This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/010ca1-5b30-4baf-831e-89551e8cce12/1/B923TTC0Df04C2WKB5eoCgT73fQ.roa File: B923TTC0Df04C2WKB5eoCgT73fQ.roa (raw, json) Hash identifier: u8SWrYqzCDPEqqAsY+pz5LjUeslP1zMGGkEQ+CEEG6g= Subject key identifier: 07:DD:B7:4D:30:B4:0D:FD:38:0B:65:8A:07:97:A8:0A:04:FB:DD:F4 Certificate issuer: /CN=06b7edef61858723c4adebe3ee5a89f70058d5fe Certificate serial: 019B7D5C464C1AF0F637ADB14C99EBE2FAED Authority key identifier: 06:B7:ED:EF:61:85:87:23:C4:AD:EB:E3:EE:5A:89:F7:00:58:D5:FE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Brft72GFhyPErevj7lqJ9wBY1f4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/010ca1-5b30-4baf-831e-89551e8cce12/1/B923TTC0Df04C2WKB5eoCgT73fQ.roa Signing time: Fri 02 Jan 2026 06:19:17 +0000 ROA not before: Fri 02 Jan 2026 06:19:17 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 15965 IP address blocks: 80.64.144.0/20 maxlen: 20 193.91.32.0/20 maxlen: 20 194.48.193.0/24 maxlen: 24 194.48.252.0/23 maxlen: 24 195.43.96.0/19 maxlen: 19 217.31.64.0/20 maxlen: 24 2a02:3a8::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ef/010ca1-5b30-4baf-831e-89551e8cce12/1/Brft72GFhyPErevj7lqJ9wBY1f4.crl rsync://rpki.ripe.net/repository/DEFAULT/ef/010ca1-5b30-4baf-831e-89551e8cce12/1/Brft72GFhyPErevj7lqJ9wBY1f4.mft rsync://rpki.ripe.net/repository/DEFAULT/Brft72GFhyPErevj7lqJ9wBY1f4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 21:00:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5c:46:4c:1a:f0:f6:37:ad:b1:4c:99:eb:e2:fa:ed Signature Algorithm: sha256WithRSAEncryption Issuer: CN=06b7edef61858723c4adebe3ee5a89f70058d5fe Validity Not Before: Jan 2 06:19:17 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=07ddb74d30b40dfd380b658a0797a80a04fbddf4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:7e:8c:c1:7f:f7:ee:bd:c9:ef:19:c6:cc:92: dc:76:d9:a1:e9:c9:62:34:40:15:45:cf:d5:bc:76: 28:d8:8c:5f:50:95:ce:19:f3:64:0e:8d:60:26:b8: b7:ca:c3:e6:23:dc:44:47:b4:b3:f1:1d:04:b4:2e: 81:a0:a1:86:30:03:49:09:c9:e1:e5:59:b3:cf:04: c3:ff:bf:71:d4:2e:df:7e:d1:c3:d7:6e:1c:2f:a7: 41:bb:2b:e3:7f:16:f0:eb:dd:4d:d1:46:8f:00:41: 79:28:6c:38:22:5b:20:3d:4d:36:a3:ce:83:9d:0b: bc:e0:61:32:0e:8a:43:ce:5b:70:f6:63:e4:0b:8b: 08:40:1b:af:c0:e1:3a:9d:95:79:56:34:6a:21:94: ff:b6:38:be:90:53:59:8b:fd:ce:78:3f:78:66:3c: a6:36:01:f5:8c:ba:2f:26:6a:c5:cb:dd:c1:26:90: b8:4e:6c:ce:80:ed:b1:8f:94:73:7c:91:39:fd:35: df:76:ee:4b:f8:8a:e0:20:88:46:2f:60:8d:df:f3: 30:d2:2e:49:1e:05:15:8c:7e:46:b3:bb:90:24:63: 52:26:c3:f7:23:3f:09:44:1b:24:c3:34:15:3a:52: d6:b6:3b:59:b1:65:20:a5:41:e2:60:22:06:89:60: c1:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 07:DD:B7:4D:30:B4:0D:FD:38:0B:65:8A:07:97:A8:0A:04:FB:DD:F4 X509v3 Authority Key Identifier: