This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/ffce0e-c3ad-4c8a-9914-745cde74d01b/1/BgkebpBhISi7yrdl5zgWc6kxIH4.roa File: BgkebpBhISi7yrdl5zgWc6kxIH4.roa (raw, json) Hash identifier: X8DOyattSG0MTouveclCaC/OSKoml4GgvWQUYGFm67c= Subject key identifier: 06:09:1E:6E:90:61:21:28:BB:CA:B7:65:E7:38:16:73:A9:31:20:7E Certificate issuer: /CN=9439193aef1fe4d5703cb834df7aabaf8a4be42c Certificate serial: 019B7C80DC1D8D2F63C19490C58B6B1E12AF Authority key identifier: 94:39:19:3A:EF:1F:E4:D5:70:3C:B8:34:DF:7A:AB:AF:8A:4B:E4:2C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lDkZOu8f5NVwPLg033qrr4pL5Cw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/ffce0e-c3ad-4c8a-9914-745cde74d01b/1/BgkebpBhISi7yrdl5zgWc6kxIH4.roa Signing time: Fri 02 Jan 2026 02:19:38 +0000 ROA not before: Fri 02 Jan 2026 02:19:38 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 200370 IP address blocks: 45.8.160.0/22 maxlen: 22 45.8.160.0/24 maxlen: 24 45.8.161.0/24 maxlen: 24 45.8.162.0/24 maxlen: 24 45.8.163.0/24 maxlen: 24 193.56.59.0/24 maxlen: 24 193.56.61.0/24 maxlen: 24 193.56.107.0/24 maxlen: 24 193.56.118.0/24 maxlen: 24 194.60.208.0/22 maxlen: 22 194.60.208.0/23 maxlen: 23 194.60.208.0/24 maxlen: 24 194.60.209.0/24 maxlen: 24 194.60.210.0/23 maxlen: 23 194.60.210.0/24 maxlen: 24 194.60.211.0/24 maxlen: 24 2a05:cac0::/29 maxlen: 29 2a0f:51c0::/29 maxlen: 29 2a12:93c0::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c4/ffce0e-c3ad-4c8a-9914-745cde74d01b/1/lDkZOu8f5NVwPLg033qrr4pL5Cw.crl rsync://rpki.ripe.net/repository/DEFAULT/c4/ffce0e-c3ad-4c8a-9914-745cde74d01b/1/lDkZOu8f5NVwPLg033qrr4pL5Cw.mft rsync://rpki.ripe.net/repository/DEFAULT/lDkZOu8f5NVwPLg033qrr4pL5Cw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 02:00:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:80:dc:1d:8d:2f:63:c1:94:90:c5:8b:6b:1e:12:af Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9439193aef1fe4d5703cb834df7aabaf8a4be42c Validity Not Before: Jan 2 02:19:38 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=06091e6e90612128bbcab765e7381673a931207e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:18:b3:a2:d4:bc:4d:52:6c:73:d7:0d:3d:ea: 39:7b:e7:ae:da:4f:c9:c4:2f:d2:48:24:82:15:2e: 60:0d:00:2f:74:9c:e5:0a:8c:c8:5f:8d:9c:55:e5: 1a:62:77:11:34:c7:f2:82:44:82:7c:24:b2:7c:35: 58:61:9b:a3:83:48:ff:38:e1:b0:ed:0e:9b:8b:9d: b9:a6:c2:e9:cb:e4:a8:dd:91:d2:f3:34:13:8f:66: 16:4d:97:73:7a:9b:6c:a1:c2:85:2e:51:9e:88:82: cb:e0:4b:d6:09:1c:57:e6:87:e6:d3:98:fa:9a:6e: 3f:fe:aa:f4:ef:48:97:d2:26:ff:4c:6f:fb:64:74: 29:a0:87:70:5c:76:05:55:86:d0:c7:a7:9c:e7:00: 8f:4f:09:a4:93:9d:71:b4:cb:c4:07:57:46:3f:97: 94:ba:11:d4:d5:86:4d:54:25:32:9e:48:42:23:15: fa:07:77:b3:fd:cb:bb:b3:80:61:3d:2e:64:2a:4e: a8:f0:62:bd:ff:d5:fd:a0:0b:1d:d2:ba:5a:b1:51: a1:5d:6f:e7:d5:44:34:97:14:c1:23:80:68:39:43: 2b:a9:25:8a:bf:f7:e9:20:87:cf:f0:d1:b4:e9:f9: 5a:36:2f:29:35:39:3d:a2:d0:79:59:75:f2:6b:75: 8f:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 06:09:1E:6E:90:61:21:28:BB:CA:B7:65:E7:38:16:73:A9:31:20:7E X509v3 Authority Key Identifier: