This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/4f943f-d16a-48da-b93a-1487c6020c46/1/uglZN3e0ur2TkFYxywC2Q5oDa8c.roa File: uglZN3e0ur2TkFYxywC2Q5oDa8c.roa (raw, json) Hash identifier: W5cX7fhh2nzjYIuvg0tzN9PC2FGwU2Yio9kqI45+MPo= Subject key identifier: BA:09:59:37:77:B4:BA:BD:93:90:56:31:CB:00:B6:43:9A:03:6B:C7 Certificate issuer: /CN=4e3fe90f0fad6a25d46bd7c335b922da031b2c78 Certificate serial: 019B7A5A69BB8BD776C0F1CC3F399682342F Authority key identifier: 4E:3F:E9:0F:0F:AD:6A:25:D4:6B:D7:C3:35:B9:22:DA:03:1B:2C:78 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tj_pDw-taiXUa9fDNbki2gMbLHg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/4f943f-d16a-48da-b93a-1487c6020c46/1/uglZN3e0ur2TkFYxywC2Q5oDa8c.roa Signing time: Thu 01 Jan 2026 16:18:24 +0000 ROA not before: Thu 01 Jan 2026 16:18:24 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 60774 IP address blocks: 194.15.88.0/21 maxlen: 24 212.102.97.0/24 maxlen: 24 2a09:2800::/29 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/4f943f-d16a-48da-b93a-1487c6020c46/1/Tj_pDw-taiXUa9fDNbki2gMbLHg.crl rsync://rpki.ripe.net/repository/DEFAULT/2f/4f943f-d16a-48da-b93a-1487c6020c46/1/Tj_pDw-taiXUa9fDNbki2gMbLHg.mft rsync://rpki.ripe.net/repository/DEFAULT/Tj_pDw-taiXUa9fDNbki2gMbLHg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5a:69:bb:8b:d7:76:c0:f1:cc:3f:39:96:82:34:2f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4e3fe90f0fad6a25d46bd7c335b922da031b2c78 Validity Not Before: Jan 1 16:18:24 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=ba09593777b4babd93905631cb00b6439a036bc7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:ab:47:c0:f1:5d:cb:13:bc:c1:3e:ae:82:7e: e6:b3:f6:03:8c:42:29:a3:66:61:e6:30:35:1a:8a: c9:4b:2e:ec:d7:7b:b8:1d:2b:a3:0a:3d:c6:ac:f2: c1:12:90:5c:cd:bd:61:aa:08:61:3a:93:05:12:27: c4:8e:c2:29:94:d1:f6:73:f7:30:20:b3:be:da:3e: 80:e9:3f:ed:5d:42:96:fa:f4:82:92:3d:ce:0b:ff: 5a:63:5c:10:fd:a7:99:a0:74:72:b0:e2:0b:70:e3: cc:ef:31:57:81:32:40:1a:6c:83:29:0c:4e:6c:83: 91:5b:e2:e6:b8:89:1a:bb:cd:82:db:b7:b7:eb:ce: cf:ab:97:62:d1:55:1f:b8:5d:23:27:57:04:0a:0b: 34:87:94:0e:bf:11:07:fa:d0:9f:60:f4:fb:9d:97: 9b:f5:6d:03:80:83:56:42:b9:f2:d6:68:7b:96:a6: 91:31:2b:16:09:cf:4b:41:4f:e1:c2:1e:9d:97:57: 19:1e:d3:a1:99:74:02:0b:7a:1b:3b:5d:1c:d6:84: fa:ed:1b:96:6d:ba:12:c8:da:d4:a4:95:ab:b6:1c: 70:27:7c:67:79:1b:b3:b3:48:cd:c3:7c:49:eb:85: f3:aa:ea:cf:a2:48:c4:e8:e9:bc:05:f9:a8:bc:8f: f4:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BA:09:59:37:77:B4:BA:BD:93:90:56:31:CB:00:B6:43:9A:03:6B:C7 X509v3 Authority Key Identifier: keyid:4E:3F:E9:0F:0F:AD:6A:25:D4:6B:D7:C3:35:B9:22:DA:03:1B:2C:78 