This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/3cc78a-8fb5-475a-8882-9d0c620735f1/1/ukePksioR9rZ806d8URQYeRLONE.roa File: ukePksioR9rZ806d8URQYeRLONE.roa (raw, json) Hash identifier: EXhlSdLPcjyLmaBcE0rpgx1b7yqNH2I+X3p7p/NtRc8= Subject key identifier: BA:47:8F:92:C8:A8:47:DA:D9:F3:4E:9D:F1:44:50:61:E4:4B:38:D1 Certificate issuer: /CN=1efa596a3126ace029c6d70d529257e07b38ba06 Certificate serial: 019B7758FE24C848082B0BD917F85126C2A3 Authority key identifier: 1E:FA:59:6A:31:26:AC:E0:29:C6:D7:0D:52:92:57:E0:7B:38:BA:06 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HvpZajEmrOApxtcNUpJX4Hs4ugY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/3cc78a-8fb5-475a-8882-9d0c620735f1/1/ukePksioR9rZ806d8URQYeRLONE.roa Signing time: Thu 01 Jan 2026 02:17:59 +0000 ROA not before: Thu 01 Jan 2026 02:17:59 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 16509 IP address blocks: 128.139.4.0/24 maxlen: 24 128.139.6.0/24 maxlen: 24 128.139.7.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/3cc78a-8fb5-475a-8882-9d0c620735f1/1/HvpZajEmrOApxtcNUpJX4Hs4ugY.crl rsync://rpki.ripe.net/repository/DEFAULT/2a/3cc78a-8fb5-475a-8882-9d0c620735f1/1/HvpZajEmrOApxtcNUpJX4Hs4ugY.mft rsync://rpki.ripe.net/repository/DEFAULT/HvpZajEmrOApxtcNUpJX4Hs4ugY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:58:fe:24:c8:48:08:2b:0b:d9:17:f8:51:26:c2:a3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1efa596a3126ace029c6d70d529257e07b38ba06 Validity Not Before: Jan 1 02:17:59 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=ba478f92c8a847dad9f34e9df1445061e44b38d1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:30:51:c5:a2:b3:55:8c:69:a1:18:d0:ed:29: 32:92:42:fd:58:97:37:d4:b9:1c:be:e9:5e:e4:77: 50:4c:85:55:fc:d8:9b:91:99:2a:f1:01:08:3a:dc: b0:af:ec:ca:91:9b:9b:42:e4:6c:0c:ca:77:58:92: 87:13:13:e9:bf:ef:98:51:01:96:97:b5:39:af:00: 18:e9:11:65:35:23:ad:6a:61:59:1d:c9:2f:ca:84: 95:26:90:b8:0c:44:b5:ae:ca:94:fe:fe:35:d8:51: 03:98:2c:d0:67:d9:c8:e0:4b:5b:67:13:44:67:7e: 44:d1:6a:0c:31:d2:b1:a1:8d:ac:06:7a:ca:40:9a: 2c:26:d2:70:61:75:67:8a:d6:25:de:95:cb:65:68: 2b:97:05:23:f5:21:1a:9c:cf:b2:f9:33:cd:d9:f7: c3:bf:ae:fb:e9:93:88:99:1d:74:f7:e5:31:17:79: e8:80:a6:1c:cd:76:3a:fb:dc:66:87:ca:27:de:48: c8:d5:ab:f3:c5:91:42:26:04:ba:f1:10:16:e5:76: 90:0c:24:e4:e4:8c:d3:2b:94:f9:e1:fc:78:24:6d: 6a:41:09:6c:ac:0b:77:6b:85:f2:06:80:15:65:6a: f3:94:3c:c9:55:82:14:2f:c6:46:f7:11:60:eb:7e: e9:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BA:47:8F:92:C8:A8:47:DA:D9:F3:4E:9D:F1:44:50:61:E4:4B:38:D1 X509v3 Authority Key Identifier: keyid:1E:FA:59:6A:31:26:AC:E0:29:C6:D7:0D:52:92:57:E0:7B:38:BA:06 