This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/BFjkCv7-Lu5WX-NmAziouu5F39E.roa File: BFjkCv7-Lu5WX-NmAziouu5F39E.roa (raw, json) Hash identifier: uePuqcxnHmy9G0rbt0ob5EY7ycdmXX0W1NCcpc1ccOk= Subject key identifier: 04:58:E4:0A:FE:FE:2E:EE:56:5F:E3:66:03:38:A8:BA:EE:45:DF:D1 Certificate issuer: /CN=22373571c90249bf2aa948e78bed13e08528b87e Certificate serial: 019B7A5B834FA2D3937C30064A010EFFB91A Authority key identifier: 22:37:35:71:C9:02:49:BF:2A:A9:48:E7:8B:ED:13:E0:85:28:B8:7E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ijc1cckCSb8qqUjni-0T4IUouH4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/BFjkCv7-Lu5WX-NmAziouu5F39E.roa Signing time: Thu 01 Jan 2026 16:19:36 +0000 ROA not before: Thu 01 Jan 2026 16:19:36 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 198926 IP address blocks: 5.160.135.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/Ijc1cckCSb8qqUjni-0T4IUouH4.crl rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/Ijc1cckCSb8qqUjni-0T4IUouH4.mft rsync://rpki.ripe.net/repository/DEFAULT/Ijc1cckCSb8qqUjni-0T4IUouH4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5b:83:4f:a2:d3:93:7c:30:06:4a:01:0e:ff:b9:1a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=22373571c90249bf2aa948e78bed13e08528b87e Validity Not Before: Jan 1 16:19:36 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=0458e40afefe2eee565fe3660338a8baee45dfd1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:94:11:f2:ff:48:fb:07:e3:45:11:5a:14:34:48: 1a:90:71:e8:e7:9f:c9:e2:b9:a5:c0:8a:f2:a8:08: 7d:2e:b8:8e:3c:58:b6:3c:bc:ab:a1:6c:7e:86:8a: 5f:37:fc:9e:92:bf:3f:91:81:08:42:11:ca:89:19: df:1d:b4:5b:bb:8d:a2:06:2a:6a:eb:5d:b9:53:cc: 99:51:19:ee:38:fa:cb:15:dc:c0:1d:67:54:23:1c: 59:2b:bb:db:ed:2e:7f:a5:18:28:c3:53:49:ae:78: c8:a3:29:d7:9e:24:58:42:42:a1:51:4c:db:0e:0c: 86:e1:65:17:fd:7b:4a:0f:07:8b:ce:be:4b:a6:ec: e9:a3:a8:87:6a:f8:6a:e1:cb:e6:2c:8f:75:3f:7b: 98:09:44:02:cb:ce:e5:7f:ec:3e:13:1c:44:ab:5f: ff:f9:23:8e:f4:e4:da:14:9a:18:07:85:7f:c1:fa: 7a:0c:bd:2e:10:a7:01:5e:bd:99:e3:31:2e:f2:09: f3:2e:84:db:a8:d8:76:36:96:b7:c3:e6:fe:d8:dc: 74:14:2d:53:b4:82:97:8c:fd:d9:08:5e:e1:8c:72: 04:d2:3d:4d:5e:94:a0:1a:40:b9:3f:38:bd:3e:d3: eb:8f:23:fd:0d:83:83:87:68:d6:b5:6e:95:37:da: e7:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 04:58:E4:0A:FE:FE:2E:EE:56:5F:E3:66:03:38:A8:BA:EE:45:DF:D1 X509v3 Authority Key Identifier: keyid:22:37:35:71:C9:02:49:BF:2A:A9:48:E7:8B:ED:13:E0:85:28:B8:7E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ijc1cckCSb8qqUjni-0T4IUouH4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/BFjkCv7-Lu5WX-NmAziouu5F39E.