This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/afef12-1f08-4b46-947b-ca0c62621098/1/UX2lEHFutG5L20cEw2lc-BnrLSE.roa File: UX2lEHFutG5L20cEw2lc-BnrLSE.roa (raw, json) Hash identifier: 94KIEY+pprKz6jYEWQg5ZDOei3RFyR0/YDvRw2h7/6Q= Subject key identifier: 51:7D:A5:10:71:6E:B4:6E:4B:DB:47:04:C3:69:5C:F8:19:EB:2D:21 Certificate issuer: /CN=6a57ffe822b3ba7bc194db7a734c85efcef2f283 Certificate serial: 019B7B3562C71D6F78CD9BBCCECEC8464D27 Authority key identifier: 6A:57:FF:E8:22:B3:BA:7B:C1:94:DB:7A:73:4C:85:EF:CE:F2:F2:83 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/alf_6CKzunvBlNt6c0yF787y8oM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/afef12-1f08-4b46-947b-ca0c62621098/1/UX2lEHFutG5L20cEw2lc-BnrLSE.roa Signing time: Thu 01 Jan 2026 20:17:34 +0000 ROA not before: Thu 01 Jan 2026 20:17:34 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 200070 IP address blocks: 185.43.134.0/24 maxlen: 24 193.29.206.0/24 maxlen: 24 194.0.12.0/23 maxlen: 30 194.0.14.0/24 maxlen: 24 212.237.229.0/24 maxlen: 24 2001:678:1::/48 maxlen: 48 2001:678:f::/48 maxlen: 64 2001:678:10::/47 maxlen: 64 2001:148f:fffb::/48 maxlen: 48 2001:148f:fffd::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/afef12-1f08-4b46-947b-ca0c62621098/1/alf_6CKzunvBlNt6c0yF787y8oM.crl rsync://rpki.ripe.net/repository/DEFAULT/ab/afef12-1f08-4b46-947b-ca0c62621098/1/alf_6CKzunvBlNt6c0yF787y8oM.mft rsync://rpki.ripe.net/repository/DEFAULT/alf_6CKzunvBlNt6c0yF787y8oM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:35:62:c7:1d:6f:78:cd:9b:bc:ce:ce:c8:46:4d:27 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6a57ffe822b3ba7bc194db7a734c85efcef2f283 Validity Not Before: Jan 1 20:17:34 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=517da510716eb46e4bdb4704c3695cf819eb2d21 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8c:23:03:c3:cd:4a:bf:c7:46:5d:7a:51:69:1a: f7:3e:a6:eb:16:86:d9:4e:96:bf:c3:f3:47:4b:dd: 4c:3e:01:f9:a9:f3:a3:fe:1f:cf:56:8c:60:bb:79: 58:f7:7b:7a:13:c1:7e:b9:09:2f:84:d7:b2:d8:1f: 09:40:c4:5d:a6:46:0b:d8:64:63:15:51:58:04:5c: a5:07:bb:30:94:f4:27:c1:63:e7:05:dc:db:f0:7d: 10:99:bb:0d:c6:87:17:1c:d9:c9:7e:fe:73:16:fa: 74:06:3b:40:a0:c1:ec:4c:46:88:6b:86:6a:ef:57: 2e:81:98:9d:df:ca:77:7d:ee:24:df:20:ee:00:7b: 47:24:97:90:c4:95:92:73:49:f8:b3:aa:3a:68:75: 3c:73:2d:6a:e0:5d:78:a5:a4:94:7f:38:14:44:45: b0:0c:fa:7c:9f:79:25:45:76:e3:ae:42:c4:4a:ff: 8b:2c:d6:bb:95:d6:49:93:3c:9d:de:36:50:47:f6: 06:e4:ba:36:4b:84:4f:f3:cd:99:bd:0c:3a:b5:57: 34:ba:86:74:50:56:36:ce:a3:39:60:28:d1:42:1a: ac:b2:50:70:0d:1b:b8:71:6d:4b:de:99:6e:31:01: e1:48:34:50:84:5f:03:d8:fc:3b:fe:48:c4:5f:cb: 47:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 51:7D:A5:10:71:6E:B4:6E:4B:DB:47:04:C3:69:5C:F8:19:EB:2D:21 X509v3 Authority Key Identifier: keyid:6A:57:FF:E8:22:B3:BA:7B:C1:94:DB:7A:73:4C:85:EF:CE:F2:F2:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/alf_6CKzunvBlNt6c0yF787y8oM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/afef12-1f08-4b46-947b-ca0c62621098/1/UX2lEHFutG5L20cEw2lc-BnrLSE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/afef12-1f08-4b46-947b-ca0c62621098/1/alf_6CKzunvBlNt6c0yF787y8oM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.43.134.0/24 