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HvpZajEmrOApxtcNUpJX4Hs4ugY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/3cc78a-8fb5-475a-8882-9d0c620735f1/1/ukePksioR9rZ806d8URQYeRLONE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/3cc78a-8fb5-475a-8882-9d0c620735f1/1/HvpZajEmrOApxtcNUpJX4Hs4ugY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 128.139.4.0/24 128.139.6.0/23 Signature Algorithm: sha256WithRSAEncryption 49:31:5e:28:b9:fe:05:2b:18:42:34:12:17:c7:01:6e:ae:09: 3a:33:f9:0c:65:71:9a:5f:2d:f2:60:e2:4b:ae:b4:3d:ad:2f: 32:cb:ef:4a:d8:62:06:a2:e4:71:80:79:52:d4:a1:68:b9:f4: 58:a8:63:22:3d:e1:82:45:3a:67:57:58:da:35:4e:79:85:2c: 6e:37:18:2c:ef:f9:cb:4e:38:34:7f:e1:b5:98:16:f1:a8:f2: ec:2f:c4:53:ea:9d:40:af:0d:2e:6c:ca:f6:d8:25:f9:f5:c9: e0:04:7e:a8:6e:f8:ce:76:60:fd:a2:7d:c1:63:44:c7:4e:8c: 94:ea:f4:aa:44:f0:79:3c:d0:47:d9:5d:45:64:f4:fa:5e:49: c2:00:6e:04:07:61:83:a1:69:ef:f4:39:1b:3d:a3:43:e8:9a: f3:e0:b7:7a:c9:63:a5:6d:72:7e:e3:eb:88:95:43:7b:a7:f2: df:30:08:5b:74:54:d8:35:53:ae:98:c2:29:2b:21:66:41:50: 0c:e1:45:6e:e1:18:18:03:37:da:d4:60:e5:aa:8c:89:2f:28: 09:25:49:5e:ab:91:cb:c1:5b:f5:4d:5e:3b:2b:9c:88:2b:7a: da:d3:4d:db:7d:1a:57:0b:d1:80:6c:35:0b:07:ed:48:00:9e: 34:18:40:58 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt3WP4kyEgIKwvZF/hRJsKjMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFlZmE1OTZhMzEyNmFjZTAyOWM2ZDcwZDUyOTI1N2UwN2Iz OGJhMDYwHhcNMjYwMTAxMDIxNzU5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiYTQ3OGY5MmM4YTg0N2RhZDlmMzRlOWRmMTQ0NTA2MWU0NGIzOGQxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyDBRxaKzVYxpoRjQ7SkykkL9WJc3 1Lkcvule5HdQTIVV/NibkZkq8QEIOtywr+zKkZubQuRsDMp3WJKHExPpv++YUQGW l7U5rwAY6RFlNSOtamFZHckvyoSVJpC4DES1rsqU/v412FEDmCzQZ9nI4EtbZxNE Z35E0WoMMdKxoY2sBnrKQJosJtJwYXVnitYl3pXLZWgrlwUj9SEanM+y+TPN2ffD v6776ZOImR109+UxF3nogKYczXY6+9xmh8on3kjI1avzxZFCJgS68RAW5XaQDCTk 5IzTK5T54fx4JG1qQQlsrAt3a4XyBoAVZWrzlDzJVYIUL8ZG9xFg637pFQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFLpHj5LIqEfa2fNOnfFEUGHkSzjRMB8GA1UdIwQY MBaAFB76WWoxJqzgKcbXDVKSV+B7OLoGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSHZwWmFqRW1yT0FweHRjTlVwSlg0SHM0dWdZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS8zY2M3OGEtOGZiNS00NzVhLTg4ODIt OWQwYzYyMDczNWYxLzEvdWtlUGtzaW9SOXJaODA2ZDhVUlFZZVJMT05FLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yYS8zY2M3OGEtOGZiNS00NzVhLTg4ODItOWQwYzYyMDczNWYx LzEvSHZwWmFqRW1yT0FweHRjTlVwSlg0SHM0dWdZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAgIsEAwQB gIsGMA0GCSqGSIb3DQEBCwUAA4IBAQBJMV4ouf4FKxhCNBIXxwFurgk6M/kMZXGa Xy3yYOJLrrQ9rS8yy+9K2GIGouRxgHlS1KFoufRYqGMiPeGCRTpnV1jaNU55hSxu Nxgs7/nLTjg0f+G1mBbxqPLsL8RT6p1Arw0ubMr22CX59cngBH6obvjOdmD9on3B Y0THToyU6vSqRPB5PNBH2V1FZPT6XknCAG4EB2GDoWnv9DkbPaND6Jrz4Ld6yWOl bXJ+4+uIlUN7p/LfMAhbdFTYNVOumMIpKyFmQVAM4UVu4RgYAzfa1GDlqoyJLygJ JUleq5HLwVv1TV47K5yIK3ra003bfRpXC9GAbDULB+1IAJ40GEBY -----END CERTIFICATE-----Generated at Fri Jan 2 11:03:58 2026 by rpki-client