This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/91a5fd-e56c-4d87-bd75-654dd6442ce4/1/BNGMVvTZ1XawSMPOVaywEKgFz8w.roa File: BNGMVvTZ1XawSMPOVaywEKgFz8w.roa (raw, json) Hash identifier: WMt9Jn62xWAvsFJt6BLgLhIXnUKvtSHXK/jsLiQ9wc0= Subject key identifier: 04:D1:8C:56:F4:D9:D5:76:B0:48:C3:CE:55:AC:B0:10:A8:05:CF:CC Certificate issuer: /CN=23259da3b1b38ca0939f490fb9043fcd89cfd062 Certificate serial: 019B7A5B35C0C264AAE07E36C62670FA20E2 Authority key identifier: 23:25:9D:A3:B1:B3:8C:A0:93:9F:49:0F:B9:04:3F:CD:89:CF:D0:62 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IyWdo7GzjKCTn0kPuQQ_zYnP0GI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/91a5fd-e56c-4d87-bd75-654dd6442ce4/1/BNGMVvTZ1XawSMPOVaywEKgFz8w.roa Signing time: Thu 01 Jan 2026 16:19:16 +0000 ROA not before: Thu 01 Jan 2026 16:19:16 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 201654 IP address blocks: 185.67.188.0/22 maxlen: 22 185.151.168.0/22 maxlen: 22 2a05:1200::/30 maxlen: 30 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/91a5fd-e56c-4d87-bd75-654dd6442ce4/1/IyWdo7GzjKCTn0kPuQQ_zYnP0GI.crl rsync://rpki.ripe.net/repository/DEFAULT/23/91a5fd-e56c-4d87-bd75-654dd6442ce4/1/IyWdo7GzjKCTn0kPuQQ_zYnP0GI.mft rsync://rpki.ripe.net/repository/DEFAULT/IyWdo7GzjKCTn0kPuQQ_zYnP0GI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 01:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5b:35:c0:c2:64:aa:e0:7e:36:c6:26:70:fa:20:e2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=23259da3b1b38ca0939f490fb9043fcd89cfd062 Validity Not Before: Jan 1 16:19:16 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=04d18c56f4d9d576b048c3ce55acb010a805cfcc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:95:55:7d:e2:8a:d5:24:cd:12:f3:bf:6a:22:7a: ff:c4:8d:de:43:07:81:db:c2:34:c6:1f:61:9b:74: dd:b5:7b:e0:a5:6e:e3:17:67:c6:9d:7a:40:3a:0f: 5a:da:e3:25:9e:51:a6:cb:6a:8a:7f:35:f4:41:45: e5:9d:85:64:5a:41:ce:09:34:80:78:12:1f:75:ac: 1b:82:1d:c7:c6:a4:e3:df:1c:72:c7:5f:8b:c3:26: 37:e7:a4:45:25:54:00:f7:2c:a6:4d:6b:4a:00:3a: 26:f4:40:d1:34:e6:59:e9:ba:8f:6d:be:f8:bb:95: 24:25:d4:16:fa:02:c4:c3:9d:3b:69:57:f3:0e:b7: c6:41:73:e2:c5:6e:3e:de:50:8d:ba:bf:22:dc:91: 3e:51:1c:5d:b0:70:2b:f5:4e:0e:04:61:26:86:7a: 6f:28:af:00:fd:df:ec:e5:41:bb:1b:a0:d0:ac:26: 59:64:7f:84:fc:2b:23:a3:bd:97:f2:ba:ec:b8:62: 43:22:fa:fc:cf:43:18:47:5d:c4:22:69:8a:29:35: 1b:7c:f4:27:4e:b8:0d:7f:b7:15:c3:d0:94:af:6b: 15:d0:4b:94:71:f3:60:42:86:a8:5f:52:92:67:8f: 16:2d:30:4f:ce:86:46:22:d4:74:4b:be:ff:4e:35: 0e:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 04:D1:8C:56:F4:D9:D5:76:B0:48:C3:CE:55:AC:B0:10:A8:05:CF:CC X509v3 Authority Key Identifier: keyid:23:25:9D:A3:B1:B3:8C:A0:93:9F:49:0F:B9:04:3F:CD:89:CF:D0:62 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IyWdo7GzjKCTn0kPuQQ_zYnP0GI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/91a5fd-e56c-4d87-bd75-654dd6442ce4/1/BNGMVvTZ1XawSMPOVaywEKgFz8w.