This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/f63e58-9efc-4082-82bb-08835dff6c4f/1/bEKVU4OITJ5La5mD1iq7ZpfSYUE.roa File: bEKVU4OITJ5La5mD1iq7ZpfSYUE.roa (raw, json) Hash identifier: X1+mTbB5rusbA3YqOKJcXnWonqzDep/m3n6JMVz9+TM= Subject key identifier: 6C:42:95:53:83:88:4C:9E:4B:6B:99:83:D6:2A:BB:66:97:D2:61:41 Certificate issuer: /CN=3622fc2f8ad8b008357dbe6f0195960c9de61bd5 Certificate serial: 019B78A2127731223A372031E50EBFCB3F9E Authority key identifier: 36:22:FC:2F:8A:D8:B0:08:35:7D:BE:6F:01:95:96:0C:9D:E6:1B:D5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NiL8L4rYsAg1fb5vAZWWDJ3mG9U.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/f63e58-9efc-4082-82bb-08835dff6c4f/1/bEKVU4OITJ5La5mD1iq7ZpfSYUE.roa Signing time: Thu 01 Jan 2026 08:17:26 +0000 ROA not before: Thu 01 Jan 2026 08:17:26 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 200373 IP address blocks: 45.3.32.0/20 maxlen: 24 45.3.48.0/21 maxlen: 24 45.3.62.0/24 maxlen: 24 65.111.0.0/19 maxlen: 24 95.141.242.0/24 maxlen: 24 104.167.19.0/24 maxlen: 24 104.167.25.0/24 maxlen: 24 104.207.32.0/19 maxlen: 24 209.50.160.0/19 maxlen: 24 216.26.224.0/19 maxlen: 24 2a0a:da40::/29 maxlen: 29 2a13:3f80::/32 maxlen: 32 2a13:3f83::/32 maxlen: 32 2a13:3f84::/32 maxlen: 32 2a13:3f85::/32 maxlen: 32 2a13:3f86::/32 maxlen: 32 2a13:3f87::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/f63e58-9efc-4082-82bb-08835dff6c4f/1/NiL8L4rYsAg1fb5vAZWWDJ3mG9U.crl rsync://rpki.ripe.net/repository/DEFAULT/f1/f63e58-9efc-4082-82bb-08835dff6c4f/1/NiL8L4rYsAg1fb5vAZWWDJ3mG9U.mft rsync://rpki.ripe.net/repository/DEFAULT/NiL8L4rYsAg1fb5vAZWWDJ3mG9U.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a2:12:77:31:22:3a:37:20:31:e5:0e:bf:cb:3f:9e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3622fc2f8ad8b008357dbe6f0195960c9de61bd5 Validity Not Before: Jan 1 08:17:26 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=6c42955383884c9e4b6b9983d62abb6697d26141 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:de:cb:98:f2:55:94:73:3a:3f:3e:6b:f7:8b: 84:bf:7f:f7:fe:fa:a7:cf:33:48:fe:3e:80:1b:1f: db:43:13:11:8a:73:44:5c:f4:2e:d3:72:ab:24:21: 01:37:11:48:10:3f:a6:92:4c:c4:39:64:b7:87:bd: 61:a6:88:2e:58:71:51:ad:42:52:45:99:9c:91:20: 94:f4:64:85:3b:12:8d:62:f4:61:ad:bf:dc:5e:7b: ba:a1:0e:fe:fa:99:95:6a:ac:3f:2e:7c:7d:d3:a9: 17:cb:35:04:06:ba:b1:2d:1e:ae:b1:3b:44:23:55: 63:f6:d2:96:d1:31:20:1f:02:8c:40:d4:3e:7c:d6: 50:25:60:52:0f:3c:bb:2c:99:97:a8:d7:47:f2:65: f9:ba:73:39:f6:91:ee:3c:dc:ae:af:de:2c:fd:ff: aa:a9:c8:40:64:b8:17:f3:f6:32:a1:d0:b3:49:37: 75:80:18:e8:8d:c6:8f:7b:bb:4a:a1:10:a4:19:a5: ab:8e:1c:1e:2d:3a:41:54:60:ad:74:7d:b9:1c:70: 20:be:11:a8:e6:1f:1c:e4:58:0d:c5:72:6a:e7:e2: ac:c6:8a:1f:5c:9a:ab:c5:6a:3c:77:03:8f:10:63: e2:0b:93:8a:68:70:5e:d6:28:74:64:85:06:d7:af: d2:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6C:42:95:53:83:88:4C:9E:4B:6B:99:83:D6:2A:BB:66:97:D2:61:41 X509v3 Authority Key Identifier: keyid:36:22:FC:2F:8A:D8:B0:08:35:7D:BE:6F:01:95:96:0C:9D:E6:1B:D5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NiL8L4rYsAg1fb5vAZWWDJ3mG9U.