:86:33:24:e9:a4:7b:01: 49:95:9c:87:ed:de:54:2d:5e:21:c0:a5:0a:a4:da:c7:ce:35: 1a:6a:22:b5:ce:5b:e7:b9:99:05:be:ca:bc:82:f9:c5:22:86: 8e:c7:be:94:b8:ad:91:2d:ec:8d:0c:f0:4b:76:63:e1:ac:f4: 7a:8f:41:e0:dc:ea:84:e6:0a:81:ad:19:7c:c0:3d:ee:69:7d: ce:6b:97:e8:6a:c3:9a:b8:ed:d9:f8:6a:8c:0e:79:fa:0c:df: b7:1a:79:60 -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt/g+BxRLBwhEu7Jmiyu8YsMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA2MWJiMDkxNmM4NTM4MDFmMjJjZTcyM2JjMmNjNDE4ODY5 ZGI3ZDAwHhcNMjYwMTAyMTYyMTQ3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3NDExZDg1MzJhZDA2NDZlNmY0ZGFiNmM0NGMwNDBkN2QzNDc5YmY3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAloc2v+Krdv/F7x1mc1ttfKUnH4fy HnRTscjlBGQ6luZoJ16H41tgU9+xYmzxXGvwRwPjsqfeC96D8dWHnZL63iS/IjIq qSx0ZMc+ZTWxZ/TtQWf0d34kYNDagwm5wRxz9mrmcaShs9b8730VWkGwR1rPmWwl pSvGFOi6LM7xDcWx+ZPIqzQdpgbarh5qvnznyR/Io9oobh9a0nMk+z/FKzGmD19J EWu7/IGZBr35WgyCiFFwey+xonRBPCS4K0iZSs6FckYmzP0xqKwr8cn8wwaEZGe2 xFjOjEl3tRCLqmorsg844EPzVCsh3FDB+ml/6xbv3XhPC6EJVOxHOk7mEwIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFHQR2FMq0GRub02rbETAQNfTR5v3MB8GA1UdIwQY MBaAFAYbsJFshTgB8iznI7wsxBiGnbfQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQmh1d2tXeUZPQUh5TE9janZDekVHSWFkdDlBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9iYmIxYzYtOWY5MS00MzQ2LWI2MTYt YzJkYzdhMDU4ZTMwLzEvZEJIWVV5clFaRzV2VGF0c1JNQkExOU5IbV9jLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lNy9iYmIxYzYtOWY5MS00MzQ2LWI2MTYtYzJkYzdhMDU4ZTMw LzEvQmh1d2tXeUZPQUh5TE9janZDekVHSWFkdDlBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAsE MA0GCSqGSIb3DQEBCwUAA4IBAQA0PRU5bR87d7vDH0zpNgVAlyjMZqFfYEQA1MN2 RpwKJxOJ2dbYUrd+02vN+WV4Us9X74tNYLusvSWOn9GEKBGeIxIpUk+egVUbnkMZ STCC/JPKz9niQF47gwKk5ZMo4sqYxn8uZ7iqjtPlU9P51WbXvC8u4KK6Ky4ZRoGq Usp1CZDrdmPje8vqWwBSQdhtuxtOWguCaMoO8+TxGIYzJOmkewFJlZyH7d5ULV4h wKUKpNrHzjUaaiK1zlvnuZkFvsq8gvnFIoaOx76UuK2RLeyNDPBLdmPhrPR6j0Hg 3OqE5gqBrRl8wD3uaX3Oa5foasOauO3Z+GqMDnn6DN+3Gnlg -----END CERTIFICATE-----Generated at Thu Jan 8 09:14:15 2026 by rpki-client