This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/09d72e-8267-4393-8363-89f1815d4c19/1/bbNTfIJmhGsZ2V8DBjEahyC2lWE.roa File: bbNTfIJmhGsZ2V8DBjEahyC2lWE.roa (raw, json) Hash identifier: /Eg3PukaE2y9AWWE2+6unARGBgb5uWfL7NaM72cQJhU= Subject key identifier: 6D:B3:53:7C:82:66:84:6B:19:D9:5F:03:06:31:1A:87:20:B6:95:61 Certificate issuer: /CN=d5af20c026de104d96f17acbaf4e787ef9d30206 Certificate serial: 019B7B364F350296468FCAC130307B79E1F3 Authority key identifier: D5:AF:20:C0:26:DE:10:4D:96:F1:7A:CB:AF:4E:78:7E:F9:D3:02:06 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1a8gwCbeEE2W8XrLr054fvnTAgY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/09d72e-8267-4393-8363-89f1815d4c19/1/bbNTfIJmhGsZ2V8DBjEahyC2lWE.roa Signing time: Thu 01 Jan 2026 20:18:35 +0000 ROA not before: Thu 01 Jan 2026 20:18:35 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 29119 IP address blocks: 185.154.160.0/24 maxlen: 24 185.154.161.0/24 maxlen: 24 185.154.162.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bb/09d72e-8267-4393-8363-89f1815d4c19/1/1a8gwCbeEE2W8XrLr054fvnTAgY.crl rsync://rpki.ripe.net/repository/DEFAULT/bb/09d72e-8267-4393-8363-89f1815d4c19/1/1a8gwCbeEE2W8XrLr054fvnTAgY.mft rsync://rpki.ripe.net/repository/DEFAULT/1a8gwCbeEE2W8XrLr054fvnTAgY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:36:4f:35:02:96:46:8f:ca:c1:30:30:7b:79:e1:f3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d5af20c026de104d96f17acbaf4e787ef9d30206 Validity Not Before: Jan 1 20:18:35 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=6db3537c8266846b19d95f0306311a8720b69561 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:38:83:d0:f7:dd:b4:ca:4d:26:21:e4:57:20: bb:9e:6b:48:a0:d6:2f:eb:d3:14:9d:97:5e:08:0f: 2b:fd:68:05:62:35:45:d3:bf:15:a9:07:46:4d:b6: 2c:b0:ec:86:b0:ae:38:f8:a1:17:00:f1:8b:3b:3c: a0:a5:4b:ed:e5:ca:5b:c6:d5:3c:b7:38:0d:8c:c8: 4b:de:b7:25:b5:14:14:9a:33:58:73:d1:43:9c:c2: f4:90:cf:e1:6f:94:97:33:52:8f:d8:86:56:9d:b8: 53:22:47:03:18:12:90:2f:90:4c:11:e1:50:05:53: c7:93:f6:b9:1e:b3:84:06:75:1f:2f:14:f1:9a:73: f2:84:9a:0d:e2:2b:10:a6:27:7e:0c:67:b7:03:47: d5:55:48:e6:43:57:8b:42:8b:93:e9:89:51:8e:47: f2:33:86:aa:91:17:42:4e:56:c4:22:0a:a4:3d:55: 2b:73:9e:69:47:89:4e:5e:c8:5e:40:6f:60:9b:64: 53:1a:5f:c2:60:49:b7:96:38:45:64:e4:67:eb:d2: ff:54:98:5d:0a:63:d1:f7:42:82:69:59:04:b7:a1: d1:23:4b:be:55:3a:47:91:3d:71:48:1c:74:a8:c5: a5:3a:0a:12:86:9c:cf:fe:fb:f1:b5:85:f2:5b:29: 49:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6D:B3:53:7C:82:66:84:6B:19:D9:5F:03:06:31:1A:87:20:B6:95:61 X509v3 Authority Key Identifier: keyid:D5:AF:20:C0:26:DE:10:4D:96:F1:7A:CB:AF:4E:78:7E:F9:D3:02:06 