This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/BgaPpw4QZZFq8BjvHJztJJvHVPk.roa File: BgaPpw4QZZFq8BjvHJztJJvHVPk.roa (raw, json) Hash identifier: 1bdyBEdjzw65JHZi7PKNdH+OzNLoot3lZr9JxQYu6k4= Subject key identifier: 06:06:8F:A7:0E:10:65:91:6A:F0:18:EF:1C:9C:ED:24:9B:C7:54:F9 Certificate issuer: /CN=ba6ed0fb7b320832ac1580534c7b263f304e981b Certificate serial: 019B7F841A4019EAAC556F2A9DAC8DBD0B18 Authority key identifier: BA:6E:D0:FB:7B:32:08:32:AC:15:80:53:4C:7B:26:3F:30:4E:98:1B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/BgaPpw4QZZFq8BjvHJztJJvHVPk.roa Signing time: Fri 02 Jan 2026 16:22:02 +0000 ROA not before: Fri 02 Jan 2026 16:22:02 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 397521 IP address blocks: 2a01:488:bb1c::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/um7Q-3syCDKsFYBTTHsmPzBOmBs.crl rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/um7Q-3syCDKsFYBTTHsmPzBOmBs.mft rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:84:1a:40:19:ea:ac:55:6f:2a:9d:ac:8d:bd:0b:18 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ba6ed0fb7b320832ac1580534c7b263f304e981b Validity Not Before: Jan 2 16:22:02 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=06068fa70e1065916af018ef1c9ced249bc754f9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:02:0a:bd:d9:db:d4:cc:01:07:64:3a:92:6b: 51:48:75:10:70:a3:a4:78:93:31:7e:72:47:2f:1b: d1:75:d0:d9:36:f3:e8:b0:65:40:5f:78:d6:15:51: 09:4e:31:bb:b4:62:b3:da:23:18:7c:da:3f:4a:2e: 67:4a:01:cd:65:85:d2:58:8a:55:6e:be:80:51:97: 79:13:a4:06:fd:59:ae:57:94:02:12:f8:65:5b:f9: 3b:87:7c:82:95:11:71:2a:4f:8e:81:14:50:1f:6c: 76:e9:dc:81:e5:77:9f:de:c9:55:db:51:fd:8b:c9: 7f:ff:fa:b8:78:cf:34:31:6a:9a:89:66:5c:2d:da: 10:f7:f1:f3:1c:f9:e7:2d:cc:e9:e6:de:d1:d2:ab: de:b5:fb:fd:a4:cd:ce:39:db:8e:59:9d:60:05:f7: 5e:df:28:59:dd:dd:3e:10:19:5b:91:77:87:fe:3a: cf:ef:f1:11:f8:b6:72:a9:b7:d0:8b:bd:aa:d6:2d: 5e:e4:2b:88:f2:e8:97:48:73:50:07:6b:3d:60:7b: 34:64:d1:21:3d:12:8d:9a:24:55:52:68:63:fa:0a: ac:85:f4:8c:74:ea:be:08:8b:30:e5:cb:ec:bf:db: a6:d0:c7:e5:5e:b6:ce:8c:ff:b4:a2:5a:a9:87:2d: bd:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 06:06:8F:A7:0E:10:65:91:6A:F0:18:EF:1C:9C:ED:24:9B:C7:54:F9 X509v3 Authority Key Identifier: keyid:BA:6E:D0:FB:7B:32:08:32:AC:15:80:53:4C:7B:26:3F:30:4E:98:1B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/BgaPpw4QZZFq8BjvHJztJJvHVPk.