This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/aedb03-b04c-4212-813b-ff25ba599031/1/bxUJOGzDbjV-xgkeVZsGg7PhFAM.roa File: bxUJOGzDbjV-xgkeVZsGg7PhFAM.roa (raw, json) Hash identifier: q45eE9k3WP1QL6ev2bsePVxIkJymW9aUUerqRFFx9WA= Subject key identifier: 6F:15:09:38:6C:C3:6E:35:7E:C6:09:1E:55:9B:06:83:B3:E1:14:03 Certificate issuer: /CN=550b7c0c8bae610f7e519c0485a4773bceb48dab Certificate serial: 019B7C7FEDD0ACDC3B4388599986A943C0B4 Authority key identifier: 55:0B:7C:0C:8B:AE:61:0F:7E:51:9C:04:85:A4:77:3B:CE:B4:8D:AB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VQt8DIuuYQ9-UZwEhaR3O860jas.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/aedb03-b04c-4212-813b-ff25ba599031/1/bxUJOGzDbjV-xgkeVZsGg7PhFAM.roa Signing time: Fri 02 Jan 2026 02:18:37 +0000 ROA not before: Fri 02 Jan 2026 02:18:37 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 42807 IP address blocks: 109.232.221.0/24 maxlen: 24 109.232.223.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/aedb03-b04c-4212-813b-ff25ba599031/1/VQt8DIuuYQ9-UZwEhaR3O860jas.crl rsync://rpki.ripe.net/repository/DEFAULT/6a/aedb03-b04c-4212-813b-ff25ba599031/1/VQt8DIuuYQ9-UZwEhaR3O860jas.mft rsync://rpki.ripe.net/repository/DEFAULT/VQt8DIuuYQ9-UZwEhaR3O860jas.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:7f:ed:d0:ac:dc:3b:43:88:59:99:86:a9:43:c0:b4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=550b7c0c8bae610f7e519c0485a4773bceb48dab Validity Not Before: Jan 2 02:18:37 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=6f1509386cc36e357ec6091e559b0683b3e11403 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:32:24:17:07:40:1b:b2:92:5d:2b:6f:2a:79: 5b:ad:07:73:4e:20:9e:01:26:23:cc:b4:05:aa:25: e5:8e:c4:f1:11:f9:ff:30:68:7f:17:78:b5:5c:c0: 10:43:ab:9d:92:c8:67:be:c5:e2:ef:3d:b3:84:5a: 47:9f:f3:6a:54:33:64:f4:aa:c3:2a:c4:41:64:05: 15:a3:78:fa:b5:35:a6:d8:1a:8d:4d:a1:32:8a:2b: 0e:2d:ca:1c:b6:e9:bc:a0:20:3c:df:5d:e3:5e:35: d8:31:ad:d1:be:e4:23:f6:13:4d:2b:3e:19:a9:b0: 54:d0:3f:b3:3a:fd:09:60:c8:8c:36:ac:90:52:ac: 1f:11:3c:37:40:2b:52:03:6e:d1:78:c2:64:ed:31: 94:b4:4f:47:59:0d:bd:ce:a6:59:38:3c:9e:fc:ee: 08:b3:b5:d8:ec:14:cb:d1:f0:9e:b5:5e:37:79:f8: ef:28:a0:20:54:cd:b0:6c:d3:2a:1f:cc:65:4c:94: 44:84:fa:53:6c:37:79:fd:1c:b9:cf:41:2a:3a:d0: 83:51:22:5a:13:c2:20:c6:62:f8:79:8e:c7:a4:3d: 97:5a:6b:2b:f3:8d:f7:68:88:55:f1:eb:93:88:e0: 40:dd:83:5e:35:97:8b:cb:7a:a6:c8:da:d0:bc:66: 91:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6F:15:09:38:6C:C3:6E:35:7E:C6:09:1E:55:9B:06:83:B3:E1:14:03 X509v3 Authority Key Identifier: keyid:55:0B:7C:0C:8B:AE:61:0F:7E:51:9C:04:85:A4:77:3B:CE:B4:8D:AB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VQt8DIuuYQ9-UZwEhaR3O860jas.