This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/3d56f6-9410-4844-a472-5615513fdcf4/1/5UKl7JzlrMZFxZccNwb_HEFI_xs.roa File: 5UKl7JzlrMZFxZccNwb_HEFI_xs.roa (raw, json) Hash identifier: XFtwBlqsUtFdMadWz8en37s8O8O+/h2aqDNRnI5q7sE= Subject key identifier: E5:42:A5:EC:9C:E5:AC:C6:45:C5:97:1C:37:06:FF:1C:41:48:FF:1B Certificate issuer: /CN=6029b1a08139e1da9643dd0424f5cd64507e3771 Certificate serial: 019B7F14F19BBDBEDB35A09084EF691BBBB3 Authority key identifier: 60:29:B1:A0:81:39:E1:DA:96:43:DD:04:24:F5:CD:64:50:7E:37:71 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YCmxoIE54dqWQ90EJPXNZFB-N3E.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/3d56f6-9410-4844-a472-5615513fdcf4/1/5UKl7JzlrMZFxZccNwb_HEFI_xs.roa Signing time: Fri 02 Jan 2026 14:20:37 +0000 ROA not before: Fri 02 Jan 2026 14:20:37 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 204002 IP address blocks: 185.43.88.0/24 maxlen: 24 185.43.89.0/24 maxlen: 24 185.43.90.0/24 maxlen: 24 185.43.91.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0f/3d56f6-9410-4844-a472-5615513fdcf4/1/YCmxoIE54dqWQ90EJPXNZFB-N3E.crl rsync://rpki.ripe.net/repository/DEFAULT/0f/3d56f6-9410-4844-a472-5615513fdcf4/1/YCmxoIE54dqWQ90EJPXNZFB-N3E.mft rsync://rpki.ripe.net/repository/DEFAULT/YCmxoIE54dqWQ90EJPXNZFB-N3E.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 11:00:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:14:f1:9b:bd:be:db:35:a0:90:84:ef:69:1b:bb:b3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6029b1a08139e1da9643dd0424f5cd64507e3771 Validity Not Before: Jan 2 14:20:37 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=e542a5ec9ce5acc645c5971c3706ff1c4148ff1b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:b0:28:4b:a6:09:92:f5:c0:92:08:3a:bf:cd: a5:2a:64:15:e9:92:a0:46:21:7c:26:d1:a9:f5:64: 82:57:b1:35:c2:18:96:ce:5a:a8:a1:e7:50:9f:ef: 4d:66:5e:aa:b5:01:0f:a2:04:fa:5e:49:d1:90:1f: 53:3c:28:b6:f1:ed:5f:38:6d:07:c3:8e:71:46:59: bc:86:f5:e5:c2:48:3b:34:78:d7:f7:e9:28:a0:9b: 03:d1:29:b2:a0:fe:08:15:61:e3:2d:7e:a2:54:6f: 89:c0:6d:4a:72:29:7e:33:be:e1:78:02:9b:b6:2d: 62:63:be:dd:ed:e9:7a:74:32:ff:f2:b2:ad:07:48: 4e:27:60:fb:04:04:24:28:58:99:92:10:f0:97:7d: 75:2e:fe:bb:61:ed:7a:2e:db:03:03:37:47:36:8a: ee:2d:bd:ff:e9:4d:2d:07:e2:2f:75:5c:06:18:86: 7c:aa:68:f8:5e:e9:df:09:72:15:72:49:d5:43:18: 65:44:2c:c4:b8:ed:b1:8e:7e:4c:ed:eb:98:ca:6f: e5:2c:42:ce:e7:6c:18:73:dc:49:ed:7a:71:55:75: 1c:ac:71:f3:0b:3c:85:13:da:8b:39:87:88:98:fb: 6b:3d:bc:1e:67:0c:11:58:6e:91:16:9d:62:a3:28: 08:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E5:42:A5:EC:9C:E5:AC:C6:45:C5:97:1C:37:06:FF:1C:41:48:FF:1B X509v3 Authority Key Identifier: keyid:60:29:B1:A0:81:39:E1:DA:96:43:DD:04:24:F5:CD:64:50:7E:37:71 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YCmxoIE54dqWQ90EJPXNZFB-N3E.