This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/bsGlZCjY2If1xF5r6Lh9aXftQxY.roa File: bsGlZCjY2If1xF5r6Lh9aXftQxY.roa (raw, json) Hash identifier: 4I+nRvBh4ozmeE6qARWVUjACm5WcVyPe6u5e5vaiYo4= Subject key identifier: 6E:C1:A5:64:28:D8:D8:87:F5:C4:5E:6B:E8:B8:7D:69:77:ED:43:16 Certificate issuer: /CN=1e9fdc7fb39ebbbed4ee54f703d3ac6153ddee69 Certificate serial: 019B0C0FA1C0362519B4A336965AF8722F6F Authority key identifier: 1E:9F:DC:7F:B3:9E:BB:BE:D4:EE:54:F7:03:D3:AC:61:53:DD:EE:69 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hp_cf7Oeu77U7lT3A9OsYVPd7mk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/bsGlZCjY2If1xF5r6Lh9aXftQxY.roa Signing time: Thu 11 Dec 2025 06:18:29 +0000 ROA not before: Thu 11 Dec 2025 06:18:29 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 213541 IP address blocks: 45.88.100.0/24 maxlen: 24 45.95.128.0/24 maxlen: 24 45.95.129.0/24 maxlen: 24 45.95.130.0/23 maxlen: 24 78.41.84.0/22 maxlen: 24 185.238.88.0/24 maxlen: 24 185.238.91.0/24 maxlen: 24 185.246.218.0/23 maxlen: 24 185.253.24.0/24 maxlen: 24 185.253.26.0/23 maxlen: 24 194.113.238.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/Hp_cf7Oeu77U7lT3A9OsYVPd7mk.crl rsync://rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/Hp_cf7Oeu77U7lT3A9OsYVPd7mk.mft rsync://rpki.ripe.net/repository/DEFAULT/Hp_cf7Oeu77U7lT3A9OsYVPd7mk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 21:00:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:0c:0f:a1:c0:36:25:19:b4:a3:36:96:5a:f8:72:2f:6f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1e9fdc7fb39ebbbed4ee54f703d3ac6153ddee69 Validity Not Before: Dec 11 06:18:29 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=6ec1a56428d8d887f5c45e6be8b87d6977ed4316 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:db:6b:a7:d6:ec:7d:db:c4:09:b7:3e:ed:01: 7e:cc:30:ef:92:f3:fe:5a:57:45:6d:ae:0a:fc:53: 74:17:e8:f8:60:f1:87:74:49:f1:e8:63:41:2f:27: 28:1c:bb:af:0c:ba:ba:c4:de:c7:7d:48:35:5b:60: 28:6e:15:4a:cc:1c:e1:2a:2f:3e:55:4f:7d:2c:59: 04:bf:80:11:c4:23:1f:68:58:4e:90:7e:65:55:ff: e6:a7:66:0d:3b:f5:21:06:59:8d:cf:6c:24:5b:aa: 18:3a:49:f0:20:8e:99:05:7d:49:28:06:10:56:5b: 70:0c:74:da:bf:19:e5:46:f4:a5:f4:62:92:d5:3f: c0:0f:b1:c2:d3:be:0d:ac:5d:53:3c:a5:e9:e9:64: cf:37:5e:97:f5:62:61:d7:26:67:55:87:85:8e:cb: f0:14:06:5f:29:af:d4:dd:b8:63:09:9d:41:7e:fc: e2:24:cb:3b:71:38:3e:cd:71:b3:ec:8a:34:3c:f8: 3b:23:60:f9:80:f7:33:92:14:01:19:69:b7:99:b0: c8:c6:5a:8b:95:f4:9d:0d:c8:b8:ab:be:53:61:ff: e0:da:04:ad:d4:14:ad:b0:fb:d1:59:a1:47:85:41: c5:79:79:c2:4b:c0:80:65:e6:bc:21:be:07:8e:7a: 68:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6E:C1:A5:64:28:D8:D8:87:F5:C4:5E:6B:E8:B8:7D:69:77:ED:43:16 X509v3 Authority Key Identifier: keyid:1E:9F:DC:7F:B3:9E:BB:BE:D4:EE:54:F7:03:D3:AC:61:53:DD:EE:69 