This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/bsu95ghiIBpd9cfADiMIa9Yxj6Q.roa File: bsu95ghiIBpd9cfADiMIa9Yxj6Q.roa (raw, json) Hash identifier: 16b5K9754SCIP/D165OSsKJafJ6ZtxK/WBHz3KMDFr0= Subject key identifier: 6E:CB:BD:E6:08:62:20:1A:5D:F5:C7:C0:0E:23:08:6B:D6:31:8F:A4 Certificate issuer: /CN=b45999899f76d2e2e4ccdfc817f9879cfac06bbe Certificate serial: 019B7AC7E6B92F6956F713D2C6BF2F4685ED Authority key identifier: B4:59:99:89:9F:76:D2:E2:E4:CC:DF:C8:17:F9:87:9C:FA:C0:6B:BE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tFmZiZ920uLkzN_IF_mHnPrAa74.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/bsu95ghiIBpd9cfADiMIa9Yxj6Q.roa Signing time: Thu 01 Jan 2026 18:17:59 +0000 ROA not before: Thu 01 Jan 2026 18:17:59 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 10753 IP address blocks: 83.143.168.0/24 maxlen: 24 83.143.169.0/24 maxlen: 24 83.143.170.0/24 maxlen: 24 83.143.172.0/24 maxlen: 24 83.143.173.0/24 maxlen: 24 128.0.40.0/24 maxlen: 24 212.86.96.0/24 maxlen: 24 212.86.106.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/tFmZiZ920uLkzN_IF_mHnPrAa74.crl rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/tFmZiZ920uLkzN_IF_mHnPrAa74.mft rsync://rpki.ripe.net/repository/DEFAULT/tFmZiZ920uLkzN_IF_mHnPrAa74.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 25 Jan 2026 23:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:c7:e6:b9:2f:69:56:f7:13:d2:c6:bf:2f:46:85:ed Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b45999899f76d2e2e4ccdfc817f9879cfac06bbe Validity Not Before: Jan 1 18:17:59 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=6ecbbde60862201a5df5c7c00e23086bd6318fa4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:8b:8b:68:68:20:7b:c5:14:2a:55:ab:13:66: b7:81:0c:02:a5:07:c7:da:12:50:66:96:5d:ea:64: 28:5b:8b:80:73:b5:00:35:13:aa:e4:2b:62:07:e2: 09:77:78:a5:fe:11:7c:b7:f0:24:48:d4:b1:2c:e2: 48:71:0f:d2:cc:8c:e1:92:d4:43:f4:c6:cf:75:e7: 9a:28:64:a5:67:4b:9d:69:20:0a:4f:17:34:09:de: a2:38:b1:d1:12:c4:1d:bb:9d:9f:e8:aa:dc:f6:8c: 67:ea:c6:47:01:1e:20:f8:6f:31:e4:37:5f:24:14: 5e:fd:d1:32:e6:a7:1d:7c:89:7f:9e:78:36:ea:66: c8:1b:f5:56:26:23:e4:14:cd:24:9d:fb:e0:2d:47: 0c:33:09:a3:1b:0c:5a:a1:26:46:22:aa:4f:f0:6e: c1:b4:b1:79:92:ef:a6:db:ca:43:15:35:af:30:6c: 34:ac:c4:e2:61:09:ee:30:47:4d:d4:01:38:8d:04: 1e:9a:37:35:9e:61:05:b8:66:de:35:92:65:02:e5: 43:5f:2a:88:1e:34:35:8e:25:b9:cc:ab:d5:88:fe: 74:0c:f8:80:b0:f0:0e:ec:72:ab:a4:5d:70:07:bf: 7c:20:41:d1:c9:63:3d:cd:ac:46:ac:c4:3a:c7:8c: 2c:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6E:CB:BD:E6:08:62:20:1A:5D:F5:C7:C0:0E:23:08:6B:D6:31:8F:A4 X509v3 Authority Key Identifier: keyid:B4:59:99:89:9F:76:D2:E2:E4:CC:DF:C8:17:F9:87:9C:FA:C0:6B:BE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tFmZiZ920uLkzN_IF_mHnPrAa74.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/bsu95ghiIBpd9cfADiMIa9Yxj6Q.