193.29.206.0/24 194.0.12.0-194.0.14.255 212.237.229.0/24 IPv6: 2001:678:1::/48 2001:678:f::-2001:678:11:ffff:ffff:ffff:ffff:ffff 2001:148f:fffb::/48 2001:148f:fffd::/48 Signature Algorithm: sha256WithRSAEncryption 0e:0e:37:c5:13:ff:a1:22:8c:51:39:9f:cd:a4:6f:bb:69:4f: 5d:15:67:a2:28:88:a4:ca:5d:0a:a7:0d:af:94:c7:0c:a1:fb: 54:c8:3c:b3:b4:fa:aa:f6:9b:d4:40:1c:d1:2a:0b:21:92:f1: 00:c4:e1:cc:e9:00:79:cb:d8:7a:80:30:5d:26:f8:2c:37:76: 60:2e:9c:bf:46:31:bc:e4:12:23:9a:08:0a:f3:aa:45:35:b5: d9:a1:de:d7:01:fc:f9:60:2c:b3:b8:16:57:eb:4b:45:6b:f0: d8:fc:f6:31:38:55:6b:e5:e2:f2:d9:42:bc:89:23:33:cb:5b: 1b:a4:45:2b:4c:84:cf:cd:95:46:5a:93:57:20:bb:e3:91:76: 72:be:e0:36:e4:9e:a8:cf:14:b8:99:fe:e9:45:7a:6e:f1:c5: 89:03:df:45:cb:91:2e:67:c7:7e:ef:5d:83:6d:b9:36:b3:d6: 94:0e:59:f2:13:57:da:da:5a:47:57:64:43:92:5e:5e:cb:90: 25:12:f6:de:97:54:86:7b:ed:aa:bb:70:ff:dc:19:2e:f3:91: 72:f3:9f:35:61:ad:4a:a1:b6:ae:63:9a:3f:55:4f:72:5f:bd: 4a:85:8e:38:96:43:b2:04:e3:46:77:cc:33:52:b4:48:45:3b: 57:43:7f:28 -----BEGIN CERTIFICATE----- MIIFTjCCBDagAwIBAgISAZt7NWLHHW94zZu8zs7IRk0nMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZhNTdmZmU4MjJiM2JhN2JjMTk0ZGI3YTczNGM4NWVmY2Vm MmYyODMwHhcNMjYwMTAxMjAxNzM0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1MTdkYTUxMDcxNmViNDZlNGJkYjQ3MDRjMzY5NWNmODE5ZWIyZDIxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjCMDw81Kv8dGXXpRaRr3PqbrFobZ Tpa/w/NHS91MPgH5qfOj/h/PVoxgu3lY93t6E8F+uQkvhNey2B8JQMRdpkYL2GRj FVFYBFylB7swlPQnwWPnBdzb8H0QmbsNxocXHNnJfv5zFvp0BjtAoMHsTEaIa4Zq 71cugZid38p3fe4k3yDuAHtHJJeQxJWSc0n4s6o6aHU8cy1q4F14paSUfzgUREWw DPp8n3klRXbjrkLESv+LLNa7ldZJkzyd3jZQR/YG5Lo2S4RP882ZvQw6tVc0uoZ0 UFY2zqM5YCjRQhqsslBwDRu4cW1L3pluMQHhSDRQhF8D2Pw7/kjEX8tHbwIDAQAB o4ICWjCCAlYwHQYDVR0OBBYEFFF9pRBxbrRuS9tHBMNpXPgZ6y0hMB8GA1UdIwQY MBaAFGpX/+gis7p7wZTbenNMhe/O8vKDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYWxmXzZDS3p1bnZCbE50NmMweUY3ODd5OG9NLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi9hZmVmMTItMWYwOC00YjQ2LTk0N2It Y2EwYzYyNjIxMDk4LzEvVVgybEVIRnV0RzVMMjBjRXcybGMtQm5yTFNFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hYi9hZmVmMTItMWYwOC00YjQ2LTk0N2ItY2EwYzYyNjIxMDk4 LzEvYWxmXzZDS3p1bnZCbE50NmMweUY3ODd5OG9NLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzAmBAIAATAgAwQAuSuGAwQA wR3OMAwDBALCAAwDBADCAA4DBADU7eUwNQQCAAIwLwMHACABBngAATASAwcAIAEG eAAPAwcBIAEGeAAQAwcAIAEUj//7AwcAIAEUj//9MA0GCSqGSIb3DQEBCwUAA4IB AQAODjfFE/+hIoxROZ/NpG+7aU9dFWeiKIikyl0Kpw2vlMcMoftUyDyztPqq9pvU QBzRKgshkvEAxOHM6QB5y9h6gDBdJvgsN3ZgLpy/RjG85BIjmggK86pFNbXZod7X Afz5YCyzuBZX60tFa/DY/PYxOFVr5eLy2UK8iSMzy1sbpEUrTITPzZVGWpNXILvj kXZyvuA25J6ozxS4mf7pRXpu8cWJA99Fy5EuZ8d+712Dbbk2s9aUDlnyE1fa2lpH V2RDkl5ey5AlEvbel1SGe+2qu3D/3Bku85Fy8581Ya1KobauY5o/VU9yX71KhY44 lkOyBONGd8wzUrRIRTtXQ38o -----END CERTIFICATE-----Generated at Mon Feb 9 22:32:16 2026 by rpki-client