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hp_cf7Oeu77U7lT3A9OsYVPd7mk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/bsGlZCjY2If1xF5r6Lh9aXftQxY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/Hp_cf7Oeu77U7lT3A9OsYVPd7mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.88.100.0/24 45.95.128.0/22 78.41.84.0/22 185.238.88.0/24 185.238.91.0/24 185.246.218.0/23 185.253.24.0/24 185.253.26.0/23 194.113.238.0/24 Signature Algorithm: sha256WithRSAEncryption b2:c3:be:96:e0:db:9b:c0:7e:c2:7c:7b:73:50:4e:63:22:25: 5f:74:67:d5:58:3c:b0:b6:3f:55:37:c2:89:a2:24:5d:43:a4: da:c9:a8:51:f1:39:a6:91:f9:4e:78:37:f1:95:d2:83:93:66: 3a:42:18:f8:a4:35:b4:f0:a0:24:7d:67:2b:58:11:4c:38:1e: ba:8e:c0:ef:92:55:99:d9:bb:de:ca:b5:01:82:16:ec:71:e3: f5:7a:ed:a9:18:a0:98:72:65:88:a9:e8:d7:1b:c7:0c:5f:8f: 3b:85:cf:1b:52:6c:7a:f7:bb:7d:04:54:22:5c:d0:87:58:87: 2a:c1:dd:a6:6b:6f:06:a0:a5:91:d7:41:0b:11:15:ac:84:ef: e7:b2:75:3a:68:e1:72:34:42:71:be:7d:b9:0b:1d:28:99:a0: 22:d7:13:5a:9e:5a:cc:20:36:78:94:61:f6:eb:b0:a4:09:8c: de:9b:86:85:78:fb:d3:b9:79:29:cd:23:d7:e4:2d:d1:3a:f4: e7:69:06:f2:d8:08:0d:df:ea:9b:78:f4:f1:46:3f:f0:ed:c0: 83:45:fc:ce:41:12:13:46:bd:04:83:d1:f4:06:5e:54:7b:7e: 9d:10:f5:74:98:8a:99:8c:55:d8:e9:35:d8:7f:eb:6f:00:d9: 43:ac:55:e2 -----BEGIN CERTIFICATE----- MIIFLTCCBBWgAwIBAgISAZsMD6HANiUZtKM2llr4ci9vMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFlOWZkYzdmYjM5ZWJiYmVkNGVlNTRmNzAzZDNhYzYxNTNk ZGVlNjkwHhcNMjUxMjExMDYxODI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2ZWMxYTU2NDI4ZDhkODg3ZjVjNDVlNmJlOGI4N2Q2OTc3ZWQ0MzE2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArNtrp9bsfdvECbc+7QF+zDDvkvP+ WldFba4K/FN0F+j4YPGHdEnx6GNBLycoHLuvDLq6xN7HfUg1W2AobhVKzBzhKi8+ VU99LFkEv4ARxCMfaFhOkH5lVf/mp2YNO/UhBlmNz2wkW6oYOknwII6ZBX1JKAYQ VltwDHTavxnlRvSl9GKS1T/AD7HC074NrF1TPKXp6WTPN16X9WJh1yZnVYeFjsvw FAZfKa/U3bhjCZ1BfvziJMs7cTg+zXGz7Io0PPg7I2D5gPczkhQBGWm3mbDIxlqL lfSdDci4q75TYf/g2gSt1BStsPvRWaFHhUHFeXnCS8CAZea8Ib4HjnposQIDAQAB o4ICOTCCAjUwHQYDVR0OBBYEFG7BpWQo2NiH9cRea+i4fWl37UMWMB8GA1UdIwQY MBaAFB6f3H+znru+1O5U9wPTrGFT3e5pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSHBfY2Y3T2V1NzdVN2xUM0E5T3NZVlBkN21rLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS80MGZkZDEtMTA5Mi00ZjY5LWI2NDgt NjkxZmY1YjQ0YjAxLzEvYnNHbFpDalkySWYxeEY1cjZMaDlhWGZ0UXhZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81OS80MGZkZDEtMTA5Mi00ZjY5LWI2NDgtNjkxZmY1YjQ0YjAx LzEvSHBfY2Y3T2V1NzdVN2xUM0E5T3NZVlBkN21rLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQALVhkAwQC LV+AAwQCTilUAwQAue5YAwQAue5bAwQBufbaAwQAuf0YAwQBuf0aAwQAwnHuMA0G CSqGSIb3DQEBCwUAA4IBAQCyw76W4NubwH7CfHtzUE5jIiVfdGfVWDywtj9VN8KJ oiRdQ6TayahR8TmmkflOeDfxldKDk2Y6Qhj4pDW08KAkfWcrWBFMOB66jsDvklWZ 2bveyrUBghbsceP1eu2pGKCYcmWIqejXG8cMX487hc8bUmx697t9BFQiXNCHWIcq wd2ma28GoKWR10ELERWshO/nsnU6aOFyNEJxvn25Cx0omaAi1xNanlrMIDZ4lGH2 67CkCYzem4aFePvTuXkpzSPX5C3ROvTnaQby2AgN3+qbePTxRj/w7cCDRfzOQRIT Rr0Eg9H0Bl5Ue36dEPV0mIqZjFXY6TXYf+tvANlDrFXi -----END CERTIFICATE-----Generated at Sat Dec 20 05:09:20 2025 by rpki-client