This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/29dac9-9a15-4661-af78-1522e2964fce/1/BCFG1E3vkLJzX3xYHBAXCR2M-Dk.roa File: BCFG1E3vkLJzX3xYHBAXCR2M-Dk.roa (raw, json) Hash identifier: kLXCiyzJI0lL3gfuo31f6jHCm4NoCsgw/6nrJV+kat0= Subject key identifier: 04:21:46:D4:4D:EF:90:B2:73:5F:7C:58:1C:10:17:09:1D:8C:F8:39 Certificate issuer: /CN=7f312b09d1f690f25700bd5dcf07c9180c5e9663 Certificate serial: 019B76EB72719D03257C10E7F3C24ED8E74F Authority key identifier: 7F:31:2B:09:D1:F6:90:F2:57:00:BD:5D:CF:07:C9:18:0C:5E:96:63 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fzErCdH2kPJXAL1dzwfJGAxelmM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/29dac9-9a15-4661-af78-1522e2964fce/1/BCFG1E3vkLJzX3xYHBAXCR2M-Dk.roa Signing time: Thu 01 Jan 2026 00:18:20 +0000 ROA not before: Thu 01 Jan 2026 00:18:20 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 213679 IP address blocks: 2001:678:364::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/29dac9-9a15-4661-af78-1522e2964fce/1/fzErCdH2kPJXAL1dzwfJGAxelmM.crl rsync://rpki.ripe.net/repository/DEFAULT/bc/29dac9-9a15-4661-af78-1522e2964fce/1/fzErCdH2kPJXAL1dzwfJGAxelmM.mft rsync://rpki.ripe.net/repository/DEFAULT/fzErCdH2kPJXAL1dzwfJGAxelmM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 01:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:76:eb:72:71:9d:03:25:7c:10:e7:f3:c2:4e:d8:e7:4f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7f312b09d1f690f25700bd5dcf07c9180c5e9663 Validity Not Before: Jan 1 00:18:20 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=042146d44def90b2735f7c581c1017091d8cf839 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:ff:83:3c:75:8b:da:42:61:f0:65:84:38:d0: dd:62:5f:6e:19:20:17:be:06:dd:33:1d:10:e5:9e: 6d:6f:2c:52:d9:d4:3d:41:e9:ca:14:6c:30:fc:39: 16:f3:67:af:62:98:ba:68:61:96:37:f9:d5:ec:b0: 99:49:8f:76:48:0a:61:b7:61:90:3f:81:51:36:4e: 17:32:87:8b:83:08:d5:0d:cf:7f:e3:ae:e5:bd:31: 3f:25:35:df:08:8c:f9:5b:3b:7f:fb:1d:80:5e:e7: 83:31:5d:ef:6b:bf:79:16:a7:54:71:76:56:c6:13: 1d:a4:9c:29:80:6f:41:90:f8:ed:5b:d8:2a:a8:54: 33:47:11:47:99:4c:57:bb:4c:d6:bb:ab:51:de:18: a6:fc:42:ad:8f:10:41:8d:2c:9a:c8:20:70:72:c6: da:d1:6a:b5:0a:9a:70:52:15:8f:6d:b7:24:bb:ac: c1:fb:44:65:0b:6b:f3:a5:4f:35:ad:85:77:9f:00: 39:62:d4:06:37:8a:2e:78:06:22:8b:44:ef:fa:82: 16:14:41:bb:27:31:0b:13:70:aa:72:cf:f9:93:3a: 13:f2:2e:bc:54:a8:9b:36:df:b7:ae:2f:ac:13:fc: bd:dd:fb:bf:a8:a1:8c:7d:4c:61:75:a9:0e:91:81: 46:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 04:21:46:D4:4D:EF:90:B2:73:5F:7C:58:1C:10:17:09:1D:8C:F8:39 X509v3 Authority Key Identifier: keyid:7F:31:2B:09:D1:F6:90:F2:57:00:BD:5D:CF:07:C9:18:0C:5E:96:63 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fzErCdH2kPJXAL1dzwfJGAxelmM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/29dac9-9a15-4661-af78-1522e2964fce/1/BCFG1E3vkLJzX3xYHBAXCR2M-Dk.