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a8gwCbeEE2W8XrLr054fvnTAgY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/09d72e-8267-4393-8363-89f1815d4c19/1/bbNTfIJmhGsZ2V8DBjEahyC2lWE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/09d72e-8267-4393-8363-89f1815d4c19/1/1a8gwCbeEE2W8XrLr054fvnTAgY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.154.160.0-185.154.162.255 Signature Algorithm: sha256WithRSAEncryption e1:b7:b0:60:2f:cf:20:07:1a:7f:a6:8d:41:26:15:f1:29:b0: c7:e5:3d:21:5c:a4:6e:a8:af:62:db:b4:46:62:ac:85:eb:91: fb:8e:40:74:84:d0:13:a9:db:17:93:f0:dd:fb:75:53:b4:e6: 34:a3:c4:7d:55:5f:fc:5b:08:b9:f8:b1:6d:ab:85:44:37:1f: 9d:7a:be:d5:37:03:ad:e2:c0:ae:25:1d:74:3c:c2:b6:b6:06: a5:6f:ca:c4:0b:24:0a:e0:0f:d0:d8:f8:21:92:a7:95:f7:23: d5:61:30:8d:16:9a:66:bb:17:d7:71:db:0f:e5:b7:f4:84:e6: 00:e1:dd:5f:11:7d:71:7f:c4:11:ac:52:48:de:2d:93:a0:ea: e3:2e:f7:4e:d0:52:a9:38:ed:0b:a9:46:95:db:aa:28:3d:83: 84:ea:a0:d0:40:55:51:04:17:ad:b7:4c:d1:2b:dc:76:e9:08: 9c:d2:20:c9:a7:1f:83:91:9e:9e:74:e6:3b:ff:80:10:7b:b8: 0c:a4:18:9c:cb:9f:6d:ae:db:2d:19:fa:e6:85:45:74:07:ef: f0:8f:9e:5f:33:85:97:a8:9a:6c:8c:b1:fe:e8:92:ec:26:cf: 49:4d:8d:3f:39:47:68:89:8e:8c:c8:b7:d8:bc:21:bb:b1:17: 0c:61:bf:16 -----BEGIN CERTIFICATE----- MIIFBTCCA+2gAwIBAgISAZt7Nk81ApZGj8rBMDB7eeHzMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ1YWYyMGMwMjZkZTEwNGQ5NmYxN2FjYmFmNGU3ODdlZjlk MzAyMDYwHhcNMjYwMTAxMjAxODM1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2ZGIzNTM3YzgyNjY4NDZiMTlkOTVmMDMwNjMxMWE4NzIwYjY5NTYxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoziD0PfdtMpNJiHkVyC7nmtIoNYv 69MUnZdeCA8r/WgFYjVF078VqQdGTbYssOyGsK44+KEXAPGLOzygpUvt5cpbxtU8 tzgNjMhL3rcltRQUmjNYc9FDnML0kM/hb5SXM1KP2IZWnbhTIkcDGBKQL5BMEeFQ BVPHk/a5HrOEBnUfLxTxmnPyhJoN4isQpid+DGe3A0fVVUjmQ1eLQouT6YlRjkfy M4aqkRdCTlbEIgqkPVUrc55pR4lOXsheQG9gm2RTGl/CYEm3ljhFZORn69L/VJhd CmPR90KCaVkEt6HRI0u+VTpHkT1xSBx0qMWlOgoShpzP/vvxtYXyWylJIwIDAQAB o4ICETCCAg0wHQYDVR0OBBYEFG2zU3yCZoRrGdlfAwYxGocgtpVhMB8GA1UdIwQY MBaAFNWvIMAm3hBNlvF6y69OeH750wIGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMWE4Z3dDYmVFRTJXOFhyTHIwNTRmdm5UQWdZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8wOWQ3MmUtODI2Ny00MzkzLTgzNjMt ODlmMTgxNWQ0YzE5LzEvYmJOVGZJSm1oR3NaMlY4REJqRWFoeUMybFdFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYi8wOWQ3MmUtODI2Ny00MzkzLTgzNjMtODlmMTgxNWQ0YzE5 LzEvMWE4Z3dDYmVFRTJXOFhyTHIwNTRmdm5UQWdZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAW5mqAD BAC5mqIwDQYJKoZIhvcNAQELBQADggEBAOG3sGAvzyAHGn+mjUEmFfEpsMflPSFc pG6or2LbtEZirIXrkfuOQHSE0BOp2xeT8N37dVO05jSjxH1VX/xbCLn4sW2rhUQ3 H516vtU3A63iwK4lHXQ8wra2BqVvysQLJArgD9DY+CGSp5X3I9VhMI0Wmma7F9dx 2w/lt/SE5gDh3V8RfXF/xBGsUkjeLZOg6uMu907QUqk47QupRpXbqig9g4TqoNBA VVEEF623TNEr3HbpCJzSIMmnH4ORnp505jv/gBB7uAykGJzLn22u2y0Z+uaFRXQH 7/CPnl8zhZeommyMsf7okuwmz0lNjT85R2iJjozIt9i8IbuxFwxhvxY= -----END CERTIFICATE-----Generated at Sun Jan 25 17:22:38 2026 by rpki-client