This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/4e897f-e435-4715-a3c5-85be425d3199/1/uFaZ7j6WOK_rFoGA3dV4DOr3Azw.roa File: uFaZ7j6WOK_rFoGA3dV4DOr3Azw.roa (raw, json) Hash identifier: 7Q1qXKsYai/yvbGaDBAb/Nup5NNAKS6f69A2HPPsnRA= Subject key identifier: B8:56:99:EE:3E:96:38:AF:EB:16:81:80:DD:D5:78:0C:EA:F7:03:3C Certificate issuer: /CN=b6cf4e57cbc15ce4ecef44f50e5b8592fbeeeea0 Certificate serial: 019B797EDE40DB6F8C441175E0048ACA144D Authority key identifier: B6:CF:4E:57:CB:C1:5C:E4:EC:EF:44:F5:0E:5B:85:92:FB:EE:EE:A0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ts9OV8vBXOTs70T1DluFkvvu7qA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/4e897f-e435-4715-a3c5-85be425d3199/1/uFaZ7j6WOK_rFoGA3dV4DOr3Azw.roa Signing time: Thu 01 Jan 2026 12:18:36 +0000 ROA not before: Thu 01 Jan 2026 12:18:36 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 6453 IP address blocks: 85.158.128.0/21 maxlen: 21 85.158.128.0/24 maxlen: 24 85.158.129.0/24 maxlen: 24 85.158.130.0/24 maxlen: 24 85.158.131.0/24 maxlen: 24 85.158.132.0/24 maxlen: 24 85.158.133.0/24 maxlen: 24 85.158.134.0/24 maxlen: 24 85.158.135.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/07/4e897f-e435-4715-a3c5-85be425d3199/1/ts9OV8vBXOTs70T1DluFkvvu7qA.crl rsync://rpki.ripe.net/repository/DEFAULT/07/4e897f-e435-4715-a3c5-85be425d3199/1/ts9OV8vBXOTs70T1DluFkvvu7qA.mft rsync://rpki.ripe.net/repository/DEFAULT/ts9OV8vBXOTs70T1DluFkvvu7qA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 09:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7e:de:40:db:6f:8c:44:11:75:e0:04:8a:ca:14:4d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b6cf4e57cbc15ce4ecef44f50e5b8592fbeeeea0 Validity Not Before: Jan 1 12:18:36 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=b85699ee3e9638afeb168180ddd5780ceaf7033c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:1b:fc:2e:b3:88:a9:da:04:4d:b6:41:ec:7d: 60:5a:43:47:0d:5d:ac:21:a7:7f:f2:e8:2b:12:2c: d3:30:f5:0b:b2:ec:07:ba:c9:a2:02:7b:67:8f:6a: d7:b7:f1:1d:ea:27:1d:c8:d5:3d:e0:a5:70:8b:ad: c7:1b:aa:ea:01:8d:b5:ec:6c:6d:0a:0a:49:39:cc: 42:e0:c8:4b:d2:b2:4d:62:2e:52:59:f0:42:fc:56: 55:92:7c:b8:12:e7:5e:c3:1e:d5:d6:7f:5f:c0:15: f1:f3:90:d6:9f:4f:88:f4:90:ea:3a:b1:88:02:c0: 63:7f:3e:66:6d:66:9c:c1:fd:f2:d0:e2:84:4e:9c: 21:c3:29:ac:54:b7:de:fb:2e:06:76:59:86:c5:e3: 16:43:04:df:99:62:87:c7:71:7a:f5:0e:95:a4:46: 13:af:93:ed:c9:e1:8a:1c:7a:50:94:2a:4c:8c:42: f6:64:97:2c:46:46:ec:56:67:59:27:2f:fd:c5:56: e2:0d:c6:cf:f4:ad:06:82:8a:24:0b:69:77:8b:d0: f9:e3:41:04:a8:82:3e:87:e8:97:92:d3:8b:c9:2d: e8:31:98:ab:3c:d4:88:a1:d4:de:95:92:02:d5:6d: ff:fc:73:44:c7:b9:9c:67:58:b9:05:f3:75:cf:a6: 3b:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B8:56:99:EE:3E:96:38:AF:EB:16:81:80:DD:D5:78:0C:EA:F7:03:3C X509v3 Authority Key Identifier: