This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/pUjgfHpSLJEroItVeYdePetGeno.roa File: pUjgfHpSLJEroItVeYdePetGeno.roa (raw, json) Hash identifier: 3GHGFzGCi0a87nJzoUGj4P1u3SwU6ateFJ0oPnoaNEM= Subject key identifier: A5:48:E0:7C:7A:52:2C:91:2B:A0:8B:55:79:87:5E:3D:EB:46:7A:7A Certificate issuer: /CN=22f344a63dcb70e89057deb8e2761dc45165881a Certificate serial: 019B77C6D97DA28D1637C0B65F0BA6FDA450 Authority key identifier: 22:F3:44:A6:3D:CB:70:E8:90:57:DE:B8:E2:76:1D:C4:51:65:88:1A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IvNEpj3LcOiQV9644nYdxFFliBo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/pUjgfHpSLJEroItVeYdePetGeno.roa Signing time: Thu 01 Jan 2026 04:17:59 +0000 ROA not before: Thu 01 Jan 2026 04:17:59 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 213296 IP address blocks: 85.28.48.0/22 maxlen: 22 85.28.52.0/22 maxlen: 22 85.28.52.0/23 maxlen: 23 85.28.54.0/23 maxlen: 23 85.28.56.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/IvNEpj3LcOiQV9644nYdxFFliBo.crl rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/IvNEpj3LcOiQV9644nYdxFFliBo.mft rsync://rpki.ripe.net/repository/DEFAULT/IvNEpj3LcOiQV9644nYdxFFliBo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 18:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c6:d9:7d:a2:8d:16:37:c0:b6:5f:0b:a6:fd:a4:50 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=22f344a63dcb70e89057deb8e2761dc45165881a Validity Not Before: Jan 1 04:17:59 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=a548e07c7a522c912ba08b5579875e3deb467a7a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:2c:1a:4e:02:89:7c:fe:03:64:bf:1d:15:8e: 70:5e:5c:5d:1b:40:e0:55:85:d3:b2:aa:b8:30:44: f3:f9:47:09:db:6e:42:8b:2e:b6:81:b8:0c:82:2f: 37:72:89:ea:64:7f:6a:65:0b:44:42:93:f2:65:b3: 0f:05:2a:ab:0d:da:91:36:22:ef:83:4c:6a:df:19: 34:ef:ec:b0:7f:03:5f:41:68:36:d8:32:e2:21:dd: 56:06:ba:9f:88:4d:1f:12:a8:18:2c:b1:84:49:9b: 8d:f7:49:ab:88:45:6f:a5:37:64:19:8c:39:5f:fc: a4:7d:79:54:c3:49:38:49:30:fe:28:1a:44:69:5e: 20:0e:92:cf:7f:2c:e2:97:07:ab:1a:7f:ba:1a:b7: bd:3f:98:1b:a2:67:96:30:fe:fe:93:de:ad:90:b2: 2f:c9:47:4f:d6:bf:01:16:a7:a8:6c:40:b8:ab:45: 82:9d:c0:e4:9e:3d:bb:53:5c:f6:82:4d:80:e8:ab: b8:92:7d:d1:c5:fa:b2:a9:94:9d:bb:4a:86:4e:4a: 08:9f:96:ec:7c:d8:5b:d1:d3:78:84:2e:b4:71:1b: 0c:9a:6f:4f:b0:0f:64:e0:95:05:a2:62:7c:ad:b1: 88:33:a3:a2:a8:26:74:3b:f0:8c:cd:4c:0a:f3:a7: c9:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A5:48:E0:7C:7A:52:2C:91:2B:A0:8B:55:79:87:5E:3D:EB:46:7A:7A X509v3 Authority Key Identifier: keyid:22:F3:44:A6:3D:CB:70:E8:90:57:DE:B8:E2:76:1D:C4:51:65:88:1A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IvNEpj3LcOiQV9644nYdxFFliBo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/pUjgfHpSLJEroItVeYdePetGeno.