This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/bKFR-ExETl9kc_NczqQy1RxK9rs.roa File: bKFR-ExETl9kc_NczqQy1RxK9rs.roa (raw, json) Hash identifier: plcIB/DfvBpq4QLItxVjsjUSKb2BA3Zq8rL1ma4T6FY= Subject key identifier: 6C:A1:51:F8:4C:44:4E:5F:64:73:F3:5C:CE:A4:32:D5:1C:4A:F6:BB Certificate issuer: /CN=68a8e93d3f590f4450d1db3c2074598244353e93 Certificate serial: 019B7A5ADDE9F00223E4990BB4A383C17725 Authority key identifier: 68:A8:E9:3D:3F:59:0F:44:50:D1:DB:3C:20:74:59:82:44:35:3E:93 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/bKFR-ExETl9kc_NczqQy1RxK9rs.roa Signing time: Thu 01 Jan 2026 16:18:53 +0000 ROA not before: Thu 01 Jan 2026 16:18:53 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 12859 IP address blocks: 2.56.226.0/23 maxlen: 24 2a09:d240:1::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.crl rsync://rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.mft rsync://rpki.ripe.net/repository/DEFAULT/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5a:dd:e9:f0:02:23:e4:99:0b:b4:a3:83:c1:77:25 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=68a8e93d3f590f4450d1db3c2074598244353e93 Validity Not Before: Jan 1 16:18:53 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=6ca151f84c444e5f6473f35ccea432d51c4af6bb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:ba:ce:f3:9f:de:79:50:cc:d5:b9:9f:3c:05: 47:ec:e9:00:7b:9f:98:28:36:03:37:65:bd:6d:bb: c3:69:91:57:e9:b3:20:7e:0f:93:d6:8a:9b:a7:92: 11:39:66:b2:7d:1b:99:81:63:76:13:79:b1:54:90: 0d:ba:e3:8d:2b:35:cc:3b:1a:a8:ba:5f:d3:4f:3e: 84:0a:7e:af:e2:84:e7:0f:9f:85:c8:bc:fa:9c:fc: d9:79:6d:f9:a1:70:75:0f:e1:fb:27:9c:f0:43:cd: a0:84:36:6e:4d:d0:22:c4:4f:39:d7:40:3c:9c:68: a5:2c:87:86:65:20:09:16:a8:60:7f:62:21:c4:09: 78:21:3d:17:82:7d:d8:90:b0:4b:39:72:c8:9a:91: cd:30:53:84:8f:99:2b:49:1a:50:65:f9:c9:61:40: 41:f6:44:ec:57:6c:a8:98:e0:49:48:1a:0a:43:a5: a5:08:b4:37:14:a3:97:b9:cb:ad:47:ea:44:af:92: 4a:4d:e4:cf:b7:dc:90:14:50:a9:37:6f:4d:33:71: ab:d3:6a:13:9d:ce:84:31:b4:7c:03:98:92:4a:64: 70:ca:71:74:fd:10:85:a6:20:c2:89:a5:d1:8c:16: 5b:11:9c:2e:50:50:ef:0b:41:9f:7c:3c:b2:79:ad: b2:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6C:A1:51:F8:4C:44:4E:5F:64:73:F3:5C:CE:A4:32:D5:1C:4A:F6:BB X509v3 Authority Key Identifier: keyid:68:A8:E9:3D:3F:59:0F:44:50:D1:DB:3C:20:74:59:82:44:35:3E:93 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/bKFR-ExETl9kc_NczqQy1RxK9rs.