This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/beb200-e5d6-4696-ae25-debfcd9eb20e/1/d7BNBvtBybD-ouMBr6YNcUi45jE.roa File: d7BNBvtBybD-ouMBr6YNcUi45jE.roa (raw, json) Hash identifier: z33gEnZ5ORYGaYJCcJZ5qtqJlEn1QrL+f98X4D8eWjU= Subject key identifier: 77:B0:4D:06:FB:41:C9:B0:FE:A2:E3:01:AF:A6:0D:71:48:B8:E6:31 Certificate issuer: /CN=485ddb678c4c0d0c488efd3b8367142189f3358a Certificate serial: 019B76EAEE083E4EF342475E1B5A21397BEB Authority key identifier: 48:5D:DB:67:8C:4C:0D:0C:48:8E:FD:3B:83:67:14:21:89:F3:35:8A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SF3bZ4xMDQxIjv07g2cUIYnzNYo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/beb200-e5d6-4696-ae25-debfcd9eb20e/1/d7BNBvtBybD-ouMBr6YNcUi45jE.roa Signing time: Thu 01 Jan 2026 00:17:46 +0000 ROA not before: Thu 01 Jan 2026 00:17:46 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 43633 IP address blocks: 109.235.8.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/beb200-e5d6-4696-ae25-debfcd9eb20e/1/SF3bZ4xMDQxIjv07g2cUIYnzNYo.crl rsync://rpki.ripe.net/repository/DEFAULT/fe/beb200-e5d6-4696-ae25-debfcd9eb20e/1/SF3bZ4xMDQxIjv07g2cUIYnzNYo.mft rsync://rpki.ripe.net/repository/DEFAULT/SF3bZ4xMDQxIjv07g2cUIYnzNYo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 09:01:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:76:ea:ee:08:3e:4e:f3:42:47:5e:1b:5a:21:39:7b:eb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=485ddb678c4c0d0c488efd3b8367142189f3358a Validity Not Before: Jan 1 00:17:46 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=77b04d06fb41c9b0fea2e301afa60d7148b8e631 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:3f:3a:a3:1a:0c:58:d2:48:5c:c7:9c:17:c9: 14:fd:1b:84:23:d8:3f:71:3e:1a:ff:11:3d:df:72: f5:1c:68:d6:0d:14:43:73:c9:af:68:30:89:52:0a: 53:99:c4:9b:41:0d:57:0e:0e:3f:4e:0c:8d:c0:f6: ee:d2:67:ec:b9:0f:9c:dd:f6:2c:0d:b9:d3:4e:9c: b2:4d:eb:b8:50:9d:48:94:5a:cc:e4:0a:b2:dc:50: a2:8e:b4:1a:11:6f:cb:ef:90:ca:c5:42:99:1c:49: a8:33:ce:e9:65:d9:ba:04:1f:b9:56:a5:40:e6:e3: e8:7c:0c:1f:66:ad:04:7e:a4:ca:30:bd:13:19:fb: 27:13:ed:32:82:82:98:01:97:34:3d:20:1f:1c:cf: 55:40:11:08:5e:16:b4:4c:ae:79:6f:23:24:4f:45: bc:3e:e9:de:4e:17:b9:80:81:9f:68:05:aa:5e:c1: 35:77:58:9f:54:42:64:ee:75:e3:ef:47:a8:33:9e: 14:d1:2d:79:a8:cd:6e:39:ed:29:d9:60:50:a9:42: 9c:c2:e3:f7:80:55:69:18:a4:f5:17:d2:29:52:0d: f9:91:e3:6b:c2:7b:d6:a5:63:bd:74:59:83:31:5c: 06:26:53:05:fa:9a:69:b8:6e:f7:32:db:cd:c1:7d: 43:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 77:B0:4D:06:FB:41:C9:B0:FE:A2:E3:01:AF:A6:0D:71:48:B8:E6:31 X509v3 Authority Key Identifier: keyid:48:5D:DB:67:8C:4C:0D:0C:48:8E:FD:3B:83:67:14:21:89:F3:35:8A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SF3bZ4xMDQxIjv07g2cUIYnzNYo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/beb200-e5d6-4696-ae25-debfcd9eb20e/1/d7BNBvtBybD-ouMBr6YNcUi45jE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/beb200-e5d6-4696-ae25-debfcd9eb20e/1/SF3bZ4xMDQxIjv07g2cUIYnzNYo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 109.235.8.0/23 Signature Algorithm: sha256WithRSAEncryption 57:72:96:8a:2f:e4:fd:4e:8b:6b:eb:51:99:15:5c:a5:64:db: e2:38:17:9a:55:b3:9e:86:bf:b9:e1:cc:50:e8:e9:8e:ba:17: 70:74:89:db:f2:b5:70:a9:93:15:cd:99:7c:fd:23:ad:60:98: 88:b1:3b:e2:c6:36:b9:f0:81:0b:85:a8:a2:96:f4:34:01:09: 55:3e:5f:b8:84:f4:c0:af:8d:28:c2:38:46:b6:0f:92:f4:ea: 4d:6d:fc:dc:2a:97:fe:f8:bb:b1:58:a8:f7:4e:a6:1f:a6:83: 29:a7:f0:bc:69:21:ed:67:95:27:45:5e:da:f6:c2:eb:41:2c: 1d:99:45:ce:70:ba:ac:f1:08:e1:9a:32:6e:cb:6f:7b:2b:1c: bf:08:de:50:40:38:62:0c:62:dd:cd:75:3d:9a:6b:9b:ca:5e: cb:17:c5:1a:82:f6:f6:28:c3:5b:7d:bc:57:3a:82:f2:db:e8: b6:a2:ba:be:a2:ff:06:3d:c0:2e:6d:4a:d0:c2:80:26:a2:31: 8c:72:bf:58:ec:c0:44:96:3c:f1:74:a9:65:d2:fb:4a:d4:22: 4f:90:ac:e2:f5:e5:90:3d:1a:fe:e8:7f:05:a6:16:1b:71:b1: e3:88:ac:34:30:9b:3c:9d:a0:b3:e0:f7:ba:c1:07:72:36:1f: 26:29:8f:40 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt26u4IPk7zQkdeG1ohOXvrMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQ4NWRkYjY3OGM0YzBkMGM0ODhlZmQzYjgzNjcxNDIxODlm MzM1OGEwHhcNMjYwMTAxMDAxNzQ2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3N2IwNGQwNmZiNDFjOWIwZmVhMmUzMDFhZmE2MGQ3MTQ4YjhlNjMxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvT86oxoMWNJIXMecF8kU/RuEI9g/ cT4a/xE933L1HGjWDRRDc8mvaDCJUgpTmcSbQQ1XDg4/TgyNwPbu0mfsuQ+c3fYs DbnTTpyyTeu4UJ1IlFrM5Aqy3FCijrQaEW/L75DKxUKZHEmoM87pZdm6BB+5VqVA 5uPofAwfZq0EfqTKML0TGfsnE+0ygoKYAZc0PSAfHM9VQBEIXha0TK55byMkT0W8 PuneThe5gIGfaAWqXsE1d1ifVEJk7nXj70eoM54U0S15qM1uOe0p2WBQqUKcwuP3 gFVpGKT1F9IpUg35keNrwnvWpWO9dFmDMVwGJlMF+pppuG73MtvNwX1DJwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFHewTQb7Qcmw/qLjAa+mDXFIuOYxMB8GA1UdIwQY MBaAFEhd22eMTA0MSI79O4NnFCGJ8zWKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvU0YzYlo0eE1EUXhJanYwN2cyY1VJWW56TllvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9iZWIyMDAtZTVkNi00Njk2LWFlMjUt ZGViZmNkOWViMjBlLzEvZDdCTkJ2dEJ5YkQtb3VNQnI2WU5jVWk0NWpFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mZS9iZWIyMDAtZTVkNi00Njk2LWFlMjUtZGViZmNkOWViMjBl LzEvU0YzYlo0eE1EUXhJanYwN2cyY1VJWW56TllvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBbesIMA0G CSqGSIb3DQEBCwUAA4IBAQBXcpaKL+T9Totr61GZFVylZNviOBeaVbOehr+54cxQ 6OmOuhdwdInb8rVwqZMVzZl8/SOtYJiIsTvixja58IELhaiilvQ0AQlVPl+4hPTA r40owjhGtg+S9OpNbfzcKpf++LuxWKj3TqYfpoMpp/C8aSHtZ5UnRV7a9sLrQSwd mUXOcLqs8QjhmjJuy297Kxy/CN5QQDhiDGLdzXU9mmubyl7LF8Uagvb2KMNbfbxX OoLy2+i2orq+ov8GPcAubUrQwoAmojGMcr9Y7MBEljzxdKll0vtK1CJPkKzi9eWQ PRr+6H8FphYbcbHjiKw0MJs8naCz4Pe6wQdyNh8mKY9A -----END CERTIFICATE-----Generated at Sun Jan 25 18:20:40 2026 by rpki-client