keyid:94:39:19:3A:EF:1F:E4:D5:70:3C:B8:34:DF:7A:AB:AF:8A:4B:E4:2C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lDkZOu8f5NVwPLg033qrr4pL5Cw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/ffce0e-c3ad-4c8a-9914-745cde74d01b/1/BgkebpBhISi7yrdl5zgWc6kxIH4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/ffce0e-c3ad-4c8a-9914-745cde74d01b/1/lDkZOu8f5NVwPLg033qrr4pL5Cw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.8.160.0/22 193.56.59.0/24 193.56.61.0/24 193.56.107.0/24 193.56.118.0/24 194.60.208.0/22 IPv6: 2a05:cac0::/29 2a0f:51c0::/29 2a12:93c0::/29 Signature Algorithm: sha256WithRSAEncryption 03:8c:7e:04:fd:b1:a0:b9:ad:79:19:ea:8a:8d:73:cf:15:11: 49:30:d0:67:fa:41:ed:9b:bb:0a:d8:35:2d:b8:4b:ee:73:1f: e6:ac:5e:4d:70:c5:f4:b3:0b:4e:4b:58:02:54:c6:83:45:c5: 72:df:59:14:1c:c4:2b:8f:71:81:4a:fb:04:9c:24:00:6b:45: 07:c0:9e:1a:bf:49:b9:99:57:bf:5d:39:53:f2:a5:21:f7:9b: 66:89:5e:09:12:e1:55:18:a6:03:3f:50:d7:fb:94:be:f9:d9: 25:74:e8:98:9d:c7:51:2e:c0:b5:a1:7c:b6:66:85:a3:0c:f1: b2:27:c9:40:9a:ee:dd:3c:65:07:04:9d:4f:10:f9:f4:3c:b9: 87:35:a4:ed:7d:fd:35:6d:a4:48:74:5f:f1:21:99:9d:70:3d: ac:e6:5c:8c:33:2c:97:ce:d3:97:e3:4c:7a:2f:27:21:9a:0b: 0a:6d:60:6b:94:17:93:2a:dc:87:46:dc:f9:a4:2e:01:8b:c3: 54:42:77:a7:91:d4:d7:48:e3:63:34:be:05:36:31:89:f9:f1: e4:0b:ef:89:75:e8:c2:9b:ad:40:1a:9b:2c:99:17:4d:5e:a6: 05:98:66:0f:f8:ff:a5:a4:da:8c:c9:f0:91:b1:55:eb:e9:a7: 77:a0:c5:b3 -----BEGIN CERTIFICATE----- MIIFODCCBCCgAwIBAgISAZt8gNwdjS9jwZSQxYtrHhKvMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk0MzkxOTNhZWYxZmU0ZDU3MDNjYjgzNGRmN2FhYmFmOGE0 YmU0MmMwHhcNMjYwMTAyMDIxOTM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwNjA5MWU2ZTkwNjEyMTI4YmJjYWI3NjVlNzM4MTY3M2E5MzEyMDdlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwhizotS8TVJsc9cNPeo5e+eu2k/J xC/SSCSCFS5gDQAvdJzlCozIX42cVeUaYncRNMfygkSCfCSyfDVYYZujg0j/OOGw 7Q6bi525psLpy+So3ZHS8zQTj2YWTZdzeptsocKFLlGeiILL4EvWCRxX5ofm05j6 mm4//qr070iX0ib/TG/7ZHQpoIdwXHYFVYbQx6ec5wCPTwmkk51xtMvEB1dGP5eU uhHU1YZNVCUynkhCIxX6B3ez/cu7s4BhPS5kKk6o8GK9/9X9oAsd0rpasVGhXW/n 1UQ0lxTBI4BoOUMrqSWKv/fpIIfP8NG06flaNi8pNTk9otB5WXXya3WPDQIDAQAB o4ICRDCCAkAwHQYDVR0OBBYEFAYJHm6QYSEou8q3Zec4FnOpMSB+MB8GA1UdIwQY MBaAFJQ5GTrvH+TVcDy4NN96q6+KS+QsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbERrWk91OGY1TlZ3UExnMDMzcXJyNHBMNUN3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC9mZmNlMGUtYzNhZC00YzhhLTk5MTQt NzQ1Y2RlNzRkMDFiLzEvQmdrZWJwQmhJU2k3eXJkbDV6Z1djNmt4SUg0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jNC9mZmNlMGUtYzNhZC00YzhhLTk5MTQtNzQ1Y2RlNzRkMDFi LzEvbERrWk91OGY1TlZ3UExnMDMzcXJyNHBMNUN3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTAqBAIAATAkAwQCLQigAwQA wTg7AwQAwTg9AwQAwThrAwQAwTh2AwQCwjzQMBsEAgACMBUDBQMqBcrAAwUDKg9R wAMFAyoSk8AwDQYJKoZIhvcNAQELBQADggEBAAOMfgT9saC5rXkZ6oqNc88VEUkw 0Gf6Qe2buwrYNS24S+5zH+asXk1wxfSzC05LWAJUxoNFxXLfWRQcxCuPcYFK+wSc JABrRQfAnhq/SbmZV79dOVPypSH3m2aJXgkS4VUYpgM/UNf7lL752SV06Jidx1Eu wLWhfLZmhaMM8bInyUCa7t08ZQcEnU8Q+fQ8uYc1pO19/TVtpEh0X/EhmZ1wPazm XIwzLJfO05fjTHovJyGaCwptYGuUF5Mq3IdG3PmkLgGLw1RCd6eR1NdI42M0vgU2 MYn58eQL74l16MKbrUAamyyZF01epgWYZg/4/6Wk2ozJ8JGxVevpp3egxbM= -----END CERTIFICATE-----Generated at Mon Jan 26 11:31:06 2026 by rpki-client