This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/3c0785-b273-4072-a635-d2cd26b69df1/1/pUUSDW7JRITPLH3NewhxW4cUvRY.roa File: pUUSDW7JRITPLH3NewhxW4cUvRY.roa (raw, json) Hash identifier: qkr6YH2kb+kFgIzqY0pDMe+J2a9UaWnHDsLI3Fg85+Y= Subject key identifier: A5:45:12:0D:6E:C9:44:84:CF:2C:7D:CD:7B:08:71:5B:87:14:BD:16 Certificate issuer: /CN=626a28b7c63ef6ab214a52cfa7c3e78db9a40823 Certificate serial: 019BE531E2D1C4AD9383AD43196819F584FD Authority key identifier: 62:6A:28:B7:C6:3E:F6:AB:21:4A:52:CF:A7:C3:E7:8D:B9:A4:08:23 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ymoot8Y-9qshSlLPp8PnjbmkCCM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/3c0785-b273-4072-a635-d2cd26b69df1/1/pUUSDW7JRITPLH3NewhxW4cUvRY.roa Signing time: Thu 22 Jan 2026 10:13:30 +0000 ROA not before: Thu 22 Jan 2026 10:13:30 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 212238 IP address blocks: 158.173.3.0/24 maxlen: 24 158.173.4.0/24 maxlen: 24 158.173.5.0/24 maxlen: 24 158.173.6.0/24 maxlen: 24 158.173.7.0/24 maxlen: 24 158.173.16.0/24 maxlen: 24 158.173.17.0/24 maxlen: 24 158.173.18.0/24 maxlen: 24 158.173.19.0/24 maxlen: 24 158.173.20.0/24 maxlen: 24 158.173.21.0/24 maxlen: 24 158.173.22.0/24 maxlen: 24 158.173.23.0/24 maxlen: 24 158.173.24.0/24 maxlen: 24 158.173.25.0/24 maxlen: 24 158.173.32.0/24 maxlen: 24 158.173.33.0/24 maxlen: 24 158.173.44.0/24 maxlen: 24 158.173.45.0/24 maxlen: 24 158.173.46.0/24 maxlen: 24 158.173.47.0/24 maxlen: 24 158.173.55.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/3c0785-b273-4072-a635-d2cd26b69df1/1/Ymoot8Y-9qshSlLPp8PnjbmkCCM.crl rsync://rpki.ripe.net/repository/DEFAULT/4e/3c0785-b273-4072-a635-d2cd26b69df1/1/Ymoot8Y-9qshSlLPp8PnjbmkCCM.mft rsync://rpki.ripe.net/repository/DEFAULT/Ymoot8Y-9qshSlLPp8PnjbmkCCM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 24 Jan 2026 08:31:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:e5:31:e2:d1:c4:ad:93:83:ad:43:19:68:19:f5:84:fd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=626a28b7c63ef6ab214a52cfa7c3e78db9a40823 Validity Not Before: Jan 22 10:13:30 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=a545120d6ec94484cf2c7dcd7b08715b8714bd16 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8d:b2:7e:a5:ba:b9:9c:8b:09:0d:9d:86:15:2b: 74:d9:d3:10:ed:e2:b3:52:be:e0:a3:40:3b:81:9c: 59:ca:ac:50:61:32:e4:57:1f:3e:9f:89:4c:da:ee: 2d:df:75:e3:dd:65:60:32:90:a9:52:9f:51:6e:68: 83:04:53:de:17:af:b9:cb:eb:34:95:cb:d6:ef:c8: ac:1d:13:7e:04:5b:36:d4:1e:f9:c5:56:06:fb:99: 51:63:ec:45:cd:81:af:fc:87:14:4b:e3:6d:97:44: 5f:36:ce:0a:86:f3:27:6e:8b:7f:64:35:19:05:19: 13:88:66:58:32:b5:37:a7:b7:dc:95:d5:79:41:b9: 2d:17:4a:7c:34:21:f1:46:40:68:72:96:b3:11:19: 45:6e:23:91:40:1c:73:2d:66:46:a2:56:b2:0c:f0: b7:45:d2:32:9a:1a:ed:df:c6:0a:83:3a:7a:30:5c: 90:85:61:a0:b3:4e:d3:02:60:6e:d3:e9:f8:8f:68: 2c:c2:03:cd:20:3e:a9:0a:31:27:93:95:86:84:38: d0:6f:83:c6:19:0a:be:18:41:48:5b:cf:cd:a8:14: 70:79:f5:ec:9d:a5:79:7b:f5:dd:fb:92:24:cc:17: 8e:47:f9:6f:51:2f:bd:07:ac:6b:c7:ab:68:d1:3e: 51:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A5:45:12:0D:6E:C9:44:84:CF:2C:7D:CD:7B:08:71:5B:87:14:BD:16 X509v3 Authority