This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/5d20f4-2977-4e06-9e72-ac4549977901/1/I-ukRrCAPBajw4Cw7SX_HqtjY_Y.roa File: I-ukRrCAPBajw4Cw7SX_HqtjY_Y.roa (raw, json) Hash identifier: nRHAOv53R6oXv1iB+S9TIyPCUUphzX+kQpcWt0Y3Kbw= Subject key identifier: 23:EB:A4:46:B0:80:3C:16:A3:C3:80:B0:ED:25:FF:1E:AB:63:63:F6 Certificate issuer: /CN=56aa1eed990ed031ee17b0b13da8f83e0efba2b0 Certificate serial: 019B797E36902CBD98C56740C981712BD380 Authority key identifier: 56:AA:1E:ED:99:0E:D0:31:EE:17:B0:B1:3D:A8:F8:3E:0E:FB:A2:B0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Vqoe7ZkO0DHuF7CxPaj4Pg77orA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/5d20f4-2977-4e06-9e72-ac4549977901/1/I-ukRrCAPBajw4Cw7SX_HqtjY_Y.roa Signing time: Thu 01 Jan 2026 12:17:53 +0000 ROA not before: Thu 01 Jan 2026 12:17:53 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 201198 IP address blocks: 31.14.233.0/24 maxlen: 24 94.177.114.0/23 maxlen: 24 176.223.189.0/24 maxlen: 24 185.53.252.0/22 maxlen: 24 2a01:7c60::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/5d20f4-2977-4e06-9e72-ac4549977901/1/Vqoe7ZkO0DHuF7CxPaj4Pg77orA.crl rsync://rpki.ripe.net/repository/DEFAULT/2f/5d20f4-2977-4e06-9e72-ac4549977901/1/Vqoe7ZkO0DHuF7CxPaj4Pg77orA.mft rsync://rpki.ripe.net/repository/DEFAULT/Vqoe7ZkO0DHuF7CxPaj4Pg77orA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 12:00:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7e:36:90:2c:bd:98:c5:67:40:c9:81:71:2b:d3:80 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=56aa1eed990ed031ee17b0b13da8f83e0efba2b0 Validity Not Before: Jan 1 12:17:53 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=23eba446b0803c16a3c380b0ed25ff1eab6363f6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:12:85:bd:bd:56:a0:9b:a3:06:71:57:86:56: b3:b1:9b:97:13:b2:3e:76:c9:de:e9:54:62:3e:50: 86:35:b6:77:99:d0:d1:4a:8f:96:9a:c8:8e:f3:14: bc:e4:5f:98:1e:c9:41:91:de:1c:7d:f1:a6:2b:b3: 92:0c:22:59:69:f1:b7:34:d6:69:b0:a1:b6:61:d9: 7e:5e:d3:eb:b2:5e:55:4d:ab:c7:ef:de:47:e5:25: 49:26:cf:67:32:3f:34:09:55:3c:3b:3b:98:29:75: 47:c7:0b:27:f2:c8:8e:a3:ac:e9:53:3d:7c:fd:97: 8f:37:dd:c3:53:63:96:a9:fe:83:77:56:27:b1:0a: 16:71:cd:63:58:13:7b:66:5d:23:81:2e:36:53:70: c5:29:94:83:cb:0a:50:45:15:2f:c0:0f:b5:8a:4e: c8:88:53:27:a5:96:da:50:9e:da:b4:31:e1:2a:1c: 13:99:57:58:a9:ef:c6:76:aa:c3:19:1c:ac:94:65: f6:c8:e8:d5:55:c3:29:91:46:ad:41:b1:d9:d0:22: 2d:a6:54:51:10:99:9f:60:a4:03:ef:68:43:09:cc: 80:88:20:7e:23:d3:4b:cf:09:1b:50:4c:ea:ab:da: 6d:e1:1a:28:06:93:e3:30:5d:46:29:ed:c5:b7:09: ab:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 23:EB:A4:46:B0:80:3C:16:A3:C3:80:B0:ED:25:FF:1E:AB:63:63:F6 X509v3 Authority Key Identifier: keyid:56:AA:1E:ED:99:0E:D0:31:EE:17:B0:B1:3D:A8:F8:3E:0E:FB:A2:B0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Vqoe7ZkO0DHuF7CxPaj4Pg77orA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/5d20f4-2977-4e06-9e72-ac4549977901/1/I-ukRrCAPBajw4Cw7SX_HqtjY_Y.