This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/d8c85e-4198-4869-b9cd-e280b6501704/1/uc4ULWEehhRdcmjm5-M-3dtNgb4.roa File: uc4ULWEehhRdcmjm5-M-3dtNgb4.roa (raw, json) Hash identifier: 4DcEizGzLbEoSz/XPNUF0gHOSRKi0znncm1nJ9Fh0vI= Subject key identifier: B9:CE:14:2D:61:1E:86:14:5D:72:68:E6:E7:E3:3E:DD:DB:4D:81:BE Certificate issuer: /CN=52702cdee043094ac2f33170125f94f7034da8f0 Certificate serial: 019B7D5D2A29DB53F401DB10C45DC5B3995E Authority key identifier: 52:70:2C:DE:E0:43:09:4A:C2:F3:31:70:12:5F:94:F7:03:4D:A8:F0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UnAs3uBDCUrC8zFwEl-U9wNNqPA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/d8c85e-4198-4869-b9cd-e280b6501704/1/uc4ULWEehhRdcmjm5-M-3dtNgb4.roa Signing time: Fri 02 Jan 2026 06:20:16 +0000 ROA not before: Fri 02 Jan 2026 06:20:16 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 59521 IP address blocks: 45.80.38.0/23 maxlen: 24 185.171.128.0/22 maxlen: 24 2a0a:f700::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7d/d8c85e-4198-4869-b9cd-e280b6501704/1/UnAs3uBDCUrC8zFwEl-U9wNNqPA.crl rsync://rpki.ripe.net/repository/DEFAULT/7d/d8c85e-4198-4869-b9cd-e280b6501704/1/UnAs3uBDCUrC8zFwEl-U9wNNqPA.mft rsync://rpki.ripe.net/repository/DEFAULT/UnAs3uBDCUrC8zFwEl-U9wNNqPA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5d:2a:29:db:53:f4:01:db:10:c4:5d:c5:b3:99:5e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=52702cdee043094ac2f33170125f94f7034da8f0 Validity Not Before: Jan 2 06:20:16 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=b9ce142d611e86145d7268e6e7e33edddb4d81be Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:61:9d:81:7a:95:1a:22:9e:08:3f:79:f7:86: de:51:21:f7:88:38:28:05:c9:d0:90:e6:da:9e:fc: 51:ea:63:11:17:4a:06:6c:f3:a3:f9:96:d5:9c:dd: 9e:ef:ac:ee:7f:41:18:ca:1a:a2:71:9f:f2:d5:b3: c2:22:16:0b:c8:75:2c:90:a8:96:f7:ac:eb:db:75: 6d:82:4d:cf:db:e6:09:ef:5b:b4:e1:43:ba:81:2e: 7e:a6:25:e1:12:d6:43:67:24:62:5a:35:a2:00:ff: 7c:e8:bb:3f:9f:ed:44:65:e8:5d:f9:3f:e6:df:15: 87:5f:39:54:27:a9:1c:dd:52:68:29:c3:90:e8:d7: 30:27:78:90:ef:41:22:81:ce:51:23:e7:64:d7:32: 3e:68:74:8f:89:83:bb:7c:38:42:d0:7d:e0:21:5a: 99:8f:5b:cf:5d:29:9b:a8:29:a1:1e:85:ad:bf:68: e1:5b:db:2c:20:64:cf:67:81:fb:6a:18:5d:1e:2c: 69:f9:0c:8d:af:20:91:8d:41:37:48:bf:91:d7:14: 5d:62:29:6d:6c:d2:96:72:0b:f0:39:b8:52:de:3e: 34:f5:9e:8c:17:af:dc:17:4c:6f:ca:f7:13:27:01: 3e:ef:50:0a:50:4b:af:97:73:6b:ea:9a:8d:cc:2b: 53:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B9:CE:14:2D:61:1E:86:14:5D:72:68:E6:E7:E3:3E:DD:DB:4D:81:BE X509v3 Authority Key Identifier: keyid:52:70:2C:DE:E0:43:09:4A:C2:F3:31:70:12:5F:94:F7:03:4D:A8:F0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UnAs3uBDCUrC8zFwEl-U9wNNqPA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/d8c85e-4198-4869-b9cd-e280b6501704/1/uc4ULWEehhRdcmjm5-M-3dtNgb4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/d8c85e-4198-4869-b9cd-e280b6501704/1/UnAs3uBDCUrC8zFwEl-U9wNNqPA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.80.38.0/23 