This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/64e3ab-228c-4a23-9216-f134e51cc05b/1/bcdCYadegTnuv1kyS3SFpw7_obg.roa File: bcdCYadegTnuv1kyS3SFpw7_obg.roa (raw, json) Hash identifier: FHoWoxIPPut7YlIBnS9RiEjsnw6/GTtGF64PoDTZc+8= Subject key identifier: 6D:C7:42:61:A7:5E:81:39:EE:BF:59:32:4B:74:85:A7:0E:FF:A1:B8 Certificate issuer: /CN=845c58752f3336422ff0ee1726474591e7a41e5f Certificate serial: 019B7FF062E96A8EBD6702ACA1703353074A Authority key identifier: 84:5C:58:75:2F:33:36:42:2F:F0:EE:17:26:47:45:91:E7:A4:1E:5F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hFxYdS8zNkIv8O4XJkdFkeekHl8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/64e3ab-228c-4a23-9216-f134e51cc05b/1/bcdCYadegTnuv1kyS3SFpw7_obg.roa Signing time: Fri 02 Jan 2026 18:20:18 +0000 ROA not before: Fri 02 Jan 2026 18:20:18 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 13335 IP address blocks: 89.35.2.0/23 maxlen: 24 89.35.174.0/23 maxlen: 24 89.191.64.0/19 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e9/64e3ab-228c-4a23-9216-f134e51cc05b/1/hFxYdS8zNkIv8O4XJkdFkeekHl8.crl rsync://rpki.ripe.net/repository/DEFAULT/e9/64e3ab-228c-4a23-9216-f134e51cc05b/1/hFxYdS8zNkIv8O4XJkdFkeekHl8.mft rsync://rpki.ripe.net/repository/DEFAULT/hFxYdS8zNkIv8O4XJkdFkeekHl8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 19 Jan 2026 03:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:f0:62:e9:6a:8e:bd:67:02:ac:a1:70:33:53:07:4a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=845c58752f3336422ff0ee1726474591e7a41e5f Validity Not Before: Jan 2 18:20:18 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=6dc74261a75e8139eebf59324b7485a70effa1b8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:47:e2:cf:78:78:79:ea:5b:8f:41:d5:14:2f: f4:ac:1f:5b:ad:b5:20:f7:de:fc:5c:95:6f:be:2c: 7d:e2:cb:b0:49:e5:f2:ad:2b:08:7a:aa:aa:45:97: 69:ae:ff:66:56:b3:92:7b:f5:6e:66:48:68:9a:03: 4c:33:1e:d4:49:db:a5:75:3a:67:40:40:76:12:54: 5d:bb:a9:a6:6f:d3:2e:74:b9:45:5d:09:7c:49:73: f8:52:c9:e1:99:9a:85:75:66:88:a4:c0:72:66:1e: 4d:2e:45:5b:ae:37:1a:54:a0:ee:a6:ba:cd:22:53: e0:9c:53:4c:3e:62:0a:08:af:d8:c1:2e:37:35:21: 1c:44:26:7d:83:4c:e3:19:ab:24:32:6e:2a:13:79: d1:62:fd:b5:02:82:9e:e6:e0:70:e7:4c:d5:68:07: 32:4a:33:5a:f5:5a:5e:82:be:e2:19:2b:09:f9:ff: 7a:d7:9f:c9:4f:44:ba:a2:75:92:f9:fb:b0:7b:f0: f7:54:71:88:eb:56:37:15:47:a4:e4:4b:09:e9:9a: e7:61:14:51:2d:c8:5c:65:74:ce:a2:f8:fd:7c:eb: 00:c6:98:b5:fb:aa:b7:ee:75:48:ef:67:f2:70:7c: bd:61:c0:92:78:79:cd:ef:b8:a6:18:4e:15:75:1d: a6:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6D:C7:42:61:A7:5E:81:39:EE:BF:59:32:4B:74:85:A7:0E:FF:A1:B8 X509v3 Authority Key Identifier: