This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/bda5CG9PmZ-9TMlRVAjsXSdeAAM.roa File: bda5CG9PmZ-9TMlRVAjsXSdeAAM.roa (raw, json) Hash identifier: YpWj5nFI2OLyPKbJ8c4Vw2v4tJ2g6qNMC7hcoye89xQ= Subject key identifier: 6D:D6:B9:08:6F:4F:99:9F:BD:4C:C9:51:54:08:EC:5D:27:5E:00:03 Certificate issuer: /CN=307f5fe2740a2b6de4c3709d2964115b3c967da1 Certificate serial: 019B7F15C75DBD55075C19C9576DE15233CA Authority key identifier: 30:7F:5F:E2:74:0A:2B:6D:E4:C3:70:9D:29:64:11:5B:3C:96:7D:A1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/bda5CG9PmZ-9TMlRVAjsXSdeAAM.roa Signing time: Fri 02 Jan 2026 14:21:32 +0000 ROA not before: Fri 02 Jan 2026 14:21:32 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 211359 IP address blocks: 194.224.204.0/23 maxlen: 23 194.224.204.0/24 maxlen: 24 194.224.205.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/MH9f4nQKK23kw3CdKWQRWzyWfaE.crl rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/MH9f4nQKK23kw3CdKWQRWzyWfaE.mft rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:15:c7:5d:bd:55:07:5c:19:c9:57:6d:e1:52:33:ca Signature Algorithm: sha256WithRSAEncryption Issuer: CN=307f5fe2740a2b6de4c3709d2964115b3c967da1 Validity Not Before: Jan 2 14:21:32 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=6dd6b9086f4f999fbd4cc9515408ec5d275e0003 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:71:40:d4:fe:2f:3b:14:b8:e6:15:7e:1c:12: 75:8f:d8:69:4a:34:2b:7a:f1:8b:16:42:cc:0a:9d: 15:64:1c:ed:12:6e:89:bf:aa:d5:fe:6f:dd:5f:f9: 8d:ae:f9:23:cb:ee:15:52:01:62:ab:7b:b5:9a:02: 55:04:10:a2:e8:db:37:32:a5:df:49:7d:66:9b:29: b6:9a:d9:60:cc:8d:cd:b6:87:6f:50:65:4b:4a:d7: 99:ce:65:a3:81:25:b8:f7:cd:8f:a6:37:a9:af:6e: 1d:5d:9e:55:9b:44:8d:97:28:29:e5:28:1f:d3:4d: f0:56:7b:c2:7b:81:c0:ee:29:2a:3c:19:c2:ac:4e: c7:eb:8c:70:23:2e:b6:b5:68:b0:00:12:6d:f4:f2: c5:1d:82:d1:c7:26:81:b4:ed:57:e8:d1:21:9f:a6: c6:91:5b:d0:ea:7f:19:75:2d:80:15:ab:fd:22:8b: c4:5f:5f:1f:f1:ab:95:2f:7b:f5:98:2f:86:8c:f7: af:7a:26:a8:06:33:18:f2:40:e5:65:d0:07:37:57: 7b:76:9a:e3:d9:7d:13:38:78:71:23:2f:10:9a:0c: bf:06:ca:ac:54:9e:47:79:7c:6a:95:1e:b4:7f:f0: 68:e1:56:c8:64:6e:95:b9:91:cd:98:87:ab:f3:35: 12:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6D:D6:B9:08:6F:4F:99:9F:BD:4C:C9:51:54:08:EC:5D:27:5E:00:03 X509v3 Authority Key Identifier: keyid:30:7F:5F:E2:74:0A:2B:6D:E4:C3:70:9D:29:64:11:5B:3C:96:7D:A1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/bda5CG9PmZ-9TMlRVAjsXSdeAAM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/MH9f4nQKK23kw3CdKWQRWzyWfaE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 