This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/bVitBPgZXTQtQI1h9qes3hDRRxY.roa File: bVitBPgZXTQtQI1h9qes3hDRRxY.roa (raw, json) Hash identifier: tqq2V5OTdPLeDjlXCD6tq05OTPazJPQl/dxmKD2F5i4= Subject key identifier: 6D:58:AD:04:F8:19:5D:34:2D:40:8D:61:F6:A7:AC:DE:10:D1:47:16 Certificate issuer: /CN=81eed4091383d9ed4056d9f4eff7d2622ddce205 Certificate serial: 019B783553B8F66E13245FBB1978848E43EB Authority key identifier: 81:EE:D4:09:13:83:D9:ED:40:56:D9:F4:EF:F7:D2:62:2D:DC:E2:05 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ge7UCROD2e1AVtn07_fSYi3c4gU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/bVitBPgZXTQtQI1h9qes3hDRRxY.roa Signing time: Thu 01 Jan 2026 06:18:39 +0000 ROA not before: Thu 01 Jan 2026 06:18:39 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 49562 IP address blocks: 185.2.172.0/22 maxlen: 22 185.2.172.0/23 maxlen: 23 2a02:80c0::/30 maxlen: 30 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/ge7UCROD2e1AVtn07_fSYi3c4gU.crl rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/ge7UCROD2e1AVtn07_fSYi3c4gU.mft rsync://rpki.ripe.net/repository/DEFAULT/ge7UCROD2e1AVtn07_fSYi3c4gU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 15:01:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:35:53:b8:f6:6e:13:24:5f:bb:19:78:84:8e:43:eb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=81eed4091383d9ed4056d9f4eff7d2622ddce205 Validity Not Before: Jan 1 06:18:39 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=6d58ad04f8195d342d408d61f6a7acde10d14716 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:fb:3b:d9:85:84:d6:74:16:e2:e1:71:fe:65: fd:cd:9f:e0:cc:2a:3d:fa:78:2b:a0:d8:2f:98:68: e9:c6:0f:ba:a3:8b:43:25:45:5d:41:93:44:e1:2c: 40:f2:86:93:4a:f9:ad:18:04:28:09:c3:ad:f5:d8: 16:2e:22:1e:d4:6f:de:b3:f6:7e:2b:83:b7:cd:04: 94:65:17:37:a7:3d:83:b5:97:78:7e:dc:77:2e:3e: 42:fe:2a:16:e0:03:43:c4:3d:dc:fb:98:2b:42:23: f1:ed:5d:36:66:b6:a6:bd:cf:56:ea:8a:86:36:98: 1e:3e:24:89:1b:37:3a:c9:a2:b2:11:3f:41:18:7a: 09:4b:d2:b9:d7:d8:f8:45:dd:91:4b:57:a0:1a:f2: 52:44:46:d2:1b:87:26:61:9e:8d:7a:67:44:fe:5f: 7e:7e:03:30:f8:35:4b:1a:6c:be:4e:03:d1:b0:96: 3d:a1:fe:2c:47:c7:06:53:02:5b:27:9b:7e:f4:a4: 1b:2a:ae:0c:82:ce:22:06:d3:85:9d:ad:74:d0:93: e7:fd:8f:4b:09:89:fc:c4:14:fb:12:eb:90:09:84: d7:e1:a4:29:52:3b:df:79:5c:63:e3:07:d0:31:de: 5c:e0:15:08:0e:a6:eb:42:ac:0d:60:e7:f4:b4:4e: 6f:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6D:58:AD:04:F8:19:5D:34:2D:40:8D:61:F6:A7:AC:DE:10:D1:47:16 X509v3 Authority Key Identifier: keyid:81:EE:D4:09:13:83:D9:ED:40:56:D9:F4:EF:F7:D2:62:2D:DC:E2:05 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ge7UCROD2e1AVtn07_fSYi3c4gU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/bVitBPgZXTQtQI1h9qes3hDRRxY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/ge7UCROD2e1AVtn07_fSYi3c4gU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.2.172.0/22 