This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/bfc8GaowscJfsEaAg6mWylcuPCo.roa File: bfc8GaowscJfsEaAg6mWylcuPCo.roa (raw, json) Hash identifier: xem4+KyAdtvaUPEFJ0aeqKzcQy0pI2/rkfs/tPo++oU= Subject key identifier: 6D:F7:3C:19:AA:30:B1:C2:5F:B0:46:80:83:A9:96:CA:57:2E:3C:2A Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b Certificate serial: 019B78343F9C29A294D143CFF910D29BA1D7 Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/bfc8GaowscJfsEaAg6mWylcuPCo.roa Signing time: Thu 01 Jan 2026 06:17:28 +0000 ROA not before: Thu 01 Jan 2026 06:17:28 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 2859 IP address blocks: 192.121.121.0/24 maxlen: 24 194.68.230.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.mft rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 25 Jan 2026 23:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:34:3f:9c:29:a2:94:d1:43:cf:f9:10:d2:9b:a1:d7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b Validity Not Before: Jan 1 06:17:28 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=6df73c19aa30b1c25fb0468083a996ca572e3c2a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:d6:6a:07:2a:48:f8:24:77:69:25:ae:82:eb: 46:33:3a:0f:1d:b8:92:d5:09:b9:c4:fc:ed:3e:cf: 05:00:f5:7c:ec:90:03:1c:69:ca:31:3f:f1:f6:11: 97:a4:9f:80:4c:c4:57:1e:99:36:13:d0:a4:49:e9: 74:64:46:6d:02:ef:dd:b3:14:b6:15:ec:e8:90:82: ed:4b:05:3e:6e:3b:04:bd:29:4b:e2:25:a6:86:8c: 39:51:14:18:8d:cb:aa:43:3e:b0:3a:db:bc:e9:e6: 1f:c3:8e:08:2d:9b:df:2b:43:e0:5a:5c:70:98:39: ba:3c:11:2a:87:2d:f7:81:01:e1:af:8f:b7:54:ab: f6:cc:13:92:a9:db:81:09:f4:7a:9d:a9:2b:4f:94: 4e:af:f9:3d:9b:11:1b:d3:74:61:80:5e:be:e0:88: 19:c7:4a:a4:dc:47:1e:ed:bd:26:8d:fd:46:fa:8a: 47:b0:17:cf:65:0f:aa:9e:99:df:29:72:b2:08:b2: b0:db:11:9c:37:3b:2a:04:f5:1d:01:14:87:c2:57: a4:1b:1d:6f:b0:d1:4a:46:93:d1:f0:f7:2a:4c:df: 7a:24:fb:39:df:8a:b3:78:da:1f:7b:9d:e4:33:3e: b0:31:6b:2d:05:e2:d7:fe:7d:97:d5:29:cf:6c:82: dd:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6D:F7:3C:19:AA:30:B1:C2:5F:B0:46:80:83:A9:96:CA:57:2E:3C:2A X509v3 Authority Key Identifier: keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/bfc8GaowscJfsEaAg6mWylcuPCo.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 192.121.121.0/24 194.68.230.0/24 Signature Algorithm: sha256WithRSAEncryption 4e:d5:e7:f2:3a:0f:49:25:00:81:17:b4:b3:ff:44:00:24:ff: af:65:d6:ba:a4:cb:2c:11:68:79:24:9a:40:d8:21:ee:7f:c6: 37:dd:1e:9a:25:2e:8f:ad:f8:f9:1e:cc:f3:0f:29:6b:09:97: 16:db:85:09:47:83:09:8f:18:46:28:9e:6f:70:33:8c:41:06: 4b:61:fe:ba:82:cb:c0:94:ac:b7:a7:63:d5:3e:2c:68:a3:91: 4b:95:e0:32:eb:4a:a0:4a:9d:ec:33:9e:03:db:26:1b:3f:10: 01:71:b9:09:ee:62:d6:b2:52:49:42:e5:8a:7c:1b:f5:27:e1: f8:ce:49:1d:a5:39:59:d6:8b:06:6e:c3:69:8e:88:eb:b8:36: b9:bd:6a:88:b9:3f:58:16:63:34:0f:f9:bf:bd:85:eb:35:00: 88:5f:c1:e3:7e:9f:bc:45:bc:b6:c2:3a:05:ab:1d:bc:a7:43: ac:92:73:0a:93:3e:4b:e3:08:29:e8:8f:cb:ff:e9:2c:24:cd: 49:8b:9b:b7:6f:11:e9:27:be:89:f9:40:f2:d5:fd:5a:d0:ee: fa:5d:36:6b:b7:d8:d9:a3:53:2d:7b:53:26:c6:d7:ef:6b:fb: ae:40:f8:63:d7:2b:75:3e:8a:c5:c4:f1:fa:eb:6c:ca:68:05: 9e:fb:36:2b -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt4ND+cKaKU0UPP+RDSm6HXMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh ZGFmMWIwHhcNMjYwMTAxMDYxNzI4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2ZGY3M2MxOWFhMzBiMWMyNWZiMDQ2ODA4M2E5OTZjYTU3MmUzYzJhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAptZqBypI+CR3aSWugutGMzoPHbiS 1Qm5xPztPs8FAPV87JADHGnKMT/x9hGXpJ+ATMRXHpk2E9CkSel0ZEZtAu/dsxS2 FezokILtSwU+bjsEvSlL4iWmhow5URQYjcuqQz6wOtu86eYfw44ILZvfK0PgWlxw mDm6PBEqhy33gQHhr4+3VKv2zBOSqduBCfR6nakrT5ROr/k9mxEb03RhgF6+4IgZ x0qk3Ece7b0mjf1G+opHsBfPZQ+qnpnfKXKyCLKw2xGcNzsqBPUdARSHwlekGx1v sNFKRpPR8PcqTN96JPs534qzeNofe53kMz6wMWstBeLX/n2X1SnPbILd/QIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFG33PBmqMLHCX7BGgIOplspXLjwqMB8GA1UdIwQY MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt OTQzZDAzMzIxMzI2LzEvYmZjOEdhb3dzY0pmc0VhQWc2bVd5bGN1UENvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2 LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwHl5AwQA wkTmMA0GCSqGSIb3DQEBCwUAA4IBAQBO1efyOg9JJQCBF7Sz/0QAJP+vZda6pMss EWh5JJpA2CHuf8Y33R6aJS6Prfj5HszzDylrCZcW24UJR4MJjxhGKJ5vcDOMQQZL Yf66gsvAlKy3p2PVPixoo5FLleAy60qgSp3sM54D2yYbPxABcbkJ7mLWslJJQuWK fBv1J+H4zkkdpTlZ1osGbsNpjojruDa5vWqIuT9YFmM0D/m/vYXrNQCIX8Hjfp+8 Rby2wjoFqx28p0OsknMKkz5L4wgp6I/L/+ksJM1Ji5u3bxHpJ76J+UDy1f1a0O76 XTZrt9jZo1Mte1Mmxtfva/uuQPhj1yt1PorFxPH662zKaAWe+zYr -----END CERTIFICATE-----Generated at Sun Jan 25 10:27:59 2026 by rpki-client