This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/01608d-08f1-4ab5-a926-be561ccded2c/1/BvnR5KCMhsoLCz2hSAnbNfkHGk0.roa File: BvnR5KCMhsoLCz2hSAnbNfkHGk0.roa (raw, json) Hash identifier: hDwrjYY17s8gLiCt6EYouA8sleyAadnkSLPmIcLH8nw= Subject key identifier: 06:F9:D1:E4:A0:8C:86:CA:0B:0B:3D:A1:48:09:DB:35:F9:07:1A:4D Certificate issuer: /CN=ff8ced3b09a905eb96869c58f66b4f8b591503b0 Certificate serial: 019B7AC7D0A154A8E8D7202DA9CAB4C67EFE Authority key identifier: FF:8C:ED:3B:09:A9:05:EB:96:86:9C:58:F6:6B:4F:8B:59:15:03:B0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4ztOwmpBeuWhpxY9mtPi1kVA7A.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/01608d-08f1-4ab5-a926-be561ccded2c/1/BvnR5KCMhsoLCz2hSAnbNfkHGk0.roa Signing time: Thu 01 Jan 2026 18:17:53 +0000 ROA not before: Thu 01 Jan 2026 18:17:53 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 24881 IP address blocks: 91.192.156.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f5/01608d-08f1-4ab5-a926-be561ccded2c/1/_4ztOwmpBeuWhpxY9mtPi1kVA7A.crl rsync://rpki.ripe.net/repository/DEFAULT/f5/01608d-08f1-4ab5-a926-be561ccded2c/1/_4ztOwmpBeuWhpxY9mtPi1kVA7A.mft rsync://rpki.ripe.net/repository/DEFAULT/_4ztOwmpBeuWhpxY9mtPi1kVA7A.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 09:01:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:c7:d0:a1:54:a8:e8:d7:20:2d:a9:ca:b4:c6:7e:fe Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ff8ced3b09a905eb96869c58f66b4f8b591503b0 Validity Not Before: Jan 1 18:17:53 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=06f9d1e4a08c86ca0b0b3da14809db35f9071a4d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:12:59:a7:a6:70:e8:51:7b:30:e0:2a:d9:00: b3:ec:37:4a:2a:b8:f4:f0:fc:97:44:3f:86:d6:0f: 69:51:f0:4a:17:41:6a:d8:f3:52:8c:02:da:ea:87: f0:d8:7e:d9:8a:ad:02:3f:3b:b1:38:2e:fe:b1:32: f5:4c:e8:95:d9:a3:f6:dd:0d:47:16:f1:dc:a2:6a: 9c:69:4f:31:07:ed:d5:15:ad:75:cd:b1:17:9f:0b: e2:74:53:42:1b:a2:14:1c:bf:46:eb:17:c9:d4:53: 96:23:f9:01:2e:8d:17:15:93:ad:ad:d0:15:2d:75: 80:99:c7:33:ec:6c:9a:98:8a:1b:4a:8d:54:8e:d0: de:30:0b:7c:97:21:a2:e9:53:87:17:e0:ac:54:a5: 3d:76:c3:33:19:ec:be:dd:c5:89:c8:26:0f:97:20: 4d:9e:62:30:b9:cf:97:09:4a:10:02:47:df:e3:7e: a5:a5:aa:62:3c:f8:27:a2:7f:cf:e2:f8:a6:ab:8e: aa:29:de:82:d0:ef:85:d7:1d:34:f5:d1:ef:9a:83: e3:7d:7d:b6:93:b8:03:19:b0:e5:e3:f8:e3:d7:3c: b4:50:55:3f:3f:00:a3:59:b9:58:e8:2f:cf:05:83: fa:9b:aa:bf:51:1e:a1:0a:bb:56:01:a7:9d:6a:77: 26:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 06:F9:D1:E4:A0:8C:86:CA:0B:0B:3D:A1:48:09:DB:35:F9:07:1A:4D X509v3 Authority Key Identifier: keyid:FF:8C:ED:3B:09:A9:05:EB:96:86:9C:58:F6:6B:4F:8B:59:15:03:B0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4ztOwmpBeuWhpxY9mtPi1kVA7A.