This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/143392-d868-4a26-8543-3aa2227badfe/1/BS20TmqftUiHcp-uC9dL2gI-BNc.roa File: BS20TmqftUiHcp-uC9dL2gI-BNc.roa (raw, json) Hash identifier: pr6OCsI1Ad/tkV2rABLwG62aqjOA03sElNbNxIP4zvk= Subject key identifier: 05:2D:B4:4E:6A:9F:B5:48:87:72:9F:AE:0B:D7:4B:DA:02:3E:04:D7 Certificate issuer: /CN=5524b2e26dd3afcc5c1eac01f90263d201fbe099 Certificate serial: 019C1D9B69D6FA412AA27A2A88AB515B560A Authority key identifier: 55:24:B2:E2:6D:D3:AF:CC:5C:1E:AC:01:F9:02:63:D2:01:FB:E0:99 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VSSy4m3Tr8xcHqwB-QJj0gH74Jk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/143392-d868-4a26-8543-3aa2227badfe/1/BS20TmqftUiHcp-uC9dL2gI-BNc.roa Signing time: Mon 02 Feb 2026 09:07:30 +0000 ROA not before: Mon 02 Feb 2026 09:07:30 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 200216 IP address blocks: 2a13:2880::/29 maxlen: 29 2a13:dec0::/29 maxlen: 29 2a14:1300::/29 maxlen: 29 2a14:1500::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f9/143392-d868-4a26-8543-3aa2227badfe/1/VSSy4m3Tr8xcHqwB-QJj0gH74Jk.crl rsync://rpki.ripe.net/repository/DEFAULT/f9/143392-d868-4a26-8543-3aa2227badfe/1/VSSy4m3Tr8xcHqwB-QJj0gH74Jk.mft rsync://rpki.ripe.net/repository/DEFAULT/VSSy4m3Tr8xcHqwB-QJj0gH74Jk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 11 Feb 2026 00:00:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:1d:9b:69:d6:fa:41:2a:a2:7a:2a:88:ab:51:5b:56:0a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5524b2e26dd3afcc5c1eac01f90263d201fbe099 Validity Not Before: Feb 2 09:07:30 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=052db44e6a9fb54887729fae0bd74bda023e04d7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:d9:e7:fe:86:67:00:ab:8a:97:bc:0b:8c:36: 31:53:f8:b0:4b:51:56:1f:59:31:44:f0:d6:b5:b4: 49:69:f4:9d:56:78:6f:a9:9a:0b:6c:61:c2:9d:a0: 6e:46:24:47:44:7c:61:8a:51:cd:d8:9b:cb:bc:6c: 51:69:59:b3:da:c4:16:ad:ca:6b:26:a2:14:c5:53: 1b:6c:c3:3a:e3:23:cc:92:23:0b:6a:c3:ee:f0:09: fb:6b:85:62:ad:d5:a5:ad:93:f3:85:77:48:dc:51: dd:43:92:c6:2d:9c:70:be:1a:f7:78:d6:03:c1:48: 6f:80:0e:a1:8a:03:7a:02:bd:2b:70:9c:cf:5b:dd: 28:10:9f:40:74:fd:be:3e:53:1f:51:9d:00:e4:cd: 39:c9:2f:d9:be:67:4b:01:3e:71:e3:ae:78:52:60: 1a:01:df:a2:63:31:22:b2:57:ac:61:0c:8d:8b:5a: 9c:fa:23:e1:b8:ed:5d:79:06:0d:45:aa:cd:f3:41: 18:29:b9:3d:d8:c7:3c:c8:27:c3:89:56:55:1c:71: 3f:24:56:48:40:17:d4:7a:0b:3a:94:d3:b1:33:05: 87:76:7f:ba:37:72:d5:c4:eb:9c:d1:7f:72:a9:98: ca:fd:bb:ff:1c:7e:d7:cf:10:e6:08:a5:73:d8:43: 25:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 05:2D:B4:4E:6A:9F:B5:48:87:72:9F:AE:0B:D7:4B:DA:02:3E:04:D7 X509v3 Authority Key Identifier: keyid:55:24:B2:E2:6D:D3:AF:CC:5C:1E:AC:01:F9:02:63:D2:01:FB:E0:99 