This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/0f7594-f048-473d-a39a-ddb9e4db98c6/1/bLAhu5lXcadgsUjXwrwUb6-bfDk.roa File: bLAhu5lXcadgsUjXwrwUb6-bfDk.roa (raw, json) Hash identifier: QiRPIH9ChMQyWzj17MGwS6pyprSZmf/z8o/RjS+A7O4= Subject key identifier: 6C:B0:21:BB:99:57:71:A7:60:B1:48:D7:C2:BC:14:6F:AF:9B:7C:39 Certificate issuer: /CN=0f21b78ce97b0f5fb3d88bf95cfbb08b2fbea8e5 Certificate serial: 019B78A311DA364E8CB560D745B7C0D0FB2B Authority key identifier: 0F:21:B7:8C:E9:7B:0F:5F:B3:D8:8B:F9:5C:FB:B0:8B:2F:BE:A8:E5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DyG3jOl7D1-z2Iv5XPuwiy--qOU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/0f7594-f048-473d-a39a-ddb9e4db98c6/1/bLAhu5lXcadgsUjXwrwUb6-bfDk.roa Signing time: Thu 01 Jan 2026 08:18:31 +0000 ROA not before: Thu 01 Jan 2026 08:18:31 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 378 IP address blocks: 132.68.0.0/15 maxlen: 15 132.68.0.0/16 maxlen: 16 132.69.0.0/16 maxlen: 16 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e8/0f7594-f048-473d-a39a-ddb9e4db98c6/1/DyG3jOl7D1-z2Iv5XPuwiy--qOU.crl rsync://rpki.ripe.net/repository/DEFAULT/e8/0f7594-f048-473d-a39a-ddb9e4db98c6/1/DyG3jOl7D1-z2Iv5XPuwiy--qOU.mft rsync://rpki.ripe.net/repository/DEFAULT/DyG3jOl7D1-z2Iv5XPuwiy--qOU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 10 Jan 2026 12:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a3:11:da:36:4e:8c:b5:60:d7:45:b7:c0:d0:fb:2b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0f21b78ce97b0f5fb3d88bf95cfbb08b2fbea8e5 Validity Not Before: Jan 1 08:18:31 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=6cb021bb995771a760b148d7c2bc146faf9b7c39 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:f7:f5:ee:58:cc:a9:08:0a:59:b4:98:96:14: c7:30:20:19:c0:7e:92:83:1b:99:ab:5c:fa:d9:c1: 27:8f:8e:99:20:8b:1e:58:1e:58:71:60:a6:af:ba: 8c:c7:eb:8c:6c:f0:10:d5:4f:85:da:f8:d3:1f:73: 9d:3f:cf:04:3e:a4:a0:88:68:40:21:a8:6f:1c:75: 1d:a9:36:48:18:64:66:c0:95:63:01:99:3b:78:b0: 86:f7:21:88:b8:c2:38:c2:cc:e4:76:ba:21:c2:2f: 97:8b:dc:d0:ab:5d:71:11:e4:a6:5f:e9:67:45:22: cb:df:1a:07:e8:7c:0f:2e:ef:4d:53:21:37:fd:d5: 32:2e:cb:1d:eb:40:28:21:81:a2:39:1b:df:20:61: ab:f6:bf:ac:11:06:d6:35:04:c9:25:b5:fa:25:26: ff:0b:f6:44:12:14:fe:87:d0:87:f7:8b:ee:73:af: 42:2b:00:dd:6a:ff:85:61:9e:99:a5:ab:72:24:ad: 10:68:7d:b5:d1:c3:b7:c8:b0:3f:7a:e6:49:0f:80: 77:d7:e5:63:04:c9:a3:0c:c5:81:67:2f:8d:02:d5: 1b:87:28:bf:98:82:a8:47:69:b5:b9:df:56:6b:d6: 8e:ba:35:7e:f2:6f:82:d1:0d:6c:b7:05:8e:e4:43: 8b:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6C:B0:21:BB:99:57:71:A7:60:B1:48:D7:C2:BC:14:6F:AF:9B:7C:39 X509v3 Authority Key Identifier: keyid:0F:21:B7:8C:E9:7B:0F:5F:B3:D8:8B:F9:5C:FB:B0:8B:2F:BE:A8:E5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DyG3jOl7D1-z2Iv5XPuwiy--qOU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/0f7594-f048-473d-a39a-ddb9e4db98c6/1/bLAhu5lXcadgsUjXwrwUb6-bfDk.