This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/UsjVmYUimm0drsapW-XTKL0zKBQ.roa File: UsjVmYUimm0drsapW-XTKL0zKBQ.roa (raw, json) Hash identifier: HGG+2gAWcfbmDxCC22jqiaTGmzpSWs32GcJL9PTzgBE= Subject key identifier: 52:C8:D5:99:85:22:9A:6D:1D:AE:C6:A9:5B:E5:D3:28:BD:33:28:14 Certificate issuer: /CN=826605b4d27f13968e8794e6ef091223748817d8 Certificate serial: 019B7F8171D6562772E84D322A760EC3C620 Authority key identifier: 82:66:05:B4:D2:7F:13:96:8E:87:94:E6:EF:09:12:23:74:88:17:D8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/UsjVmYUimm0drsapW-XTKL0zKBQ.roa Signing time: Fri 02 Jan 2026 16:19:08 +0000 ROA not before: Fri 02 Jan 2026 16:19:08 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 13213 IP address blocks: 168.199.169.0/24 maxlen: 24 168.199.234.0/24 maxlen: 24 168.199.235.0/24 maxlen: 24 168.199.245.0/24 maxlen: 24 185.101.255.0/24 maxlen: 24 185.171.255.0/24 maxlen: 24 185.226.204.0/24 maxlen: 24 185.226.207.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.crl rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.mft rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 10 Jan 2026 10:01:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:81:71:d6:56:27:72:e8:4d:32:2a:76:0e:c3:c6:20 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=826605b4d27f13968e8794e6ef091223748817d8 Validity Not Before: Jan 2 16:19:08 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=52c8d59985229a6d1daec6a95be5d328bd332814 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:a6:90:ce:2d:61:6a:fc:9a:c8:f1:be:7b:7d: 3f:a5:c8:f5:e9:b6:4c:f6:0c:de:32:ae:43:88:c4: 57:0f:fd:27:50:04:d3:da:b5:2f:ff:ef:d7:b5:96: 13:86:61:18:be:89:7c:8c:f1:a6:c2:82:ed:20:a2: e8:1a:09:68:c8:53:a7:66:a7:24:05:89:de:49:64: ac:9c:ed:9a:8f:67:49:84:a3:a5:e8:1d:04:79:70: 34:38:3c:0b:09:ed:ab:55:fd:52:1e:b5:44:9b:34: 3d:6c:32:2f:c5:d2:8b:d9:bf:84:69:ca:e6:3c:7b: b3:11:5f:b8:d6:70:e5:12:25:a1:83:dd:3f:61:84: 28:21:e0:0c:66:a1:9e:7b:25:51:79:98:e2:bf:d9: 23:d3:9e:f4:d0:1d:e2:6e:40:65:13:96:1f:82:0d: dc:25:85:f9:31:3f:f7:0c:06:14:f5:d2:e2:13:70: 30:8c:c0:24:58:8f:71:c7:15:27:a1:1a:f3:c5:c9: b1:ff:8b:20:c5:68:f6:5d:26:0c:2a:2e:f7:cc:1e: fa:cb:61:eb:c3:08:f8:da:3b:5e:a7:fe:26:c6:a3: 80:60:b6:8c:53:be:15:47:82:84:62:3d:33:0c:e5: 3c:98:e5:14:0d:c5:db:6a:cb:27:c0:14:70:9b:6c: 15:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 52:C8:D5:99:85:22:9A:6D:1D:AE:C6:A9:5B:E5:D3:28:BD:33:28:14 X509v3 Authority Key Identifier: keyid:82:66:05:B4:D2:7F:13:96:8E:87:94:E6:EF:09:12:23:74:88:17:D8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/UsjVmYUimm0drsapW-XTKL0zKBQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 168.199.169.0/24 