This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/63ff81-6460-4c05-852d-262eb39bbe76/1/UG9G_dnWRpZkM8dNOUmzQ9ddYpM.roa File: UG9G_dnWRpZkM8dNOUmzQ9ddYpM.roa (raw, json) Hash identifier: VJHtgY+XTe16MdK4R4BNwcTnWb1T/NjN98Z9wb0GkTk= Subject key identifier: 50:6F:46:FD:D9:D6:46:96:64:33:C7:4D:39:49:B3:43:D7:5D:62:93 Certificate issuer: /CN=435416b2282b4533c3509c18e957ce0c836bc837 Certificate serial: 019B797DE95DE9295C44EB00A65A1298561A Authority key identifier: 43:54:16:B2:28:2B:45:33:C3:50:9C:18:E9:57:CE:0C:83:6B:C8:37 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q1QWsigrRTPDUJwY6VfODINryDc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/63ff81-6460-4c05-852d-262eb39bbe76/1/UG9G_dnWRpZkM8dNOUmzQ9ddYpM.roa Signing time: Thu 01 Jan 2026 12:17:33 +0000 ROA not before: Thu 01 Jan 2026 12:17:33 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 203020 IP address blocks: 95.175.64.0/19 maxlen: 32 185.247.228.0/22 maxlen: 32 185.251.44.0/22 maxlen: 32 185.251.248.0/22 maxlen: 32 195.66.216.0/21 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b3/63ff81-6460-4c05-852d-262eb39bbe76/1/Q1QWsigrRTPDUJwY6VfODINryDc.crl rsync://rpki.ripe.net/repository/DEFAULT/b3/63ff81-6460-4c05-852d-262eb39bbe76/1/Q1QWsigrRTPDUJwY6VfODINryDc.mft rsync://rpki.ripe.net/repository/DEFAULT/Q1QWsigrRTPDUJwY6VfODINryDc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 19 Jan 2026 00:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7d:e9:5d:e9:29:5c:44:eb:00:a6:5a:12:98:56:1a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=435416b2282b4533c3509c18e957ce0c836bc837 Validity Not Before: Jan 1 12:17:33 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=506f46fdd9d646966433c74d3949b343d75d6293 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:29:d8:b1:dd:fd:e4:f0:c9:34:9e:05:a1:d2: f9:8e:93:67:be:e7:37:a8:02:0b:05:79:81:3f:4f: 58:b5:cf:25:c9:bd:93:a0:78:a0:8e:b7:c9:fe:c4: db:a9:89:f2:fe:bd:15:83:48:1b:d9:ee:22:c8:18: 53:fa:10:c3:33:39:16:38:83:fb:79:d2:b6:7c:4f: c5:ff:b7:03:23:8f:d5:e5:0b:eb:2f:e7:3a:eb:50: bc:5d:69:8d:98:31:5b:4e:cd:7a:ce:93:c9:b5:40: ab:1f:b8:de:5c:7a:8d:1c:c4:f3:41:92:fe:06:7b: d2:4d:33:d3:b0:98:af:da:d5:4c:7f:53:c0:b4:6c: 13:d5:bc:a2:02:f1:27:24:ea:6e:22:5f:09:95:e8: 9a:93:a8:fc:98:c0:b0:44:f2:74:01:29:bf:7f:af: 57:b2:17:ce:9b:95:b2:14:ed:a9:1a:b9:fd:4c:ac: 1d:e6:18:e1:26:21:6f:25:a0:a5:6b:b5:0f:94:8f: cd:d8:d5:63:52:33:c9:20:a6:13:77:21:90:4a:85: c5:68:86:81:44:b2:f9:3e:6d:7c:dd:96:43:eb:db: bd:0f:36:a1:67:c3:d9:47:d7:45:2d:e4:e4:7b:05: ac:8e:ca:0b:b4:90:70:2d:f3:90:ec:bb:39:13:c3: 51:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 50:6F:46:FD:D9:D6:46:96:64:33:C7:4D:39:49:B3:43:D7:5D:62:93 X509v3 Authority Key Identifier: