This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/238c56-c25e-4fd6-b916-5b318c3499fb/1/bHmwkKHYcuuFCn6rBcwSS1SIkOI.roa File: bHmwkKHYcuuFCn6rBcwSS1SIkOI.roa (raw, json) Hash identifier: JuddnmoR945Cb2W113D4wQWWPxgzuL0VIbc2wYWg78I= Subject key identifier: 6C:79:B0:90:A1:D8:72:EB:85:0A:7E:AB:05:CC:12:4B:54:88:90:E2 Certificate issuer: /CN=9447ad84b84baec47d5621e2f75623f3eaf13960 Certificate serial: 019B7910A2727CF6E13F5A255976A09560DA Authority key identifier: 94:47:AD:84:B8:4B:AE:C4:7D:56:21:E2:F7:56:23:F3:EA:F1:39:60 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lEethLhLrsR9ViHi91Yj8-rxOWA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/238c56-c25e-4fd6-b916-5b318c3499fb/1/bHmwkKHYcuuFCn6rBcwSS1SIkOI.roa Signing time: Thu 01 Jan 2026 10:18:11 +0000 ROA not before: Thu 01 Jan 2026 10:18:11 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 213518 IP address blocks: 79.170.96.0/22 maxlen: 24 2a14:d300::/29 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9a/238c56-c25e-4fd6-b916-5b318c3499fb/1/lEethLhLrsR9ViHi91Yj8-rxOWA.crl rsync://rpki.ripe.net/repository/DEFAULT/9a/238c56-c25e-4fd6-b916-5b318c3499fb/1/lEethLhLrsR9ViHi91Yj8-rxOWA.mft rsync://rpki.ripe.net/repository/DEFAULT/lEethLhLrsR9ViHi91Yj8-rxOWA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:10:a2:72:7c:f6:e1:3f:5a:25:59:76:a0:95:60:da Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9447ad84b84baec47d5621e2f75623f3eaf13960 Validity Not Before: Jan 1 10:18:11 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=6c79b090a1d872eb850a7eab05cc124b548890e2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:2c:39:d9:f9:fd:92:fb:7e:45:aa:0c:b3:89: 75:79:81:b0:be:02:6d:3d:2c:de:76:6a:29:f8:ef: d0:61:7e:0f:40:7a:5b:78:25:14:dd:28:9f:ee:e9: 98:d1:c1:17:f2:32:f6:7b:f5:b0:9f:26:78:c8:de: 07:9a:07:2d:79:48:b5:ea:16:2d:47:2a:e9:6f:31: df:da:b6:f8:ac:7e:b4:c8:e4:02:17:79:ea:aa:1c: 79:1f:f1:62:6d:45:f1:9a:76:74:02:22:64:b8:db: d6:55:80:5c:7d:8a:25:1f:24:90:88:55:39:94:c2: 47:ae:11:58:e0:db:bd:0b:6f:31:f3:b8:2a:20:b3: 44:b2:96:52:e5:14:5b:2b:cd:e9:72:68:d3:1f:c4: de:a6:16:ea:0c:b7:c3:4c:27:4e:43:51:48:96:6a: 26:fa:3f:ce:49:c9:c6:7a:b5:2a:c9:a3:c3:d4:51: 3b:38:cf:82:27:e2:ea:94:0e:da:0e:7d:73:c2:92: 22:19:68:14:e1:8a:f9:07:c7:c9:d5:c4:40:92:33: 6a:23:92:30:20:1e:ed:f7:bd:17:d8:fd:8e:47:1c: f2:35:f6:be:b8:13:c4:23:af:ea:6c:40:27:2e:00: 20:1b:5a:1e:e3:c6:72:e3:ee:19:e8:ee:e9:b2:a5: 1a:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6C:79:B0:90:A1:D8:72:EB:85:0A:7E:AB:05:CC:12:4B:54:88:90:E2 X509v3 Authority Key Identifier: keyid:94:47:AD:84:B8:4B:AE:C4:7D:56:21:E2:F7:56:23:F3:EA:F1:39:60 