This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/2bbcd4-edab-48ee-a411-28fc7063d952/1/bs5yH2megPEoLiq-1Ee8Z68_g6s.roa File: bs5yH2megPEoLiq-1Ee8Z68_g6s.roa (raw, json) Hash identifier: bWsVIEeX18Zj1B9Yp3oHbkNqexSpprAqTGKtlbcwk7o= Subject key identifier: 6E:CE:72:1F:69:9E:80:F1:28:2E:2A:BE:D4:47:BC:67:AF:3F:83:AB Certificate issuer: /CN=2890da765a999f719875c51eecf4c7d6148a1bd9 Certificate serial: 019B7E387BB94C471099BCAC44A527245FF1 Authority key identifier: 28:90:DA:76:5A:99:9F:71:98:75:C5:1E:EC:F4:C7:D6:14:8A:1B:D9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KJDadlqZn3GYdcUe7PTH1hSKG9k.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/2bbcd4-edab-48ee-a411-28fc7063d952/1/bs5yH2megPEoLiq-1Ee8Z68_g6s.roa Signing time: Fri 02 Jan 2026 10:19:49 +0000 ROA not before: Fri 02 Jan 2026 10:19:49 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 208339 IP address blocks: 45.143.204.0/22 maxlen: 23 45.143.204.0/23 maxlen: 24 45.143.204.0/24 maxlen: 24 45.143.205.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/2bbcd4-edab-48ee-a411-28fc7063d952/1/KJDadlqZn3GYdcUe7PTH1hSKG9k.crl rsync://rpki.ripe.net/repository/DEFAULT/19/2bbcd4-edab-48ee-a411-28fc7063d952/1/KJDadlqZn3GYdcUe7PTH1hSKG9k.mft rsync://rpki.ripe.net/repository/DEFAULT/KJDadlqZn3GYdcUe7PTH1hSKG9k.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:38:7b:b9:4c:47:10:99:bc:ac:44:a5:27:24:5f:f1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2890da765a999f719875c51eecf4c7d6148a1bd9 Validity Not Before: Jan 2 10:19:49 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=6ece721f699e80f1282e2abed447bc67af3f83ab Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:eb:c7:92:b8:5e:70:a3:8c:75:b4:0d:91:fe:b6: e9:04:52:df:e8:55:c4:7c:31:e6:c0:3b:7c:44:91: 60:a8:50:24:3c:69:30:36:91:6c:b4:78:02:bf:bc: 0b:4f:42:7e:cb:c9:5b:05:75:89:96:02:69:5d:1b: 05:95:f5:6d:3f:fe:ce:ed:81:a4:60:df:75:c8:27: 4c:e7:a0:a7:d0:ac:1c:a0:b5:52:c6:f7:43:14:9e: 34:01:fd:e6:2e:84:78:7f:ce:ea:5b:2c:e4:fe:72: 0b:74:b6:b1:4d:ec:d4:f5:ee:d3:d5:7d:57:37:68: 9d:07:10:1d:2e:31:13:c8:1d:95:7f:a9:45:00:17: b7:ed:34:ab:5a:5a:3c:74:2f:5c:59:39:c2:fa:13: a4:4f:67:c8:10:36:f4:7c:f4:b8:91:2a:20:1b:14: 32:1c:dc:57:a4:3d:d3:17:21:90:62:60:0e:82:0c: 49:61:fc:7a:7b:30:f7:77:e7:1e:49:6c:f2:00:08: bc:fc:93:9f:44:c5:a4:3e:7d:01:8c:e1:a0:6c:26: 6f:c1:56:5d:cd:00:5e:91:29:f0:49:64:18:0c:1a: fb:a8:07:b1:0d:b0:9f:b4:ea:51:fb:6a:7a:fd:57: c5:38:73:fa:45:c6:1d:18:1a:71:f9:b4:e2:14:eb: 7e:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6E:CE:72:1F:69:9E:80:F1:28:2E:2A:BE:D4:47:BC:67:AF:3F:83:AB X509v3 Authority Key Identifier: keyid:28:90:DA:76:5A:99:9F:71:98:75:C5:1E:EC:F4:C7:D6:14:8A:1B:D9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KJDadlqZn3GYdcUe7PTH1hSKG9k.