This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/95de21-0fbc-4d13-b6e0-cb9e1ed779ac/1/Bufh8fLfGuFcJIRDH90wZyey3vQ.roa File: Bufh8fLfGuFcJIRDH90wZyey3vQ.roa (raw, json) Hash identifier: 97pbnQhhP+W/DGuiQ6yzPinj80mmymwV5CPqsqreqm0= Subject key identifier: 06:E7:E1:F1:F2:DF:1A:E1:5C:24:84:43:1F:DD:30:67:27:B2:DE:F4 Certificate issuer: /CN=c4df0bd04aa843e68082f6dece0798732b6f8832 Certificate serial: 019B7C8085F6E47ED15606A9C117A4315C1C Authority key identifier: C4:DF:0B:D0:4A:A8:43:E6:80:82:F6:DE:CE:07:98:73:2B:6F:88:32 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xN8L0EqoQ-aAgvbezgeYcytviDI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/95de21-0fbc-4d13-b6e0-cb9e1ed779ac/1/Bufh8fLfGuFcJIRDH90wZyey3vQ.roa Signing time: Fri 02 Jan 2026 02:19:16 +0000 ROA not before: Fri 02 Jan 2026 02:19:16 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 24631 IP address blocks: 176.122.210.0/24 maxlen: 24 176.122.211.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/95de21-0fbc-4d13-b6e0-cb9e1ed779ac/1/xN8L0EqoQ-aAgvbezgeYcytviDI.crl rsync://rpki.ripe.net/repository/DEFAULT/bf/95de21-0fbc-4d13-b6e0-cb9e1ed779ac/1/xN8L0EqoQ-aAgvbezgeYcytviDI.mft rsync://rpki.ripe.net/repository/DEFAULT/xN8L0EqoQ-aAgvbezgeYcytviDI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 16:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:80:85:f6:e4:7e:d1:56:06:a9:c1:17:a4:31:5c:1c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c4df0bd04aa843e68082f6dece0798732b6f8832 Validity Not Before: Jan 2 02:19:16 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=06e7e1f1f2df1ae15c2484431fdd306727b2def4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:ab:31:fe:76:af:67:5e:87:66:70:bc:cc:ff: 74:28:bf:12:61:f5:46:97:82:26:f9:56:6e:1b:d1: 63:36:50:d9:34:78:16:67:d3:5a:38:60:f2:66:9d: d6:fa:74:a5:f7:0a:1b:18:bc:d9:94:35:71:38:29: 5c:23:71:d3:ea:87:e9:62:63:7c:c1:56:13:5d:f3: a0:3f:4b:41:cf:b9:59:4a:69:2c:7e:13:fe:32:02: 5d:26:8b:e5:e1:3e:a5:06:a4:83:55:a2:a3:31:bb: 25:2a:fc:d8:0c:bd:68:ad:e9:5a:ca:6b:24:39:4d: 98:51:c1:3b:24:e7:92:d8:f4:b9:1a:d0:59:1a:9c: 4f:3f:3f:83:d1:8c:3f:bc:a4:47:ee:d2:10:71:9e: 1b:8c:b4:2b:ec:86:93:89:27:8c:1b:b5:f8:c9:1d: d9:b8:32:4f:b8:7d:a0:68:38:84:77:84:af:42:c2: 2d:09:0e:51:2f:8d:b3:a6:8c:5d:b1:fb:84:6e:58: 07:5e:b7:b7:ef:c6:35:c5:d4:b3:17:61:f7:1f:2c: 0e:d3:7d:6b:a9:c5:5e:87:33:d0:f5:74:e6:5a:47: da:7e:2a:e3:ea:72:14:31:70:70:9a:29:cb:39:c8: 96:6e:f8:76:65:c1:80:c8:66:92:9c:58:fd:2a:31: fa:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 06:E7:E1:F1:F2:DF:1A:E1:5C:24:84:43:1F:DD:30:67:27:B2:DE:F4 X509v3 Authority Key Identifier: keyid:C4:DF:0B:D0:4A:A8:43:E6:80:82:F6:DE:CE:07:98:73:2B:6F:88:32 