This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/01c31f-ee3c-435a-bfed-ef88b2cfe872/1/BReOo98IY0bkc4Zd1ThUM5GPXeI.roa File: BReOo98IY0bkc4Zd1ThUM5GPXeI.roa (raw, json) Hash identifier: UddnfSjHvfzz7O5p2bOPPSYGFo2s16YIBkdTNHh1wSw= Subject key identifier: 05:17:8E:A3:DF:08:63:46:E4:73:86:5D:D5:38:54:33:91:8F:5D:E2 Certificate issuer: /CN=35dfb4a5bc5b75bd94aa447ba33f55571971ccf6 Certificate serial: 019B797F4772CC1A449C57AFEA7962580871 Authority key identifier: 35:DF:B4:A5:BC:5B:75:BD:94:AA:44:7B:A3:3F:55:57:19:71:CC:F6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nd-0pbxbdb2UqkR7oz9VVxlxzPY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/01c31f-ee3c-435a-bfed-ef88b2cfe872/1/BReOo98IY0bkc4Zd1ThUM5GPXeI.roa Signing time: Thu 01 Jan 2026 12:19:02 +0000 ROA not before: Thu 01 Jan 2026 12:19:02 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 57255 IP address blocks: 45.88.4.0/24 maxlen: 24 91.230.156.0/24 maxlen: 24 213.177.184.0/24 maxlen: 24 2a0e:f300::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/01c31f-ee3c-435a-bfed-ef88b2cfe872/1/Nd-0pbxbdb2UqkR7oz9VVxlxzPY.crl rsync://rpki.ripe.net/repository/DEFAULT/12/01c31f-ee3c-435a-bfed-ef88b2cfe872/1/Nd-0pbxbdb2UqkR7oz9VVxlxzPY.mft rsync://rpki.ripe.net/repository/DEFAULT/Nd-0pbxbdb2UqkR7oz9VVxlxzPY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 15:00:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7f:47:72:cc:1a:44:9c:57:af:ea:79:62:58:08:71 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=35dfb4a5bc5b75bd94aa447ba33f55571971ccf6 Validity Not Before: Jan 1 12:19:02 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=05178ea3df086346e473865dd5385433918f5de2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:58:ca:80:b2:f0:c3:da:60:3c:71:64:22:f0: 9e:8d:98:04:50:4c:e8:12:83:de:17:25:57:8d:cb: 21:9f:3f:ec:21:96:1a:2b:d3:9f:78:0e:9e:51:2a: 26:07:f2:fc:6a:6d:1e:8d:80:32:78:09:43:e4:3e: af:94:ce:a1:86:2a:2d:10:c1:f0:11:b3:79:e6:6b: ac:11:12:b5:4b:15:d4:77:03:d1:21:7f:42:d1:92: ab:39:84:3a:5f:1f:93:85:2b:89:77:70:8b:3c:18: 64:a2:d8:d2:59:ae:b7:f1:c4:7b:22:7b:67:3f:07: 21:81:97:0a:68:30:6d:e9:4e:c6:ed:b1:45:76:2d: c5:f8:5f:a9:47:fd:ba:1d:93:7c:04:d1:fb:b9:3c: 20:87:44:90:02:98:1d:09:f3:fd:23:73:c7:e8:57: fd:64:d9:63:e2:65:05:de:55:25:f0:fd:5c:bb:a6: ba:8c:a9:9a:e6:dc:9b:02:9e:02:3f:8d:b2:9c:d6: 69:d7:0b:1d:ae:78:f0:75:2a:ba:67:c3:6d:cf:19: f2:6e:b3:ae:d9:88:72:60:fd:51:b4:65:12:d8:6b: a9:c9:43:e2:d7:d6:58:cc:95:96:e5:f2:1b:49:67: 65:17:bb:5b:64:87:5f:d9:ae:59:a3:56:6b:9f:9a: f2:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 05:17:8E:A3:DF:08:63:46:E4:73:86:5D:D5:38:54:33:91:8F:5D:E2 X509v3 Authority Key Identifier: keyid:35:DF:B4:A5:BC:5B:75:BD:94:AA:44:7B:A3:3F:55:57:19:71:CC:F6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nd-0pbxbdb2UqkR7oz9VVxlxzPY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/01c31f-ee3c-435a-bfed-ef88b2cfe872/1/BReOo98IY0bkc4Zd1ThUM5GPXeI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/12/01c31f-ee3c-435a-bfed-ef88b2cfe872/1/Nd-0pbxbdb2UqkR7oz9VVxlxzPY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.88.4.0/24 91.230.156.0/24 213.177.184.0/24 IPv6: 2a0e:f300::/29 Signature Algorithm: sha256WithRSAEncryption 89:e1:99:e2:16:bb:53:c7:ad:b7:10:58:ef:a0:13:f3:c3:95: 94:43:39:d5:af:1a:18:bf:35:e6:33:32:b0:8b:dd:1b:dd:c3: c9:cd:7d:e8:ea:a1:22:e9:45:4e:aa:da:f3:6a:7e:e1:43:6c: a8:20:1a:12:d5:f2:c4:ab:7e:13:e0:07:f5:1f:5e:62:11:8c: 2e:e9:1a:b6:aa:33:13:a4:81:c3:48:a6:14:b6:76:ec:1c:67: 6b:0c:5e:ff:09:82:78:67:b9:e7:47:b2:9e:02:31:0b:e5:4b: a8:2a:0d:51:b1:ec:ff:ca:8f:77:99:d4:01:5b:e2:85:98:b1: 4e:0c:0d:e5:d4:c8:7e:db:1e:34:5e:3a:9d:d2:2a:67:1a:b3: 93:cc:34:aa:9a:e8:9d:ae:98:31:0e:72:72:ed:d2:fa:9f:36: f1:f3:d8:00:14:7e:b8:d7:b3:3f:74:f3:c9:77:38:15:ee:08: b2:c1:85:f8:84:a9:69:2e:3f:de:80:29:ae:fd:64:45:11:a9: 2a:b5:7a:10:3a:00:4c:44:c9:4e:05:51:40:be:43:a1:e6:f5: 0d:81:3d:21:1f:e3:27:08:24:17:f0:18:4e:69:be:1b:01:c9: 53:eb:44:7a:ac:a1:03:39:92:79:7a:50:9d:fc:a6:ca:39:f9: b9:3c:04:40 -----BEGIN CERTIFICATE----- MIIFGDCCBACgAwIBAgISAZt5f0dyzBpEnFev6nliWAhxMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM1ZGZiNGE1YmM1Yjc1YmQ5NGFhNDQ3YmEzM2Y1NTU3MTk3 MWNjZjYwHhcNMjYwMTAxMTIxOTAyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwNTE3OGVhM2RmMDg2MzQ2ZTQ3Mzg2NWRkNTM4NTQzMzkxOGY1ZGUyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuljKgLLww9pgPHFkIvCejZgEUEzo EoPeFyVXjcshnz/sIZYaK9OfeA6eUSomB/L8am0ejYAyeAlD5D6vlM6hhiotEMHw EbN55musERK1SxXUdwPRIX9C0ZKrOYQ6Xx+ThSuJd3CLPBhkotjSWa638cR7Intn PwchgZcKaDBt6U7G7bFFdi3F+F+pR/26HZN8BNH7uTwgh0SQApgdCfP9I3PH6Ff9 ZNlj4mUF3lUl8P1cu6a6jKma5tybAp4CP42ynNZp1wsdrnjwdSq6Z8NtzxnybrOu 2YhyYP1RtGUS2GupyUPi19ZYzJWW5fIbSWdlF7tbZIdf2a5Zo1Zrn5ry2QIDAQAB o4ICJDCCAiAwHQYDVR0OBBYEFAUXjqPfCGNG5HOGXdU4VDORj13iMB8GA1UdIwQY MBaAFDXftKW8W3W9lKpEe6M/VVcZccz2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTmQtMHBieGJkYjJVcWtSN296OVZWeGx4elBZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi8wMWMzMWYtZWUzYy00MzVhLWJmZWQt ZWY4OGIyY2ZlODcyLzEvQlJlT285OElZMGJrYzRaZDFUaFVNNUdQWGVJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xMi8wMWMzMWYtZWUzYy00MzVhLWJmZWQtZWY4OGIyY2ZlODcy LzEvTmQtMHBieGJkYjJVcWtSN296OVZWeGx4elBZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQALVgEAwQA W+acAwQA1bG4MA0EAgACMAcDBQMqDvMAMA0GCSqGSIb3DQEBCwUAA4IBAQCJ4Zni FrtTx623EFjvoBPzw5WUQznVrxoYvzXmMzKwi90b3cPJzX3o6qEi6UVOqtrzan7h Q2yoIBoS1fLEq34T4Af1H15iEYwu6Rq2qjMTpIHDSKYUtnbsHGdrDF7/CYJ4Z7nn R7KeAjEL5UuoKg1Rsez/yo93mdQBW+KFmLFODA3l1Mh+2x40Xjqd0ipnGrOTzDSq muidrpgxDnJy7dL6nzbx89gAFH6417M/dPPJdzgV7giywYX4hKlpLj/egCmu/WRF EakqtXoQOgBMRMlOBVFAvkOh5vUNgT0hH+MnCCQX8BhOab4bAclT60R6rKEDOZJ5 elCd/KbKOfm5PARA -----END CERTIFICATE-----Generated at Mon Jan 26 16:57:18 2026 by rpki-client