This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/bd0c07-e972-4d88-95e8-fc958e8d48c2/1/uH1OFQK-y6nSA9ln1NEz-DHjkYM.roa File: uH1OFQK-y6nSA9ln1NEz-DHjkYM.roa (raw, json) Hash identifier: gklS8iQwBkuF3RBvorQ4lbNpw7pGXOz/cK6thzC+bvI= Subject key identifier: B8:7D:4E:15:02:BE:CB:A9:D2:03:D9:67:D4:D1:33:F8:31:E3:91:83 Certificate issuer: /CN=56e02f73509bde35d95d1851803e1f00829eb718 Certificate serial: 019B775940BB7A74C7637859438A7030059B Authority key identifier: 56:E0:2F:73:50:9B:DE:35:D9:5D:18:51:80:3E:1F:00:82:9E:B7:18 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VuAvc1Cb3jXZXRhRgD4fAIKetxg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/bd0c07-e972-4d88-95e8-fc958e8d48c2/1/uH1OFQK-y6nSA9ln1NEz-DHjkYM.roa Signing time: Thu 01 Jan 2026 02:18:16 +0000 ROA not before: Thu 01 Jan 2026 02:18:16 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 15962 IP address blocks: 195.3.168.0/22 maxlen: 22 195.78.44.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/78/bd0c07-e972-4d88-95e8-fc958e8d48c2/1/VuAvc1Cb3jXZXRhRgD4fAIKetxg.crl rsync://rpki.ripe.net/repository/DEFAULT/78/bd0c07-e972-4d88-95e8-fc958e8d48c2/1/VuAvc1Cb3jXZXRhRgD4fAIKetxg.mft rsync://rpki.ripe.net/repository/DEFAULT/VuAvc1Cb3jXZXRhRgD4fAIKetxg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 15:22:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:59:40:bb:7a:74:c7:63:78:59:43:8a:70:30:05:9b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=56e02f73509bde35d95d1851803e1f00829eb718 Validity Not Before: Jan 1 02:18:16 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=b87d4e1502becba9d203d967d4d133f831e39183 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:32:c7:cb:a7:55:ff:ae:b9:d0:ea:41:ed:45: bb:6c:6a:9e:8d:2e:aa:b7:e4:82:c8:f2:55:0f:05: 0c:c9:93:35:3c:c5:29:89:47:12:e9:23:44:cc:75: 00:45:ab:0c:03:4d:e7:a3:0c:0d:7c:92:2d:94:c9: 9e:05:00:ae:f0:f9:88:21:32:7b:9c:8a:62:c2:7a: fd:1e:8c:ff:1f:68:35:02:96:84:d6:ad:a7:36:30: f5:c8:c9:45:82:70:84:f2:ce:23:1f:66:50:d8:d9: 13:b3:a0:5c:f3:29:6a:8d:49:f2:47:c1:ef:d9:b7: 6f:f4:8a:ba:8e:0b:f8:0a:9e:a2:4e:c6:ea:d5:83: 19:b1:c9:cc:5b:1a:39:72:94:68:78:3c:77:7b:0a: 34:16:ac:dc:bb:29:e4:ae:e3:45:65:ca:79:40:28: 80:e2:03:a6:54:4d:ca:22:3c:69:66:dd:ba:bc:e7: 9a:f8:08:13:a7:a3:f2:a3:71:af:a9:ad:ff:c8:78: d5:ae:39:1c:e6:d1:c1:9c:54:40:19:d2:a0:ba:84: ef:78:33:65:32:ad:f0:50:80:20:8a:c8:d7:50:90: 15:7e:3c:23:0f:7c:5a:47:cb:3a:b9:6c:ce:a5:fb: 8d:6f:2a:bf:98:00:92:fc:4a:67:6f:9b:1f:55:f1: a0:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B8:7D:4E:15:02:BE:CB:A9:D2:03:D9:67:D4:D1:33:F8:31:E3:91:83 X509v3 Authority Key Identifier: keyid:56:E0:2F:73:50:9B:DE:35:D9:5D:18:51:80:3E:1F:00:82:9E:B7:18 