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xN8L0EqoQ-aAgvbezgeYcytviDI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/95de21-0fbc-4d13-b6e0-cb9e1ed779ac/1/Bufh8fLfGuFcJIRDH90wZyey3vQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/95de21-0fbc-4d13-b6e0-cb9e1ed779ac/1/xN8L0EqoQ-aAgvbezgeYcytviDI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 176.122.210.0/23 Signature Algorithm: sha256WithRSAEncryption 72:19:18:6c:85:54:6f:08:89:9d:bf:4d:ba:39:80:d1:7c:bf: 55:e1:de:1d:36:29:58:fe:a9:2f:e4:fa:91:9b:e6:a7:44:30: ab:ab:20:7a:f3:51:89:a3:0a:ab:ca:4c:61:fa:08:86:a6:31: 46:99:be:a6:e8:10:9e:f3:e3:8e:74:72:dd:44:73:64:8b:ce: e7:a5:fb:d2:de:80:00:1e:b3:70:32:3f:1c:b4:a5:f2:1d:1a: b7:09:cb:e1:92:15:66:1c:6a:ab:da:9e:64:a2:13:be:17:f1: be:f5:55:c2:06:f3:db:c6:0f:41:bc:a6:f6:a2:d6:61:9c:d6: 8e:c7:06:c0:49:ad:9f:be:c7:82:55:75:e0:c1:d0:e7:5e:1f: ea:1d:93:22:be:90:18:a4:f3:79:09:43:2c:3d:e9:d2:12:79: 28:92:be:dd:81:17:7d:b1:92:52:b3:f8:ed:8c:32:68:ae:2e: a8:93:08:b4:a8:0f:a6:1d:5a:2e:a1:8c:fa:bf:42:96:61:27: 0b:f3:c7:7e:75:e3:9e:45:04:82:6d:a2:4b:b7:ab:0f:a2:8f: 32:1b:56:49:96:6f:ec:f4:00:56:bb:de:b6:28:4e:21:93:45: 9c:c3:83:ed:92:6e:7a:f8:77:dd:d8:a6:31:69:09:07:d7:a6: 22:06:01:e9 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt8gIX25H7RVgapwRekMVwcMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM0ZGYwYmQwNGFhODQzZTY4MDgyZjZkZWNlMDc5ODczMmI2 Zjg4MzIwHhcNMjYwMTAyMDIxOTE2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwNmU3ZTFmMWYyZGYxYWUxNWMyNDg0NDMxZmRkMzA2NzI3YjJkZWY0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv6sx/navZ16HZnC8zP90KL8SYfVG l4Im+VZuG9FjNlDZNHgWZ9NaOGDyZp3W+nSl9wobGLzZlDVxOClcI3HT6ofpYmN8 wVYTXfOgP0tBz7lZSmksfhP+MgJdJovl4T6lBqSDVaKjMbslKvzYDL1orelaymsk OU2YUcE7JOeS2PS5GtBZGpxPPz+D0Yw/vKRH7tIQcZ4bjLQr7IaTiSeMG7X4yR3Z uDJPuH2gaDiEd4SvQsItCQ5RL42zpoxdsfuEblgHXre378Y1xdSzF2H3HywO031r qcVehzPQ9XTmWkfafirj6nIUMXBwminLOciWbvh2ZcGAyGaSnFj9KjH6gwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFAbn4fHy3xrhXCSEQx/dMGcnst70MB8GA1UdIwQY MBaAFMTfC9BKqEPmgIL23s4HmHMrb4gyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveE44TDBFcW9RLWFBZ3ZiZXpnZVljeXR2aURJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi85NWRlMjEtMGZiYy00ZDEzLWI2ZTAt Y2I5ZTFlZDc3OWFjLzEvQnVmaDhmTGZHdUZjSklSREg5MHdaeWV5M3ZRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iZi85NWRlMjEtMGZiYy00ZDEzLWI2ZTAtY2I5ZTFlZDc3OWFj LzEveE44TDBFcW9RLWFBZ3ZiZXpnZVljeXR2aURJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBsHrSMA0G CSqGSIb3DQEBCwUAA4IBAQByGRhshVRvCImdv026OYDRfL9V4d4dNilY/qkv5PqR m+anRDCrqyB681GJowqrykxh+giGpjFGmb6m6BCe8+OOdHLdRHNki87npfvS3oAA HrNwMj8ctKXyHRq3CcvhkhVmHGqr2p5kohO+F/G+9VXCBvPbxg9BvKb2otZhnNaO xwbASa2fvseCVXXgwdDnXh/qHZMivpAYpPN5CUMsPenSEnkokr7dgRd9sZJSs/jt jDJori6okwi0qA+mHVouoYz6v0KWYScL88d+deOeRQSCbaJLt6sPoo8yG1ZJlm/s 9ABWu962KE4hk0Wcw4Ptkm56+Hfd2KYxaQkH16YiBgHp -----END CERTIFICATE-----Generated at Sun Jan 25 23:49:45 2026 by rpki-client