This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/23dc61-7e9d-40b3-91b6-46bd7d794fb6/1/ugJS22ubb1YAQxxSrPhzSyT4d4g.roa File: ugJS22ubb1YAQxxSrPhzSyT4d4g.roa (raw, json) Hash identifier: SMm0KdkJcDZcOqPotbm0PXIQqsivUC/ILvOz2gqm9+o= Subject key identifier: BA:02:52:DB:6B:9B:6F:56:00:43:1C:52:AC:F8:73:4B:24:F8:77:88 Certificate issuer: /CN=70b190d6f89a434cce5cb8c0d4b38a1669defb59 Certificate serial: 019B7F156DBD71B7070837F7031D92E5C5DC Authority key identifier: 70:B1:90:D6:F8:9A:43:4C:CE:5C:B8:C0:D4:B3:8A:16:69:DE:FB:59 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cLGQ1viaQ0zOXLjA1LOKFmne-1k.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/23dc61-7e9d-40b3-91b6-46bd7d794fb6/1/ugJS22ubb1YAQxxSrPhzSyT4d4g.roa Signing time: Fri 02 Jan 2026 14:21:09 +0000 ROA not before: Fri 02 Jan 2026 14:21:09 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 206331 IP address blocks: 185.189.108.0/24 maxlen: 24 185.189.111.0/24 maxlen: 24 185.229.180.0/24 maxlen: 24 185.229.181.0/24 maxlen: 24 185.229.182.0/24 maxlen: 24 185.229.183.0/24 maxlen: 24 2a0b:e480::/29 maxlen: 29 2a0b:e480::/32 maxlen: 32 2a0b:e481::/32 maxlen: 32 2a0b:e482::/32 maxlen: 32 2a0b:e483::/32 maxlen: 32 2a0b:e484::/32 maxlen: 32 2a0b:e485::/32 maxlen: 32 2a0b:e486::/32 maxlen: 32 2a0b:e487::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/23dc61-7e9d-40b3-91b6-46bd7d794fb6/1/cLGQ1viaQ0zOXLjA1LOKFmne-1k.crl rsync://rpki.ripe.net/repository/DEFAULT/0d/23dc61-7e9d-40b3-91b6-46bd7d794fb6/1/cLGQ1viaQ0zOXLjA1LOKFmne-1k.mft rsync://rpki.ripe.net/repository/DEFAULT/cLGQ1viaQ0zOXLjA1LOKFmne-1k.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 20:01:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:15:6d:bd:71:b7:07:08:37:f7:03:1d:92:e5:c5:dc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=70b190d6f89a434cce5cb8c0d4b38a1669defb59 Validity Not Before: Jan 2 14:21:09 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=ba0252db6b9b6f5600431c52acf8734b24f87788 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:fb:4f:f9:2d:40:47:11:55:1c:cd:66:6c:9f:a9: b2:84:2a:5f:dd:b0:40:8f:2a:ba:3a:97:79:bb:7f: 30:63:78:2d:41:12:f3:83:97:a1:07:ae:74:33:ee: b2:4f:7a:af:4e:d2:76:0f:a6:87:38:02:84:f2:33: 28:83:f3:8b:72:75:c3:6c:a5:94:ed:56:ce:f1:00: c0:84:53:86:f4:43:38:a5:c9:b4:37:71:68:29:70: 3e:f1:7e:c3:c2:85:39:63:4b:a9:e4:22:ad:3a:08: c1:e2:89:ed:38:9a:63:a5:f5:c1:5c:31:bb:bf:29: f8:ed:27:14:36:c5:17:bc:32:5f:2f:fe:6a:64:1b: 3e:4b:99:61:46:8f:8d:34:d5:1d:c6:16:bc:c2:6c: 8b:0f:71:fc:52:5b:6f:59:14:60:fe:75:c4:60:7b: d7:a2:25:0e:bc:a4:26:6d:7d:30:a0:6d:01:a4:11: 92:d7:fc:a8:31:35:86:5f:22:23:5d:ce:18:0d:46: 21:b9:98:26:00:91:f7:2d:f1:de:23:e8:b3:54:8c: be:f4:9a:84:f6:3e:3e:ea:6d:19:71:cd:42:60:e8: ad:28:86:0a:fb:be:ae:19:e5:36:f3:74:2b:a7:5b: 28:43:cc:38:2c:dc:d9:2a:6c:54:1b:2c:9c:2a:8f: 99:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BA:02:52:DB:6B:9B:6F:56:00:43:1C:52:AC:F8:73:4B:24:F8:77:88 X509v3 Authority Key Identifier: keyid:70:B1:90:D6:F8:9A:43:4C:CE:5C:B8:C0:D4:B3:8A:16:69:DE:FB:59 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cLGQ1viaQ0zOXLjA1LOKFmne-1k.