194.224.204.0/23 Signature Algorithm: sha256WithRSAEncryption c4:7f:9d:ef:8c:26:1e:e4:5d:cf:a0:7e:1f:e5:59:01:07:d5: 92:e0:23:0a:7c:d9:e5:05:ab:42:c9:ba:25:d5:d8:9f:9a:b1: 0d:63:0c:5b:87:60:af:56:56:da:37:3f:a4:b7:78:34:50:ff: 0d:82:a8:34:d3:f6:0e:b9:57:3c:95:bb:4d:8f:ae:5c:da:6e: 9d:ea:ee:fd:45:ea:fb:d1:40:16:13:b6:2f:7b:cf:42:06:f6: 09:c7:08:77:63:d8:91:4d:2c:ef:5c:97:89:9e:f7:ac:26:94: 8d:d5:ae:2c:64:6d:22:14:5a:ff:fc:c5:b9:69:d2:28:f3:30: e6:8b:ff:19:c8:6c:27:a1:c9:48:33:01:a4:18:10:ce:3b:ad: fd:80:1d:56:69:f4:de:d8:ca:1d:b5:23:25:4e:b2:34:08:27: 11:d0:56:c3:2f:4b:86:e7:d8:93:7c:4a:11:4e:0b:91:0e:a7: 64:1a:eb:00:84:04:5d:99:fb:74:5a:6c:72:4c:b7:7d:c2:22: c4:a9:a7:da:9f:aa:a6:04:42:b4:d1:e9:9f:14:a8:cc:3d:cf: 14:79:74:35:38:ba:32:06:5f:43:b5:9c:05:04:af:f3:cc:d1: 61:29:30:b7:dc:28:94:28:e0:4b:1f:68:dc:28:3a:2a:68:a9: a8:60:54:24 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt/FcddvVUHXBnJV23hUjPKMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDMwN2Y1ZmUyNzQwYTJiNmRlNGMzNzA5ZDI5NjQxMTViM2M5 NjdkYTEwHhcNMjYwMTAyMTQyMTMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2ZGQ2YjkwODZmNGY5OTlmYmQ0Y2M5NTE1NDA4ZWM1ZDI3NWUwMDAzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvHFA1P4vOxS45hV+HBJ1j9hpSjQr evGLFkLMCp0VZBztEm6Jv6rV/m/dX/mNrvkjy+4VUgFiq3u1mgJVBBCi6Ns3MqXf SX1mmym2mtlgzI3NtodvUGVLSteZzmWjgSW4982Ppjepr24dXZ5Vm0SNlygp5Sgf 003wVnvCe4HA7ikqPBnCrE7H64xwIy62tWiwABJt9PLFHYLRxyaBtO1X6NEhn6bG kVvQ6n8ZdS2AFav9IovEX18f8auVL3v1mC+GjPeveiaoBjMY8kDlZdAHN1d7dprj 2X0TOHhxIy8Qmgy/BsqsVJ5HeXxqlR60f/Bo4VbIZG6VuZHNmIer8zUSWwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFG3WuQhvT5mfvUzJUVQI7F0nXgADMB8GA1UdIwQY MBaAFDB/X+J0Citt5MNwnSlkEVs8ln2hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTUg5ZjRuUUtLMjNrdzNDZEtXUVJXenlXZmFFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9kY2ZkNDgtYzU0YS00Yzc4LWE0ZWQt NGJhMmY4ZjFmODNiLzEvYmRhNUNHOVBtWi05VE1sUlZBanNYU2RlQUFNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iNy9kY2ZkNDgtYzU0YS00Yzc4LWE0ZWQtNGJhMmY4ZjFmODNi LzEvTUg5ZjRuUUtLMjNrdzNDZEtXUVJXenlXZmFFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwuDMMA0G CSqGSIb3DQEBCwUAA4IBAQDEf53vjCYe5F3PoH4f5VkBB9WS4CMKfNnlBatCybol 1difmrENYwxbh2CvVlbaNz+kt3g0UP8Ngqg00/YOuVc8lbtNj65c2m6d6u79Rer7 0UAWE7Yve89CBvYJxwh3Y9iRTSzvXJeJnvesJpSN1a4sZG0iFFr//MW5adIo8zDm i/8ZyGwnoclIMwGkGBDOO639gB1WafTe2ModtSMlTrI0CCcR0FbDL0uG59iTfEoR TguRDqdkGusAhARdmft0WmxyTLd9wiLEqafan6qmBEK00emfFKjMPc8UeXQ1OLoy Bl9DtZwFBK/zzNFhKTC33CiUKOBLH2jcKDoqaKmoYFQk -----END CERTIFICATE-----Generated at Sun Jan 25 19:35:53 2026 by rpki-client