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/3d56f6-9410-4844-a472-5615513fdcf4/1/5UKl7JzlrMZFxZccNwb_HEFI_xs.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/3d56f6-9410-4844-a472-5615513fdcf4/1/YCmxoIE54dqWQ90EJPXNZFB-N3E.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.43.88.0/22 Signature Algorithm: sha256WithRSAEncryption 4b:44:e8:89:44:49:ad:c7:f1:aa:7d:76:2b:50:7c:8c:41:85: af:d1:20:a7:83:27:f3:17:7a:10:ca:a2:7f:4f:4f:fa:8b:b4: 02:73:44:36:ca:76:24:12:52:3b:15:95:2c:59:89:98:44:2d: 81:e6:3d:3c:1b:81:2a:3b:68:21:22:68:ca:5f:fb:73:d4:17: ac:05:14:7c:25:01:3d:17:2c:c2:66:83:5e:07:f9:e2:fc:31: f6:8e:a4:d5:e7:5e:4e:78:6f:0f:fc:7b:d8:e9:a0:97:a3:c9: 7b:1a:28:8f:dc:43:52:5d:b8:d2:f7:0a:ea:8d:83:46:73:60: 59:10:6f:77:5e:85:9d:e3:df:7e:39:f1:4b:d9:f1:2f:c2:e1: ed:17:ad:d8:8d:36:6a:d2:89:db:be:6f:ac:41:e3:b2:32:24: 36:f7:38:9b:7e:58:af:84:bd:2d:ac:53:17:8a:3d:be:6f:2c: 1f:0c:4e:1a:e2:9c:7e:3f:94:2d:e9:c7:d8:cd:a8:bf:b3:2d: 0e:62:71:a4:af:a6:62:db:ad:5a:b6:3e:63:42:da:a6:ba:85: 5f:fc:b9:4c:33:62:c4:b0:63:c4:c2:85:bf:73:93:c4:4d:76: b2:60:8e:c9:c9:75:ab:2e:31:fb:d8:cf:fb:f6:5d:9b:4b:1d: 6a:28:4c:93 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt/FPGbvb7bNaCQhO9pG7uzMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYwMjliMWEwODEzOWUxZGE5NjQzZGQwNDI0ZjVjZDY0NTA3 ZTM3NzEwHhcNMjYwMTAyMTQyMDM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhlNTQyYTVlYzljZTVhY2M2NDVjNTk3MWMzNzA2ZmYxYzQxNDhmZjFiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1rAoS6YJkvXAkgg6v82lKmQV6ZKg RiF8JtGp9WSCV7E1whiWzlqooedQn+9NZl6qtQEPogT6XknRkB9TPCi28e1fOG0H w45xRlm8hvXlwkg7NHjX9+kooJsD0SmyoP4IFWHjLX6iVG+JwG1Kcil+M77heAKb ti1iY77d7el6dDL/8rKtB0hOJ2D7BAQkKFiZkhDwl311Lv67Ye16LtsDAzdHNoru Lb3/6U0tB+IvdVwGGIZ8qmj4XunfCXIVcknVQxhlRCzEuO2xjn5M7euYym/lLELO 52wYc9xJ7XpxVXUcrHHzCzyFE9qLOYeImPtrPbweZwwRWG6RFp1ioygIOQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFOVCpeyc5azGRcWXHDcG/xxBSP8bMB8GA1UdIwQY MBaAFGApsaCBOeHalkPdBCT1zWRQfjdxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWUNteG9JRTU0ZHFXUTkwRUpQWE5aRkItTjNFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8zZDU2ZjYtOTQxMC00ODQ0LWE0NzIt NTYxNTUxM2ZkY2Y0LzEvNVVLbDdKemxyTVpGeFpjY053Yl9IRUZJX3hzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wZi8zZDU2ZjYtOTQxMC00ODQ0LWE0NzItNTYxNTUxM2ZkY2Y0 LzEvWUNteG9JRTU0ZHFXUTkwRUpQWE5aRkItTjNFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuStYMA0G CSqGSIb3DQEBCwUAA4IBAQBLROiJREmtx/GqfXYrUHyMQYWv0SCngyfzF3oQyqJ/ T0/6i7QCc0Q2ynYkElI7FZUsWYmYRC2B5j08G4EqO2ghImjKX/tz1BesBRR8JQE9 FyzCZoNeB/ni/DH2jqTV515OeG8P/HvY6aCXo8l7GiiP3ENSXbjS9wrqjYNGc2BZ EG93XoWd499+OfFL2fEvwuHtF63YjTZq0onbvm+sQeOyMiQ29zibflivhL0trFMX ij2+bywfDE4a4px+P5Qt6cfYzai/sy0OYnGkr6Zi261atj5jQtqmuoVf/LlMM2LE sGPEwoW/c5PETXayYI7JyXWrLjH72M/79l2bSx1qKEyT -----END CERTIFICATE-----Generated at Mon Feb 9 21:21:14 2026 by rpki-client