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/23dc61-7e9d-40b3-91b6-46bd7d794fb6/1/ugJS22ubb1YAQxxSrPhzSyT4d4g.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/23dc61-7e9d-40b3-91b6-46bd7d794fb6/1/cLGQ1viaQ0zOXLjA1LOKFmne-1k.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.189.108.0/24 185.189.111.0/24 185.229.180.0/22 IPv6: 2a0b:e480::/29 Signature Algorithm: sha256WithRSAEncryption 17:81:dc:15:0f:ff:fe:78:f7:dd:cd:57:a4:02:89:31:12:f5: 0a:34:37:7b:fe:d2:be:aa:40:eb:09:bf:ce:a7:90:b7:ea:64: 39:ec:ba:8d:61:a9:66:21:70:6c:c5:a9:3a:7f:cc:31:a8:3f: 7a:7b:d2:af:8b:40:7f:7c:79:1d:f1:e6:3a:16:e2:16:d7:82: fe:ce:2a:bb:36:1f:57:a1:8c:69:11:67:1b:09:a3:1e:2a:a5: 86:a8:99:ef:f9:23:3d:4a:0e:ac:63:d5:30:bb:38:2c:f5:2b: 06:34:90:33:43:a3:89:67:75:64:b0:50:cd:a3:57:80:b5:c1: 2f:56:02:3f:b5:60:31:94:08:7c:2f:58:e6:4b:4c:2d:31:d3: 65:60:cc:ca:30:c1:78:fe:f7:8a:60:f8:75:63:fd:32:eb:66: bb:91:36:46:7c:46:72:b5:87:a2:00:7a:e1:58:17:14:fb:ad: 22:8a:56:36:04:bf:3c:48:0b:12:e4:a0:33:9c:e1:79:f7:df: 69:cf:07:b0:d6:0f:44:e6:55:7a:07:c3:4e:83:0b:b9:13:73: 45:3b:33:32:a1:3c:4d:a1:97:3a:1f:00:e7:07:f4:ee:aa:82: 16:63:b4:e1:3a:ae:66:31:dd:08:c0:e3:6e:e4:74:bd:aa:2e: d0:63:e7:e0 -----BEGIN CERTIFICATE----- MIIFGDCCBACgAwIBAgISAZt/FW29cbcHCDf3Ax2S5cXcMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDcwYjE5MGQ2Zjg5YTQzNGNjZTVjYjhjMGQ0YjM4YTE2Njlk ZWZiNTkwHhcNMjYwMTAyMTQyMTA5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiYTAyNTJkYjZiOWI2ZjU2MDA0MzFjNTJhY2Y4NzM0YjI0Zjg3Nzg4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+0/5LUBHEVUczWZsn6myhCpf3bBA jyq6Opd5u38wY3gtQRLzg5ehB650M+6yT3qvTtJ2D6aHOAKE8jMog/OLcnXDbKWU 7VbO8QDAhFOG9EM4pcm0N3FoKXA+8X7DwoU5Y0up5CKtOgjB4ontOJpjpfXBXDG7 vyn47ScUNsUXvDJfL/5qZBs+S5lhRo+NNNUdxha8wmyLD3H8UltvWRRg/nXEYHvX oiUOvKQmbX0woG0BpBGS1/yoMTWGXyIjXc4YDUYhuZgmAJH3LfHeI+izVIy+9JqE 9j4+6m0Zcc1CYOitKIYK+76uGeU283Qrp1soQ8w4LNzZKmxUGyycKo+ZdwIDAQAB o4ICJDCCAiAwHQYDVR0OBBYEFLoCUttrm29WAEMcUqz4c0sk+HeIMB8GA1UdIwQY MBaAFHCxkNb4mkNMzly4wNSzihZp3vtZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvY0xHUTF2aWFRMHpPWExqQTFMT0tGbW5lLTFrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC8yM2RjNjEtN2U5ZC00MGIzLTkxYjYt NDZiZDdkNzk0ZmI2LzEvdWdKUzIydWJiMVlBUXh4U3JQaHpTeVQ0ZDRnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wZC8yM2RjNjEtN2U5ZC00MGIzLTkxYjYtNDZiZDdkNzk0ZmI2 LzEvY0xHUTF2aWFRMHpPWExqQTFMT0tGbW5lLTFrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAub1sAwQA ub1vAwQCueW0MA0EAgACMAcDBQMqC+SAMA0GCSqGSIb3DQEBCwUAA4IBAQAXgdwV D//+ePfdzVekAokxEvUKNDd7/tK+qkDrCb/Op5C36mQ57LqNYalmIXBsxak6f8wx qD96e9Kvi0B/fHkd8eY6FuIW14L+ziq7Nh9XoYxpEWcbCaMeKqWGqJnv+SM9Sg6s Y9Uwuzgs9SsGNJAzQ6OJZ3VksFDNo1eAtcEvVgI/tWAxlAh8L1jmS0wtMdNlYMzK MMF4/veKYPh1Y/0y62a7kTZGfEZytYeiAHrhWBcU+60iilY2BL88SAsS5KAznOF5 999pzwew1g9E5lV6B8NOgwu5E3NFOzMyoTxNoZc6HwDnB/TuqoIWY7ThOq5mMd0I wONu5HS9qi7QY+fg -----END CERTIFICATE-----Generated at Tue Jan 20 04:45:26 2026 by rpki-client