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/0f7594-f048-473d-a39a-ddb9e4db98c6/1/DyG3jOl7D1-z2Iv5XPuwiy--qOU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 132.68.0.0/15 Signature Algorithm: sha256WithRSAEncryption 35:b1:4c:dd:0b:c1:a2:ed:40:67:fa:27:46:47:3c:11:9c:ea: 47:5c:97:2a:77:29:0b:47:c9:d4:d2:39:ff:31:d2:0b:0a:45: ca:e4:3d:a5:4f:91:88:7d:15:31:64:04:38:14:1c:33:7d:7f: c5:44:d9:8b:7f:c6:63:62:d7:b0:58:51:41:cc:e9:5a:a6:8b: 8c:d0:07:00:79:37:29:49:42:f7:62:50:c7:cf:07:2a:2b:71: 79:c2:56:51:b2:9f:48:3a:34:c3:de:58:ea:1c:e1:a3:70:77: 0f:66:9a:df:57:6e:f4:05:5f:71:8b:ba:08:ae:ae:c8:ee:ef: f7:d9:38:48:19:90:00:27:76:9c:d2:b9:bb:54:38:20:ef:42: 5b:1e:82:34:79:b7:f9:c0:9c:72:b0:28:ce:c1:f4:23:23:da: b8:53:23:ef:68:b3:72:0b:fb:fc:c7:ed:ce:36:12:5b:72:c5: 6d:88:af:53:a6:1e:cf:52:a3:5e:ec:f8:f9:a1:23:20:74:81: 5e:cc:6c:82:d0:0e:52:f7:65:2f:49:5f:46:38:e5:e8:bf:68: 9e:26:85:65:c4:f9:a4:e3:32:66:ac:ca:ff:1e:3f:74:78:71: fb:fc:3e:54:ce:41:1d:35:ac:36:04:85:a7:68:14:45:9b:7c: 45:9c:e2:22 -----BEGIN CERTIFICATE----- MIIE/DCCA+SgAwIBAgISAZt4oxHaNk6MtWDXRbfA0PsrMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBmMjFiNzhjZTk3YjBmNWZiM2Q4OGJmOTVjZmJiMDhiMmZi ZWE4ZTUwHhcNMjYwMTAxMDgxODMxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2Y2IwMjFiYjk5NTc3MWE3NjBiMTQ4ZDdjMmJjMTQ2ZmFmOWI3YzM5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwff17ljMqQgKWbSYlhTHMCAZwH6S gxuZq1z62cEnj46ZIIseWB5YcWCmr7qMx+uMbPAQ1U+F2vjTH3OdP88EPqSgiGhA IahvHHUdqTZIGGRmwJVjAZk7eLCG9yGIuMI4wszkdrohwi+Xi9zQq11xEeSmX+ln RSLL3xoH6HwPLu9NUyE3/dUyLssd60AoIYGiORvfIGGr9r+sEQbWNQTJJbX6JSb/ C/ZEEhT+h9CH94vuc69CKwDdav+FYZ6ZpatyJK0QaH210cO3yLA/euZJD4B31+Vj BMmjDMWBZy+NAtUbhyi/mIKoR2m1ud9Wa9aOujV+8m+C0Q1stwWO5EOLcQIDAQAB o4ICCDCCAgQwHQYDVR0OBBYEFGywIbuZV3GnYLFI18K8FG+vm3w5MB8GA1UdIwQY MBaAFA8ht4zpew9fs9iL+Vz7sIsvvqjlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRHlHM2pPbDdEMS16Mkl2NVhQdXdpeS0tcU9VLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC8wZjc1OTQtZjA0OC00NzNkLWEzOWEt ZGRiOWU0ZGI5OGM2LzEvYkxBaHU1bFhjYWRnc1VqWHdyd1ViNi1iZkRrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lOC8wZjc1OTQtZjA0OC00NzNkLWEzOWEtZGRiOWU0ZGI5OGM2 LzEvRHlHM2pPbDdEMS16Mkl2NVhQdXdpeS0tcU9VLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMBhEQwDQYJ KoZIhvcNAQELBQADggEBADWxTN0LwaLtQGf6J0ZHPBGc6kdclyp3KQtHydTSOf8x 0gsKRcrkPaVPkYh9FTFkBDgUHDN9f8VE2Yt/xmNi17BYUUHM6Vqmi4zQBwB5NylJ QvdiUMfPByorcXnCVlGyn0g6NMPeWOoc4aNwdw9mmt9XbvQFX3GLugiursju7/fZ OEgZkAAndpzSubtUOCDvQlsegjR5t/nAnHKwKM7B9CMj2rhTI+9os3IL+/zH7c42 EltyxW2Ir1OmHs9So17s+PmhIyB0gV7MbILQDlL3ZS9JX0Y45ei/aJ4mhWXE+aTj Mmasyv8eP3R4cfv8PlTOQR01rDYEhadoFEWbfEWc4iI= -----END CERTIFICATE-----Generated at Fri Jan 9 17:24:19 2026 by rpki-client