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/01608d-08f1-4ab5-a926-be561ccded2c/1/BvnR5KCMhsoLCz2hSAnbNfkHGk0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/01608d-08f1-4ab5-a926-be561ccded2c/1/_4ztOwmpBeuWhpxY9mtPi1kVA7A.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.192.156.0/22 Signature Algorithm: sha256WithRSAEncryption 4f:4a:cd:d8:13:2f:02:6a:c4:fe:6d:47:dc:99:51:fd:d9:a6: 93:2e:1e:84:70:e1:71:df:d4:00:ba:25:bd:3d:b0:4b:23:88: c9:58:ac:e6:9d:70:71:5f:ad:a3:a7:89:40:1d:24:c1:52:c1: ec:45:ed:6c:ae:94:da:0e:f3:6c:20:22:1a:a2:5c:71:1a:d5: 95:e1:2f:b8:6a:58:d7:bf:c8:06:bc:23:20:da:d9:ab:be:68: 46:9b:a8:6b:77:8b:38:b9:e3:b5:b5:66:0d:41:0d:da:22:14: 62:8e:5a:ac:5e:9b:a5:ea:e9:de:8f:9d:64:70:d1:80:48:5a: b8:f6:96:11:e2:25:f6:5b:7d:3b:88:1d:a5:69:c1:4e:9c:7f: f2:d9:b2:4c:60:f6:47:99:c6:7e:fe:72:29:dd:e5:e8:38:1b: 3e:0d:cd:77:1a:e7:9b:76:15:22:37:a1:9f:e0:0d:78:1f:85: aa:70:5e:b9:75:c8:29:66:47:c5:67:fe:e5:1d:0b:96:3c:fc: 6f:cd:42:e2:7b:98:ae:13:6f:a7:73:91:d2:96:27:da:d9:a0: e6:18:06:d0:57:2e:39:40:6e:09:02:46:49:6a:b9:a4:70:d7: c8:97:3d:ca:31:10:6a:7b:88:1e:96:dd:63:5f:ef:02:8f:fc: 0d:c0:d0:9e -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt6x9ChVKjo1yAtqcq0xn7+MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGZmOGNlZDNiMDlhOTA1ZWI5Njg2OWM1OGY2NmI0ZjhiNTkx NTAzYjAwHhcNMjYwMTAxMTgxNzUzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwNmY5ZDFlNGEwOGM4NmNhMGIwYjNkYTE0ODA5ZGIzNWY5MDcxYTRkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyRJZp6Zw6FF7MOAq2QCz7DdKKrj0 8PyXRD+G1g9pUfBKF0Fq2PNSjALa6ofw2H7Ziq0CPzuxOC7+sTL1TOiV2aP23Q1H FvHcomqcaU8xB+3VFa11zbEXnwvidFNCG6IUHL9G6xfJ1FOWI/kBLo0XFZOtrdAV LXWAmccz7GyamIobSo1UjtDeMAt8lyGi6VOHF+CsVKU9dsMzGey+3cWJyCYPlyBN nmIwuc+XCUoQAkff436lpapiPPgnon/P4vimq46qKd6C0O+F1x009dHvmoPjfX22 k7gDGbDl4/jj1zy0UFU/PwCjWblY6C/PBYP6m6q/UR6hCrtWAaedancmRQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFAb50eSgjIbKCws9oUgJ2zX5BxpNMB8GA1UdIwQY MBaAFP+M7TsJqQXrloacWPZrT4tZFQOwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvXzR6dE93bXBCZXVXaHB4WTltdFBpMWtWQTdBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS8wMTYwOGQtMDhmMS00YWI1LWE5MjYt YmU1NjFjY2RlZDJjLzEvQnZuUjVLQ01oc29MQ3oyaFNBbmJOZmtIR2swLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mNS8wMTYwOGQtMDhmMS00YWI1LWE5MjYtYmU1NjFjY2RlZDJj LzEvXzR6dE93bXBCZXVXaHB4WTltdFBpMWtWQTdBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW8CcMA0G CSqGSIb3DQEBCwUAA4IBAQBPSs3YEy8CasT+bUfcmVH92aaTLh6EcOFx39QAuiW9 PbBLI4jJWKzmnXBxX62jp4lAHSTBUsHsRe1srpTaDvNsICIaolxxGtWV4S+4aljX v8gGvCMg2tmrvmhGm6hrd4s4ueO1tWYNQQ3aIhRijlqsXpul6unej51kcNGASFq4 9pYR4iX2W307iB2lacFOnH/y2bJMYPZHmcZ+/nIp3eXoOBs+Dc13GuebdhUiN6Gf 4A14H4WqcF65dcgpZkfFZ/7lHQuWPPxvzULie5iuE2+nc5HSlifa2aDmGAbQVy45 QG4JAkZJarmkcNfIlz3KMRBqe4gelt1jX+8Cj/wNwNCe -----END CERTIFICATE-----Generated at Mon Feb 9 18:22:40 2026 by rpki-client