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VuAvc1Cb3jXZXRhRgD4fAIKetxg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/bd0c07-e972-4d88-95e8-fc958e8d48c2/1/uH1OFQK-y6nSA9ln1NEz-DHjkYM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/78/bd0c07-e972-4d88-95e8-fc958e8d48c2/1/VuAvc1Cb3jXZXRhRgD4fAIKetxg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 195.3.168.0/22 195.78.44.0/23 Signature Algorithm: sha256WithRSAEncryption 5e:96:c6:d4:82:b7:e7:f1:cb:45:52:14:37:bf:f6:84:5e:ac: f7:c0:7c:e5:84:12:a2:f1:5f:44:da:d5:fd:64:7c:38:10:46: 13:02:c5:32:fb:49:b9:58:f8:c8:80:77:29:be:5f:03:4b:fa: 32:8b:22:04:27:64:bd:8a:a9:9c:7e:4f:29:d5:53:e4:44:aa: 32:b2:bf:90:8c:73:d0:ab:31:b2:60:5e:6e:2f:25:10:74:93: 60:58:f3:b7:58:ac:d5:94:c4:2c:6f:53:56:6c:9d:70:12:e9: ce:0e:d8:d2:66:9b:f1:56:8a:33:0d:bd:b9:b6:f1:24:d6:6e: f1:ad:92:6d:f1:76:5b:30:e3:e5:d3:ed:99:0f:f1:ae:dd:26: e2:88:9d:f7:4c:6f:ee:89:18:15:4c:95:20:d7:6f:e7:8c:9b: 6c:07:81:4e:d8:c0:e8:18:de:58:48:74:a9:dd:f9:12:d0:bb: a5:65:12:92:59:50:dd:79:f7:b0:01:72:bb:e5:c0:78:1d:8c: 7c:be:c2:54:06:4d:cb:a3:3c:73:47:80:13:84:72:7a:c0:ef: 3f:05:34:b6:6a:3d:56:48:3e:16:53:06:f9:7b:f2:08:22:cc: 35:bb:b9:aa:c4:3f:ed:f2:41:2b:6d:97:9b:d0:04:c3:98:c0: a5:2c:8e:87 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt3WUC7enTHY3hZQ4pwMAWbMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDU2ZTAyZjczNTA5YmRlMzVkOTVkMTg1MTgwM2UxZjAwODI5 ZWI3MTgwHhcNMjYwMTAxMDIxODE2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiODdkNGUxNTAyYmVjYmE5ZDIwM2Q5NjdkNGQxMzNmODMxZTM5MTgzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvDLHy6dV/6650OpB7UW7bGqejS6q t+SCyPJVDwUMyZM1PMUpiUcS6SNEzHUARasMA03nowwNfJItlMmeBQCu8PmIITJ7 nIpiwnr9Hoz/H2g1ApaE1q2nNjD1yMlFgnCE8s4jH2ZQ2NkTs6Bc8ylqjUnyR8Hv 2bdv9Iq6jgv4Cp6iTsbq1YMZscnMWxo5cpRoeDx3ewo0FqzcuynkruNFZcp5QCiA 4gOmVE3KIjxpZt26vOea+AgTp6Pyo3Gvqa3/yHjVrjkc5tHBnFRAGdKguoTveDNl Mq3wUIAgisjXUJAVfjwjD3xaR8s6uWzOpfuNbyq/mACS/Epnb5sfVfGgzwIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFLh9ThUCvsup0gPZZ9TRM/gx45GDMB8GA1UdIwQY MBaAFFbgL3NQm9412V0YUYA+HwCCnrcYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVnVBdmMxQ2IzalhaWFJoUmdENGZBSUtldHhnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC9iZDBjMDctZTk3Mi00ZDg4LTk1ZTgt ZmM5NThlOGQ0OGMyLzEvdUgxT0ZRSy15Nm5TQTlsbjFORXotREhqa1lNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83OC9iZDBjMDctZTk3Mi00ZDg4LTk1ZTgtZmM5NThlOGQ0OGMy LzEvVnVBdmMxQ2IzalhaWFJoUmdENGZBSUtldHhnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCwwOoAwQB w04sMA0GCSqGSIb3DQEBCwUAA4IBAQBelsbUgrfn8ctFUhQ3v/aEXqz3wHzlhBKi 8V9E2tX9ZHw4EEYTAsUy+0m5WPjIgHcpvl8DS/oyiyIEJ2S9iqmcfk8p1VPkRKoy sr+QjHPQqzGyYF5uLyUQdJNgWPO3WKzVlMQsb1NWbJ1wEunODtjSZpvxVoozDb25 tvEk1m7xrZJt8XZbMOPl0+2ZD/Gu3SbiiJ33TG/uiRgVTJUg12/njJtsB4FO2MDo GN5YSHSp3fkS0LulZRKSWVDdefewAXK75cB4HYx8vsJUBk3LozxzR4AThHJ6wO8/ BTS2aj1WSD4WUwb5e/IIIsw1u7mqxD/t8kErbZeb0ATDmMClLI6H -----END CERTIFICATE-----Generated at Wed Jan 21 21:02:16 2026 by rpki-client