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/f63e58-9efc-4082-82bb-08835dff6c4f/1/bEKVU4OITJ5La5mD1iq7ZpfSYUE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/f63e58-9efc-4082-82bb-08835dff6c4f/1/NiL8L4rYsAg1fb5vAZWWDJ3mG9U.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.3.32.0-45.3.55.255 45.3.62.0/24 65.111.0.0/19 95.141.242.0/24 104.167.19.0/24 104.167.25.0/24 104.207.32.0/19 209.50.160.0/19 216.26.224.0/19 IPv6: 2a0a:da40::/29 2a13:3f80::/32 2a13:3f83::-2a13:3f87:ffff:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 80:44:1b:2d:0c:99:88:ad:a1:d2:52:84:3b:88:04:2f:e2:b9: d9:78:ef:7c:be:0d:42:36:f0:c8:b7:28:7a:2f:6f:b6:8d:04: 6a:4c:1e:6c:6b:29:97:9b:d7:5b:4f:ee:18:79:e5:3d:de:bc: c4:d3:32:d8:44:85:88:c3:10:f0:54:03:ac:db:17:d0:dd:19: 6a:49:f5:1a:d9:36:19:ad:60:83:2d:25:75:c8:dd:ff:3f:35: d5:a1:aa:c6:a7:c2:f1:78:94:40:28:b0:2f:8d:37:d2:88:3a: ee:63:8c:b6:01:bd:ec:16:d7:ba:42:6f:3f:dd:05:2e:13:64: cb:1e:a6:4a:d8:45:60:b7:e2:72:6c:ff:fc:a0:68:df:5c:7e: 07:74:3d:d2:8b:ab:89:1a:6a:02:1d:72:0f:52:0a:94:f7:42: 56:0b:0d:09:13:74:0a:7d:c3:86:4f:70:28:da:1c:0e:8c:71: 6c:f2:89:97:a7:71:a9:e8:73:e2:7e:8a:5e:b8:21:51:91:67: c4:51:38:9b:b3:64:54:f0:b6:c1:8d:9f:9c:0e:24:7f:14:3c: f7:8c:00:55:c1:3c:56:03:0a:4e:45:3a:57:7f:29:0a:7a:3b: 84:d0:b4:89:4c:30:91:33:8f:8a:d6:40:9a:df:74:06:6a:c6: a2:85:db:87 -----BEGIN CERTIFICATE----- MIIFWzCCBEOgAwIBAgISAZt4ohJ3MSI6NyAx5Q6/yz+eMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM2MjJmYzJmOGFkOGIwMDgzNTdkYmU2ZjAxOTU5NjBjOWRl NjFiZDUwHhcNMjYwMTAxMDgxNzI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2YzQyOTU1MzgzODg0YzllNGI2Yjk5ODNkNjJhYmI2Njk3ZDI2MTQxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAot7LmPJVlHM6Pz5r94uEv3/3/vqn zzNI/j6AGx/bQxMRinNEXPQu03KrJCEBNxFIED+mkkzEOWS3h71hpoguWHFRrUJS RZmckSCU9GSFOxKNYvRhrb/cXnu6oQ7++pmVaqw/Lnx906kXyzUEBrqxLR6usTtE I1Vj9tKW0TEgHwKMQNQ+fNZQJWBSDzy7LJmXqNdH8mX5unM59pHuPNyur94s/f+q qchAZLgX8/YyodCzSTd1gBjojcaPe7tKoRCkGaWrjhweLTpBVGCtdH25HHAgvhGo 5h8c5FgNxXJq5+KsxoofXJqrxWo8dwOPEGPiC5OKaHBe1ih0ZIUG16/SuQIDAQAB o4ICZzCCAmMwHQYDVR0OBBYEFGxClVODiEyeS2uZg9Yqu2aX0mFBMB8GA1UdIwQY MBaAFDYi/C+K2LAINX2+bwGVlgyd5hvVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTmlMOEw0cllzQWcxZmI1dkFaV1dESjNtRzlVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS9mNjNlNTgtOWVmYy00MDgyLTgyYmIt MDg4MzVkZmY2YzRmLzEvYkVLVlU0T0lUSjVMYTVtRDFpcTdacGZTWVVFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mMS9mNjNlNTgtOWVmYy00MDgyLTgyYmItMDg4MzVkZmY2YzRm LzEvTmlMOEw0cllzQWcxZmI1dkFaV1dESjNtRzlVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMH0GCCsGAQUFBwEHAQH/BG4wbDBEBAIAATA+MAwDBAUtAyAD BAMtAzADBAAtAz4DBAVBbwADBABfjfIDBABopxMDBABopxkDBAVozyADBAXRMqAD BAXYGuAwJAQCAAIwHgMFAyoK2kADBQAqEz+AMA4DBQAqEz+DAwUDKhM/gDANBgkq hkiG9w0BAQsFAAOCAQEAgEQbLQyZiK2h0lKEO4gEL+K52XjvfL4NQjbwyLcoei9v to0EakwebGspl5vXW0/uGHnlPd68xNMy2ESFiMMQ8FQDrNsX0N0Zakn1Gtk2Ga1g gy0ldcjd/z811aGqxqfC8XiUQCiwL4030og67mOMtgG97BbXukJvP90FLhNkyx6m SthFYLficmz//KBo31x+B3Q90ouriRpqAh1yD1IKlPdCVgsNCRN0Cn3Dhk9wKNoc DoxxbPKJl6dxqehz4n6KXrghUZFnxFE4m7NkVPC2wY2fnA4kfxQ894wAVcE8VgMK TkU6V38pCno7hNC0iUwwkTOPitZAmt90BmrGooXbhw== -----END CERTIFICATE-----Generated at Sun Jan 25 12:17:39 2026 by rpki-client