185.171.128.0/22 IPv6: 2a0a:f700::/29 Signature Algorithm: sha256WithRSAEncryption 33:30:52:29:07:eb:9f:33:2c:0f:37:84:0c:be:a4:1f:f8:7a: a1:84:df:b8:25:c0:cc:0f:7c:2c:0c:09:e7:1d:77:88:fc:1b: a9:aa:8a:75:4b:13:7e:92:16:5a:cf:93:c1:2a:82:26:ee:03: 97:7f:67:2c:33:22:0a:aa:e1:1c:45:75:b1:98:f0:90:4e:d8: 55:54:ee:de:f9:2d:08:53:14:85:dc:9d:d4:c1:7e:fb:9c:cf: 58:c4:7b:fe:f7:8a:6b:30:69:b3:25:22:17:91:06:ca:c5:a9: 55:35:3f:67:2b:3d:d4:0a:ca:3d:84:cc:77:55:3c:2c:58:01: 87:94:af:c5:6d:bd:18:91:42:cb:ac:b1:a9:23:af:04:36:22: d3:f0:a3:a1:b0:5c:e0:bb:1d:d8:aa:7f:6f:d3:cd:ab:33:71: f1:35:c0:bd:d3:e7:51:7e:a6:83:b1:c0:f6:76:47:e0:3c:44: bd:ab:1c:eb:86:0d:db:59:9d:8a:da:85:00:b8:e4:8f:fd:b8: 31:57:18:e9:f3:7f:67:d8:5f:c5:8f:06:bc:4f:66:eb:b4:6b: c1:24:24:68:09:fb:91:dd:47:c5:86:95:09:44:51:e3:77:86: 99:91:30:8e:41:e0:40:f9:0d:4f:fa:4e:9f:95:52:e8:e8:58: 1f:e0:39:cb -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt9XSop21P0AdsQxF3Fs5leMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDUyNzAyY2RlZTA0MzA5NGFjMmYzMzE3MDEyNWY5NGY3MDM0 ZGE4ZjAwHhcNMjYwMTAyMDYyMDE2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiOWNlMTQyZDYxMWU4NjE0NWQ3MjY4ZTZlN2UzM2VkZGRiNGQ4MWJlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApWGdgXqVGiKeCD9594beUSH3iDgo BcnQkObanvxR6mMRF0oGbPOj+ZbVnN2e76zuf0EYyhqicZ/y1bPCIhYLyHUskKiW 96zr23Vtgk3P2+YJ71u04UO6gS5+piXhEtZDZyRiWjWiAP986Ls/n+1EZehd+T/m 3xWHXzlUJ6kc3VJoKcOQ6NcwJ3iQ70Eigc5RI+dk1zI+aHSPiYO7fDhC0H3gIVqZ j1vPXSmbqCmhHoWtv2jhW9ssIGTPZ4H7ahhdHixp+QyNryCRjUE3SL+R1xRdYilt bNKWcgvwObhS3j409Z6MF6/cF0xvyvcTJwE+71AKUEuvl3Nr6pqNzCtTEQIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFLnOFC1hHoYUXXJo5ufjPt3bTYG+MB8GA1UdIwQY MBaAFFJwLN7gQwlKwvMxcBJflPcDTajwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVW5BczN1QkRDVXJDOHpGd0VsLVU5d05OcVBBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9kOGM4NWUtNDE5OC00ODY5LWI5Y2Qt ZTI4MGI2NTAxNzA0LzEvdWM0VUxXRWVoaFJkY21qbTUtTS0zZHROZ2I0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83ZC9kOGM4NWUtNDE5OC00ODY5LWI5Y2QtZTI4MGI2NTAxNzA0 LzEvVW5BczN1QkRDVXJDOHpGd0VsLVU5d05OcVBBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBLVAmAwQC uauAMA0EAgACMAcDBQMqCvcAMA0GCSqGSIb3DQEBCwUAA4IBAQAzMFIpB+ufMywP N4QMvqQf+HqhhN+4JcDMD3wsDAnnHXeI/Bupqop1SxN+khZaz5PBKoIm7gOXf2cs MyIKquEcRXWxmPCQTthVVO7e+S0IUxSF3J3UwX77nM9YxHv+94prMGmzJSIXkQbK xalVNT9nKz3UCso9hMx3VTwsWAGHlK/Fbb0YkULLrLGpI68ENiLT8KOhsFzgux3Y qn9v082rM3HxNcC90+dRfqaDscD2dkfgPES9qxzrhg3bWZ2K2oUAuOSP/bgxVxjp 839n2F/Fjwa8T2brtGvBJCRoCfuR3UfFhpUJRFHjd4aZkTCOQeBA+Q1P+k6flVLo 6Fgf4DnL -----END CERTIFICATE-----Generated at Mon Feb 9 22:59:42 2026 by rpki-client