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/um7Q-3syCDKsFYBTTHsmPzBOmBs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a01:488:bb1c::/48 Signature Algorithm: sha256WithRSAEncryption a3:f6:fa:ef:b6:c2:b2:18:3b:0b:c2:59:02:a6:93:6f:09:27: 08:23:84:fe:b4:ab:5e:9a:43:10:b2:82:59:53:8b:ec:15:46: 6d:9e:e7:30:18:88:04:e3:96:b3:ca:57:f1:a2:46:64:af:44: 69:92:11:e4:fc:30:b9:f8:3e:e3:d8:f0:f3:d4:80:91:da:ee: 56:9f:0b:27:30:37:7f:61:a6:1f:5a:93:78:5d:b9:8a:65:57: 06:c8:7c:fd:fb:31:7c:51:15:7d:a5:06:fb:41:e0:e0:5a:38: 3e:c0:5e:f0:c1:37:23:b0:2c:69:53:9f:9b:fa:82:61:47:a9: 92:e5:3a:09:27:45:7d:d3:57:25:fa:a0:0a:11:1c:73:76:82: 8e:45:b1:87:be:85:fa:16:e9:d7:d2:33:41:77:5a:79:df:5d: 47:e4:6b:85:a6:b4:0e:d5:a6:d7:c2:1d:8c:5b:7d:95:b5:b9: 5a:d6:f0:54:fa:83:12:8e:36:8a:06:b9:00:c4:8e:62:6e:50: 52:05:61:f4:47:f0:4c:f4:76:8a:57:49:3e:fb:f9:6c:3d:a1: a9:79:d6:71:8c:de:5e:63:a9:e6:1b:46:93:18:ef:63:7f:7a: fd:3f:35:50:94:a3:8e:e3:7c:55:b1:51:43:2a:83:74:4b:25: b1:19:ae:fa -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt/hBpAGeqsVW8qnayNvQsYMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGJhNmVkMGZiN2IzMjA4MzJhYzE1ODA1MzRjN2IyNjNmMzA0 ZTk4MWIwHhcNMjYwMTAyMTYyMjAyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwNjA2OGZhNzBlMTA2NTkxNmFmMDE4ZWYxYzljZWQyNDliYzc1NGY5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAswIKvdnb1MwBB2Q6kmtRSHUQcKOk eJMxfnJHLxvRddDZNvPosGVAX3jWFVEJTjG7tGKz2iMYfNo/Si5nSgHNZYXSWIpV br6AUZd5E6QG/VmuV5QCEvhlW/k7h3yClRFxKk+OgRRQH2x26dyB5Xef3slV21H9 i8l///q4eM80MWqaiWZcLdoQ9/HzHPnnLczp5t7R0qvetfv9pM3OOduOWZ1gBfde 3yhZ3d0+EBlbkXeH/jrP7/ER+LZyqbfQi72q1i1e5CuI8uiXSHNQB2s9YHs0ZNEh PRKNmiRVUmhj+gqshfSMdOq+CIsw5cvsv9um0MflXrbOjP+0olqphy29JQIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFAYGj6cOEGWRavAY7xyc7SSbx1T5MB8GA1UdIwQY MBaAFLpu0Pt7MggyrBWAU0x7Jj8wTpgbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdW03US0zc3lDREtzRllCVFRIc21QekJPbUJzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC80MjA0MWQtNTkzMS00ODI0LTkyNTQt MTYxZjM0MjM4N2QxLzEvQmdhUHB3NFFaWkZxOEJqdkhKenRKSnZIVlBrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMC80MjA0MWQtNTkzMS00ODI0LTkyNTQtMTYxZjM0MjM4N2Qx LzEvdW03US0zc3lDREtzRllCVFRIc21QekJPbUJzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgEEiLsc MA0GCSqGSIb3DQEBCwUAA4IBAQCj9vrvtsKyGDsLwlkCppNvCScII4T+tKtemkMQ soJZU4vsFUZtnucwGIgE45azylfxokZkr0RpkhHk/DC5+D7j2PDz1ICR2u5Wnwsn MDd/YaYfWpN4XbmKZVcGyHz9+zF8URV9pQb7QeDgWjg+wF7wwTcjsCxpU5+b+oJh R6mS5ToJJ0V901cl+qAKERxzdoKORbGHvoX6FunX0jNBd1p5311H5GuFprQO1abX wh2MW32Vtbla1vBU+oMSjjaKBrkAxI5iblBSBWH0R/BM9HaKV0k++/lsPaGpedZx jN5eY6nmG0aTGO9jf3r9PzVQlKOO43xVsVFDKoN0SyWxGa76 -----END CERTIFICATE-----Generated at Sun Jan 25 12:46:59 2026 by rpki-client