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/tFmZiZ920uLkzN_IF_mHnPrAa74.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 83.143.168.0-83.143.170.255 83.143.172.0/23 128.0.40.0/24 212.86.96.0/24 212.86.106.0/24 Signature Algorithm: sha256WithRSAEncryption 84:14:43:5f:5f:77:2d:dd:fb:96:f9:e9:dd:8c:33:8c:2c:a0: 0a:9d:9a:68:84:ea:02:9a:be:e6:11:f3:2e:a2:9e:50:0f:cc: f5:1f:49:ea:4d:a5:b1:81:ed:0b:7e:24:a9:f2:2b:ea:b6:0d: 13:9d:0e:a5:50:5d:a4:85:8a:c6:c8:e1:94:19:44:de:76:2f: b7:46:ba:8e:b9:c8:d1:e6:6a:6c:47:df:46:62:5e:12:8f:fe: 63:a3:e1:4b:16:f1:fd:68:58:b9:44:18:93:c0:c8:db:63:fa: 37:50:14:e5:5f:63:91:de:80:07:b4:79:3f:df:da:a5:80:e7: db:29:0a:ad:2f:3c:34:cb:a4:a9:d5:af:74:14:6a:ce:fb:b9: e5:03:6b:d5:21:5e:33:bb:c5:1d:64:ab:c8:cd:7b:ca:45:ee: 6f:d1:94:76:c9:59:a5:0e:5a:05:ae:25:c3:43:a6:73:23:58: 7b:20:55:99:5b:55:55:ac:d1:16:6b:b7:cd:2f:12:dd:07:51: c0:bf:b8:0d:a5:0c:0c:77:88:37:19:69:4c:90:39:28:c3:1a: 0a:43:7e:0f:ad:e6:f5:d5:4c:10:34:a8:fe:0f:c9:9d:42:a5: 76:27:e5:f8:0f:9e:05:d4:d1:7a:53:e4:36:f1:e3:c1:57:b3: c4:d1:c9:0a -----BEGIN CERTIFICATE----- MIIFHTCCBAWgAwIBAgISAZt6x+a5L2lW9xPSxr8vRoXtMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI0NTk5OTg5OWY3NmQyZTJlNGNjZGZjODE3Zjk4NzljZmFj MDZiYmUwHhcNMjYwMTAxMTgxNzU5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2ZWNiYmRlNjA4NjIyMDFhNWRmNWM3YzAwZTIzMDg2YmQ2MzE4ZmE0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwouLaGgge8UUKlWrE2a3gQwCpQfH 2hJQZpZd6mQoW4uAc7UANROq5CtiB+IJd3il/hF8t/AkSNSxLOJIcQ/SzIzhktRD 9MbPdeeaKGSlZ0udaSAKTxc0Cd6iOLHREsQdu52f6Krc9oxn6sZHAR4g+G8x5Ddf JBRe/dEy5qcdfIl/nng26mbIG/VWJiPkFM0knfvgLUcMMwmjGwxaoSZGIqpP8G7B tLF5ku+m28pDFTWvMGw0rMTiYQnuMEdN1AE4jQQemjc1nmEFuGbeNZJlAuVDXyqI HjQ1jiW5zKvViP50DPiAsPAO7HKrpF1wB798IEHRyWM9zaxGrMQ6x4wsSwIDAQAB o4ICKTCCAiUwHQYDVR0OBBYEFG7LveYIYiAaXfXHwA4jCGvWMY+kMB8GA1UdIwQY MBaAFLRZmYmfdtLi5MzfyBf5h5z6wGu+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdEZtWmlaOTIwdUxrek5fSUZfbUhuUHJBYTc0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC9jYjdiMjEtMzM1Yy00MmNhLTg1OWUt NzM0MjhmOWM3YmZmLzEvYnN1OTVnaGlJQnBkOWNmQURpTUlhOVl4ajZRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80NC9jYjdiMjEtMzM1Yy00MmNhLTg1OWUtNzM0MjhmOWM3YmZm LzEvdEZtWmlaOTIwdUxrek5fSUZfbUhuUHJBYTc0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmMAwDBANTj6gD BABTj6oDBAFTj6wDBACAACgDBADUVmADBADUVmowDQYJKoZIhvcNAQELBQADggEB AIQUQ19fdy3d+5b56d2MM4wsoAqdmmiE6gKavuYR8y6inlAPzPUfSepNpbGB7Qt+ JKnyK+q2DROdDqVQXaSFisbI4ZQZRN52L7dGuo65yNHmamxH30ZiXhKP/mOj4UsW 8f1oWLlEGJPAyNtj+jdQFOVfY5HegAe0eT/f2qWA59spCq0vPDTLpKnVr3QUas77 ueUDa9UhXjO7xR1kq8jNe8pF7m/RlHbJWaUOWgWuJcNDpnMjWHsgVZlbVVWs0RZr t80vEt0HUcC/uA2lDAx3iDcZaUyQOSjDGgpDfg+t5vXVTBA0qP4PyZ1CpXYn5fgP ngXU0XpT5Dbx48FXs8TRyQo= -----END CERTIFICATE-----Generated at Sun Jan 25 10:13:35 2026 by rpki-client