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/aedb03-b04c-4212-813b-ff25ba599031/1/bxUJOGzDbjV-xgkeVZsGg7PhFAM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/aedb03-b04c-4212-813b-ff25ba599031/1/VQt8DIuuYQ9-UZwEhaR3O860jas.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 109.232.221.0/24 109.232.223.0/24 Signature Algorithm: sha256WithRSAEncryption 34:02:f4:2a:82:1e:ce:d9:ff:13:3e:74:cd:d5:0e:fc:b3:9b: 2d:26:fa:9b:84:a8:cb:37:61:39:49:b6:fb:51:3d:88:2e:39: 9c:ed:24:b6:52:81:f5:16:c2:27:84:49:69:70:eb:39:85:b0: 8e:5c:31:db:2b:6f:9e:d5:57:ff:8b:bc:81:71:26:2c:2b:28: ec:75:e2:10:ad:8b:3d:14:9d:0d:2f:1b:8f:92:6f:d9:32:1e: 9e:ea:48:73:2b:a3:c9:3e:26:2b:b4:9a:24:33:73:7d:6f:f4: 43:28:5b:c3:3d:c8:7a:c7:9e:04:19:98:58:2b:83:08:ff:a0: 90:3a:42:77:fb:1b:98:ff:be:24:a5:77:9d:83:6c:e4:f6:56: 0e:2e:2b:98:73:dc:f0:7f:e9:4a:ba:a1:04:44:17:36:e0:0e: fb:3d:78:60:df:f1:29:1c:49:53:66:3f:cf:68:ad:23:bd:67: 24:51:39:f2:d2:94:c3:6c:a9:86:1a:38:c8:02:9b:64:c6:fe: f8:f9:33:25:5b:d0:52:5c:bc:80:ae:9b:8d:c8:36:42:37:4b: b2:00:c4:1b:f4:d9:db:a6:4c:1a:4c:1c:a2:ce:64:c6:2b:5f: 7a:b0:a8:df:cd:c4:5b:06:17:94:76:89:83:c2:d0:a5:5a:5b: 2b:63:bb:5e -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt8f+3QrNw7Q4hZmYapQ8C0MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDU1MGI3YzBjOGJhZTYxMGY3ZTUxOWMwNDg1YTQ3NzNiY2Vi NDhkYWIwHhcNMjYwMTAyMDIxODM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2ZjE1MDkzODZjYzM2ZTM1N2VjNjA5MWU1NTliMDY4M2IzZTExNDAzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArDIkFwdAG7KSXStvKnlbrQdzTiCe ASYjzLQFqiXljsTxEfn/MGh/F3i1XMAQQ6udkshnvsXi7z2zhFpHn/NqVDNk9KrD KsRBZAUVo3j6tTWm2BqNTaEyiisOLcoctum8oCA8313jXjXYMa3RvuQj9hNNKz4Z qbBU0D+zOv0JYMiMNqyQUqwfETw3QCtSA27ReMJk7TGUtE9HWQ29zqZZODye/O4I s7XY7BTL0fCetV43efjvKKAgVM2wbNMqH8xlTJREhPpTbDd5/Ry5z0EqOtCDUSJa E8IgxmL4eY7HpD2XWmsr8433aIhV8euTiOBA3YNeNZeLy3qmyNrQvGaR2wIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFG8VCThsw241fsYJHlWbBoOz4RQDMB8GA1UdIwQY MBaAFFULfAyLrmEPflGcBIWkdzvOtI2rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVlF0OERJdXVZUTktVVp3RWhhUjNPODYwamFzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS9hZWRiMDMtYjA0Yy00MjEyLTgxM2It ZmYyNWJhNTk5MDMxLzEvYnhVSk9HekRialYteGdrZVZac0dnN1BoRkFNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82YS9hZWRiMDMtYjA0Yy00MjEyLTgxM2ItZmYyNWJhNTk5MDMx LzEvVlF0OERJdXVZUTktVVp3RWhhUjNPODYwamFzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAbejdAwQA bejfMA0GCSqGSIb3DQEBCwUAA4IBAQA0AvQqgh7O2f8TPnTN1Q78s5stJvqbhKjL N2E5Sbb7UT2ILjmc7SS2UoH1FsInhElpcOs5hbCOXDHbK2+e1Vf/i7yBcSYsKyjs deIQrYs9FJ0NLxuPkm/ZMh6e6khzK6PJPiYrtJokM3N9b/RDKFvDPch6x54EGZhY K4MI/6CQOkJ3+xuY/74kpXedg2zk9lYOLiuYc9zwf+lKuqEERBc24A77PXhg3/Ep HElTZj/PaK0jvWckUTny0pTDbKmGGjjIAptkxv74+TMlW9BSXLyArpuNyDZCN0uy AMQb9NnbpkwaTByizmTGK196sKjfzcRbBheUdomDwtClWlsrY7te -----END CERTIFICATE-----Generated at Mon Jan 26 08:20:40 2026 by rpki-client