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tj_pDw-taiXUa9fDNbki2gMbLHg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/4f943f-d16a-48da-b93a-1487c6020c46/1/uglZN3e0ur2TkFYxywC2Q5oDa8c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/4f943f-d16a-48da-b93a-1487c6020c46/1/Tj_pDw-taiXUa9fDNbki2gMbLHg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 194.15.88.0/21 212.102.97.0/24 IPv6: 2a09:2800::/29 Signature Algorithm: sha256WithRSAEncryption 60:25:86:b6:71:0e:5a:9e:fc:ae:29:29:0b:07:be:30:2b:3d: fa:55:24:67:66:b1:dc:2a:c4:3c:50:cb:c3:a2:c2:51:01:36: 8c:c3:ec:eb:55:6d:5a:f9:bf:70:fb:3f:3a:b7:60:58:21:d8: 7c:af:b4:bf:5f:c6:08:6f:38:74:c9:19:a1:57:ff:14:89:e5: 84:d1:58:45:ac:66:e7:83:a1:d5:66:bf:24:2c:1d:11:1a:d4: 97:e3:22:da:a4:39:79:66:8e:1c:25:b6:36:54:5e:a5:db:5d: db:14:66:82:65:da:65:b1:b6:ec:80:01:1f:b3:f2:39:cb:46: 18:0a:ee:72:00:b8:ac:57:66:0d:af:0d:78:ff:b2:20:4e:f8: e6:57:31:8b:03:9d:23:66:14:fc:60:50:d3:49:bb:43:1c:21: 53:55:75:ff:2b:15:83:12:92:e8:3e:0a:9b:f9:d3:f8:95:64: f3:12:bd:8b:a6:bf:23:0b:b6:18:79:4b:45:42:16:30:b2:90: 4c:22:7d:74:d1:99:e3:c9:86:5b:8c:6c:c5:64:b3:b0:af:3b: cb:df:80:69:11:09:e8:3d:46:93:88:57:68:04:a0:8f:98:39: b3:ed:32:3f:75:cf:78:c0:3d:53:39:f0:64:f1:ae:d1:f1:42: 9f:74:e4:2f -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt6Wmm7i9d2wPHMPzmWgjQvMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRlM2ZlOTBmMGZhZDZhMjVkNDZiZDdjMzM1YjkyMmRhMDMx YjJjNzgwHhcNMjYwMTAxMTYxODI0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiYTA5NTkzNzc3YjRiYWJkOTM5MDU2MzFjYjAwYjY0MzlhMDM2YmM3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwKtHwPFdyxO8wT6ugn7ms/YDjEIp o2Zh5jA1GorJSy7s13u4HSujCj3GrPLBEpBczb1hqghhOpMFEifEjsIplNH2c/cw ILO+2j6A6T/tXUKW+vSCkj3OC/9aY1wQ/aeZoHRysOILcOPM7zFXgTJAGmyDKQxO bIORW+LmuIkau82C27e3687Pq5di0VUfuF0jJ1cECgs0h5QOvxEH+tCfYPT7nZeb 9W0DgINWQrny1mh7lqaRMSsWCc9LQU/hwh6dl1cZHtOhmXQCC3obO10c1oT67RuW bboSyNrUpJWrthxwJ3xneRuzs0jNw3xJ64XzqurPokjE6Om8BfmovI/0SwIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFLoJWTd3tLq9k5BWMcsAtkOaA2vHMB8GA1UdIwQY MBaAFE4/6Q8PrWol1GvXwzW5ItoDGyx4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVGpfcER3LXRhaVhVYTlmRE5ia2kyZ01iTEhnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi80Zjk0M2YtZDE2YS00OGRhLWI5M2Et MTQ4N2M2MDIwYzQ2LzEvdWdsWk4zZTB1cjJUa0ZZeHl3QzJRNW9EYThjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yZi80Zjk0M2YtZDE2YS00OGRhLWI5M2EtMTQ4N2M2MDIwYzQ2 LzEvVGpfcER3LXRhaVhVYTlmRE5ia2kyZ01iTEhnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDwg9YAwQA 1GZhMA0EAgACMAcDBQMqCSgAMA0GCSqGSIb3DQEBCwUAA4IBAQBgJYa2cQ5anvyu KSkLB74wKz36VSRnZrHcKsQ8UMvDosJRATaMw+zrVW1a+b9w+z86t2BYIdh8r7S/ X8YIbzh0yRmhV/8UieWE0VhFrGbng6HVZr8kLB0RGtSX4yLapDl5Zo4cJbY2VF6l 213bFGaCZdplsbbsgAEfs/I5y0YYCu5yALisV2YNrw14/7IgTvjmVzGLA50jZhT8 YFDTSbtDHCFTVXX/KxWDEpLoPgqb+dP4lWTzEr2Lpr8jC7YYeUtFQhYwspBMIn10 0ZnjyYZbjGzFZLOwrzvL34BpEQnoPUaTiFdoBKCPmDmz7TI/dc94wD1TOfBk8a7R 8UKfdOQv -----END CERTIFICATE-----Generated at Mon Feb 9 18:23:42 2026 by rpki-client