This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/582b7f-60c3-411a-9625-32da1db4b203/1/UVWbdtgMtPSlXPD-ljLhVUXQTLI.roa File: UVWbdtgMtPSlXPD-ljLhVUXQTLI.roa (raw, json) Hash identifier: 0y9dv3rbyul1H/gRs5dF3tqgdi9jkPTntAurTA6guBk= Subject key identifier: 51:55:9B:76:D8:0C:B4:F4:A5:5C:F0:FE:96:32:E1:55:45:D0:4C:B2 Certificate issuer: /CN=c70dbf555870b556acfab428c74eacee56f7b222 Certificate serial: 019B7AC8C7038F38D6C53A152F41867E010E Authority key identifier: C7:0D:BF:55:58:70:B5:56:AC:FA:B4:28:C7:4E:AC:EE:56:F7:B2:22 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xw2_VVhwtVas-rQox06s7lb3siI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/582b7f-60c3-411a-9625-32da1db4b203/1/UVWbdtgMtPSlXPD-ljLhVUXQTLI.roa Signing time: Thu 01 Jan 2026 18:18:57 +0000 ROA not before: Thu 01 Jan 2026 18:18:57 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 202096 IP address blocks: 185.53.136.0/22 maxlen: 22 185.53.136.0/23 maxlen: 23 185.53.138.0/23 maxlen: 23 2a02:2d20::/32 maxlen: 32 2a02:2d20::/48 maxlen: 48 2a02:2d20:1::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/582b7f-60c3-411a-9625-32da1db4b203/1/xw2_VVhwtVas-rQox06s7lb3siI.crl rsync://rpki.ripe.net/repository/DEFAULT/35/582b7f-60c3-411a-9625-32da1db4b203/1/xw2_VVhwtVas-rQox06s7lb3siI.mft rsync://rpki.ripe.net/repository/DEFAULT/xw2_VVhwtVas-rQox06s7lb3siI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:c8:c7:03:8f:38:d6:c5:3a:15:2f:41:86:7e:01:0e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c70dbf555870b556acfab428c74eacee56f7b222 Validity Not Before: Jan 1 18:18:57 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=51559b76d80cb4f4a55cf0fe9632e15545d04cb2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:11:38:07:cd:3c:ee:92:4f:0e:52:4c:9e:46: 85:b8:31:11:34:4b:7a:19:e7:52:73:41:73:da:7b: f5:95:fc:79:00:79:22:95:52:b7:9f:1b:fb:45:3d: 95:bd:7f:24:4a:c2:5a:5b:7e:b6:be:46:81:01:1e: d3:dc:5b:ea:0f:31:d9:e7:66:ee:05:9c:69:c8:45: 7b:53:1b:24:26:5b:06:d4:1b:a7:57:99:77:1f:1c: 04:68:f5:c5:cf:ed:5a:6b:23:00:87:3e:3f:52:c8: 31:d2:71:8b:c9:33:e5:11:17:ff:ff:c6:b9:59:0f: db:64:aa:a0:ec:b9:e7:df:8c:2b:98:8f:7f:0b:18: 75:cf:fa:0d:d4:db:fb:25:bf:99:77:45:84:ab:92: 3c:11:50:dd:e5:11:7c:ec:31:98:eb:cb:e8:85:77: dd:f0:9f:56:d6:08:70:3e:bf:70:e0:36:61:dd:71: fb:17:cf:fc:cf:53:88:f2:0c:e5:65:ce:90:12:56: 50:ea:b2:b0:0d:79:bf:fe:9b:83:af:d8:94:57:37: b8:65:83:22:10:62:50:96:e0:83:20:08:da:8a:9a: 2e:4e:d3:a5:7b:78:96:ef:a8:9c:c2:c2:0e:70:4c: 30:5e:7c:2e:14:af:48:b7:ca:4a:66:35:58:36:26: dd:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 51:55:9B:76:D8:0C:B4:F4:A5:5C:F0:FE:96:32:E1:55:45:D0:4C:B2 X509v3 Authority Key Identifier: keyid:C7:0D:BF:55:58:70:B5:56:AC:FA:B4:28:C7:4E:AC:EE:56:F7:B2:22 