This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/883fd6-c6b6-4ae1-a187-f3069ee590da/1/BGiOfHIh1USi3O-vevTnVMV6twc.roa File: BGiOfHIh1USi3O-vevTnVMV6twc.roa (raw, json) Hash identifier: e3XRUVIPt+aaNq4KOAzHveHdtShJiG4OdEdg1jzFmVc= Subject key identifier: 04:68:8E:7C:72:21:D5:44:A2:DC:EF:AF:7A:F4:E7:54:C5:7A:B7:07 Certificate issuer: /CN=70b4da0f1013acdb61c2f7a26d14c4f0de8222ec Certificate serial: 019B79ED4330F4C89D3EBC04185BA3A5B7B2 Authority key identifier: 70:B4:DA:0F:10:13:AC:DB:61:C2:F7:A2:6D:14:C4:F0:DE:82:22:EC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cLTaDxATrNthwveibRTE8N6CIuw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/883fd6-c6b6-4ae1-a187-f3069ee590da/1/BGiOfHIh1USi3O-vevTnVMV6twc.roa Signing time: Thu 01 Jan 2026 14:19:10 +0000 ROA not before: Thu 01 Jan 2026 14:19:10 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 559 IP address blocks: 129.194.0.0/15 maxlen: 16 192.33.212.0/22 maxlen: 22 192.33.216.0/22 maxlen: 22 192.33.220.0/24 maxlen: 24 192.33.222.0/23 maxlen: 23 192.33.224.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/94/883fd6-c6b6-4ae1-a187-f3069ee590da/1/cLTaDxATrNthwveibRTE8N6CIuw.crl rsync://rpki.ripe.net/repository/DEFAULT/94/883fd6-c6b6-4ae1-a187-f3069ee590da/1/cLTaDxATrNthwveibRTE8N6CIuw.mft rsync://rpki.ripe.net/repository/DEFAULT/cLTaDxATrNthwveibRTE8N6CIuw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:ed:43:30:f4:c8:9d:3e:bc:04:18:5b:a3:a5:b7:b2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=70b4da0f1013acdb61c2f7a26d14c4f0de8222ec Validity Not Before: Jan 1 14:19:10 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=04688e7c7221d544a2dcefaf7af4e754c57ab707 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:be:6f:3d:db:4a:96:91:5b:f4:84:25:a3:9b: e3:21:31:94:ff:58:dc:77:a6:a5:9f:43:f8:f7:b5: e0:dc:a7:e6:34:ea:3f:8f:11:52:4c:2b:81:5b:7d: 56:b6:d4:12:ae:93:8c:9f:20:62:d4:e6:5c:ce:82: be:09:03:44:3d:24:88:9c:24:11:7d:90:0d:37:e6: 38:e8:11:b4:2b:5c:54:f2:c7:33:ca:89:17:be:97: 3c:ee:28:00:ce:75:ec:86:0f:bd:ca:c0:a5:74:a0: 26:5a:ce:8e:8f:30:35:39:c8:33:32:d3:21:42:68: 0b:a2:95:d6:ff:b7:ba:1a:7f:8c:79:02:8e:e6:fc: e5:12:c2:8f:2b:3e:a5:9c:7d:49:ff:5e:6a:74:2e: b4:11:92:b9:87:d5:db:69:df:f9:b6:1f:4e:bf:df: a7:4f:ae:3d:ef:49:fa:cb:03:11:76:fc:f3:92:bd: b3:ee:c5:1b:b7:d9:ae:a9:aa:cd:7d:59:11:51:7f: ab:69:09:d8:27:30:80:5c:d5:dd:cd:c5:50:8f:79: c1:f0:70:2e:0f:66:9c:3c:08:1d:69:a3:aa:ed:18: 13:9c:f6:4b:46:99:41:a9:46:96:9c:bf:06:a7:85: 56:b4:96:2b:c1:4c:72:19:69:97:11:ae:49:34:d9: 54:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 04:68:8E:7C:72:21:D5:44:A2:DC:EF:AF:7A:F4:E7:54:C5:7A:B7:07 X509v3 Authority Key Identifier: