This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/3e7654-5124-4a6e-9497-9a9ed1ef2e8d/1/UkEvL82Ai032M4wv8GxMsbA-KLA.roa File: UkEvL82Ai032M4wv8GxMsbA-KLA.roa (raw, json) Hash identifier: vN3Xhywxjsgx4E5ET3s8qfI05X3umjLYJnDdpjt/QU0= Subject key identifier: 52:41:2F:2F:CD:80:8B:4D:F6:33:8C:2F:F0:6C:4C:B1:B0:3E:28:B0 Certificate issuer: /CN=21f10e34421baff174d60678f32fa5e35cdf957e Certificate serial: 019B7A5AB5B44F28B09298E948D744DF8B94 Authority key identifier: 21:F1:0E:34:42:1B:AF:F1:74:D6:06:78:F3:2F:A5:E3:5C:DF:95:7E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IfEONEIbr_F01gZ48y-l41zflX4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/3e7654-5124-4a6e-9497-9a9ed1ef2e8d/1/UkEvL82Ai032M4wv8GxMsbA-KLA.roa Signing time: Thu 01 Jan 2026 16:18:43 +0000 ROA not before: Thu 01 Jan 2026 16:18:43 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 208594 IP address blocks: 45.94.148.0/22 maxlen: 24 45.94.148.0/24 maxlen: 24 45.94.149.0/24 maxlen: 24 45.94.150.0/24 maxlen: 24 45.94.151.0/24 maxlen: 24 2a0e:2ec0::/29 maxlen: 64 2a0e:2ec0:1::/48 maxlen: 48 2a0e:2ec0:2::/48 maxlen: 48 2a0e:2ec0:3::/48 maxlen: 48 2a0e:2ec0:4::/48 maxlen: 48 2a0e:2ec0:5::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/3e7654-5124-4a6e-9497-9a9ed1ef2e8d/1/IfEONEIbr_F01gZ48y-l41zflX4.crl rsync://rpki.ripe.net/repository/DEFAULT/3a/3e7654-5124-4a6e-9497-9a9ed1ef2e8d/1/IfEONEIbr_F01gZ48y-l41zflX4.mft rsync://rpki.ripe.net/repository/DEFAULT/IfEONEIbr_F01gZ48y-l41zflX4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 29 Jan 2026 16:01:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5a:b5:b4:4f:28:b0:92:98:e9:48:d7:44:df:8b:94 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=21f10e34421baff174d60678f32fa5e35cdf957e Validity Not Before: Jan 1 16:18:43 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=52412f2fcd808b4df6338c2ff06c4cb1b03e28b0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:5a:20:13:ed:98:e6:e8:c9:78:59:60:95:86: 98:4c:ab:cf:da:16:03:09:27:4d:fb:be:0d:bb:b8: f1:6e:d1:5c:41:71:dd:88:77:2f:ac:95:bd:bc:ad: 31:00:3e:a7:f0:32:e6:ea:70:c8:91:d4:ff:e3:cc: c3:d6:c5:24:6d:ce:79:fb:38:5d:01:c2:4e:9e:5d: 36:99:89:09:0d:8d:6f:41:00:e1:f2:63:0e:70:f8: 20:b5:a9:9e:6b:c5:31:e5:7d:71:b4:28:2d:1c:35: 0f:6f:30:43:7c:85:cf:6b:e1:0c:d4:94:58:01:ba: 45:f8:c0:a0:b9:80:fa:a5:fe:89:95:5b:aa:93:ec: 31:aa:ca:90:e7:99:78:0a:4d:48:ad:24:f9:01:df: 7c:62:9c:2c:ed:e6:ff:72:eb:e4:0d:83:85:e9:38: f5:3b:23:63:58:1a:06:97:2a:d5:db:b4:dd:04:0c: a8:2a:21:17:08:30:9e:35:ec:d6:78:a6:d3:82:47: 98:98:1f:45:09:cc:d4:c2:1a:f9:4d:9e:2b:06:e5: 04:31:aa:38:4b:12:59:d4:09:b0:87:a4:5e:b9:24: 3e:1b:14:29:98:cd:b3:df:11:83:97:b6:38:c5:28: 35:f9:c3:5d:f5:1f:51:68:19:49:7b:a2:67:c4:90: 31:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 52:41:2F:2F:CD:80:8B:4D:F6:33:8C:2F:F0:6C:4C:B1:B0:3E:28:B0 X509v3 Authority Key Identifier: