This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/8dd051-e2e7-496c-a9d0-fa266bb72f73/1/U2pubs2iBylOl3mQStn1NV5HAeU.roa File: U2pubs2iBylOl3mQStn1NV5HAeU.roa (raw, json) Hash identifier: 3j+LrDTQ4DdD50DNjrhLgobkQoPmqtoqS9thhekJ5tY= Subject key identifier: 53:6A:6E:6E:CD:A2:07:29:4E:97:79:90:4A:D9:F5:35:5E:47:01:E5 Certificate issuer: /CN=61a14553cacf103274d433e6b268066e01541b25 Certificate serial: 019B7F1470FA5A7E0EBC25DEEE7BA161C755 Authority key identifier: 61:A1:45:53:CA:CF:10:32:74:D4:33:E6:B2:68:06:6E:01:54:1B:25 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YaFFU8rPEDJ01DPmsmgGbgFUGyU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/8dd051-e2e7-496c-a9d0-fa266bb72f73/1/U2pubs2iBylOl3mQStn1NV5HAeU.roa Signing time: Fri 02 Jan 2026 14:20:04 +0000 ROA not before: Fri 02 Jan 2026 14:20:04 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 201134 IP address blocks: 87.117.70.0/23 maxlen: 24 185.82.128.0/23 maxlen: 23 185.82.130.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/8dd051-e2e7-496c-a9d0-fa266bb72f73/1/YaFFU8rPEDJ01DPmsmgGbgFUGyU.crl rsync://rpki.ripe.net/repository/DEFAULT/4d/8dd051-e2e7-496c-a9d0-fa266bb72f73/1/YaFFU8rPEDJ01DPmsmgGbgFUGyU.mft rsync://rpki.ripe.net/repository/DEFAULT/YaFFU8rPEDJ01DPmsmgGbgFUGyU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 14:00:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:14:70:fa:5a:7e:0e:bc:25:de:ee:7b:a1:61:c7:55 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=61a14553cacf103274d433e6b268066e01541b25 Validity Not Before: Jan 2 14:20:04 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=536a6e6ecda207294e9779904ad9f5355e4701e5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:91:ae:47:3e:6e:a1:9c:f3:5a:a6:b2:23:05: 20:0e:cb:8d:78:8d:c7:25:a1:85:2c:4a:a5:ba:7f: 0c:79:47:d7:41:5d:6c:71:5e:dd:8f:98:de:95:88: fb:9a:60:8e:46:0f:df:1f:6c:90:6a:5e:b9:da:ec: c1:e1:6e:9d:67:e5:d2:3e:c5:99:a7:04:37:a6:80: 13:f1:9a:b9:e7:52:5d:9f:13:03:bb:4b:19:c1:9c: 37:bd:f4:6e:50:8f:ce:5a:b1:31:29:b2:04:32:ad: 31:4c:30:14:21:14:9c:ed:a0:7c:06:5d:1d:36:38: e9:2e:d1:45:27:5a:c0:d7:76:df:7a:6c:d4:ff:d8: 76:af:54:a9:0f:b6:f2:37:21:e0:79:26:89:0c:7f: 3b:29:af:c9:27:58:d0:e7:f8:1a:42:b7:be:74:9b: 00:38:9d:d8:14:dc:dc:9a:bd:3a:03:69:0e:cd:6a: 1f:fe:0a:a9:ac:38:e4:c2:44:6c:2b:25:cb:cf:ae: de:c1:01:7e:d8:ab:21:c9:23:1b:47:7e:1a:8b:1a: ee:01:a0:69:09:d7:85:d3:55:f2:25:c4:3c:81:67: 9c:ca:ee:14:25:7d:5a:8f:49:6d:4b:83:a0:da:5a: 91:cb:fd:82:53:57:a4:5a:8d:4c:6d:d7:a1:6c:87: 2e:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 53:6A:6E:6E:CD:A2:07:29:4E:97:79:90:4A:D9:F5:35:5E:47:01:E5 X509v3 Authority Key Identifier: keyid:61:A1:45:53:CA:CF:10:32:74:D4:33:E6:B2:68:06:6E:01:54:1B:25 