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 2.56.226.0/23 IPv6: 2a09:d240:1::/48 Signature Algorithm: sha256WithRSAEncryption 8d:97:4c:06:5d:60:90:30:68:04:9b:25:a1:4b:3c:64:ef:fd: 74:82:c1:32:e0:18:24:7c:f2:fa:5e:00:58:bb:42:bd:8d:df: 67:0c:63:e8:5b:eb:2c:91:14:40:9b:4c:f9:c3:97:b5:a5:e0: a6:3f:e1:b2:b6:a6:7a:6f:35:3a:bc:bb:7c:0c:cd:33:32:c8: a7:98:c4:83:eb:a2:2b:3b:ed:8b:76:fe:56:81:2d:17:8f:ad: 30:39:5e:eb:ae:9a:2d:8a:a3:fc:60:a1:7b:dc:b4:3c:3b:58: cf:bc:5f:8c:76:5c:0a:83:ce:1b:a3:8f:91:c7:2d:3d:fa:22: 8d:c6:c4:f9:e4:fb:5e:18:80:a3:51:a5:83:da:db:a2:c6:41: 4c:7e:01:0b:ac:5c:71:c4:e8:b6:77:f7:ca:cf:b9:a1:28:ff: 54:18:f8:fd:61:97:8c:e5:1c:dc:6e:bd:04:3f:0c:7e:37:e0: 6b:fd:1c:5a:c0:43:90:cf:7b:87:83:43:9d:34:d1:ae:51:b6: b4:49:fe:9c:ab:f7:19:5f:72:0b:4a:cb:b1:92:db:b0:39:c3: f4:05:d7:06:84:3e:7e:68:3f:8d:e3:32:1b:e2:ac:b5:6b:1a: 9d:af:04:05:7e:32:df:43:4c:72:08:04:f1:87:d5:cf:1b:62: 0e:09:c3:66 -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgISAZt6Wt3p8AIj5JkLtKODwXclMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY4YThlOTNkM2Y1OTBmNDQ1MGQxZGIzYzIwNzQ1OTgyNDQz NTNlOTMwHhcNMjYwMTAxMTYxODUzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2Y2ExNTFmODRjNDQ0ZTVmNjQ3M2YzNWNjZWE0MzJkNTFjNGFmNmJiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1brO85/eeVDM1bmfPAVH7OkAe5+Y KDYDN2W9bbvDaZFX6bMgfg+T1oqbp5IROWayfRuZgWN2E3mxVJANuuONKzXMOxqo ul/TTz6ECn6v4oTnD5+FyLz6nPzZeW35oXB1D+H7J5zwQ82ghDZuTdAixE8510A8 nGilLIeGZSAJFqhgf2IhxAl4IT0Xgn3YkLBLOXLImpHNMFOEj5krSRpQZfnJYUBB 9kTsV2yomOBJSBoKQ6WlCLQ3FKOXucutR+pEr5JKTeTPt9yQFFCpN29NM3Gr02oT nc6EMbR8A5iSSmRwynF0/RCFpiDCiaXRjBZbEZwuUFDvC0GffDyyea2yWwIDAQAB o4ICGjCCAhYwHQYDVR0OBBYEFGyhUfhMRE5fZHPzXM6kMtUcSva7MB8GA1UdIwQY MBaAFGio6T0/WQ9EUNHbPCB0WYJENT6TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYUtqcFBUOVpEMFJRMGRzOElIUlpna1ExUHBNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9iYjNiMjktODFlNS00NWEyLTgxZWMt MjVkZDRjYmIzNjk4LzEvYktGUi1FeEVUbDlrY19OY3pxUXkxUnhLOXJzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yYS9iYjNiMjktODFlNS00NWEyLTgxZWMtMjVkZDRjYmIzNjk4 LzEvYUtqcFBUOVpEMFJRMGRzOElIUlpna1ExUHBNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBAjjiMA8E AgACMAkDBwAqCdJAAAEwDQYJKoZIhvcNAQELBQADggEBAI2XTAZdYJAwaASbJaFL PGTv/XSCwTLgGCR88vpeAFi7Qr2N32cMY+hb6yyRFECbTPnDl7Wl4KY/4bK2pnpv NTq8u3wMzTMyyKeYxIProis77Yt2/laBLRePrTA5Xuuumi2Ko/xgoXvctDw7WM+8 X4x2XAqDzhujj5HHLT36Io3GxPnk+14YgKNRpYPa26LGQUx+AQusXHHE6LZ398rP uaEo/1QY+P1hl4zlHNxuvQQ/DH434Gv9HFrAQ5DPe4eDQ5000a5RtrRJ/pyr9xlf cgtKy7GS27A5w/QF1waEPn5oP43jMhvirLVrGp2vBAV+Mt9DTHIIBPGH1c8bYg4J w2Y= -----END CERTIFICATE-----Generated at Sun Jan 25 18:05:55 2026 by rpki-client