This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/f4004b-d602-475d-931b-7e05ad0190ce/1/bKeksz2w4uplaCPFhGd2ZRXJ3L4.roa File: bKeksz2w4uplaCPFhGd2ZRXJ3L4.roa (raw, json) Hash identifier: V3eyRTLr62Od4hxpOj09Jq4Nekd36hyzHMFde1nQKHM= Subject key identifier: 6C:A7:A4:B3:3D:B0:E2:EA:65:68:23:C5:84:67:76:65:15:C9:DC:BE Certificate issuer: /CN=af5e93f902354ce4804b4cb049cf68b20f76aeb2 Certificate serial: 019B7C804B865F18BA65240E1AFDEBCB12A9 Authority key identifier: AF:5E:93:F9:02:35:4C:E4:80:4B:4C:B0:49:CF:68:B2:0F:76:AE:B2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r16T-QI1TOSAS0ywSc9osg92rrI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/f4004b-d602-475d-931b-7e05ad0190ce/1/bKeksz2w4uplaCPFhGd2ZRXJ3L4.roa Signing time: Fri 02 Jan 2026 02:19:01 +0000 ROA not before: Fri 02 Jan 2026 02:19:01 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 5413 IP address blocks: 91.231.188.0/24 maxlen: 24 91.231.191.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/f4004b-d602-475d-931b-7e05ad0190ce/1/r16T-QI1TOSAS0ywSc9osg92rrI.crl rsync://rpki.ripe.net/repository/DEFAULT/42/f4004b-d602-475d-931b-7e05ad0190ce/1/r16T-QI1TOSAS0ywSc9osg92rrI.mft rsync://rpki.ripe.net/repository/DEFAULT/r16T-QI1TOSAS0ywSc9osg92rrI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 08:01:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:80:4b:86:5f:18:ba:65:24:0e:1a:fd:eb:cb:12:a9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=af5e93f902354ce4804b4cb049cf68b20f76aeb2 Validity Not Before: Jan 2 02:19:01 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=6ca7a4b33db0e2ea656823c58467766515c9dcbe Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:cb:a6:ff:89:d9:21:ac:77:51:d9:4f:1a:46: a6:95:bc:80:3e:5c:68:7c:df:d9:45:67:10:2d:b9: bd:0e:ad:c7:53:17:78:b9:98:f1:36:97:d7:8b:76: 8b:b1:c1:d3:e3:ef:86:16:9e:ad:4b:d8:4c:ff:22: 29:14:ed:c0:3f:fe:d9:a9:5f:e6:21:d3:81:f3:79: 15:30:79:aa:be:d4:f4:17:32:cb:ec:f1:64:1d:d4: a5:6f:28:08:de:0d:0f:d8:79:b1:c7:a9:88:d3:b6: 85:f8:3c:80:32:42:0c:b0:d4:48:1c:98:c2:bf:0b: d7:9d:f4:0e:22:2f:d6:04:30:52:e9:6d:6f:e3:b4: 33:c4:61:71:f4:5c:75:71:39:b8:22:34:51:c3:76: 1a:d1:22:91:b1:ab:17:1d:9e:38:12:c8:6d:ad:b3: 5a:cb:2b:2f:20:aa:22:9e:a1:d2:26:45:b0:aa:5f: 27:aa:5e:83:19:a5:fb:ac:88:23:77:48:56:b1:4a: 75:1b:87:56:b2:93:d4:e5:ff:1e:9a:76:e7:ed:a1: 99:62:03:99:86:95:db:e9:3e:c1:f9:42:0a:15:ba: 1d:05:0d:31:2d:67:02:eb:89:1e:d7:ba:bd:32:8b: 11:90:0a:ee:a2:20:fe:4e:5e:69:e1:f7:3d:a1:6d: a2:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6C:A7:A4:B3:3D:B0:E2:EA:65:68:23:C5:84:67:76:65:15:C9:DC:BE X509v3 Authority Key Identifier: keyid:AF:5E:93:F9:02:35:4C:E4:80:4B:4C:B0:49:CF:68:B2:0F:76:AE:B2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r16T-QI1TOSAS0ywSc9osg92rrI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/f4004b-d602-475d-931b-7e05ad0190ce/1/bKeksz2w4uplaCPFhGd2ZRXJ3L4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/42/f4004b-d602-475d-931b-7e05ad0190ce/1/r16T-QI1TOSAS0ywSc9osg92rrI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.231.188.0/24 91.231.191.0/24 Signature Algorithm: sha256WithRSAEncryption 30:1d:f0:ae:fd:12:9e:0b:27:c2:aa:75:1f:c5:b3:ca:0e:e3: 59:7f:4a:34:94:87:73:2d:c7:cf:18:23:15:83:66:cb:64:ad: 5f:60:5a:21:a6:fc:d6:3e:ca:83:66:97:eb:8a:53:76:9b:16: ee:02:f6:0c:ea:74:30:e8:b8:9f:e6:45:7c:a3:a1:07:54:1d: 88:aa:2a:68:2f:28:62:8c:1a:65:9d:f5:de:65:d5:40:e3:cb: fe:80:4a:f9:e9:c7:66:d9:53:c7:18:bb:25:62:5a:91:81:3e: a7:3a:ee:9c:fe:6b:bf:52:32:f4:ef:f6:ca:5d:ab:8d:8d:dc: 5c:f3:39:bb:b2:5e:c0:16:42:75:c0:bb:fa:54:1c:b2:38:92: 1a:93:3e:01:32:7b:cc:8b:62:f6:66:ba:52:5c:74:ec:38:3b: 19:c9:dd:0d:16:fa:e1:0f:7b:b0:cb:c3:88:01:57:e3:27:7f: 2f:27:17:63:bd:ef:51:e8:22:54:67:f8:c5:79:87:fc:a9:e5: 3f:bf:83:47:f0:99:fd:59:e4:d0:15:95:6a:cc:1d:02:3d:c7: 5a:9d:1f:32:77:7a:02:a7:91:d0:f7:92:a4:53:1a:bd:97:2b: 7a:69:44:eb:83:4f:44:8c:43:42:76:ca:2b:c7:a9:23:fb:75: f5:a3:0e:0f -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt8gEuGXxi6ZSQOGv3ryxKpMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFmNWU5M2Y5MDIzNTRjZTQ4MDRiNGNiMDQ5Y2Y2OGIyMGY3 NmFlYjIwHhcNMjYwMTAyMDIxOTAxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2Y2E3YTRiMzNkYjBlMmVhNjU2ODIzYzU4NDY3NzY2NTE1YzlkY2JlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp8um/4nZIax3UdlPGkamlbyAPlxo fN/ZRWcQLbm9Dq3HUxd4uZjxNpfXi3aLscHT4++GFp6tS9hM/yIpFO3AP/7ZqV/m IdOB83kVMHmqvtT0FzLL7PFkHdSlbygI3g0P2Hmxx6mI07aF+DyAMkIMsNRIHJjC vwvXnfQOIi/WBDBS6W1v47QzxGFx9Fx1cTm4IjRRw3Ya0SKRsasXHZ44EshtrbNa yysvIKoinqHSJkWwql8nql6DGaX7rIgjd0hWsUp1G4dWspPU5f8emnbn7aGZYgOZ hpXb6T7B+UIKFbodBQ0xLWcC64ke17q9MosRkAruoiD+Tl5p4fc9oW2ioQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFGynpLM9sOLqZWgjxYRndmUVydy+MB8GA1UdIwQY MBaAFK9ek/kCNUzkgEtMsEnPaLIPdq6yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcjE2VC1RSTFUT1NBUzB5d1NjOW9zZzkycnJJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9mNDAwNGItZDYwMi00NzVkLTkzMWIt N2UwNWFkMDE5MGNlLzEvYktla3N6Mnc0dXBsYUNQRmhHZDJaUlhKM0w0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Mi9mNDAwNGItZDYwMi00NzVkLTkzMWItN2UwNWFkMDE5MGNl LzEvcjE2VC1RSTFUT1NBUzB5d1NjOW9zZzkycnJJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW+e8AwQA W+e/MA0GCSqGSIb3DQEBCwUAA4IBAQAwHfCu/RKeCyfCqnUfxbPKDuNZf0o0lIdz LcfPGCMVg2bLZK1fYFohpvzWPsqDZpfrilN2mxbuAvYM6nQw6Lif5kV8o6EHVB2I qipoLyhijBplnfXeZdVA48v+gEr56cdm2VPHGLslYlqRgT6nOu6c/mu/UjL07/bK XauNjdxc8zm7sl7AFkJ1wLv6VByyOJIakz4BMnvMi2L2ZrpSXHTsODsZyd0NFvrh D3uwy8OIAVfjJ38vJxdjve9R6CJUZ/jFeYf8qeU/v4NH8Jn9WeTQFZVqzB0CPcda nR8yd3oCp5HQ95KkUxq9lyt6aUTrg09EjENCdsorx6kj+3X1ow4P -----END CERTIFICATE-----Generated at Sun Jan 25 19:18:22 2026 by rpki-client