168.199.234.0/23 168.199.245.0/24 185.101.255.0/24 185.171.255.0/24 185.226.204.0/24 185.226.207.0/24 Signature Algorithm: sha256WithRSAEncryption 8b:36:0a:36:47:45:4e:09:1f:cf:d9:ce:70:f8:d7:72:14:8f: fc:3c:64:48:cf:29:1a:74:59:9a:68:21:86:42:f5:db:18:b5: e3:72:88:4b:f6:77:df:9d:2f:1a:b7:63:b8:cb:95:46:3d:b1: 97:d7:4b:1c:c0:06:f7:30:49:20:5b:9d:4c:fa:e2:87:fc:b1: 6f:93:3e:23:2e:46:78:4c:3e:2f:c2:db:97:1c:a4:eb:d6:27: 27:dd:bb:48:17:50:b1:a6:6c:0e:06:87:19:9f:8e:07:bc:ee: 13:af:98:8a:68:e0:dc:31:04:2e:cb:46:b3:bd:9a:00:dd:31: 5c:7c:4b:1f:de:94:9d:92:01:6f:3e:74:14:9b:78:b8:fa:e8: 4c:c4:4a:83:94:6e:3c:1a:8f:3a:6e:16:0b:9d:b3:37:10:d1: cb:d3:89:b8:f7:25:7e:d3:1e:50:88:39:eb:16:d2:16:84:2a: 8f:2b:3e:3e:d1:e2:d6:80:67:96:d3:70:a7:5f:1e:67:ab:87: 63:b1:f8:f1:17:35:1b:06:e1:07:f5:85:7a:1e:4d:97:cb:ba: e0:14:11:f5:f5:72:3c:07:8a:47:ac:0d:e8:f4:8c:97:82:85: b4:be:80:1b:04:52:60:8c:ca:9a:2c:65:3f:e9:9b:be:38:4e: 3c:a5:ad:3c -----BEGIN CERTIFICATE----- MIIFITCCBAmgAwIBAgISAZt/gXHWVidy6E0yKnYOw8YgMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDgyNjYwNWI0ZDI3ZjEzOTY4ZTg3OTRlNmVmMDkxMjIzNzQ4 ODE3ZDgwHhcNMjYwMTAyMTYxOTA4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1MmM4ZDU5OTg1MjI5YTZkMWRhZWM2YTk1YmU1ZDMyOGJkMzMyODE0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAraaQzi1havyayPG+e30/pcj16bZM 9gzeMq5DiMRXD/0nUATT2rUv/+/XtZYThmEYvol8jPGmwoLtIKLoGgloyFOnZqck BYneSWSsnO2aj2dJhKOl6B0EeXA0ODwLCe2rVf1SHrVEmzQ9bDIvxdKL2b+Eacrm PHuzEV+41nDlEiWhg90/YYQoIeAMZqGeeyVReZjiv9kj05700B3ibkBlE5Yfgg3c JYX5MT/3DAYU9dLiE3AwjMAkWI9xxxUnoRrzxcmx/4sgxWj2XSYMKi73zB76y2Hr wwj42jtep/4mxqOAYLaMU74VR4KEYj0zDOU8mOUUDcXbassnwBRwm2wVvQIDAQAB o4ICLTCCAikwHQYDVR0OBBYEFFLI1ZmFIpptHa7GqVvl0yi9MygUMB8GA1UdIwQY MBaAFIJmBbTSfxOWjoeU5u8JEiN0iBfYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZ21ZRnROSl9FNWFPaDVUbTd3a1NJM1NJRjlnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9mYmNjMzItMzNjOC00MWZmLTg5ZmEt MmQxOTE4YmExYzBlLzEvVXNqVm1ZVWltbTBkcnNhcFctWFRLTDB6S0JRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Ny9mYmNjMzItMzNjOC00MWZmLTg5ZmEtMmQxOTE4YmExYzBl LzEvZ21ZRnROSl9FNWFPaDVUbTd3a1NJM1NJRjlnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAqMepAwQB qMfqAwQAqMf1AwQAuWX/AwQAuav/AwQAueLMAwQAueLPMA0GCSqGSIb3DQEBCwUA A4IBAQCLNgo2R0VOCR/P2c5w+NdyFI/8PGRIzykadFmaaCGGQvXbGLXjcohL9nff nS8at2O4y5VGPbGX10scwAb3MEkgW51M+uKH/LFvkz4jLkZ4TD4vwtuXHKTr1icn 3btIF1CxpmwOBocZn44HvO4Tr5iKaODcMQQuy0azvZoA3TFcfEsf3pSdkgFvPnQU m3i4+uhMxEqDlG48Go86bhYLnbM3ENHL04m49yV+0x5QiDnrFtIWhCqPKz4+0eLW gGeW03CnXx5nq4djsfjxFzUbBuEH9YV6Hk2Xy7rgFBH19XI8B4pHrA3o9IyXgoW0 voAbBFJgjMqaLGU/6Zu+OE48pa08 -----END CERTIFICATE-----Generated at Fri Jan 9 16:51:09 2026 by rpki-client