Key Identifier: keyid:62:6A:28:B7:C6:3E:F6:AB:21:4A:52:CF:A7:C3:E7:8D:B9:A4:08:23 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ymoot8Y-9qshSlLPp8PnjbmkCCM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/3c0785-b273-4072-a635-d2cd26b69df1/1/pUUSDW7JRITPLH3NewhxW4cUvRY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/3c0785-b273-4072-a635-d2cd26b69df1/1/Ymoot8Y-9qshSlLPp8PnjbmkCCM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 158.173.3.0-158.173.7.255 158.173.16.0-158.173.25.255 158.173.32.0/23 158.173.44.0/22 158.173.55.0/24 Signature Algorithm: sha256WithRSAEncryption 50:e5:9c:af:63:ac:3b:95:94:55:ca:7a:bc:9e:51:24:80:43: 21:5f:b9:5c:6f:b2:a7:7a:a8:4c:8d:00:b3:13:57:5d:8e:bd: c9:61:98:fc:b1:c0:cb:49:98:5a:0d:04:01:2d:32:df:b5:2e: b9:b9:39:31:bd:88:8a:b6:2d:42:3c:d2:ab:fa:46:05:a2:28: 6a:27:66:ba:76:48:a0:1f:4e:63:46:8e:be:a4:73:7f:17:99: a3:97:60:a6:25:8b:10:6e:f5:7b:dc:11:87:af:69:39:cb:9c: 9e:93:d7:cc:64:e7:ab:85:6c:a9:47:8f:8d:9a:86:85:d6:2b: 85:14:0b:cb:42:30:27:57:78:20:a4:51:d3:d8:c9:d7:2e:d9: 63:4c:51:e7:f6:08:cb:82:e3:37:ba:22:a9:f7:e1:e7:ff:2f: 18:2d:e2:0a:01:b5:74:26:a7:ef:f9:d4:26:55:67:36:30:5c: fd:41:ca:77:70:9c:7e:22:24:79:f1:25:80:9f:d0:24:a7:e0: ff:a1:e8:dc:0f:2a:e8:16:04:d1:40:54:b3:9b:c3:cd:84:e7: 0a:1f:04:5e:2b:2b:95:9c:a9:b3:83:92:1c:63:ea:76:61:86: d0:7d:75:7b:8c:3e:b5:d3:06:bf:12:99:14:94:3b:a5:2e:ec: ed:e1:84:47 -----BEGIN CERTIFICATE----- MIIFJTCCBA2gAwIBAgISAZvlMeLRxK2Tg61DGWgZ9YT9MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYyNmEyOGI3YzYzZWY2YWIyMTRhNTJjZmE3YzNlNzhkYjlh NDA4MjMwHhcNMjYwMTIyMTAxMzMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhNTQ1MTIwZDZlYzk0NDg0Y2YyYzdkY2Q3YjA4NzE1Yjg3MTRiZDE2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjbJ+pbq5nIsJDZ2GFSt02dMQ7eKz Ur7go0A7gZxZyqxQYTLkVx8+n4lM2u4t33Xj3WVgMpCpUp9RbmiDBFPeF6+5y+s0 lcvW78isHRN+BFs21B75xVYG+5lRY+xFzYGv/IcUS+Ntl0RfNs4KhvMnbot/ZDUZ BRkTiGZYMrU3p7fcldV5QbktF0p8NCHxRkBocpazERlFbiORQBxzLWZGolayDPC3 RdIymhrt38YKgzp6MFyQhWGgs07TAmBu0+n4j2gswgPNID6pCjEnk5WGhDjQb4PG GQq+GEFIW8/NqBRwefXsnaV5e/Xd+5IkzBeOR/lvUS+9B6xrx6to0T5RxwIDAQAB o4ICMTCCAi0wHQYDVR0OBBYEFKVFEg1uyUSEzyx9zXsIcVuHFL0WMB8GA1UdIwQY MBaAFGJqKLfGPvarIUpSz6fD5425pAgjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWW1vb3Q4WS05cXNoU2xMUHA4UG5qYm1rQ0NNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS8zYzA3ODUtYjI3My00MDcyLWE2MzUt ZDJjZDI2YjY5ZGYxLzEvcFVVU0RXN0pSSVRQTEgzTmV3aHhXNGNVdlJZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80ZS8zYzA3ODUtYjI3My00MDcyLWE2MzUtZDJjZDI2YjY5ZGYx LzEvWW1vb3Q4WS05cXNoU2xMUHA4UG5qYm1rQ0NNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuMAwDBACerQMD BAOerQAwDAMEBJ6tEAMEAZ6tGAMEAZ6tIAMEAp6tLAMEAJ6tNzANBgkqhkiG9w0B AQsFAAOCAQEAUOWcr2OsO5WUVcp6vJ5RJIBDIV+5XG+yp3qoTI0AsxNXXY69yWGY /LHAy0mYWg0EAS0y37Uuubk5Mb2IirYtQjzSq/pGBaIoaidmunZIoB9OY0aOvqRz fxeZo5dgpiWLEG71e9wRh69pOcucnpPXzGTnq4VsqUePjZqGhdYrhRQLy0IwJ1d4 IKRR09jJ1y7ZY0xR5/YIy4LjN7oiqffh5/8vGC3iCgG1dCan7/nUJlVnNjBc/UHK d3CcfiIkefElgJ/QJKfg/6Ho3A8q6BYE0UBUs5vDzYTnCh8EXisrlZyps4OSHGPq dmGG0H11e4w+tdMGvxKZFJQ7pS7s7eGERw== -----END CERTIFICATE-----Generated at Fri Jan 23 13:57:21 2026 by rpki-client