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/29dac9-9a15-4661-af78-1522e2964fce/1/fzErCdH2kPJXAL1dzwfJGAxelmM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:678:364::/48 Signature Algorithm: sha256WithRSAEncryption 24:6d:b5:54:e8:36:79:c5:e2:e3:58:80:35:f8:2f:eb:18:4c: 31:48:01:0f:be:ca:bb:3c:14:ef:8e:84:e6:2e:8c:c1:36:e3: 81:f3:9c:20:9d:13:e6:18:5f:c7:6f:0d:20:43:bf:a2:83:3d: da:c0:6e:2a:d5:75:bc:d2:cf:7d:4c:a1:97:5e:2f:de:aa:74: b9:44:42:fa:a9:bf:d8:d1:c1:28:2e:3d:5d:1c:50:7d:f7:5b: ce:fd:27:13:ff:74:82:85:f2:4f:ab:31:53:16:0a:fa:e5:50: 04:36:7e:8b:85:9d:a9:94:63:8c:6e:72:9d:0b:b6:2f:48:3a: 65:3d:c7:d1:a7:ff:85:6f:70:46:0c:96:22:0f:a0:75:86:8a: 59:54:54:36:40:36:10:40:ee:32:4b:83:5b:7d:81:d4:b7:19: 33:3d:ac:46:a7:a7:be:3c:ae:b0:04:26:e2:b1:61:95:fb:e6: e5:62:37:6f:11:67:72:d5:68:01:3e:07:8f:a2:cb:d5:26:2b: b0:5a:61:b7:3f:89:ab:f2:44:20:73:74:e7:4d:89:9d:b5:c4: 4c:69:59:89:ae:ad:99:b3:ea:00:1f:90:c7:ad:57:af:e1:70: c7:47:9a:c6:24:d0:4f:22:32:d8:90:05:4b:2f:b2:15:96:cc: 84:2b:31:d6 -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt263JxnQMlfBDn88JO2OdPMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDdmMzEyYjA5ZDFmNjkwZjI1NzAwYmQ1ZGNmMDdjOTE4MGM1 ZTk2NjMwHhcNMjYwMTAxMDAxODIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwNDIxNDZkNDRkZWY5MGIyNzM1ZjdjNTgxYzEwMTcwOTFkOGNmODM5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtv+DPHWL2kJh8GWEONDdYl9uGSAX vgbdMx0Q5Z5tbyxS2dQ9QenKFGww/DkW82evYpi6aGGWN/nV7LCZSY92SApht2GQ P4FRNk4XMoeLgwjVDc9/467lvTE/JTXfCIz5Wzt/+x2AXueDMV3va795FqdUcXZW xhMdpJwpgG9BkPjtW9gqqFQzRxFHmUxXu0zWu6tR3him/EKtjxBBjSyayCBwcsba 0Wq1CppwUhWPbbcku6zB+0RlC2vzpU81rYV3nwA5YtQGN4oueAYii0Tv+oIWFEG7 JzELE3Cqcs/5kzoT8i68VKibNt+3ri+sE/y93fu/qKGMfUxhdakOkYFGAwIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFAQhRtRN75Cyc198WBwQFwkdjPg5MB8GA1UdIwQY MBaAFH8xKwnR9pDyVwC9Xc8HyRgMXpZjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZnpFckNkSDJrUEpYQUwxZHp3ZkpHQXhlbG1NLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy8yOWRhYzktOWExNS00NjYxLWFmNzgt MTUyMmUyOTY0ZmNlLzEvQkNGRzFFM3ZrTEp6WDN4WUhCQVhDUjJNLURrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYy8yOWRhYzktOWExNS00NjYxLWFmNzgtMTUyMmUyOTY0ZmNl LzEvZnpFckNkSDJrUEpYQUwxZHp3ZkpHQXhlbG1NLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeANk MA0GCSqGSIb3DQEBCwUAA4IBAQAkbbVU6DZ5xeLjWIA1+C/rGEwxSAEPvsq7PBTv joTmLozBNuOB85wgnRPmGF/Hbw0gQ7+igz3awG4q1XW80s99TKGXXi/eqnS5REL6 qb/Y0cEoLj1dHFB991vO/ScT/3SChfJPqzFTFgr65VAENn6LhZ2plGOMbnKdC7Yv SDplPcfRp/+Fb3BGDJYiD6B1hopZVFQ2QDYQQO4yS4NbfYHUtxkzPaxGp6e+PK6w BCbisWGV++blYjdvEWdy1WgBPgePosvVJiuwWmG3P4mr8kQgc3TnTYmdtcRMaVmJ rq2Zs+oAH5DHrVev4XDHR5rGJNBPIjLYkAVLL7IVlsyEKzHW -----END CERTIFICATE-----Generated at Mon Jan 26 08:58:23 2026 by rpki-client