This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/b9231f-b3df-4012-96d7-7204b811250f/1/uTfCO2CQvjnwzxgvmE8a-0Q3PkE.roa File: uTfCO2CQvjnwzxgvmE8a-0Q3PkE.roa (raw, json) Hash identifier: uXLhOjnuwZec+7he1bSLRYP9Be1CjyK6Z98Hp44cEVE= Subject key identifier: B9:37:C2:3B:60:90:BE:39:F0:CF:18:2F:98:4F:1A:FB:44:37:3E:41 Certificate issuer: /CN=7d0b44e492549e1b7da532c80c348850c5a44e80 Certificate serial: 019B7D5CF70A6D156317DC2F14E8B26D1233 Authority key identifier: 7D:0B:44:E4:92:54:9E:1B:7D:A5:32:C8:0C:34:88:50:C5:A4:4E:80 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQtE5JJUnht9pTLIDDSIUMWkToA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/b9231f-b3df-4012-96d7-7204b811250f/1/uTfCO2CQvjnwzxgvmE8a-0Q3PkE.roa Signing time: Fri 02 Jan 2026 06:20:03 +0000 ROA not before: Fri 02 Jan 2026 06:20:03 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 15830 IP address blocks: 185.83.40.0/22 maxlen: 22 2a05:9800::/29 maxlen: 29 2a05:9800::/32 maxlen: 32 2a05:9804::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a5/b9231f-b3df-4012-96d7-7204b811250f/1/fQtE5JJUnht9pTLIDDSIUMWkToA.crl rsync://rpki.ripe.net/repository/DEFAULT/a5/b9231f-b3df-4012-96d7-7204b811250f/1/fQtE5JJUnht9pTLIDDSIUMWkToA.mft rsync://rpki.ripe.net/repository/DEFAULT/fQtE5JJUnht9pTLIDDSIUMWkToA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 21:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5c:f7:0a:6d:15:63:17:dc:2f:14:e8:b2:6d:12:33 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7d0b44e492549e1b7da532c80c348850c5a44e80 Validity Not Before: Jan 2 06:20:03 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=b937c23b6090be39f0cf182f984f1afb44373e41 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:94:46:70:08:29:5e:bd:30:19:9a:06:b0:fc: 2e:d0:f9:ef:7a:63:91:19:ea:e3:1e:5a:a3:74:72: 05:70:4d:12:fd:50:19:7d:77:eb:03:2e:de:b7:86: 4e:80:b1:ea:e8:e1:75:01:53:f9:76:60:af:c9:2e: 2f:e7:f1:20:b9:94:92:4a:0c:1e:c8:b3:f6:d3:4d: 66:c8:dd:be:e0:a7:13:6e:ae:5f:c6:a9:c3:1f:cd: 1d:3f:66:cc:1a:bc:8f:af:ae:b0:bb:80:37:96:f3: 34:63:4e:89:d2:ce:4a:f3:36:78:b2:5c:77:fc:42: d0:91:a1:b7:5a:6a:58:78:4f:59:bc:38:a5:b1:a1: f7:1a:1b:8a:74:ac:e5:c0:c5:3f:17:a5:ef:3c:e3: 37:98:7f:80:89:55:2f:56:5e:6b:3e:ae:50:fe:c1: 97:1f:f8:fd:c7:fd:67:99:8d:5c:cd:5a:22:bb:9b: c8:d3:0b:2e:b4:e5:ce:17:be:12:9b:3f:2f:4f:5b: e1:a8:ac:e5:52:5e:c3:63:d9:2f:62:81:7c:b1:61: 67:23:15:00:ea:fe:37:34:64:09:94:31:ce:10:7a: 5e:e4:bc:d6:5b:da:ff:fc:32:02:06:ac:d0:53:33: ec:fb:b4:3d:5f:6b:c4:30:d7:e9:1b:ac:ba:56:d0: 99:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B9:37:C2:3B:60:90:BE:39:F0:CF:18:2F:98:4F:1A:FB:44:37:3E:41 X509v3 Authority Key Identifier: keyid:7D:0B:44:E4:92:54:9E:1B:7D:A5:32:C8:0C:34:88:50:C5:A4:4E:80 