keyid:21:F1:0E:34:42:1B:AF:F1:74:D6:06:78:F3:2F:A5:E3:5C:DF:95:7E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IfEONEIbr_F01gZ48y-l41zflX4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/3e7654-5124-4a6e-9497-9a9ed1ef2e8d/1/UkEvL82Ai032M4wv8GxMsbA-KLA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/3e7654-5124-4a6e-9497-9a9ed1ef2e8d/1/IfEONEIbr_F01gZ48y-l41zflX4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.94.148.0/22 IPv6: 2a0e:2ec0::/29 Signature Algorithm: sha256WithRSAEncryption 8c:cd:89:db:dc:b2:1f:d0:6e:9c:14:b4:89:e5:92:d6:12:bf: b0:44:f0:a5:ec:b4:db:7d:32:15:c8:e5:80:cb:8d:74:43:2d: f3:68:6d:58:9f:6c:e4:d7:c7:57:af:91:7c:fa:1f:89:cb:65: cd:52:37:63:ef:2c:23:67:c7:3e:c0:ed:88:94:35:4c:cd:1c: 19:e4:46:07:b1:59:7d:1c:a0:03:d8:89:26:75:48:6e:c8:10: bf:11:c2:d1:cb:6f:cc:10:33:2f:e4:5b:9c:f0:a5:af:21:96: dd:8e:b8:c7:67:a9:0f:7a:55:a1:18:ce:c2:88:f0:d3:f0:19: 3c:a4:38:94:90:64:db:f7:e9:5e:7b:76:5a:91:f3:7e:25:db: 25:6c:60:de:d4:4c:a5:ef:ef:b7:ed:4e:f5:3a:cd:1c:0c:03: 02:11:07:3e:0f:3f:5d:fc:97:95:5c:ec:68:68:f5:d1:ea:3a: 8a:4d:28:08:fc:88:5a:fa:85:4c:a4:9a:8e:57:62:21:ec:54: 70:eb:16:3d:e5:74:e8:49:ca:29:7c:94:70:b8:29:84:9b:6e: b7:96:83:df:27:13:eb:16:fd:7e:41:6a:00:3f:08:ce:c3:c8: 36:e7:0b:8e:4a:51:8e:94:f5:37:3c:59:10:6c:74:71:50:00: 5e:fc:93:7f -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt6WrW0TyiwkpjpSNdE34uUMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIxZjEwZTM0NDIxYmFmZjE3NGQ2MDY3OGYzMmZhNWUzNWNk Zjk1N2UwHhcNMjYwMTAxMTYxODQzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1MjQxMmYyZmNkODA4YjRkZjYzMzhjMmZmMDZjNGNiMWIwM2UyOGIwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtVogE+2Y5ujJeFlglYaYTKvP2hYD CSdN+74Nu7jxbtFcQXHdiHcvrJW9vK0xAD6n8DLm6nDIkdT/48zD1sUkbc55+zhd AcJOnl02mYkJDY1vQQDh8mMOcPggtamea8Ux5X1xtCgtHDUPbzBDfIXPa+EM1JRY AbpF+MCguYD6pf6JlVuqk+wxqsqQ55l4Ck1IrST5Ad98Ypws7eb/cuvkDYOF6Tj1 OyNjWBoGlyrV27TdBAyoKiEXCDCeNezWeKbTgkeYmB9FCczUwhr5TZ4rBuUEMao4 SxJZ1Amwh6ReuSQ+GxQpmM2z3xGDl7Y4xSg1+cNd9R9RaBlJe6JnxJAxDwIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFFJBLy/NgItN9jOML/BsTLGwPiiwMB8GA1UdIwQY MBaAFCHxDjRCG6/xdNYGePMvpeNc35V+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSWZFT05FSWJyX0YwMWdaNDh5LWw0MXpmbFg0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS8zZTc2NTQtNTEyNC00YTZlLTk0OTct OWE5ZWQxZWYyZThkLzEvVWtFdkw4MkFpMDMyTTR3djhHeE1zYkEtS0xBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYS8zZTc2NTQtNTEyNC00YTZlLTk0OTctOWE5ZWQxZWYyZThk LzEvSWZFT05FSWJyX0YwMWdaNDh5LWw0MXpmbFg0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLV6UMA0E AgACMAcDBQMqDi7AMA0GCSqGSIb3DQEBCwUAA4IBAQCMzYnb3LIf0G6cFLSJ5ZLW Er+wRPCl7LTbfTIVyOWAy410Qy3zaG1Yn2zk18dXr5F8+h+Jy2XNUjdj7ywjZ8c+ wO2IlDVMzRwZ5EYHsVl9HKAD2IkmdUhuyBC/EcLRy2/MEDMv5Fuc8KWvIZbdjrjH Z6kPelWhGM7CiPDT8Bk8pDiUkGTb9+lee3ZakfN+JdslbGDe1Eyl7++37U71Os0c DAMCEQc+Dz9d/JeVXOxoaPXR6jqKTSgI/Iha+oVMpJqOV2Ih7FRw6xY95XToScop fJRwuCmEm263loPfJxPrFv1+QWoAPwjOw8g25wuOSlGOlPU3PFkQbHRxUABe/JN/ -----END CERTIFICATE-----Generated at Wed Jan 28 23:54:11 2026 by rpki-client