keyid:B6:CF:4E:57:CB:C1:5C:E4:EC:EF:44:F5:0E:5B:85:92:FB:EE:EE:A0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ts9OV8vBXOTs70T1DluFkvvu7qA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/4e897f-e435-4715-a3c5-85be425d3199/1/uFaZ7j6WOK_rFoGA3dV4DOr3Azw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/07/4e897f-e435-4715-a3c5-85be425d3199/1/ts9OV8vBXOTs70T1DluFkvvu7qA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 85.158.128.0/21 Signature Algorithm: sha256WithRSAEncryption 3b:60:60:1a:19:95:f5:b9:68:ae:e4:c4:6b:20:43:d9:20:b2: 71:3a:7f:53:f9:ce:16:5a:66:0e:77:60:81:1d:fd:c8:e2:90: b1:01:44:92:fa:ab:69:4b:a4:40:00:99:d4:2c:58:f8:d7:3c: 1b:a7:a9:c8:73:d0:6e:4d:5c:8b:02:17:10:05:90:a2:18:75: 26:5c:39:ac:89:62:17:d4:ad:dd:af:bf:05:85:55:8d:a5:73: 38:e1:51:13:9d:79:0b:40:0f:b2:75:50:74:31:59:02:a4:2a: c6:ae:f0:52:d4:70:a9:ec:5b:c6:60:b1:41:16:0b:65:c0:88: e9:f3:61:18:0f:c6:64:41:97:87:bb:8c:4a:73:ee:c7:e0:06: 9a:b3:6b:18:bb:49:52:6a:c2:dc:b6:d3:ff:6d:92:6d:f4:ad: ec:2e:da:a4:a8:2b:f6:47:02:46:ed:52:e6:a4:a6:1d:e8:3c: 0a:7f:9e:a0:ba:55:79:7e:10:9b:4e:73:47:97:e4:f8:55:f3: 24:1c:9d:dc:eb:aa:86:bf:84:75:8d:22:d2:5e:32:1f:f2:d7: b7:c1:72:09:73:2c:86:b8:d7:90:91:8f:f0:a6:3f:b1:34:93: 9b:09:97:e7:c2:2b:be:ed:8c:1b:d6:6d:fc:20:ad:8e:db:e4: 31:bc:7c:5b -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt5ft5A22+MRBF14ASKyhRNMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI2Y2Y0ZTU3Y2JjMTVjZTRlY2VmNDRmNTBlNWI4NTkyZmJl ZWVlYTAwHhcNMjYwMTAxMTIxODM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiODU2OTllZTNlOTYzOGFmZWIxNjgxODBkZGQ1NzgwY2VhZjcwMzNjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzRv8LrOIqdoETbZB7H1gWkNHDV2s Iad/8ugrEizTMPULsuwHusmiAntnj2rXt/Ed6icdyNU94KVwi63HG6rqAY217Gxt CgpJOcxC4MhL0rJNYi5SWfBC/FZVkny4Eudewx7V1n9fwBXx85DWn0+I9JDqOrGI AsBjfz5mbWacwf3y0OKETpwhwymsVLfe+y4GdlmGxeMWQwTfmWKHx3F69Q6VpEYT r5PtyeGKHHpQlCpMjEL2ZJcsRkbsVmdZJy/9xVbiDcbP9K0GgookC2l3i9D540EE qII+h+iXktOLyS3oMZirPNSIodTelZIC1W3//HNEx7mcZ1i5BfN1z6Y72wIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFLhWme4+ljiv6xaBgN3VeAzq9wM8MB8GA1UdIwQY MBaAFLbPTlfLwVzk7O9E9Q5bhZL77u6gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdHM5T1Y4dkJYT1RzNzBUMURsdUZrdnZ1N3FBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy80ZTg5N2YtZTQzNS00NzE1LWEzYzUt ODViZTQyNWQzMTk5LzEvdUZhWjdqNldPS19yRm9HQTNkVjRET3IzQXp3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wNy80ZTg5N2YtZTQzNS00NzE1LWEzYzUtODViZTQyNWQzMTk5 LzEvdHM5T1Y4dkJYT1RzNzBUMURsdUZrdnZ1N3FBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDVZ6AMA0G CSqGSIb3DQEBCwUAA4IBAQA7YGAaGZX1uWiu5MRrIEPZILJxOn9T+c4WWmYOd2CB Hf3I4pCxAUSS+qtpS6RAAJnULFj41zwbp6nIc9BuTVyLAhcQBZCiGHUmXDmsiWIX 1K3dr78FhVWNpXM44VETnXkLQA+ydVB0MVkCpCrGrvBS1HCp7FvGYLFBFgtlwIjp 82EYD8ZkQZeHu4xKc+7H4Aaas2sYu0lSasLcttP/bZJt9K3sLtqkqCv2RwJG7VLm pKYd6DwKf56gulV5fhCbTnNHl+T4VfMkHJ3c66qGv4R1jSLSXjIf8te3wXIJcyyG uNeQkY/wpj+xNJObCZfnwiu+7Ywb1m38IK2O2+QxvHxb -----END CERTIFICATE-----Generated at Wed Jan 21 14:30:36 2026 by rpki-client