keyid:06:B7:ED:EF:61:85:87:23:C4:AD:EB:E3:EE:5A:89:F7:00:58:D5:FE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Brft72GFhyPErevj7lqJ9wBY1f4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/010ca1-5b30-4baf-831e-89551e8cce12/1/B923TTC0Df04C2WKB5eoCgT73fQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/010ca1-5b30-4baf-831e-89551e8cce12/1/Brft72GFhyPErevj7lqJ9wBY1f4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 80.64.144.0/20 193.91.32.0/20 194.48.193.0/24 194.48.252.0/23 195.43.96.0/19 217.31.64.0/20 IPv6: 2a02:3a8::/32 Signature Algorithm: sha256WithRSAEncryption cb:01:22:38:46:55:36:ea:1e:e0:e2:51:35:4b:33:7a:8a:91: 34:78:f3:06:e3:48:da:e4:75:99:a9:9d:38:0c:c7:38:70:64: b1:7c:82:8b:a4:14:06:15:71:64:43:f4:c6:ff:9e:e8:2b:9e: 0d:df:2d:25:4c:29:33:1e:62:3e:d3:e7:a1:b2:e7:19:1f:ad: 29:ba:ea:b9:f7:89:fd:94:ab:ed:a9:73:fb:c7:20:2c:93:ce: 56:2a:7f:88:9e:31:6b:0c:ee:eb:90:09:81:a2:ed:7f:d6:01: 71:9c:a1:a7:02:82:f0:0c:09:da:15:73:7d:84:0b:31:d2:40: 9b:f4:4a:d9:a7:4e:4c:de:f7:24:1a:aa:5c:ca:dc:ac:29:b0: b0:3c:b1:c2:6a:58:8f:62:03:a3:ec:6b:d6:b1:63:58:28:ef: 30:c8:53:dd:04:ce:7e:67:6d:66:94:35:f4:f9:f2:c3:a9:43: bc:6b:54:f1:8e:2e:2a:77:97:87:cd:75:41:18:6a:fc:98:c3: 78:ed:62:34:26:5b:6b:95:d3:41:1f:f2:41:7b:1e:b0:23:1d: cc:17:44:12:07:93:39:23:5b:c4:44:7d:4a:b3:e5:28:b5:13: 9d:88:6d:dd:2c:68:39:7e:fd:27:0e:06:5c:bb:84:d1:d5:be: 11:0b:57:52 -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgISAZt9XEZMGvD2N62xTJnr4vrtMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA2YjdlZGVmNjE4NTg3MjNjNGFkZWJlM2VlNWE4OWY3MDA1 OGQ1ZmUwHhcNMjYwMTAyMDYxOTE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwN2RkYjc0ZDMwYjQwZGZkMzgwYjY1OGEwNzk3YTgwYTA0ZmJkZGY0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs36MwX/37r3J7xnGzJLcdtmh6cli NEAVRc/VvHYo2IxfUJXOGfNkDo1gJri3ysPmI9xER7Sz8R0EtC6BoKGGMANJCcnh 5VmzzwTD/79x1C7fftHD124cL6dBuyvjfxbw691N0UaPAEF5KGw4IlsgPU02o86D nQu84GEyDopDzltw9mPkC4sIQBuvwOE6nZV5VjRqIZT/tji+kFNZi/3OeD94Zjym NgH1jLovJmrFy93BJpC4TmzOgO2xj5RzfJE5/TXfdu5L+IrgIIhGL2CN3/Mw0i5J HgUVjH5Gs7uQJGNSJsP3Iz8JRBskwzQVOlLWtjtZsWUgpUHiYCIGiWDBwwIDAQAB o4ICNjCCAjIwHQYDVR0OBBYEFAfdt00wtA39OAtligeXqAoE+930MB8GA1UdIwQY MBaAFAa37e9hhYcjxK3r4+5aifcAWNX+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQnJmdDcyR0ZoeVBFcmV2ajdscUo5d0JZMWY0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi8wMTBjYTEtNWIzMC00YmFmLTgzMWUt ODk1NTFlOGNjZTEyLzEvQjkyM1RUQzBEZjA0QzJXS0I1ZW9DZ1Q3M2ZRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lZi8wMTBjYTEtNWIzMC00YmFmLTgzMWUtODk1NTFlOGNjZTEy LzEvQnJmdDcyR0ZoeVBFcmV2ajdscUo5d0JZMWY0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQEUECQAwQE wVsgAwQAwjDBAwQBwjD8AwQFwytgAwQE2R9AMA0EAgACMAcDBQAqAgOoMA0GCSqG SIb3DQEBCwUAA4IBAQDLASI4RlU26h7g4lE1SzN6ipE0ePMG40ja5HWZqZ04DMc4 cGSxfIKLpBQGFXFkQ/TG/57oK54N3y0lTCkzHmI+0+ehsucZH60puuq594n9lKvt qXP7xyAsk85WKn+InjFrDO7rkAmBou1/1gFxnKGnAoLwDAnaFXN9hAsx0kCb9ErZ p05M3vckGqpcytysKbCwPLHCaliPYgOj7GvWsWNYKO8wyFPdBM5+Z21mlDX0+fLD qUO8a1Txji4qd5eHzXVBGGr8mMN47WI0JltrldNBH/JBex6wIx3MF0QSB5M5I1vE RH1Ks+UotROdiG3dLGg5fv0nDgZcu4TR1b4RC1dS -----END CERTIFICATE-----Generated at Tue Feb 10 04:14:18 2026 by rpki-client