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VSSy4m3Tr8xcHqwB-QJj0gH74Jk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/143392-d868-4a26-8543-3aa2227badfe/1/BS20TmqftUiHcp-uC9dL2gI-BNc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/143392-d868-4a26-8543-3aa2227badfe/1/VSSy4m3Tr8xcHqwB-QJj0gH74Jk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a13:2880::/29 2a13:dec0::/29 2a14:1300::/29 2a14:1500::/29 Signature Algorithm: sha256WithRSAEncryption 13:bd:12:72:c9:65:dd:94:87:96:0b:70:91:e8:87:44:77:a3: 08:18:a2:80:1b:c6:84:df:a8:9d:19:d3:90:25:7b:35:18:6f: 6a:f7:7d:ef:38:51:53:06:f3:6f:75:50:d3:a7:4f:85:51:f8: 48:e1:5f:7d:20:a8:80:47:a4:b2:88:fc:64:44:bb:22:60:9c: b9:c9:f6:03:b1:ac:fb:ae:86:34:b2:1d:e8:bb:78:1b:ee:d6: 69:2d:7c:a6:12:cd:10:5a:d1:74:6c:84:62:e3:c3:9c:8d:93: a6:58:8f:e4:ea:c5:2c:9a:1d:04:b4:d7:cd:b3:1c:f1:47:c5: 64:12:96:52:ba:00:ec:96:50:c4:9c:a6:74:91:35:bb:e2:0d: e1:f8:8b:f5:00:47:23:74:10:07:78:a2:99:87:49:12:75:ea: 6f:ba:17:77:5b:e8:a2:6f:f0:c4:2c:71:b6:50:fb:d5:75:5f: 7d:19:d1:25:e0:b0:36:9a:3b:61:c1:13:f4:b7:46:95:90:56: 19:1c:5b:53:21:7e:c4:45:4d:a0:6b:91:bf:0e:61:39:d5:64: 2d:8f:46:96:5a:b9:1a:00:5c:fa:d4:25:d4:58:59:b0:55:58: a0:02:0d:64:c1:88:14:4d:5b:74:26:35:56:ba:cd:6c:77:98: 2e:f9:f1:70 -----BEGIN CERTIFICATE----- MIIFEzCCA/ugAwIBAgISAZwdm2nW+kEqonoqiKtRW1YKMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDU1MjRiMmUyNmRkM2FmY2M1YzFlYWMwMWY5MDI2M2QyMDFm YmUwOTkwHhcNMjYwMjAyMDkwNzMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwNTJkYjQ0ZTZhOWZiNTQ4ODc3MjlmYWUwYmQ3NGJkYTAyM2UwNGQ3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5Nnn/oZnAKuKl7wLjDYxU/iwS1FW H1kxRPDWtbRJafSdVnhvqZoLbGHCnaBuRiRHRHxhilHN2JvLvGxRaVmz2sQWrcpr JqIUxVMbbMM64yPMkiMLasPu8An7a4VirdWlrZPzhXdI3FHdQ5LGLZxwvhr3eNYD wUhvgA6higN6Ar0rcJzPW90oEJ9AdP2+PlMfUZ0A5M05yS/ZvmdLAT5x4654UmAa Ad+iYzEislesYQyNi1qc+iPhuO1deQYNRarN80EYKbk92Mc8yCfDiVZVHHE/JFZI QBfUegs6lNOxMwWHdn+6N3LVxOuc0X9yqZjK/bv/HH7XzxDmCKVz2EMlzQIDAQAB o4ICHzCCAhswHQYDVR0OBBYEFAUttE5qn7VIh3KfrgvXS9oCPgTXMB8GA1UdIwQY MBaAFFUksuJt06/MXB6sAfkCY9IB++CZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVlNTeTRtM1RyOHhjSHF3Qi1RSmowZ0g3NEprLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS8xNDMzOTItZDg2OC00YTI2LTg1NDMt M2FhMjIyN2JhZGZlLzEvQlMyMFRtcWZ0VWlIY3AtdUM5ZEwyZ0ktQk5jLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mOS8xNDMzOTItZDg2OC00YTI2LTg1NDMtM2FhMjIyN2JhZGZl LzEvVlNTeTRtM1RyOHhjSHF3Qi1RSmowZ0g3NEprLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUDKhMogAMF AyoT3sADBQMqFBMAAwUDKhQVADANBgkqhkiG9w0BAQsFAAOCAQEAE70Scsll3ZSH lgtwkeiHRHejCBiigBvGhN+onRnTkCV7NRhvavd97zhRUwbzb3VQ06dPhVH4SOFf fSCogEeksoj8ZES7ImCcucn2A7Gs+66GNLId6Lt4G+7WaS18phLNEFrRdGyEYuPD nI2TpliP5OrFLJodBLTXzbMc8UfFZBKWUroA7JZQxJymdJE1u+IN4fiL9QBHI3QQ B3iimYdJEnXqb7oXd1voom/wxCxxtlD71XVffRnRJeCwNpo7YcET9LdGlZBWGRxb UyF+xEVNoGuRvw5hOdVkLY9Gllq5GgBc+tQl1FhZsFVYoAINZMGIFE1bdCY1VrrN bHeYLvnxcA== -----END CERTIFICATE-----Generated at Tue Feb 10 07:53:26 2026 by rpki-client