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/Ijc1cckCSb8qqUjni-0T4IUouH4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.160.135.0/24 Signature Algorithm: sha256WithRSAEncryption 2d:70:f6:2f:64:b7:f3:17:ff:87:f4:e9:d3:96:a8:53:34:50: 1e:79:93:9d:dc:3a:12:6f:cf:d3:4c:a1:1b:ff:7c:bf:06:18: 7e:e2:e1:59:67:7b:25:78:f8:6f:f7:69:19:c3:ed:f4:76:7e: 83:71:f9:bb:19:8b:32:e7:d5:9c:84:19:bc:dc:29:22:11:0c: 32:a6:39:37:69:74:31:7f:84:7d:0b:d5:49:4c:ea:1f:90:1b: 9b:ff:d9:cb:94:de:f1:6f:f6:b6:ce:b9:cd:13:a8:10:7e:24: 48:7e:30:f8:12:7d:33:09:03:e9:7b:83:cf:da:f3:a3:b7:a4: f3:6b:c9:8a:fa:5c:fd:74:d3:a2:ff:49:ad:e4:1a:76:35:9d: 75:1a:82:93:2d:be:0e:e9:42:ba:9a:97:3e:e8:83:a0:fc:00: f4:ce:f2:ea:a5:0d:07:25:e6:20:9a:5b:1d:e8:ff:eb:6e:32: 16:75:1e:c6:a4:3b:93:95:b4:ed:38:49:a0:34:a0:df:79:53: 01:68:3d:b9:d3:65:a4:99:5a:84:af:bc:07:75:13:52:de:4f: 74:a9:ec:c9:2f:67:70:5b:0f:fe:de:97:d3:0d:85:fc:30:06: 30:19:44:be:84:c9:e1:18:60:2d:ed:10:ae:f6:56:fd:07:02: d7:16:d5:f7 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt6W4NPotOTfDAGSgEO/7kaMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIyMzczNTcxYzkwMjQ5YmYyYWE5NDhlNzhiZWQxM2UwODUy OGI4N2UwHhcNMjYwMTAxMTYxOTM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwNDU4ZTQwYWZlZmUyZWVlNTY1ZmUzNjYwMzM4YThiYWVlNDVkZmQxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlBHy/0j7B+NFEVoUNEgakHHo55/J 4rmlwIryqAh9LriOPFi2PLyroWx+hopfN/yekr8/kYEIQhHKiRnfHbRbu42iBipq 6125U8yZURnuOPrLFdzAHWdUIxxZK7vb7S5/pRgow1NJrnjIoynXniRYQkKhUUzb DgyG4WUX/XtKDweLzr5Lpuzpo6iHavhq4cvmLI91P3uYCUQCy87lf+w+ExxEq1// +SOO9OTaFJoYB4V/wfp6DL0uEKcBXr2Z4zEu8gnzLoTbqNh2Npa3w+b+2Nx0FC1T tIKXjP3ZCF7hjHIE0j1NXpSgGkC5Pzi9PtPrjyP9DYODh2jWtW6VN9rnGwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFARY5Ar+/i7uVl/jZgM4qLruRd/RMB8GA1UdIwQY MBaAFCI3NXHJAkm/KqlI54vtE+CFKLh+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSWpjMWNja0NTYjhxcVVqbmktMFQ0SVVvdUg0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS84NjZlNWUtODMxZS00Y2IxLWJkNTEt YjQ1NDBjNzRjOTRiLzEvQkZqa0N2Ny1MdTVXWC1ObUF6aW91dTVGMzlFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYS84NjZlNWUtODMxZS00Y2IxLWJkNTEtYjQ1NDBjNzRjOTRi LzEvSWpjMWNja0NTYjhxcVVqbmktMFQ0SVVvdUg0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABaCHMA0G CSqGSIb3DQEBCwUAA4IBAQAtcPYvZLfzF/+H9OnTlqhTNFAeeZOd3DoSb8/TTKEb /3y/Bhh+4uFZZ3slePhv92kZw+30dn6Dcfm7GYsy59WchBm83CkiEQwypjk3aXQx f4R9C9VJTOofkBub/9nLlN7xb/a2zrnNE6gQfiRIfjD4En0zCQPpe4PP2vOjt6Tz a8mK+lz9dNOi/0mt5Bp2NZ11GoKTLb4O6UK6mpc+6IOg/AD0zvLqpQ0HJeYgmlsd 6P/rbjIWdR7GpDuTlbTtOEmgNKDfeVMBaD2502WkmVqEr7wHdRNS3k90qezJL2dw Ww/+3pfTDYX8MAYwGUS+hMnhGGAt7RCu9lb9BwLXFtX3 -----END CERTIFICATE-----Generated at Sun Jan 25 20:48:46 2026 by rpki-client