This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/f0078e-d0c7-428e-9524-ecaf578a34e3/1/U9pPpVserKeOyR7cf6mDMG3akbI.roa File: U9pPpVserKeOyR7cf6mDMG3akbI.roa (raw, json) Hash identifier: hACJJYL/ibjkbFYfmPGmA0g3KxmvcYZIZ/l3HP0kGcc= Subject key identifier: 53:DA:4F:A5:5B:1E:AC:A7:8E:C9:1E:DC:7F:A9:83:30:6D:DA:91:B2 Certificate issuer: /CN=612c1c53f6c1d996236cbb37ba3247670399a62d Certificate serial: 019B7BA52FD22C294A0DEC253DCB7CFE0021 Authority key identifier: 61:2C:1C:53:F6:C1:D9:96:23:6C:BB:37:BA:32:47:67:03:99:A6:2D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YSwcU_bB2ZYjbLs3ujJHZwOZpi0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/f0078e-d0c7-428e-9524-ecaf578a34e3/1/U9pPpVserKeOyR7cf6mDMG3akbI.roa Signing time: Thu 01 Jan 2026 22:19:41 +0000 ROA not before: Thu 01 Jan 2026 22:19:41 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 49215 IP address blocks: 83.220.0.0/21 maxlen: 21 83.220.9.0/24 maxlen: 24 83.220.10.0/24 maxlen: 24 83.220.11.0/24 maxlen: 24 83.220.12.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/f0078e-d0c7-428e-9524-ecaf578a34e3/1/YSwcU_bB2ZYjbLs3ujJHZwOZpi0.crl rsync://rpki.ripe.net/repository/DEFAULT/af/f0078e-d0c7-428e-9524-ecaf578a34e3/1/YSwcU_bB2ZYjbLs3ujJHZwOZpi0.mft rsync://rpki.ripe.net/repository/DEFAULT/YSwcU_bB2ZYjbLs3ujJHZwOZpi0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 13:01:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a5:2f:d2:2c:29:4a:0d:ec:25:3d:cb:7c:fe:00:21 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=612c1c53f6c1d996236cbb37ba3247670399a62d Validity Not Before: Jan 1 22:19:41 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=53da4fa55b1eaca78ec91edc7fa983306dda91b2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:19:28:cf:87:2e:00:90:82:c8:ae:9a:11:6c: 6d:89:99:83:3c:e5:bd:47:79:84:cd:b6:46:63:29: 75:49:3d:98:3a:89:f7:a5:fd:c5:0b:c8:47:7d:d7: c6:5b:1e:5b:cf:96:5a:4e:d0:2e:68:bd:62:42:8a: 29:33:bc:b9:01:0c:07:8d:20:c6:ac:f8:94:e1:c5: 8d:58:e3:2c:53:43:00:45:82:c7:e1:66:7e:95:f2: 83:78:16:be:2f:13:14:e3:f1:8a:e7:69:5f:e9:54: 97:e1:cf:83:f6:90:5e:ed:6a:cb:2c:c4:96:71:3f: 95:ac:04:96:87:c4:46:84:bd:15:d7:01:a2:52:6b: 07:ca:2b:d6:f0:76:bd:33:ae:35:34:ab:2e:63:94: bc:30:3f:c5:0a:03:8d:c9:28:87:1c:fc:1b:5e:3a: 2d:dc:0c:f7:df:9a:c5:a1:2d:96:18:14:72:82:a6: a8:79:20:94:3a:85:7c:8b:c0:d1:76:88:e7:7b:42: 7e:37:ba:b7:4e:01:a5:ef:37:5c:91:df:d3:ad:47: bd:21:db:19:10:40:c6:3e:58:a7:ec:ed:63:ad:4e: 2e:c7:ba:44:9e:71:f0:7f:17:49:cc:da:14:56:98: 24:3a:ba:6c:9a:13:76:8c:d4:36:38:39:86:54:a1: 45:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 53:DA:4F:A5:5B:1E:AC:A7:8E:C9:1E:DC:7F:A9:83:30:6D:DA:91:B2 X509v3 Authority Key Identifier: keyid:61:2C:1C:53:F6:C1:D9:96:23:6C:BB:37:BA:32:47:67:03:99:A6:2D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YSwcU_bB2ZYjbLs3ujJHZwOZpi0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/f0078e-d0c7-428e-9524-ecaf578a34e3/1/U9pPpVserKeOyR7cf6mDMG3akbI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/af/f0078e-d0c7-428e-9524-ecaf578a34e3/1/YSwcU_bB2ZYjbLs3ujJHZwOZpi0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 83.220.0.0/21 83.220.9.0-83.220.15.255 Signature Algorithm: sha256WithRSAEncryption d2:12:54:3e:e7:7b:fb:4a:bb:c3:63:81:9a:41:8f:f1:d9:67: d5:cb:8e:a9:7a:1f:50:ca:1b:c9:73:f4:7d:de:c1:dd:a0:bc: 61:87:c7:da:14:28:3f:68:80:d9:3b:15:ae:d8:2b:e9:7e:88: e8:f8:80:42:62:25:83:a2:a0:51:8f:83:6b:86:99:55:5a:30: ae:a9:17:3e:0c:0c:24:58:45:a0:6a:a2:69:61:8a:27:7a:d6: cd:3b:8e:3d:72:dc:6f:22:89:82:ba:6f:fb:c7:60:b1:44:a1: cb:98:a0:6f:47:36:a5:dc:ca:a2:a3:e6:1a:a6:f1:e3:28:f8: ed:d9:9d:ff:73:80:2a:eb:c2:72:f4:7d:57:a7:8f:22:45:d6: 7f:05:0d:25:44:60:aa:82:d6:11:2d:8e:f9:ab:31:12:d0:4a: f8:8a:0f:13:fd:f0:d0:33:39:1d:63:68:5f:ae:19:a3:19:dc: 59:99:03:8d:b0:5a:27:85:2f:3b:c2:a8:2f:9e:12:ef:07:97: cc:c0:e5:a3:92:90:50:ae:1b:99:59:26:1d:6c:54:f5:22:4c: 71:f6:8c:13:16:d5:1d:cc:2d:3d:fa:ac:7b:8b:e1:0c:8f:5d: ea:3a:4c:09:b7:38:b2:78:5b:f9:a5:1b:64:a9:5e:d7:cc:86: 51:d0:1a:8a -----BEGIN CERTIFICATE----- MIIFCzCCA/OgAwIBAgISAZt7pS/SLClKDewlPct8/gAhMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYxMmMxYzUzZjZjMWQ5OTYyMzZjYmIzN2JhMzI0NzY3MDM5 OWE2MmQwHhcNMjYwMTAxMjIxOTQxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1M2RhNGZhNTViMWVhY2E3OGVjOTFlZGM3ZmE5ODMzMDZkZGE5MWIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApRkoz4cuAJCCyK6aEWxtiZmDPOW9 R3mEzbZGYyl1ST2YOon3pf3FC8hHfdfGWx5bz5ZaTtAuaL1iQoopM7y5AQwHjSDG rPiU4cWNWOMsU0MARYLH4WZ+lfKDeBa+LxMU4/GK52lf6VSX4c+D9pBe7WrLLMSW cT+VrASWh8RGhL0V1wGiUmsHyivW8Ha9M641NKsuY5S8MD/FCgONySiHHPwbXjot 3Az335rFoS2WGBRygqaoeSCUOoV8i8DRdojne0J+N7q3TgGl7zdckd/TrUe9IdsZ EEDGPlin7O1jrU4ux7pEnnHwfxdJzNoUVpgkOrpsmhN2jNQ2ODmGVKFFPwIDAQAB o4ICFzCCAhMwHQYDVR0OBBYEFFPaT6VbHqynjske3H+pgzBt2pGyMB8GA1UdIwQY MBaAFGEsHFP2wdmWI2y7N7oyR2cDmaYtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWVN3Y1VfYkIyWllqYkxzM3VqSkhad09acGkwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9mMDA3OGUtZDBjNy00MjhlLTk1MjQt ZWNhZjU3OGEzNGUzLzEvVTlwUHBWc2VyS2VPeVI3Y2Y2bURNRzNha2JJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hZi9mMDA3OGUtZDBjNy00MjhlLTk1MjQtZWNhZjU3OGEzNGUz LzEvWVN3Y1VfYkIyWllqYkxzM3VqSkhad09acGkwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQDU9wAMAwD BABT3AkDBART3AAwDQYJKoZIhvcNAQELBQADggEBANISVD7ne/tKu8NjgZpBj/HZ Z9XLjql6H1DKG8lz9H3ewd2gvGGHx9oUKD9ogNk7Fa7YK+l+iOj4gEJiJYOioFGP g2uGmVVaMK6pFz4MDCRYRaBqomlhiid61s07jj1y3G8iiYK6b/vHYLFEocuYoG9H NqXcyqKj5hqm8eMo+O3Znf9zgCrrwnL0fVenjyJF1n8FDSVEYKqC1hEtjvmrMRLQ SviKDxP98NAzOR1jaF+uGaMZ3FmZA42wWieFLzvCqC+eEu8Hl8zA5aOSkFCuG5lZ Jh1sVPUiTHH2jBMW1R3MLT36rHuL4QyPXeo6TAm3OLJ4W/mlG2SpXtfMhlHQGoo= -----END CERTIFICATE-----Generated at Mon Feb 9 23:54:55 2026 by rpki-client