This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/b27bd0-3d39-4d78-aa2c-1f3ccfa61aac/1/Uq_lgf22CyRPTLlDLpseABSp5Z8.roa File: Uq_lgf22CyRPTLlDLpseABSp5Z8.roa (raw, json) Hash identifier: ZxjPQAprtj0pbHDEH1/wBuxrsT7248o1k1AiheIh8sE= Subject key identifier: 52:AF:E5:81:FD:B6:0B:24:4F:4C:B9:43:2E:9B:1E:00:14:A9:E5:9F Certificate issuer: /CN=8a4000101ad393cadf7fc8fd63daad3c6dae124f Certificate serial: 019B7B36D03CC7724EA16005349510A73A00 Authority key identifier: 8A:40:00:10:1A:D3:93:CA:DF:7F:C8:FD:63:DA:AD:3C:6D:AE:12:4F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ikAAEBrTk8rff8j9Y9qtPG2uEk8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/b27bd0-3d39-4d78-aa2c-1f3ccfa61aac/1/Uq_lgf22CyRPTLlDLpseABSp5Z8.roa Signing time: Thu 01 Jan 2026 20:19:08 +0000 ROA not before: Thu 01 Jan 2026 20:19:08 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 41549 IP address blocks: 88.84.0.0/19 maxlen: 19 89.186.208.0/21 maxlen: 21 146.185.0.0/21 maxlen: 21 157.173.80.0/20 maxlen: 20 178.21.224.0/21 maxlen: 21 185.37.72.0/22 maxlen: 22 194.11.218.0/23 maxlen: 23 195.20.64.0/19 maxlen: 19 213.159.144.0/20 maxlen: 20 217.67.128.0/20 maxlen: 20 2a01:aec0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6c/b27bd0-3d39-4d78-aa2c-1f3ccfa61aac/1/ikAAEBrTk8rff8j9Y9qtPG2uEk8.crl rsync://rpki.ripe.net/repository/DEFAULT/6c/b27bd0-3d39-4d78-aa2c-1f3ccfa61aac/1/ikAAEBrTk8rff8j9Y9qtPG2uEk8.mft rsync://rpki.ripe.net/repository/DEFAULT/ikAAEBrTk8rff8j9Y9qtPG2uEk8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 28 Jan 2026 00:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:36:d0:3c:c7:72:4e:a1:60:05:34:95:10:a7:3a:00 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8a4000101ad393cadf7fc8fd63daad3c6dae124f Validity Not Before: Jan 1 20:19:08 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=52afe581fdb60b244f4cb9432e9b1e0014a9e59f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:f1:54:b8:53:01:98:9f:a2:1f:6a:96:ba:12: 0a:54:22:8a:d3:eb:47:99:ea:aa:19:65:72:64:97: c8:ce:de:78:c6:4e:d6:03:f4:2b:4d:98:45:87:03: 41:e2:f1:21:bd:93:e1:8d:5d:d6:56:f1:f2:44:ff: b8:fa:56:9c:20:9c:b1:94:64:61:da:90:af:95:54: f0:37:7f:9c:fd:5e:8b:d4:e6:28:91:a0:bd:12:ac: 54:18:c5:3c:00:03:f8:1e:b9:d6:1b:1d:87:31:d3: 97:16:bd:4f:ba:bc:a4:9f:9b:13:4a:9f:47:51:6d: 4a:02:e9:87:8b:b3:fa:c6:9b:55:a3:4f:98:65:7b: 90:7d:55:bb:7c:14:a2:25:7e:ac:f1:14:a5:f3:da: a2:b5:08:63:87:fc:bb:14:92:f7:66:c3:d4:8a:bf: 10:13:fc:f6:d8:3d:25:39:41:a8:ec:e0:04:b8:eb: 4e:aa:7e:ed:73:34:09:fc:29:e2:0f:fc:3f:c0:75: e8:5e:42:21:5c:07:44:cb:f6:e3:47:e7:8e:e2:8e: ed:37:de:4a:d0:94:1d:40:d0:1d:cb:aa:f1:8a:9e: 7a:06:e1:e7:ba:53:61:23:04:2a:84:99:c5:f2:4d: fb:42:7a:61:d7:a2:23:a3:08:24:80:a5:f2:ab:97: 3c:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 52:AF:E5:81:FD:B6:0B:24:4F:4C:B9:43:2E:9B:1E:00:14:A9:E5:9F X509v3 Authority Key Identifier: keyid:8A:40:00:10:1A:D3:93:CA:DF:7F:C8:FD:63:DA:AD:3C:6D:AE:12:4F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ikAAEBrTk8rff8j9Y9qtPG2uEk8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/b27bd0-3d39-4d78-aa2c-1f3ccfa61aac/1/Uq_lgf22CyRPTLlDLpseABSp5Z8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/b27bd0-3d39-4d78-aa2c-1f3ccfa61aac/1/ikAAEBrTk8rff8j9Y9qtPG2uEk8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 88.84.0.0/19 89.186.208.0/21 146.185.0.0/21 157.173.80.0/20 178.21.224.0/21 185.37.72.0/22 194.11.218.0/23 195.20.64.0/19 213.159.144.0/20 217.67.128.0/20 IPv6: 2a01:aec0::/32 Signature Algorithm: sha256WithRSAEncryption 14:5c:40:ec:11:ba:de:11:bc:57:9a:6f:1c:04:31:4e:ad:1f: 0c:5a:60:fc:bb:55:ac:68:b4:b4:c8:f4:29:0e:a0:43:6a:a9: 1b:e3:f7:26:99:9e:85:2c:b2:c4:de:6b:0f:4f:44:24:98:d8: 57:68:94:70:0f:25:fc:cf:c8:b7:14:b8:90:ad:18:0f:ce:91: 0a:b2:0d:06:c5:16:ee:2e:d9:9d:d9:ab:b6:97:dc:83:de:2d: a5:ef:a0:f9:2e:31:9f:d7:a2:74:84:dd:da:b6:f8:e0:cd:de: 3e:3f:0f:d0:33:61:6d:d6:14:eb:fe:24:0a:5b:2e:b5:6e:12: 1a:43:da:47:ab:3d:97:59:0c:10:fe:d2:77:58:8d:c2:49:aa: a2:39:22:8d:2c:cd:1e:e2:22:f0:5c:19:a9:c5:74:1a:ac:dc: dd:a1:72:8b:07:80:5b:35:e2:da:de:9b:7a:9a:19:a5:43:78: b4:31:a6:d0:fd:b2:13:a9:d5:cf:1b:82:8f:31:36:53:b7:ac: 8a:b8:9b:f7:38:09:47:cd:df:42:38:a2:f5:d4:d3:a0:88:3b: 22:f1:29:d3:09:d9:1f:94:d7:02:80:e1:2a:da:e6:cb:45:3c: 37:15:ad:3f:34:6c:30:e3:76:79:ec:3b:c8:36:42:a4:b7:2e: 55:31:94:a7 -----BEGIN CERTIFICATE----- MIIFQjCCBCqgAwIBAgISAZt7NtA8x3JOoWAFNJUQpzoAMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDhhNDAwMDEwMWFkMzkzY2FkZjdmYzhmZDYzZGFhZDNjNmRh ZTEyNGYwHhcNMjYwMTAxMjAxOTA4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1MmFmZTU4MWZkYjYwYjI0NGY0Y2I5NDMyZTliMWUwMDE0YTllNTlmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq/FUuFMBmJ+iH2qWuhIKVCKK0+tH meqqGWVyZJfIzt54xk7WA/QrTZhFhwNB4vEhvZPhjV3WVvHyRP+4+lacIJyxlGRh 2pCvlVTwN3+c/V6L1OYokaC9EqxUGMU8AAP4HrnWGx2HMdOXFr1Purykn5sTSp9H UW1KAumHi7P6xptVo0+YZXuQfVW7fBSiJX6s8RSl89qitQhjh/y7FJL3ZsPUir8Q E/z22D0lOUGo7OAEuOtOqn7tczQJ/CniD/w/wHXoXkIhXAdEy/bjR+eO4o7tN95K 0JQdQNAdy6rxip56BuHnulNhIwQqhJnF8k37Qnph16IjowgkgKXyq5c8wwIDAQAB o4ICTjCCAkowHQYDVR0OBBYEFFKv5YH9tgskT0y5Qy6bHgAUqeWfMB8GA1UdIwQY MBaAFIpAABAa05PK33/I/WParTxtrhJPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaWtBQUVCclRrOHJmZjhqOVk5cXRQRzJ1RWs4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy9iMjdiZDAtM2QzOS00ZDc4LWFhMmMt MWYzY2NmYTYxYWFjLzEvVXFfbGdmMjJDeVJQVExsRExwc2VBQlNwNVo4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Yy9iMjdiZDAtM2QzOS00ZDc4LWFhMmMtMWYzY2NmYTYxYWFj LzEvaWtBQUVCclRrOHJmZjhqOVk5cXRQRzJ1RWs4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzBCBAIAATA8AwQFWFQAAwQD WbrQAwQDkrkAAwQEna1QAwQDshXgAwQCuSVIAwQBwgvaAwQFwxRAAwQE1Z+QAwQE 2UOAMA0EAgACMAcDBQAqAa7AMA0GCSqGSIb3DQEBCwUAA4IBAQAUXEDsEbreEbxX mm8cBDFOrR8MWmD8u1WsaLS0yPQpDqBDaqkb4/cmmZ6FLLLE3msPT0QkmNhXaJRw DyX8z8i3FLiQrRgPzpEKsg0GxRbuLtmd2au2l9yD3i2l76D5LjGf16J0hN3atvjg zd4+Pw/QM2Ft1hTr/iQKWy61bhIaQ9pHqz2XWQwQ/tJ3WI3CSaqiOSKNLM0e4iLw XBmpxXQarNzdoXKLB4BbNeLa3pt6mhmlQ3i0MabQ/bITqdXPG4KPMTZTt6yKuJv3 OAlHzd9COKL11NOgiDsi8SnTCdkflNcCgOEq2ubLRTw3Fa0/NGww43Z57DvINkKk ty5VMZSn -----END CERTIFICATE-----Generated at Tue Jan 27 10:17:48 2026 by rpki-client