This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/9b19b5-43bb-4744-93cb-6ed10ebb933f/1/kBF7zKM32edjJgXjH4AjSwsgXFM.roa File: kBF7zKM32edjJgXjH4AjSwsgXFM.roa (raw, json) Hash identifier: RthnvzKZHaRVcGw388WF7ImSuN7L155l1GY/DTSrS+E= Subject key identifier: 90:11:7B:CC:A3:37:D9:E7:63:26:05:E3:1F:80:23:4B:0B:20:5C:53 Certificate issuer: /CN=6c5377bb9da41caa1176f432262dcaa99c476f9a Certificate serial: 019B7758AB176CD701544049CEC6E9E2061B Authority key identifier: 6C:53:77:BB:9D:A4:1C:AA:11:76:F4:32:26:2D:CA:A9:9C:47:6F:9A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bFN3u52kHKoRdvQyJi3KqZxHb5o.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/9b19b5-43bb-4744-93cb-6ed10ebb933f/1/kBF7zKM32edjJgXjH4AjSwsgXFM.roa Signing time: Thu 01 Jan 2026 02:17:38 +0000 ROA not before: Thu 01 Jan 2026 02:17:38 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 20676 IP address blocks: 77.247.96.0/22 maxlen: 22 2a0a:dc44::/30 maxlen: 30 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/9b19b5-43bb-4744-93cb-6ed10ebb933f/1/bFN3u52kHKoRdvQyJi3KqZxHb5o.crl rsync://rpki.ripe.net/repository/DEFAULT/fe/9b19b5-43bb-4744-93cb-6ed10ebb933f/1/bFN3u52kHKoRdvQyJi3KqZxHb5o.mft rsync://rpki.ripe.net/repository/DEFAULT/bFN3u52kHKoRdvQyJi3KqZxHb5o.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 16:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:58:ab:17:6c:d7:01:54:40:49:ce:c6:e9:e2:06:1b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6c5377bb9da41caa1176f432262dcaa99c476f9a Validity Not Before: Jan 1 02:17:38 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=90117bcca337d9e7632605e31f80234b0b205c53 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:22:06:c4:45:f7:fb:ab:ff:cf:3e:71:72:7a: e7:3a:c9:34:28:75:ca:f5:dc:39:13:97:03:a9:dc: b4:0c:5b:8f:34:d0:3d:e6:58:bd:e1:b7:9c:65:d6: 64:d3:bc:27:1d:ea:2e:50:b9:e0:ac:9e:88:3d:c0: 85:77:cb:98:c6:f1:81:50:dc:15:11:e9:0c:fb:8d: 7f:dc:0b:ce:9c:37:1d:63:58:0e:76:8b:1f:20:94: 11:69:7e:5e:84:45:ff:47:dd:85:12:5a:6a:09:3f: 95:1e:e0:04:fc:ba:7d:6a:45:29:df:d0:ef:cb:b0: 68:0e:94:c2:b3:c4:35:e0:7e:50:9d:e6:95:e4:1c: bb:6c:bb:95:16:af:2b:92:91:5a:5c:16:46:bf:c8: 81:18:11:f0:9a:3f:82:04:cc:52:1a:a1:61:48:b2: b3:e4:54:0e:fc:32:2d:08:b3:24:ec:df:25:9c:57: 7b:52:c9:6f:45:c5:07:cb:31:e5:45:27:83:6a:d8: 1b:58:32:00:b2:18:ad:7e:9e:84:8b:02:24:05:be: bd:5c:c8:d8:28:cc:9e:fe:f4:69:6e:1b:c6:1c:dd: ce:df:79:18:87:c5:7c:99:86:10:e7:14:bb:1e:7d: fb:37:52:7b:52:b2:20:4a:d8:48:64:99:f6:17:7b: 80:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:11:7B:CC:A3:37:D9:E7:63:26:05:E3:1F:80:23:4B:0B:20:5C:53 X509v3 Authority Key Identifier: keyid:6C:53:77:BB:9D:A4:1C:AA:11:76:F4:32:26:2D:CA:A9:9C:47:6F:9A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bFN3u52kHKoRdvQyJi3KqZxHb5o.