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YaFFU8rPEDJ01DPmsmgGbgFUGyU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/8dd051-e2e7-496c-a9d0-fa266bb72f73/1/U2pubs2iBylOl3mQStn1NV5HAeU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/8dd051-e2e7-496c-a9d0-fa266bb72f73/1/YaFFU8rPEDJ01DPmsmgGbgFUGyU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 87.117.70.0/23 185.82.128.0/22 Signature Algorithm: sha256WithRSAEncryption 59:6b:17:2a:c5:51:53:44:9b:a9:b8:19:46:02:bd:03:b3:7c: b9:3a:e0:23:66:dc:d0:63:e2:59:98:5a:0e:d8:31:c3:24:d3: 9e:f1:1f:cc:a7:e2:6b:51:38:d7:c2:8b:b6:4c:25:07:8c:bd: 71:5e:d3:b3:f6:c5:db:85:22:b3:4a:dd:bd:c0:4d:c3:1f:6e: 51:56:4e:e6:51:89:4b:1d:bb:05:e5:62:e1:54:ab:70:4e:62: f6:40:e2:fb:7d:e3:b1:81:fa:3e:4c:70:3b:8f:37:59:b2:2e: 67:f8:d9:56:9d:bf:13:02:5c:67:92:58:50:5e:cb:17:fc:64: c3:08:86:40:bb:17:c1:e8:eb:c4:0d:a2:2c:87:e9:df:b2:60: 7f:4c:db:08:ec:a7:fc:8a:d0:a0:77:08:14:bd:05:bd:aa:fb: 48:5f:88:d0:f0:01:3e:34:b3:5d:05:6f:d1:60:62:d7:50:f7: fb:ca:49:74:0a:f0:d7:30:fc:39:47:d3:0e:99:72:09:9e:37: c7:12:8b:e7:66:c1:60:a7:20:49:f6:de:24:71:d6:8e:62:62: bf:90:54:0d:2e:06:a1:e6:7b:9e:fb:9f:ae:88:c7:db:06:3e: 33:66:0a:54:43:96:56:5e:a1:e3:d7:2a:66:5f:3c:2a:13:95: 7c:36:19:92 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt/FHD6Wn4OvCXe7nuhYcdVMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYxYTE0NTUzY2FjZjEwMzI3NGQ0MzNlNmIyNjgwNjZlMDE1 NDFiMjUwHhcNMjYwMTAyMTQyMDA0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1MzZhNmU2ZWNkYTIwNzI5NGU5Nzc5OTA0YWQ5ZjUzNTVlNDcwMWU1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1pGuRz5uoZzzWqayIwUgDsuNeI3H JaGFLEqlun8MeUfXQV1scV7dj5jelYj7mmCORg/fH2yQal652uzB4W6dZ+XSPsWZ pwQ3poAT8Zq551JdnxMDu0sZwZw3vfRuUI/OWrExKbIEMq0xTDAUIRSc7aB8Bl0d NjjpLtFFJ1rA13bfemzU/9h2r1SpD7byNyHgeSaJDH87Ka/JJ1jQ5/gaQre+dJsA OJ3YFNzcmr06A2kOzWof/gqprDjkwkRsKyXLz67ewQF+2KshySMbR34aixruAaBp CdeF01XyJcQ8gWecyu4UJX1aj0ltS4Og2lqRy/2CU1ekWo1MbdehbIcujwIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFFNqbm7NogcpTpd5kErZ9TVeRwHlMB8GA1UdIwQY MBaAFGGhRVPKzxAydNQz5rJoBm4BVBslMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWWFGRlU4clBFREowMURQbXNtZ0diZ0ZVR3lVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC84ZGQwNTEtZTJlNy00OTZjLWE5ZDAt ZmEyNjZiYjcyZjczLzEvVTJwdWJzMmlCeWxPbDNtUVN0bjFOVjVIQWVVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80ZC84ZGQwNTEtZTJlNy00OTZjLWE5ZDAtZmEyNjZiYjcyZjcz LzEvWWFGRlU4clBFREowMURQbXNtZ0diZ0ZVR3lVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBV3VGAwQC uVKAMA0GCSqGSIb3DQEBCwUAA4IBAQBZaxcqxVFTRJupuBlGAr0Ds3y5OuAjZtzQ Y+JZmFoO2DHDJNOe8R/Mp+JrUTjXwou2TCUHjL1xXtOz9sXbhSKzSt29wE3DH25R Vk7mUYlLHbsF5WLhVKtwTmL2QOL7feOxgfo+THA7jzdZsi5n+NlWnb8TAlxnklhQ XssX/GTDCIZAuxfB6OvEDaIsh+nfsmB/TNsI7Kf8itCgdwgUvQW9qvtIX4jQ8AE+ NLNdBW/RYGLXUPf7ykl0CvDXMPw5R9MOmXIJnjfHEovnZsFgpyBJ9t4kcdaOYmK/ kFQNLgah5nue+5+uiMfbBj4zZgpUQ5ZWXqHj1ypmXzwqE5V8NhmS -----END CERTIFICATE-----Generated at Mon Jan 26 22:12:24 2026 by rpki-client