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lEethLhLrsR9ViHi91Yj8-rxOWA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/238c56-c25e-4fd6-b916-5b318c3499fb/1/bHmwkKHYcuuFCn6rBcwSS1SIkOI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/238c56-c25e-4fd6-b916-5b318c3499fb/1/lEethLhLrsR9ViHi91Yj8-rxOWA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 79.170.96.0/22 IPv6: 2a14:d300::/29 Signature Algorithm: sha256WithRSAEncryption 7a:f4:82:c4:78:bd:23:15:81:fa:ed:8a:1c:27:3b:03:c4:8d: 8f:46:dd:cc:ff:03:cc:21:68:b5:86:45:21:93:75:53:a1:4e: 9d:a7:7a:5e:3e:d7:14:59:fb:f9:a0:c5:8f:d0:cf:a5:fb:00: 66:e5:36:70:53:69:e0:c9:32:db:1d:14:99:1a:04:bd:40:66: 91:72:7e:92:56:b8:4c:96:f2:b1:05:fe:7d:f2:a6:37:59:9e: 83:2a:54:cf:4c:5f:3a:cb:04:d3:a2:70:f5:1a:ff:88:5f:9e: b0:17:2c:53:5c:0a:c7:c7:8a:4e:2a:31:2a:c9:de:bf:25:5f: 56:3c:4d:da:7d:18:dc:27:aa:89:9c:cd:e1:ba:c5:c9:3a:8b: 4e:e5:a1:d7:2c:79:37:bf:fd:9b:da:23:a5:77:8c:e5:93:f7: 10:df:c9:4d:77:fc:59:7d:f1:47:54:6d:e0:6e:33:e6:7b:98: a8:9b:fc:e1:12:53:a0:ae:60:e9:b4:d4:bc:23:12:5a:30:b2: 85:73:9a:af:97:d2:f8:7c:a5:f8:6f:f7:f7:c4:d4:40:5d:3d: 21:40:87:2c:ca:e4:66:59:de:50:49:86:35:2d:61:ec:0a:c9: 2a:2c:a8:38:24:1d:0a:39:05:92:34:d6:fe:ab:66:d6:c7:dc: aa:7a:94:f2 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt5EKJyfPbhP1olWXaglWDaMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk0NDdhZDg0Yjg0YmFlYzQ3ZDU2MjFlMmY3NTYyM2YzZWFm MTM5NjAwHhcNMjYwMTAxMTAxODExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2Yzc5YjA5MGExZDg3MmViODUwYTdlYWIwNWNjMTI0YjU0ODg5MGUyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmyw52fn9kvt+RaoMs4l1eYGwvgJt PSzedmop+O/QYX4PQHpbeCUU3Sif7umY0cEX8jL2e/WwnyZ4yN4HmgcteUi16hYt RyrpbzHf2rb4rH60yOQCF3nqqhx5H/FibUXxmnZ0AiJkuNvWVYBcfYolHySQiFU5 lMJHrhFY4Nu9C28x87gqILNEspZS5RRbK83pcmjTH8TephbqDLfDTCdOQ1FIlmom +j/OScnGerUqyaPD1FE7OM+CJ+LqlA7aDn1zwpIiGWgU4Yr5B8fJ1cRAkjNqI5Iw IB7t970X2P2ORxzyNfa+uBPEI6/qbEAnLgAgG1oe48Zy4+4Z6O7psqUa+wIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFGx5sJCh2HLrhQp+qwXMEktUiJDiMB8GA1UdIwQY MBaAFJRHrYS4S67EfVYh4vdWI/Pq8TlgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbEVldGhMaExyc1I5VmlIaTkxWWo4LXJ4T1dBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS8yMzhjNTYtYzI1ZS00ZmQ2LWI5MTYt NWIzMThjMzQ5OWZiLzEvYkhtd2tLSFljdXVGQ242ckJjd1NTMVNJa09JLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85YS8yMzhjNTYtYzI1ZS00ZmQ2LWI5MTYtNWIzMThjMzQ5OWZi LzEvbEVldGhMaExyc1I5VmlIaTkxWWo4LXJ4T1dBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCT6pgMA0E AgACMAcDBQMqFNMAMA0GCSqGSIb3DQEBCwUAA4IBAQB69ILEeL0jFYH67YocJzsD xI2PRt3M/wPMIWi1hkUhk3VToU6dp3pePtcUWfv5oMWP0M+l+wBm5TZwU2ngyTLb HRSZGgS9QGaRcn6SVrhMlvKxBf598qY3WZ6DKlTPTF86ywTTonD1Gv+IX56wFyxT XArHx4pOKjEqyd6/JV9WPE3afRjcJ6qJnM3husXJOotO5aHXLHk3v/2b2iOld4zl k/cQ38lNd/xZffFHVG3gbjPme5iom/zhElOgrmDptNS8IxJaMLKFc5qvl9L4fKX4 b/f3xNRAXT0hQIcsyuRmWd5QSYY1LWHsCskqLKg4JB0KOQWSNNb+q2bWx9yqepTy -----END CERTIFICATE-----Generated at Sun Jan 25 15:35:59 2026 by rpki-client