IPv6: 2a02:80c0::/30 Signature Algorithm: sha256WithRSAEncryption 62:74:aa:d6:cb:7a:ee:e7:fc:59:c1:10:d4:aa:c0:da:22:16: 66:2b:f8:bd:e2:90:ea:05:a9:cb:a5:43:13:25:c5:01:5f:cc: f0:f2:6a:e1:f5:10:d3:fd:8d:59:60:7e:97:a3:74:ba:58:22: d0:af:a1:1d:31:53:2c:2e:d3:2b:6a:8c:48:d1:95:1f:14:be: 7b:d0:61:51:a1:bf:9b:14:90:76:54:99:37:96:85:a0:ee:f7: cd:db:a1:9c:f6:ac:a8:dd:9c:09:fb:e5:b4:d9:60:ba:a3:83: d4:b5:1d:e3:e4:6a:ee:f8:3a:a5:ec:f5:27:40:1e:a1:ad:79: d0:2c:53:68:c1:58:f3:14:01:ec:c2:64:03:77:59:f8:6a:df: 4c:de:f3:13:2f:55:10:a4:50:dc:04:f4:39:bf:16:e1:2b:c2: 33:da:76:59:10:c2:d2:9d:36:8c:09:66:e6:4e:74:0c:f4:50: f0:b2:14:2f:b4:9f:9c:ac:94:d7:26:da:b6:55:66:87:9c:66: 55:80:45:28:bb:7c:d5:74:b0:69:c2:4a:0d:a6:5c:14:ca:cb: d2:ed:0c:c1:66:b8:6c:44:63:d5:f3:54:ef:60:a0:38:bb:32: f3:4a:0e:3c:3c:bc:1a:db:34:0a:53:ff:f0:13:23:89:dc:f1: 5d:ba:a5:23 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt4NVO49m4TJF+7GXiEjkPrMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDgxZWVkNDA5MTM4M2Q5ZWQ0MDU2ZDlmNGVmZjdkMjYyMmRk Y2UyMDUwHhcNMjYwMTAxMDYxODM5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2ZDU4YWQwNGY4MTk1ZDM0MmQ0MDhkNjFmNmE3YWNkZTEwZDE0NzE2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2fs72YWE1nQW4uFx/mX9zZ/gzCo9 +ngroNgvmGjpxg+6o4tDJUVdQZNE4SxA8oaTSvmtGAQoCcOt9dgWLiIe1G/es/Z+ K4O3zQSUZRc3pz2DtZd4ftx3Lj5C/ioW4ANDxD3c+5grQiPx7V02Zramvc9W6oqG NpgePiSJGzc6yaKyET9BGHoJS9K519j4Rd2RS1egGvJSREbSG4cmYZ6NemdE/l9+ fgMw+DVLGmy+TgPRsJY9of4sR8cGUwJbJ5t+9KQbKq4Mgs4iBtOFna100JPn/Y9L CYn8xBT7EuuQCYTX4aQpUjvfeVxj4wfQMd5c4BUIDqbrQqwNYOf0tE5viwIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFG1YrQT4GV00LUCNYfanrN4Q0UcWMB8GA1UdIwQY MBaAFIHu1AkTg9ntQFbZ9O/30mIt3OIFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZ2U3VUNST0QyZTFBVnRuMDdfZlNZaTNjNGdVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS80YTljYzQtMmI5YS00ZWYyLWEzM2Et ODcyYjM3MTBjMmExLzEvYlZpdEJQZ1pYVFF0UUkxaDlxZXMzaERSUnhZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jYS80YTljYzQtMmI5YS00ZWYyLWEzM2EtODcyYjM3MTBjMmEx LzEvZ2U3VUNST0QyZTFBVnRuMDdfZlNZaTNjNGdVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuQKsMA0E AgACMAcDBQIqAoDAMA0GCSqGSIb3DQEBCwUAA4IBAQBidKrWy3ru5/xZwRDUqsDa IhZmK/i94pDqBanLpUMTJcUBX8zw8mrh9RDT/Y1ZYH6Xo3S6WCLQr6EdMVMsLtMr aoxI0ZUfFL570GFRob+bFJB2VJk3loWg7vfN26Gc9qyo3ZwJ++W02WC6o4PUtR3j 5Gru+Dql7PUnQB6hrXnQLFNowVjzFAHswmQDd1n4at9M3vMTL1UQpFDcBPQ5vxbh K8Iz2nZZEMLSnTaMCWbmTnQM9FDwshQvtJ+crJTXJtq2VWaHnGZVgEUou3zVdLBp wkoNplwUysvS7QzBZrhsRGPV81TvYKA4uzLzSg48PLwa2zQKU//wEyOJ3PFduqUj -----END CERTIFICATE-----Generated at Mon Jan 26 02:08:04 2026 by rpki-client