keyid:43:54:16:B2:28:2B:45:33:C3:50:9C:18:E9:57:CE:0C:83:6B:C8:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q1QWsigrRTPDUJwY6VfODINryDc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/63ff81-6460-4c05-852d-262eb39bbe76/1/UG9G_dnWRpZkM8dNOUmzQ9ddYpM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/63ff81-6460-4c05-852d-262eb39bbe76/1/Q1QWsigrRTPDUJwY6VfODINryDc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 95.175.64.0/19 185.247.228.0/22 185.251.44.0/22 185.251.248.0/22 195.66.216.0/21 Signature Algorithm: sha256WithRSAEncryption 5c:0c:1e:28:ff:f9:d4:39:eb:47:bc:e7:bc:29:8d:1f:8d:64: bd:13:f1:66:19:f1:f7:63:52:38:70:a2:9e:cd:58:9a:63:ec: 8c:23:f6:b1:fb:34:b2:9f:2e:52:49:c3:62:70:dc:1f:b7:b9: cd:1d:46:f8:18:72:14:12:ce:7d:89:93:60:4d:e0:cc:fa:0d: 88:2c:76:de:fb:62:6f:ce:1c:36:ea:f3:35:15:56:c0:ca:10: f5:a5:48:3b:71:dc:39:38:08:39:4b:29:b5:42:60:c7:e0:0e: ef:13:c9:0a:a3:90:0f:93:bd:cd:a6:31:e9:a9:2a:51:57:a3: 6c:ec:c1:61:7e:b5:8e:0e:7f:6a:35:81:0a:fa:e0:3a:b2:36: e1:25:15:47:77:8b:88:b3:7b:51:d5:8b:03:58:42:40:48:f6: 47:ed:e1:3e:f8:23:5a:90:1e:ef:0d:a2:8b:98:56:5f:ba:b0: ec:4f:16:e1:5b:2a:f9:d4:0c:42:b7:a9:91:b7:29:62:ad:e0: 04:74:dc:f1:5d:8f:f2:5b:c0:6a:3f:eb:82:52:24:9a:32:8c: 55:a9:ae:e5:8c:28:c8:8a:78:65:ff:55:5c:ac:7c:b1:df:18: b8:a8:25:2a:06:ab:a6:17:0c:b8:43:a7:2d:7e:0e:14:d5:27: ce:0c:46:04 -----BEGIN CERTIFICATE----- MIIFFTCCA/2gAwIBAgISAZt5feld6SlcROsAploSmFYaMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQzNTQxNmIyMjgyYjQ1MzNjMzUwOWMxOGU5NTdjZTBjODM2 YmM4MzcwHhcNMjYwMTAxMTIxNzMzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1MDZmNDZmZGQ5ZDY0Njk2NjQzM2M3NGQzOTQ5YjM0M2Q3NWQ2MjkzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuinYsd395PDJNJ4FodL5jpNnvuc3 qAILBXmBP09Ytc8lyb2ToHigjrfJ/sTbqYny/r0Vg0gb2e4iyBhT+hDDMzkWOIP7 edK2fE/F/7cDI4/V5QvrL+c661C8XWmNmDFbTs16zpPJtUCrH7jeXHqNHMTzQZL+ BnvSTTPTsJiv2tVMf1PAtGwT1byiAvEnJOpuIl8Jleiak6j8mMCwRPJ0ASm/f69X shfOm5WyFO2pGrn9TKwd5hjhJiFvJaCla7UPlI/N2NVjUjPJIKYTdyGQSoXFaIaB RLL5Pm183ZZD69u9DzahZ8PZR9dFLeTkewWsjsoLtJBwLfOQ7Ls5E8NRzQIDAQAB o4ICITCCAh0wHQYDVR0OBBYEFFBvRv3Z1kaWZDPHTTlJs0PXXWKTMB8GA1UdIwQY MBaAFENUFrIoK0Uzw1CcGOlXzgyDa8g3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUTFRV3NpZ3JSVFBEVUp3WTZWZk9ESU5yeURjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy82M2ZmODEtNjQ2MC00YzA1LTg1MmQt MjYyZWIzOWJiZTc2LzEvVUc5R19kbldScFprTThkTk9VbXpROWRkWXBNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMy82M2ZmODEtNjQ2MC00YzA1LTg1MmQtMjYyZWIzOWJiZTc2 LzEvUTFRV3NpZ3JSVFBEVUp3WTZWZk9ESU5yeURjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQFX69AAwQC uffkAwQCufssAwQCufv4AwQDw0LYMA0GCSqGSIb3DQEBCwUAA4IBAQBcDB4o//nU OetHvOe8KY0fjWS9E/FmGfH3Y1I4cKKezViaY+yMI/ax+zSyny5SScNicNwft7nN HUb4GHIUEs59iZNgTeDM+g2ILHbe+2Jvzhw26vM1FVbAyhD1pUg7cdw5OAg5Sym1 QmDH4A7vE8kKo5APk73NpjHpqSpRV6Ns7MFhfrWODn9qNYEK+uA6sjbhJRVHd4uI s3tR1YsDWEJASPZH7eE++CNakB7vDaKLmFZfurDsTxbhWyr51AxCt6mRtylireAE dNzxXY/yW8BqP+uCUiSaMoxVqa7ljCjIinhl/1VcrHyx3xi4qCUqBqumFwy4Q6ct fg4U1SfODEYE -----END CERTIFICATE-----Generated at Sun Jan 18 10:45:40 2026 by rpki-client