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/2bbcd4-edab-48ee-a411-28fc7063d952/1/bs5yH2megPEoLiq-1Ee8Z68_g6s.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/19/2bbcd4-edab-48ee-a411-28fc7063d952/1/KJDadlqZn3GYdcUe7PTH1hSKG9k.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.143.204.0/22 Signature Algorithm: sha256WithRSAEncryption 06:4b:1a:91:73:fd:aa:e0:18:78:5f:29:15:27:24:eb:81:11: 0e:7a:9a:e5:0d:37:01:8c:4a:ea:70:1e:2d:8e:88:51:20:50: 80:ba:b2:4e:ae:eb:49:7e:66:27:a6:94:77:97:a1:33:50:b9: 1f:f8:bf:25:b5:5e:78:ed:28:23:ab:7d:a9:86:cc:6c:4e:55: fe:ff:c8:ca:0c:39:1d:7e:f1:e9:3a:38:9f:e0:cc:15:7c:1c: 36:fa:38:5b:cf:3c:36:50:56:62:f2:b4:9d:1d:8b:13:55:e2: 16:ae:44:45:1a:cb:e4:e4:00:c0:0e:c4:85:aa:04:17:3a:49: 10:83:d7:db:34:f1:4c:d5:40:11:7d:79:a4:64:c6:89:c4:ca: 03:9a:0a:b5:6b:d7:dc:1e:69:f1:07:13:f9:50:98:8f:d4:cb: 27:05:0e:1b:59:96:07:a5:fb:90:e7:2a:f3:13:df:8e:06:52: 45:45:99:51:0e:53:d4:a1:8e:60:33:15:df:ca:04:1b:f2:2c: cd:05:87:4c:67:48:d4:71:95:20:d2:d5:0e:29:48:b7:ae:a8: 4e:20:92:01:99:57:82:0b:8b:23:16:e1:29:94:df:67:a5:c4: ad:b0:cf:e3:b9:04:53:6d:2d:b4:74:b6:a3:0f:b4:bd:34:6b: cc:19:ce:c7 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt+OHu5TEcQmbysRKUnJF/xMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI4OTBkYTc2NWE5OTlmNzE5ODc1YzUxZWVjZjRjN2Q2MTQ4 YTFiZDkwHhcNMjYwMTAyMTAxOTQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2ZWNlNzIxZjY5OWU4MGYxMjgyZTJhYmVkNDQ3YmM2N2FmM2Y4M2FiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA68eSuF5wo4x1tA2R/rbpBFLf6FXE fDHmwDt8RJFgqFAkPGkwNpFstHgCv7wLT0J+y8lbBXWJlgJpXRsFlfVtP/7O7YGk YN91yCdM56Cn0KwcoLVSxvdDFJ40Af3mLoR4f87qWyzk/nILdLaxTezU9e7T1X1X N2idBxAdLjETyB2Vf6lFABe37TSrWlo8dC9cWTnC+hOkT2fIEDb0fPS4kSogGxQy HNxXpD3TFyGQYmAOggxJYfx6ezD3d+ceSWzyAAi8/JOfRMWkPn0BjOGgbCZvwVZd zQBekSnwSWQYDBr7qAexDbCftOpR+2p6/VfFOHP6RcYdGBpx+bTiFOt+7wIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFG7Och9pnoDxKC4qvtRHvGevP4OrMB8GA1UdIwQY MBaAFCiQ2nZamZ9xmHXFHuz0x9YUihvZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS0pEYWRscVpuM0dZZGNVZTdQVEgxaFNLRzlrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8yYmJjZDQtZWRhYi00OGVlLWE0MTEt MjhmYzcwNjNkOTUyLzEvYnM1eUgybWVnUEVvTGlxLTFFZThaNjhfZzZzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xOS8yYmJjZDQtZWRhYi00OGVlLWE0MTEtMjhmYzcwNjNkOTUy LzEvS0pEYWRscVpuM0dZZGNVZTdQVEgxaFNLRzlrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLY/MMA0G CSqGSIb3DQEBCwUAA4IBAQAGSxqRc/2q4Bh4XykVJyTrgREOeprlDTcBjErqcB4t johRIFCAurJOrutJfmYnppR3l6EzULkf+L8ltV547Sgjq32phsxsTlX+/8jKDDkd fvHpOjif4MwVfBw2+jhbzzw2UFZi8rSdHYsTVeIWrkRFGsvk5ADADsSFqgQXOkkQ g9fbNPFM1UARfXmkZMaJxMoDmgq1a9fcHmnxBxP5UJiP1MsnBQ4bWZYHpfuQ5yrz E9+OBlJFRZlRDlPUoY5gMxXfygQb8izNBYdMZ0jUcZUg0tUOKUi3rqhOIJIBmVeC C4sjFuEplN9npcStsM/juQRTbS20dLajD7S9NGvMGc7H -----END CERTIFICATE-----Generated at Mon Jan 26 07:58:03 2026 by rpki-client