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xw2_VVhwtVas-rQox06s7lb3siI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/582b7f-60c3-411a-9625-32da1db4b203/1/UVWbdtgMtPSlXPD-ljLhVUXQTLI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/35/582b7f-60c3-411a-9625-32da1db4b203/1/xw2_VVhwtVas-rQox06s7lb3siI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.53.136.0/22 IPv6: 2a02:2d20::/32 Signature Algorithm: sha256WithRSAEncryption 14:85:77:4e:fa:34:e7:f4:ee:df:f4:59:9d:c3:8a:6c:3f:04: 56:bc:83:9f:69:74:5d:e7:51:8f:25:16:b9:0b:ef:37:f0:b6: d5:ef:d5:5e:18:42:75:b1:d9:2f:9e:0b:23:7e:35:49:14:6f: 6e:ba:98:e0:6a:69:9c:68:7f:72:a4:10:cf:7e:d6:a7:16:d1: 9c:d6:1a:83:17:36:14:3b:ba:dd:6f:3f:f4:f1:be:48:c2:ca: a0:32:1f:99:68:8f:14:31:6a:4d:69:26:d7:a5:59:fa:bd:e4: f2:f7:75:fd:b7:04:3f:6e:7a:5a:61:bb:be:22:6d:45:6d:8e: d7:67:b4:4c:cd:d2:9d:cf:7a:22:34:56:b8:57:d8:17:c1:fc: ae:c7:e8:84:ab:b1:47:21:63:fc:f3:61:ea:34:3f:c4:ca:27: 10:40:94:c6:40:76:d4:00:d1:24:55:00:dc:42:60:69:1c:dc: eb:f7:9b:96:8e:c2:14:28:61:61:56:46:d5:0e:5f:5d:86:89: 6b:56:26:f7:26:ab:f9:3e:d0:55:e1:6b:4e:0b:62:f1:88:ef: 27:d3:29:97:f6:c4:73:00:83:b0:eb:1c:bf:96:fc:e0:dd:ed: 91:45:cd:4c:ed:e4:8f:ee:fe:08:d2:dd:6e:90:ec:d1:ac:9e: ef:3e:ba:dd -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt6yMcDjzjWxToVL0GGfgEOMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM3MGRiZjU1NTg3MGI1NTZhY2ZhYjQyOGM3NGVhY2VlNTZm N2IyMjIwHhcNMjYwMTAxMTgxODU3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1MTU1OWI3NmQ4MGNiNGY0YTU1Y2YwZmU5NjMyZTE1NTQ1ZDA0Y2IyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyhE4B8087pJPDlJMnkaFuDERNEt6 GedSc0Fz2nv1lfx5AHkilVK3nxv7RT2VvX8kSsJaW362vkaBAR7T3FvqDzHZ52bu BZxpyEV7UxskJlsG1BunV5l3HxwEaPXFz+1aayMAhz4/Usgx0nGLyTPlERf//8a5 WQ/bZKqg7Lnn34wrmI9/Cxh1z/oN1Nv7Jb+Zd0WEq5I8EVDd5RF87DGY68vohXfd 8J9W1ghwPr9w4DZh3XH7F8/8z1OI8gzlZc6QElZQ6rKwDXm//puDr9iUVze4ZYMi EGJQluCDIAjaipouTtOle3iW76icwsIOcEwwXnwuFK9It8pKZjVYNibdTQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFFFVm3bYDLT0pVzw/pYy4VVF0EyyMB8GA1UdIwQY MBaAFMcNv1VYcLVWrPq0KMdOrO5W97IiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveHcyX1ZWaHd0VmFzLXJRb3gwNnM3bGIzc2lJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS81ODJiN2YtNjBjMy00MTFhLTk2MjUt MzJkYTFkYjRiMjAzLzEvVVZXYmR0Z010UFNsWFBELWxqTGhWVVhRVExJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNS81ODJiN2YtNjBjMy00MTFhLTk2MjUtMzJkYTFkYjRiMjAz LzEveHcyX1ZWaHd0VmFzLXJRb3gwNnM3bGIzc2lJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuTWIMA0E AgACMAcDBQAqAi0gMA0GCSqGSIb3DQEBCwUAA4IBAQAUhXdO+jTn9O7f9Fmdw4ps PwRWvIOfaXRd51GPJRa5C+838LbV79VeGEJ1sdkvngsjfjVJFG9uupjgammcaH9y pBDPftanFtGc1hqDFzYUO7rdbz/08b5IwsqgMh+ZaI8UMWpNaSbXpVn6veTy93X9 twQ/bnpaYbu+Im1FbY7XZ7RMzdKdz3oiNFa4V9gXwfyux+iEq7FHIWP882HqND/E yicQQJTGQHbUANEkVQDcQmBpHNzr95uWjsIUKGFhVkbVDl9dholrVib3Jqv5PtBV 4WtOC2LxiO8n0ymX9sRzAIOw6xy/lvzg3e2RRc1M7eSP7v4I0t1ukOzRrJ7vPrrd -----END CERTIFICATE-----Generated at Mon Feb 9 20:46:45 2026 by rpki-client