keyid:70:B4:DA:0F:10:13:AC:DB:61:C2:F7:A2:6D:14:C4:F0:DE:82:22:EC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cLTaDxATrNthwveibRTE8N6CIuw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/883fd6-c6b6-4ae1-a187-f3069ee590da/1/BGiOfHIh1USi3O-vevTnVMV6twc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/94/883fd6-c6b6-4ae1-a187-f3069ee590da/1/cLTaDxATrNthwveibRTE8N6CIuw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 129.194.0.0/15 192.33.212.0-192.33.220.255 192.33.222.0-192.33.231.255 Signature Algorithm: sha256WithRSAEncryption 37:d7:3f:fb:ae:c9:a3:4e:b8:9e:80:16:4e:a5:1e:72:e6:58: a8:1e:d7:7a:4f:f0:48:ec:d6:0f:12:78:49:e4:70:31:e7:16: 12:ff:55:fb:50:7f:11:89:85:0b:cc:a5:2d:48:69:77:3d:f0: 65:38:d1:89:e9:3e:1e:23:31:64:e6:37:8b:93:0b:51:43:26: 29:81:26:29:e5:32:0b:62:66:26:c3:76:21:68:f5:3f:b0:a9: e1:32:9c:6e:db:88:8b:d1:52:66:83:49:5c:81:db:05:98:a5: 55:66:b1:e2:81:f8:e0:6e:db:8f:fc:6d:5b:fe:77:e9:c8:d6: 8a:a3:b2:c3:18:b8:dc:32:3a:15:df:38:db:9b:58:b7:8f:c8: 2d:31:9f:fb:1c:ba:fb:b4:46:ce:3d:4d:2c:02:e7:b2:19:da: 59:49:dd:ab:01:00:2a:2f:1c:a9:6b:a5:75:1a:53:29:d6:7e: 07:46:4d:45:2e:06:d8:f4:88:16:94:20:fd:c0:a5:20:66:78: 59:a2:59:92:12:57:ce:90:d3:33:88:3b:72:06:ba:af:38:2b: 77:47:96:a5:9a:18:0e:4d:a8:d7:c1:33:2d:b2:0a:a1:21:2e: 67:b4:5a:20:2c:96:cf:b7:b1:61:fe:08:5e:26:04:9e:09:29: 58:3e:ec:21 -----BEGIN CERTIFICATE----- MIIFGDCCBACgAwIBAgISAZt57UMw9MidPrwEGFujpbeyMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDcwYjRkYTBmMTAxM2FjZGI2MWMyZjdhMjZkMTRjNGYwZGU4 MjIyZWMwHhcNMjYwMTAxMTQxOTEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwNDY4OGU3YzcyMjFkNTQ0YTJkY2VmYWY3YWY0ZTc1NGM1N2FiNzA3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApr5vPdtKlpFb9IQlo5vjITGU/1jc d6aln0P497Xg3KfmNOo/jxFSTCuBW31WttQSrpOMnyBi1OZczoK+CQNEPSSInCQR fZANN+Y46BG0K1xU8sczyokXvpc87igAznXshg+9ysCldKAmWs6OjzA1OcgzMtMh QmgLopXW/7e6Gn+MeQKO5vzlEsKPKz6lnH1J/15qdC60EZK5h9Xbad/5th9Ov9+n T64970n6ywMRdvzzkr2z7sUbt9muqarNfVkRUX+raQnYJzCAXNXdzcVQj3nB8HAu D2acPAgdaaOq7RgTnPZLRplBqUaWnL8Gp4VWtJYrwUxyGWmXEa5JNNlU+wIDAQAB o4ICJDCCAiAwHQYDVR0OBBYEFARojnxyIdVEotzvr3r051TFercHMB8GA1UdIwQY MBaAFHC02g8QE6zbYcL3om0UxPDegiLsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvY0xUYUR4QVRyTnRod3ZlaWJSVEU4TjZDSXV3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC84ODNmZDYtYzZiNi00YWUxLWExODct ZjMwNjllZTU5MGRhLzEvQkdpT2ZISWgxVVNpM08tdmV2VG5WTVY2dHdjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85NC84ODNmZDYtYzZiNi00YWUxLWExODctZjMwNjllZTU5MGRh LzEvY0xUYUR4QVRyTnRod3ZlaWJSVEU4TjZDSXV3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAnBAIAATAhAwMBgcIwDAME AsAh1AMEAMAh3DAMAwQBwCHeAwQDwCHgMA0GCSqGSIb3DQEBCwUAA4IBAQA31z/7 rsmjTriegBZOpR5y5lioHtd6T/BI7NYPEnhJ5HAx5xYS/1X7UH8RiYULzKUtSGl3 PfBlONGJ6T4eIzFk5jeLkwtRQyYpgSYp5TILYmYmw3YhaPU/sKnhMpxu24iL0VJm g0lcgdsFmKVVZrHigfjgbtuP/G1b/nfpyNaKo7LDGLjcMjoV3zjbm1i3j8gtMZ/7 HLr7tEbOPU0sAueyGdpZSd2rAQAqLxypa6V1GlMp1n4HRk1FLgbY9IgWlCD9wKUg ZnhZolmSElfOkNMziDtyBrqvOCt3R5almhgOTajXwTMtsgqhIS5ntFogLJbPt7Fh /gheJgSeCSlYPuwh -----END CERTIFICATE-----Generated at Sun Jan 25 21:06:38 2026 by rpki-client