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/9b19b5-43bb-4744-93cb-6ed10ebb933f/1/kBF7zKM32edjJgXjH4AjSwsgXFM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/9b19b5-43bb-4744-93cb-6ed10ebb933f/1/bFN3u52kHKoRdvQyJi3KqZxHb5o.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 77.247.96.0/22 IPv6: 2a0a:dc44::/30 Signature Algorithm: sha256WithRSAEncryption b9:c7:21:5e:66:00:81:88:db:61:c5:d8:82:a6:65:96:a2:4c: a3:ec:32:eb:36:22:59:2a:cf:aa:ae:74:01:8e:52:31:31:b4: ef:dc:f0:45:df:34:2d:3c:c6:e1:62:8d:4e:97:4b:df:9e:6d: 71:1f:d6:d6:c5:bb:dd:14:5f:2a:f1:fa:24:7f:a7:be:f2:5f: c7:da:1c:00:7a:eb:78:56:31:46:91:f4:66:14:46:18:02:b8: 8f:e5:84:e2:6a:38:a8:e4:45:ed:79:ad:a0:b5:00:fa:9a:aa: b8:90:dd:bd:70:a6:34:d2:aa:5b:ec:82:16:7c:bf:f3:50:a7: 4d:e0:da:8c:82:7b:90:1e:91:4b:49:bb:79:d5:95:55:25:c4: e7:14:d9:7f:1a:7a:49:80:0f:b3:f4:3f:95:10:5b:87:cf:27: 1e:50:c2:89:37:02:2f:4e:af:0c:57:80:07:c6:82:51:a5:d9: b7:d1:3a:9b:46:59:2e:b5:d7:23:55:d2:b7:07:48:87:b2:07: 47:a0:d5:72:66:09:f9:2e:18:ec:1a:b2:87:3b:6c:b4:55:a9: 50:94:7b:26:3b:4c:17:5a:68:ee:72:38:36:c9:60:dc:09:76: d4:e9:0f:a5:b3:2f:0e:49:45:08:77:fa:f0:19:85:c1:78:d3: 9b:f6:35:d5 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt3WKsXbNcBVEBJzsbp4gYbMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZjNTM3N2JiOWRhNDFjYWExMTc2ZjQzMjI2MmRjYWE5OWM0 NzZmOWEwHhcNMjYwMTAxMDIxNzM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5MDExN2JjY2EzMzdkOWU3NjMyNjA1ZTMxZjgwMjM0YjBiMjA1YzUzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqyIGxEX3+6v/zz5xcnrnOsk0KHXK 9dw5E5cDqdy0DFuPNNA95li94becZdZk07wnHeouULngrJ6IPcCFd8uYxvGBUNwV EekM+41/3AvOnDcdY1gOdosfIJQRaX5ehEX/R92FElpqCT+VHuAE/Lp9akUp39Dv y7BoDpTCs8Q14H5QneaV5By7bLuVFq8rkpFaXBZGv8iBGBHwmj+CBMxSGqFhSLKz 5FQO/DItCLMk7N8lnFd7UslvRcUHyzHlRSeDatgbWDIAshitfp6EiwIkBb69XMjY KMye/vRpbhvGHN3O33kYh8V8mYYQ5xS7Hn37N1J7UrIgSthIZJn2F3uAtwIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFJARe8yjN9nnYyYF4x+AI0sLIFxTMB8GA1UdIwQY MBaAFGxTd7udpByqEXb0MiYtyqmcR2+aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYkZOM3U1MmtIS29SZHZReUppM0txWnhIYjVvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS85YjE5YjUtNDNiYi00NzQ0LTkzY2It NmVkMTBlYmI5MzNmLzEva0JGN3pLTTMyZWRqSmdYakg0QWpTd3NnWEZNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mZS85YjE5YjUtNDNiYi00NzQ0LTkzY2ItNmVkMTBlYmI5MzNm LzEvYkZOM3U1MmtIS29SZHZReUppM0txWnhIYjVvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCTfdgMA0E AgACMAcDBQIqCtxEMA0GCSqGSIb3DQEBCwUAA4IBAQC5xyFeZgCBiNthxdiCpmWW okyj7DLrNiJZKs+qrnQBjlIxMbTv3PBF3zQtPMbhYo1Ol0vfnm1xH9bWxbvdFF8q 8fokf6e+8l/H2hwAeut4VjFGkfRmFEYYAriP5YTiajio5EXtea2gtQD6mqq4kN29 cKY00qpb7IIWfL/zUKdN4NqMgnuQHpFLSbt51ZVVJcTnFNl/GnpJgA+z9D+VEFuH zyceUMKJNwIvTq8MV4AHxoJRpdm30TqbRlkutdcjVdK3B0iHsgdHoNVyZgn5Lhjs GrKHO2y0ValQlHsmO0wXWmjucjg2yWDcCXbU6Q+lsy8OSUUId/rwGYXBeNOb9jXV -----END CERTIFICATE-----Generated at Mon Jan 26 01:02:07 2026 by rpki-client