This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/d9cb41-1c3b-46ab-a993-3c3e50dda6cc/1/bz8OgK9KGk7s_9Rbo1BfVZKPRMc.roa File: bz8OgK9KGk7s_9Rbo1BfVZKPRMc.roa (raw, json) Hash identifier: QMlz5xU6ZIS5u6QE8mCAeeanjx7pStZbTuS8Yuj6acw= Subject key identifier: 6F:3F:0E:80:AF:4A:1A:4E:EC:FF:D4:5B:A3:50:5F:55:92:8F:44:C7 Certificate issuer: /CN=d79ea47ae161cbb3daef97789730d70c4cba89d0 Certificate serial: 019B7EA6FB0AEAB7B7F2081B512FAB15CF4B Authority key identifier: D7:9E:A4:7A:E1:61:CB:B3:DA:EF:97:78:97:30:D7:0C:4C:BA:89:D0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/156keuFhy7Pa75d4lzDXDEy6idA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/d9cb41-1c3b-46ab-a993-3c3e50dda6cc/1/bz8OgK9KGk7s_9Rbo1BfVZKPRMc.roa Signing time: Fri 02 Jan 2026 12:20:31 +0000 ROA not before: Fri 02 Jan 2026 12:20:31 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 2200 IP address blocks: 129.88.0.0/16 maxlen: 16 147.171.0.0/16 maxlen: 16 152.77.0.0/16 maxlen: 16 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ff/d9cb41-1c3b-46ab-a993-3c3e50dda6cc/1/156keuFhy7Pa75d4lzDXDEy6idA.crl rsync://rpki.ripe.net/repository/DEFAULT/ff/d9cb41-1c3b-46ab-a993-3c3e50dda6cc/1/156keuFhy7Pa75d4lzDXDEy6idA.mft rsync://rpki.ripe.net/repository/DEFAULT/156keuFhy7Pa75d4lzDXDEy6idA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 18:01:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a6:fb:0a:ea:b7:b7:f2:08:1b:51:2f:ab:15:cf:4b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d79ea47ae161cbb3daef97789730d70c4cba89d0 Validity Not Before: Jan 2 12:20:31 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=6f3f0e80af4a1a4eecffd45ba3505f55928f44c7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:d5:3c:e2:82:c7:b5:67:1b:4b:a3:32:62:f1: 16:d3:4f:77:eb:7a:41:50:14:4c:6d:1e:e4:9c:46: 3e:09:5a:ac:16:c9:ca:05:c4:bb:0f:5f:6c:b6:a5: 9f:76:90:ac:2e:8f:26:36:85:57:8a:31:0a:0d:c4: c7:26:7e:09:ff:1a:91:0e:0d:00:09:ad:18:40:5e: da:43:18:00:86:b7:bc:31:78:51:69:ba:1a:53:2e: ea:86:77:37:b2:b5:72:e2:52:f0:65:a1:a3:88:d4: f8:5d:49:d4:24:15:e7:db:1e:a7:b1:15:ad:51:35: 17:fa:41:ec:65:f3:96:43:d7:a2:05:78:7e:33:da: 39:77:5a:f1:60:0b:f0:bd:56:f4:b8:0b:26:56:47: 88:91:af:42:d5:fc:ad:55:2f:b4:ca:9b:44:54:c2: 53:d0:10:57:b2:1f:2f:1c:ec:f4:56:35:32:13:c1: 23:da:5e:86:5e:74:8a:d2:78:e1:e3:4f:ed:c7:b2: c1:cd:92:b1:17:f9:e0:3d:82:ef:e0:9f:7d:96:32: f7:e6:63:72:42:db:11:cc:4a:cb:cf:47:68:2b:d6: 7e:68:47:ba:1c:d3:ac:61:20:52:75:b6:f1:38:a1: d2:22:bb:e1:a3:6d:9a:54:22:39:5c:36:51:83:d6: db:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6F:3F:0E:80:AF:4A:1A:4E:EC:FF:D4:5B:A3:50:5F:55:92:8F:44:C7 X509v3 Authority Key Identifier: keyid:D7:9E:A4:7A:E1:61:CB:B3:DA:EF:97:78:97:30:D7:0C:4C:BA:89:D0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/156keuFhy7Pa75d4lzDXDEy6idA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/d9cb41-1c3b-46ab-a993-3c3e50dda6cc/1/bz8OgK9KGk7s_9Rbo1BfVZKPRMc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/d9cb41-1c3b-46ab-a993-3c3e50dda6cc/1/156keuFhy7Pa75d4lzDXDEy6idA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 129.88.0.0/16 147.171.0.0/16 152.77.0.0/16 Signature Algorithm: sha256WithRSAEncryption 0c:c3:87:8c:16:6b:f9:b6:ad:2e:2e:ce:d8:4d:48:ae:cf:18: 95:ea:28:ec:4a:a0:ea:ee:3d:3a:be:72:be:84:8d:20:49:2e: 9b:58:da:ba:74:84:25:8f:e0:10:86:77:d1:ea:e1:b4:f7:97: 6b:04:81:6a:cf:38:ac:77:93:13:d7:33:6b:84:b8:76:33:ed: 7a:cd:dc:4f:ef:de:28:4e:2e:66:79:c5:c9:e5:23:c6:74:a1: d9:a9:15:86:92:af:0f:df:42:ff:e1:f9:9f:79:eb:2b:27:97: 50:6a:10:f5:54:54:0a:92:97:bc:7e:b5:bb:e8:33:d8:09:86: 71:c7:7a:8e:a8:c3:ca:a4:64:4b:06:e2:3a:c9:65:7e:be:b9: b6:3d:2d:fb:b7:f6:a4:7b:85:73:34:5f:67:99:34:4a:52:78: 01:c1:48:9d:6d:88:ab:27:28:dc:81:2d:9f:38:91:a2:6e:84: 5e:d0:a5:88:2d:52:5b:b5:6e:ca:5c:f1:78:7b:ff:94:77:75: d8:36:25:b0:3b:f3:99:cb:a1:4e:86:6b:c5:23:73:6a:ce:f0: 03:1e:bd:3c:03:cc:14:10:dd:22:75:a1:c1:ef:a1:ae:02:5b: 8d:4d:c4:c5:7b:50:a2:05:61:38:53:67:8d:b8:52:32:1e:3a: 3f:f7:53:84 -----BEGIN CERTIFICATE----- MIIFBjCCA+6gAwIBAgISAZt+pvsK6re38ggbUS+rFc9LMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ3OWVhNDdhZTE2MWNiYjNkYWVmOTc3ODk3MzBkNzBjNGNi YTg5ZDAwHhcNMjYwMTAyMTIyMDMxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2ZjNmMGU4MGFmNGExYTRlZWNmZmQ0NWJhMzUwNWY1NTkyOGY0NGM3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAytU84oLHtWcbS6MyYvEW009363pB UBRMbR7knEY+CVqsFsnKBcS7D19stqWfdpCsLo8mNoVXijEKDcTHJn4J/xqRDg0A Ca0YQF7aQxgAhre8MXhRaboaUy7qhnc3srVy4lLwZaGjiNT4XUnUJBXn2x6nsRWt UTUX+kHsZfOWQ9eiBXh+M9o5d1rxYAvwvVb0uAsmVkeIka9C1fytVS+0yptEVMJT 0BBXsh8vHOz0VjUyE8Ej2l6GXnSK0njh40/tx7LBzZKxF/ngPYLv4J99ljL35mNy QtsRzErLz0doK9Z+aEe6HNOsYSBSdbbxOKHSIrvho22aVCI5XDZRg9bbuwIDAQAB o4ICEjCCAg4wHQYDVR0OBBYEFG8/DoCvShpO7P/UW6NQX1WSj0THMB8GA1UdIwQY MBaAFNeepHrhYcuz2u+XeJcw1wxMuonQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMTU2a2V1Rmh5N1BhNzVkNGx6RFhERXk2aWRBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9kOWNiNDEtMWMzYi00NmFiLWE5OTMt M2MzZTUwZGRhNmNjLzEvYno4T2dLOUtHazdzXzlSYm8xQmZWWktQUk1jLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mZi9kOWNiNDEtMWMzYi00NmFiLWE5OTMtM2MzZTUwZGRhNmNj LzEvMTU2a2V1Rmh5N1BhNzVkNGx6RFhERXk2aWRBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCgGCCsGAQUFBwEHAQH/BBkwFzAVBAIAATAPAwMAgVgDAwCT qwMDAJhNMA0GCSqGSIb3DQEBCwUAA4IBAQAMw4eMFmv5tq0uLs7YTUiuzxiV6ijs SqDq7j06vnK+hI0gSS6bWNq6dIQlj+AQhnfR6uG095drBIFqzzisd5MT1zNrhLh2 M+16zdxP794oTi5mecXJ5SPGdKHZqRWGkq8P30L/4fmfeesrJ5dQahD1VFQKkpe8 frW76DPYCYZxx3qOqMPKpGRLBuI6yWV+vrm2PS37t/ake4VzNF9nmTRKUngBwUid bYirJyjcgS2fOJGiboRe0KWILVJbtW7KXPF4e/+Ud3XYNiWwO/OZy6FOhmvFI3Nq zvADHr08A8wUEN0idaHB76GuAluNTcTFe1CiBWE4U2eNuFIyHjo/91OE -----END CERTIFICATE-----Generated at Mon Jan 26 03:06:04 2026 by rpki-client