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/5d20f4-2977-4e06-9e72-ac4549977901/1/Vqoe7ZkO0DHuF7CxPaj4Pg77orA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.14.233.0/24 94.177.114.0/23 176.223.189.0/24 185.53.252.0/22 IPv6: 2a01:7c60::/32 Signature Algorithm: sha256WithRSAEncryption a7:83:bc:df:85:07:25:d6:65:dd:c2:99:bf:10:d7:c5:2c:4c: be:d2:d6:cb:c4:e5:ef:d4:c0:93:cd:f3:40:1e:0b:42:f8:98: 0b:f8:e7:75:33:f8:bf:8d:3c:7c:97:eb:45:8e:64:2d:e6:3d: 92:e2:b1:01:a9:19:ad:32:0f:67:32:13:fd:ae:c5:15:cf:57: e4:a6:ec:4b:07:22:60:18:d4:85:e7:53:d3:90:24:b2:12:d5: 7f:bc:3c:93:a7:d6:d3:3f:81:1d:46:f8:96:09:a9:e6:11:6c: 50:dc:ea:0f:02:53:a9:92:22:e5:b2:eb:96:06:74:0f:98:ee: 31:a0:46:72:f5:7c:7e:38:48:cb:77:3f:ea:19:25:50:5b:17: e8:b6:32:75:e1:f0:66:49:e5:22:9e:fb:94:03:64:19:8c:0b: 3f:28:0b:e7:38:ed:e1:b4:7b:f3:58:2e:95:45:b7:3c:15:20: f9:33:37:38:69:84:30:59:98:5f:82:dc:0b:76:93:38:03:5d: 89:ff:63:94:66:0f:fc:f5:7a:b9:86:37:0a:67:6b:13:9e:97: 33:9c:37:4b:f1:65:0d:6a:c3:ff:f2:94:16:99:68:94:f2:d1: 27:8a:ff:a6:11:e8:8f:d0:85:a0:84:87:72:6d:ca:d8:4e:82: 02:8c:e8:59 -----BEGIN CERTIFICATE----- MIIFHjCCBAagAwIBAgISAZt5fjaQLL2YxWdAyYFxK9OAMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDU2YWExZWVkOTkwZWQwMzFlZTE3YjBiMTNkYThmODNlMGVm YmEyYjAwHhcNMjYwMTAxMTIxNzUzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyM2ViYTQ0NmIwODAzYzE2YTNjMzgwYjBlZDI1ZmYxZWFiNjM2M2Y2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvBKFvb1WoJujBnFXhlazsZuXE7I+ dsne6VRiPlCGNbZ3mdDRSo+WmsiO8xS85F+YHslBkd4cffGmK7OSDCJZafG3NNZp sKG2Ydl+XtPrsl5VTavH795H5SVJJs9nMj80CVU8OzuYKXVHxwsn8siOo6zpUz18 /ZePN93DU2OWqf6Dd1YnsQoWcc1jWBN7Zl0jgS42U3DFKZSDywpQRRUvwA+1ik7I iFMnpZbaUJ7atDHhKhwTmVdYqe/GdqrDGRyslGX2yOjVVcMpkUatQbHZ0CItplRR EJmfYKQD72hDCcyAiCB+I9NLzwkbUEzqq9pt4RooBpPjMF1GKe3FtwmrYwIDAQAB o4ICKjCCAiYwHQYDVR0OBBYEFCPrpEawgDwWo8OAsO0l/x6rY2P2MB8GA1UdIwQY MBaAFFaqHu2ZDtAx7hewsT2o+D4O+6KwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVnFvZTdaa08wREh1RjdDeFBhajRQZzc3b3JBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi81ZDIwZjQtMjk3Ny00ZTA2LTllNzIt YWM0NTQ5OTc3OTAxLzEvSS11a1JyQ0FQQmFqdzRDdzdTWF9IcXRqWV9ZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yZi81ZDIwZjQtMjk3Ny00ZTA2LTllNzItYWM0NTQ5OTc3OTAx LzEvVnFvZTdaa08wREh1RjdDeFBhajRQZzc3b3JBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAHw7pAwQB XrFyAwQAsN+9AwQCuTX8MA0EAgACMAcDBQAqAXxgMA0GCSqGSIb3DQEBCwUAA4IB AQCng7zfhQcl1mXdwpm/ENfFLEy+0tbLxOXv1MCTzfNAHgtC+JgL+Od1M/i/jTx8 l+tFjmQt5j2S4rEBqRmtMg9nMhP9rsUVz1fkpuxLByJgGNSF51PTkCSyEtV/vDyT p9bTP4EdRviWCanmEWxQ3OoPAlOpkiLlsuuWBnQPmO4xoEZy9Xx+OEjLdz/qGSVQ WxfotjJ14fBmSeUinvuUA2QZjAs/KAvnOO3htHvzWC6VRbc8FSD5Mzc4aYQwWZhf gtwLdpM4A12J/2OUZg/89Xq5hjcKZ2sTnpcznDdL8WUNasP/8pQWmWiU8tEniv+m EeiP0IWghIdybcrYToICjOhZ -----END CERTIFICATE-----Generated at Mon Feb 9 22:16:55 2026 by rpki-client