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQtE5JJUnht9pTLIDDSIUMWkToA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/b9231f-b3df-4012-96d7-7204b811250f/1/uTfCO2CQvjnwzxgvmE8a-0Q3PkE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/b9231f-b3df-4012-96d7-7204b811250f/1/fQtE5JJUnht9pTLIDDSIUMWkToA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.83.40.0/22 IPv6: 2a05:9800::/29 Signature Algorithm: sha256WithRSAEncryption 18:46:1d:99:03:f5:ba:27:76:27:1a:80:15:87:8a:34:f9:7d: de:11:b1:82:1a:a3:b7:2d:4a:bd:2a:c1:b1:1e:4b:5c:89:cd: a5:bd:46:3d:ca:53:c2:69:4a:83:0b:23:5b:23:41:6d:86:ae: cf:fd:d2:93:64:ec:7d:04:a1:a1:9a:38:1d:06:b4:4a:a8:64: a1:30:86:6c:5e:e7:23:61:50:e5:b8:71:cb:8c:d1:17:d6:f6: e9:62:b1:ae:5b:92:25:0c:9b:e9:9d:35:42:9d:db:21:ec:cb: 44:82:fe:01:e2:6b:8b:5d:53:7c:91:95:6c:76:8e:a0:82:0c: 38:79:de:63:f8:da:27:c3:be:0d:72:f8:c4:70:92:7a:3e:fd: b1:38:e6:71:c5:ce:3e:19:62:65:ef:a6:98:d5:ff:d7:99:ef: 38:33:e7:86:f4:b2:2f:ad:d8:3d:00:b1:cf:e4:fc:f6:c9:95: 78:02:45:1f:b6:3d:b8:d0:b4:9e:a2:a5:44:04:ae:08:e9:88: 4e:32:38:84:0e:59:71:aa:92:74:3a:48:4d:10:63:4b:e6:9b: ea:75:21:a7:98:e4:4b:8e:0e:0d:95:bb:44:c9:93:70:f5:b2: 64:b3:ca:45:0d:b4:9e:31:d0:66:5b:b9:d1:8d:c0:46:46:9a: 30:91:26:cd -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt9XPcKbRVjF9wvFOiybRIzMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDdkMGI0NGU0OTI1NDllMWI3ZGE1MzJjODBjMzQ4ODUwYzVh NDRlODAwHhcNMjYwMTAyMDYyMDAzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiOTM3YzIzYjYwOTBiZTM5ZjBjZjE4MmY5ODRmMWFmYjQ0MzczZTQxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo5RGcAgpXr0wGZoGsPwu0PnvemOR GerjHlqjdHIFcE0S/VAZfXfrAy7et4ZOgLHq6OF1AVP5dmCvyS4v5/EguZSSSgwe yLP2001myN2+4KcTbq5fxqnDH80dP2bMGryPr66wu4A3lvM0Y06J0s5K8zZ4slx3 /ELQkaG3WmpYeE9ZvDilsaH3GhuKdKzlwMU/F6XvPOM3mH+AiVUvVl5rPq5Q/sGX H/j9x/1nmY1czVoiu5vI0wsutOXOF74Smz8vT1vhqKzlUl7DY9kvYoF8sWFnIxUA 6v43NGQJlDHOEHpe5LzWW9r//DICBqzQUzPs+7Q9X2vEMNfpG6y6VtCZkwIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFLk3wjtgkL458M8YL5hPGvtENz5BMB8GA1UdIwQY MBaAFH0LROSSVJ4bfaUyyAw0iFDFpE6AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZlF0RTVKSlVuaHQ5cFRMSUREU0lVTVdrVG9BLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS9iOTIzMWYtYjNkZi00MDEyLTk2ZDct NzIwNGI4MTEyNTBmLzEvdVRmQ08yQ1F2am53enhndm1FOGEtMFEzUGtFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hNS9iOTIzMWYtYjNkZi00MDEyLTk2ZDctNzIwNGI4MTEyNTBm LzEvZlF0RTVKSlVuaHQ5cFRMSUREU0lVTVdrVG9BLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuVMoMA0E AgACMAcDBQMqBZgAMA0GCSqGSIb3DQEBCwUAA4IBAQAYRh2ZA/W6J3YnGoAVh4o0 +X3eEbGCGqO3LUq9KsGxHktcic2lvUY9ylPCaUqDCyNbI0Fthq7P/dKTZOx9BKGh mjgdBrRKqGShMIZsXucjYVDluHHLjNEX1vbpYrGuW5IlDJvpnTVCndsh7MtEgv4B 4muLXVN8kZVsdo6gggw4ed5j+Nonw74NcvjEcJJ6Pv2xOOZxxc4+GWJl76aY1f/X me84M+eG9LIvrdg9ALHP5Pz2yZV4AkUftj240LSeoqVEBK4I6YhOMjiEDllxqpJ0 OkhNEGNL5pvqdSGnmORLjg4NlbtEyZNw9bJks8pFDbSeMdBmW7nRjcBGRpowkSbN -----END CERTIFICATE-----Generated at Sat Jan 3 04:59:32 2026 by rpki-client