This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/470cda-d0ec-4323-ae9b-994af5c34402/1/Be8LblN_WsFoFsGu_QkIYbsLZMI.roa File: Be8LblN_WsFoFsGu_QkIYbsLZMI.roa (raw, json) Hash identifier: 4P/iotN6FmCSgpC5Liy5/5RLiOPYgv+FOHKRLXysJwc= Subject key identifier: 05:EF:0B:6E:53:7F:5A:C1:68:16:C1:AE:FD:09:08:61:BB:0B:64:C2 Certificate issuer: /CN=b930da21518184145f6d7621b5a13bd54035ac83 Certificate serial: 019B7834D89AF6E2411E265EE62845EC21E3 Authority key identifier: B9:30:DA:21:51:81:84:14:5F:6D:76:21:B5:A1:3B:D5:40:35:AC:83 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uTDaIVGBhBRfbXYhtaE71UA1rIM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/470cda-d0ec-4323-ae9b-994af5c34402/1/Be8LblN_WsFoFsGu_QkIYbsLZMI.roa Signing time: Thu 01 Jan 2026 06:18:07 +0000 ROA not before: Thu 01 Jan 2026 06:18:07 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 29405 IP address blocks: 185.152.28.0/22 maxlen: 22 2a07:7d40::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/470cda-d0ec-4323-ae9b-994af5c34402/1/uTDaIVGBhBRfbXYhtaE71UA1rIM.crl rsync://rpki.ripe.net/repository/DEFAULT/34/470cda-d0ec-4323-ae9b-994af5c34402/1/uTDaIVGBhBRfbXYhtaE71UA1rIM.mft rsync://rpki.ripe.net/repository/DEFAULT/uTDaIVGBhBRfbXYhtaE71UA1rIM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 09:01:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:34:d8:9a:f6:e2:41:1e:26:5e:e6:28:45:ec:21:e3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b930da21518184145f6d7621b5a13bd54035ac83 Validity Not Before: Jan 1 06:18:07 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=05ef0b6e537f5ac16816c1aefd090861bb0b64c2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8e:fb:21:a6:9e:de:fc:a7:e5:de:9e:2f:7c:d2: fe:5b:78:cd:b9:2b:89:4f:d7:95:af:99:7b:5b:ce: b2:ea:de:2d:52:08:e5:27:c9:31:0f:ae:51:a3:e2: 0e:66:58:93:e2:b0:be:a1:79:cd:9e:10:63:1b:a4: 7b:65:3c:03:fd:3f:18:55:ce:fe:f3:6d:c8:83:35: 31:c9:54:66:e8:50:4e:c6:ce:34:ea:0e:98:f3:40: 43:0a:16:0b:b1:27:8d:e5:3f:8e:fa:be:c0:60:35: 7c:72:c3:58:2b:12:05:75:75:73:2c:5a:da:08:ee: 85:db:64:12:7a:58:e3:91:77:32:0f:9b:ed:c9:3c: cb:ea:88:68:8b:07:c7:3c:dd:99:f5:60:16:87:87: 55:70:94:32:1c:10:74:c3:37:d4:91:ca:23:33:14: d6:af:ad:ce:21:45:66:06:84:5c:fb:b7:ba:52:24: 9e:75:19:aa:f0:27:c3:15:b6:e5:27:6a:40:35:75: 29:60:c1:2b:45:85:0a:3b:35:bc:2a:f2:c2:a7:a1: dc:a7:9c:6d:88:3c:f5:d7:c3:45:ee:f4:ee:2e:d7: fc:ab:c7:61:a0:61:4f:cb:7c:5f:d2:b5:e8:3c:2e: 50:0b:23:f4:7b:3f:c2:bc:31:14:ad:f8:a8:3a:d6: 9e:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 05:EF:0B:6E:53:7F:5A:C1:68:16:C1:AE:FD:09:08:61:BB:0B:64:C2 X509v3 Authority Key Identifier: keyid:B9:30:DA:21:51:81:84:14:5F:6D:76:21:B5:A1:3B:D5:40:35:AC:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uTDaIVGBhBRfbXYhtaE71UA1rIM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/470cda-d0ec-4323-ae9b-994af5c34402/1/Be8LblN_WsFoFsGu_QkIYbsLZMI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/34/470cda-d0ec-4323-ae9b-994af5c34402/1/uTDaIVGBhBRfbXYhtaE71UA1rIM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.152.28.0/22 IPv6: 2a07:7d40::/32 Signature Algorithm: sha256WithRSAEncryption 25:89:1d:4c:51:75:98:2c:d2:41:81:be:c0:34:cb:fe:77:85: 4f:d9:2e:8e:f3:b5:51:a2:1c:7e:50:55:6b:e8:f0:2d:b4:6c: a9:46:b1:23:86:5a:61:8d:73:60:15:59:9b:25:71:5a:06:36: 2d:da:d9:56:94:f6:09:7d:77:17:7a:12:c9:cd:c2:c9:07:a5: 01:01:ff:a5:96:8f:6b:21:25:86:11:58:82:f6:78:ed:a0:9e: 32:da:c1:4b:65:21:aa:5d:f4:ce:47:20:a5:56:31:e1:fe:37: 4c:cd:be:29:3f:bb:d1:bc:c9:aa:0e:46:9a:ac:6a:7a:bb:3e: d4:65:4a:e1:e4:c7:db:32:4a:b2:77:9a:16:d3:d6:20:90:9d: 83:d2:ba:16:4a:61:c0:2a:e9:17:b5:f5:c9:63:d6:32:a6:56: 0f:fa:8f:15:86:79:2f:df:4b:70:a5:bc:2e:5c:bc:f5:57:c8: e9:3c:d4:f9:08:23:d5:72:24:58:ab:a2:36:f0:21:3e:02:86: 77:68:58:86:07:d5:2d:4e:32:4a:3a:8a:ae:b8:2a:ff:5b:95: a7:be:e2:24:a3:1e:85:63:7e:d2:50:14:1a:56:ff:36:ef:a9: 59:53:5a:4a:39:12:ce:6e:8d:53:9f:1c:7f:6a:26:7d:f1:18: 16:51:38:8e -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt4NNia9uJBHiZe5ihF7CHjMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI5MzBkYTIxNTE4MTg0MTQ1ZjZkNzYyMWI1YTEzYmQ1NDAz NWFjODMwHhcNMjYwMTAxMDYxODA3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwNWVmMGI2ZTUzN2Y1YWMxNjgxNmMxYWVmZDA5MDg2MWJiMGI2NGMyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjvshpp7e/Kfl3p4vfNL+W3jNuSuJ T9eVr5l7W86y6t4tUgjlJ8kxD65Ro+IOZliT4rC+oXnNnhBjG6R7ZTwD/T8YVc7+ 823IgzUxyVRm6FBOxs406g6Y80BDChYLsSeN5T+O+r7AYDV8csNYKxIFdXVzLFra CO6F22QSeljjkXcyD5vtyTzL6ohoiwfHPN2Z9WAWh4dVcJQyHBB0wzfUkcojMxTW r63OIUVmBoRc+7e6UiSedRmq8CfDFbblJ2pANXUpYMErRYUKOzW8KvLCp6Hcp5xt iDz118NF7vTuLtf8q8dhoGFPy3xf0rXoPC5QCyP0ez/CvDEUrfioOtaeCQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFAXvC25Tf1rBaBbBrv0JCGG7C2TCMB8GA1UdIwQY MBaAFLkw2iFRgYQUX212IbWhO9VANayDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdVREYUlWR0JoQlJmYlhZaHRhRTcxVUExcklNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC80NzBjZGEtZDBlYy00MzIzLWFlOWIt OTk0YWY1YzM0NDAyLzEvQmU4TGJsTl9Xc0ZvRnNHdV9Ra0lZYnNMWk1JLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNC80NzBjZGEtZDBlYy00MzIzLWFlOWItOTk0YWY1YzM0NDAy LzEvdVREYUlWR0JoQlJmYlhZaHRhRTcxVUExcklNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZgcMA0E AgACMAcDBQAqB31AMA0GCSqGSIb3DQEBCwUAA4IBAQAliR1MUXWYLNJBgb7ANMv+ d4VP2S6O87VRohx+UFVr6PAttGypRrEjhlphjXNgFVmbJXFaBjYt2tlWlPYJfXcX ehLJzcLJB6UBAf+llo9rISWGEViC9njtoJ4y2sFLZSGqXfTORyClVjHh/jdMzb4p P7vRvMmqDkaarGp6uz7UZUrh5MfbMkqyd5oW09YgkJ2D0roWSmHAKukXtfXJY9Yy plYP+o8Vhnkv30twpbwuXLz1V8jpPNT5CCPVciRYq6I28CE+AoZ3aFiGB9UtTjJK OoquuCr/W5WnvuIkox6FY37SUBQaVv8276lZU1pKORLObo1Tnxx/aiZ98RgWUTiO -----END CERTIFICATE-----Generated at Mon Jan 26 14:58:13 2026 by rpki-client