keyid:84:5C:58:75:2F:33:36:42:2F:F0:EE:17:26:47:45:91:E7:A4:1E:5F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hFxYdS8zNkIv8O4XJkdFkeekHl8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/64e3ab-228c-4a23-9216-f134e51cc05b/1/bcdCYadegTnuv1kyS3SFpw7_obg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/64e3ab-228c-4a23-9216-f134e51cc05b/1/hFxYdS8zNkIv8O4XJkdFkeekHl8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 89.35.2.0/23 89.35.174.0/23 89.191.64.0/19 Signature Algorithm: sha256WithRSAEncryption 7b:1a:ed:3a:cb:a3:c9:b8:24:88:a4:27:45:4c:c5:26:10:bb: 55:ef:67:90:38:6e:10:29:c2:a8:a7:24:c1:b4:59:16:01:2e: 6b:3f:6f:1c:0e:50:8e:73:a6:01:e4:f0:1c:58:7d:5f:25:0a: fe:f1:97:86:de:12:ea:26:86:50:b7:08:68:49:bf:f6:d2:39: bf:e9:55:1e:f2:23:9f:fe:cb:f6:29:07:10:b0:7a:92:32:0f: ac:2d:71:e8:f1:09:90:4a:ea:6e:b6:85:52:30:84:bc:72:42: c0:38:82:49:4b:1c:af:b7:03:e1:cb:06:39:62:c0:b5:b0:5a: 23:4c:c7:2e:a7:e7:73:24:ed:96:dd:8d:41:48:18:32:0c:22: ca:3f:7d:1f:13:a2:93:72:cc:72:13:5d:f8:b4:e3:b7:60:ce: cb:5c:df:54:df:fb:e4:3e:ef:86:e4:61:31:c9:e9:1c:f6:f4: 46:b7:1c:08:36:4a:42:bb:b2:2f:04:21:45:7a:1d:a5:0e:cc: 0d:4b:4d:f2:a9:b0:b9:c2:ea:cd:08:b1:c0:c7:ac:76:ee:44: 75:4b:4b:38:bf:b9:f8:a6:47:ff:5f:73:b3:e3:6a:3b:18:a7: 27:59:a7:40:42:10:9c:5e:13:29:0d:14:5a:95:23:e2:90:0e: 03:4d:ac:28 -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt/8GLpao69ZwKsoXAzUwdKMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg0NWM1ODc1MmYzMzM2NDIyZmYwZWUxNzI2NDc0NTkxZTdh NDFlNWYwHhcNMjYwMTAyMTgyMDE4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2ZGM3NDI2MWE3NWU4MTM5ZWViZjU5MzI0Yjc0ODVhNzBlZmZhMWI4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Efiz3h4eepbj0HVFC/0rB9brbUg 9978XJVvvix94suwSeXyrSsIeqqqRZdprv9mVrOSe/VuZkhomgNMMx7USduldTpn QEB2ElRdu6mmb9MudLlFXQl8SXP4UsnhmZqFdWaIpMByZh5NLkVbrjcaVKDuprrN IlPgnFNMPmIKCK/YwS43NSEcRCZ9g0zjGaskMm4qE3nRYv21AoKe5uBw50zVaAcy SjNa9Vpegr7iGSsJ+f9615/JT0S6onWS+fuwe/D3VHGI61Y3FUek5EsJ6ZrnYRRR LchcZXTOovj9fOsAxpi1+6q37nVI72fycHy9YcCSeHnN77imGE4VdR2mRQIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFG3HQmGnXoE57r9ZMkt0hacO/6G4MB8GA1UdIwQY MBaAFIRcWHUvMzZCL/DuFyZHRZHnpB5fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaEZ4WWRTOHpOa0l2OE80WEprZEZrZWVrSGw4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS82NGUzYWItMjI4Yy00YTIzLTkyMTYt ZjEzNGU1MWNjMDViLzEvYmNkQ1lhZGVnVG51djFreVMzU0Zwdzdfb2JnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lOS82NGUzYWItMjI4Yy00YTIzLTkyMTYtZjEzNGU1MWNjMDVi LzEvaEZ4WWRTOHpOa0l2OE80WEprZEZrZWVrSGw4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBWSMCAwQB WSOuAwQFWb9AMA0GCSqGSIb3DQEBCwUAA4IBAQB7Gu06y6PJuCSIpCdFTMUmELtV 72eQOG4QKcKopyTBtFkWAS5rP28cDlCOc6YB5PAcWH1fJQr+8ZeG3hLqJoZQtwho Sb/20jm/6VUe8iOf/sv2KQcQsHqSMg+sLXHo8QmQSuputoVSMIS8ckLAOIJJSxyv twPhywY5YsC1sFojTMcup+dzJO2W3Y1BSBgyDCLKP30fE6KTcsxyE134tOO3YM7L XN9U3/vkPu+G5GExyekc9vRGtxwINkpCu7IvBCFFeh2lDswNS03yqbC5wurNCLHA x6x27kR1S0s4v7n4pkf/X3Oz42o7GKcnWadAQhCcXhMpDRRalSPikA4DTawo -----END CERTIFICATE-----Generated at Sun Jan 18 11:04:25 2026 by rpki-client