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/23/91a5fd-e56c-4d87-bd75-654dd6442ce4/1/IyWdo7GzjKCTn0kPuQQ_zYnP0GI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.67.188.0/22 185.151.168.0/22 IPv6: 2a05:1200::/30 Signature Algorithm: sha256WithRSAEncryption 34:48:73:4b:91:83:1b:9a:32:d0:7e:7f:b0:88:8a:d3:8f:a7: 35:06:da:fa:af:9d:9d:f6:6f:76:a2:f9:64:d1:65:75:48:51: ee:9c:8a:c3:af:5b:d3:10:9c:17:c0:65:a1:5a:09:78:27:2e: 5f:35:8b:63:de:ad:b5:58:5a:02:90:fc:4e:fa:83:55:c3:36: ea:b8:7d:f1:e8:16:86:b5:50:22:b8:95:42:e3:90:90:c2:34: b0:1c:3f:07:16:64:c5:da:b0:04:ef:ea:b4:7d:52:c8:d0:bc: 90:0e:c5:18:42:ad:fb:1c:9a:f7:75:8c:f3:d2:6e:ae:23:b1: 75:41:85:37:8e:6b:8d:65:c8:71:30:e8:89:89:0d:b4:9a:d7: a4:0c:8c:72:fa:16:8e:6a:60:1a:6f:68:df:8c:6b:3c:26:67: 71:a6:a9:83:47:62:e0:85:50:d5:10:b1:3d:45:f6:59:56:46: 78:80:fe:dd:c9:e8:ad:15:d0:31:2d:15:43:15:41:b7:16:58: 84:ad:4f:75:5c:b8:f0:db:57:8e:01:c9:8a:6a:bb:c1:de:0b: d3:83:9a:99:11:8c:2d:53:fb:5c:1b:cd:4d:c3:68:ec:43:13: 2c:cf:4d:bd:e2:88:9e:f6:d9:88:dd:e5:4d:33:1e:27:dc:db: 4a:ba:a5:e9 -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt6WzXAwmSq4H42xiZw+iDiMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIzMjU5ZGEzYjFiMzhjYTA5MzlmNDkwZmI5MDQzZmNkODlj ZmQwNjIwHhcNMjYwMTAxMTYxOTE2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwNGQxOGM1NmY0ZDlkNTc2YjA0OGMzY2U1NWFjYjAxMGE4MDVjZmNjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlVV94orVJM0S879qInr/xI3eQweB 28I0xh9hm3TdtXvgpW7jF2fGnXpAOg9a2uMlnlGmy2qKfzX0QUXlnYVkWkHOCTSA eBIfdawbgh3HxqTj3xxyx1+LwyY356RFJVQA9yymTWtKADom9EDRNOZZ6bqPbb74 u5UkJdQW+gLEw507aVfzDrfGQXPixW4+3lCNur8i3JE+URxdsHAr9U4OBGEmhnpv KK8A/d/s5UG7G6DQrCZZZH+E/Csjo72X8rrsuGJDIvr8z0MYR13EImmKKTUbfPQn TrgNf7cVw9CUr2sV0EuUcfNgQoaoX1KSZ48WLTBPzoZGItR0S77/TjUOcwIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFATRjFb02dV2sEjDzlWssBCoBc/MMB8GA1UdIwQY MBaAFCMlnaOxs4ygk59JD7kEP82Jz9BiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSXlXZG83R3pqS0NUbjBrUHVRUV96WW5QMEdJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy85MWE1ZmQtZTU2Yy00ZDg3LWJkNzUt NjU0ZGQ2NDQyY2U0LzEvQk5HTVZ2VFoxWGF3U01QT1ZheXdFS2dGejh3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMy85MWE1ZmQtZTU2Yy00ZDg3LWJkNzUtNjU0ZGQ2NDQyY2U0 LzEvSXlXZG83R3pqS0NUbjBrUHVRUV96WW5QMEdJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuUO8AwQC uZeoMA0EAgACMAcDBQIqBRIAMA0GCSqGSIb3DQEBCwUAA4IBAQA0SHNLkYMbmjLQ fn+wiIrTj6c1Btr6r52d9m92ovlk0WV1SFHunIrDr1vTEJwXwGWhWgl4Jy5fNYtj 3q21WFoCkPxO+oNVwzbquH3x6BaGtVAiuJVC45CQwjSwHD8HFmTF2rAE7+q0fVLI 0LyQDsUYQq37HJr3dYzz0m6uI7F1QYU3jmuNZchxMOiJiQ20mtekDIxy+haOamAa b2jfjGs8JmdxpqmDR2LghVDVELE9RfZZVkZ4gP7dyeitFdAxLRVDFUG3FliErU91 XLjw21eOAcmKarvB3gvTg5qZEYwtU/tcG81Nw2jsQxMsz0294oie9tmI3eVNMx4n 3NtKuqXp -----END CERTIFICATE-----Generated at Mon Jan 26 11:26:56 2026 by rpki-client