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/IvNEpj3LcOiQV9644nYdxFFliBo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 85.28.48.0-85.28.59.255 Signature Algorithm: sha256WithRSAEncryption 3c:05:70:74:6d:5a:04:58:c7:e0:00:02:59:fe:6c:3d:a0:0c: 63:36:0d:d3:84:24:8a:ba:9f:83:c3:24:63:9f:63:48:b6:b1: 91:a4:a1:fd:09:8d:bf:f6:c6:64:c3:5a:a6:4e:90:d4:6e:10: 80:09:81:33:3d:c2:7d:ac:57:5a:c7:8e:e5:fa:36:f5:96:c3: 35:08:46:90:47:66:25:ae:ce:c1:4d:c7:ad:26:eb:a6:68:74: 5d:98:3f:bf:64:9f:e8:1d:2f:ce:e1:95:a2:9f:fe:d1:b9:49: aa:bd:d8:db:2b:4c:b0:d7:b6:77:94:68:3d:77:74:a2:f9:24: a6:cd:86:b6:02:a4:ac:55:63:76:73:6f:c1:2f:38:d5:bd:0b: d7:18:48:cd:d6:45:02:87:8c:5d:6b:12:6e:9d:76:dd:72:12: 8f:3c:6f:41:1f:17:c3:ea:39:e4:51:f6:fa:1e:d5:d1:45:9d: 9b:4f:40:f5:5d:55:c4:87:91:aa:14:54:63:1c:85:f4:f2:d4: 11:15:33:c8:62:9d:73:85:54:be:83:08:e2:14:93:07:67:18: 8c:c5:67:ef:29:f8:73:21:06:90:38:bf:42:03:64:4a:a1:d0: 0b:b3:b3:1a:48:2e:01:c1:99:e2:b7:b6:09:ad:15:07:84:96: ff:4f:5c:30 -----BEGIN CERTIFICATE----- MIIFBTCCA+2gAwIBAgISAZt3xtl9oo0WN8C2Xwum/aRQMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIyZjM0NGE2M2RjYjcwZTg5MDU3ZGViOGUyNzYxZGM0NTE2 NTg4MWEwHhcNMjYwMTAxMDQxNzU5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhNTQ4ZTA3YzdhNTIyYzkxMmJhMDhiNTU3OTg3NWUzZGViNDY3YTdhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArCwaTgKJfP4DZL8dFY5wXlxdG0Dg VYXTsqq4METz+UcJ225Ciy62gbgMgi83conqZH9qZQtEQpPyZbMPBSqrDdqRNiLv g0xq3xk07+ywfwNfQWg22DLiId1WBrqfiE0fEqgYLLGESZuN90mriEVvpTdkGYw5 X/ykfXlUw0k4STD+KBpEaV4gDpLPfyzilwerGn+6Gre9P5gbomeWMP7+k96tkLIv yUdP1r8BFqeobEC4q0WCncDknj27U1z2gk2A6Ku4kn3RxfqyqZSdu0qGTkoIn5bs fNhb0dN4hC60cRsMmm9PsA9k4JUFomJ8rbGIM6OiqCZ0O/CMzUwK86fJPwIDAQAB o4ICETCCAg0wHQYDVR0OBBYEFKVI4Hx6UiyRK6CLVXmHXj3rRnp6MB8GA1UdIwQY MBaAFCLzRKY9y3DokFfeuOJ2HcRRZYgaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSXZORXBqM0xjT2lRVjk2NDRuWWR4RkZsaUJvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi81MzYwZTctZjAyYS00NzM3LTk5Yzct ZmViYjY0YjVlMTY0LzEvcFVqZ2ZIcFNMSkVyb0l0VmVZZGVQZXRHZW5vLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iNi81MzYwZTctZjAyYS00NzM3LTk5YzctZmViYjY0YjVlMTY0 LzEvSXZORXBqM0xjT2lRVjk2NDRuWWR4RkZsaUJvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBARVHDAD BAJVHDgwDQYJKoZIhvcNAQELBQADggEBADwFcHRtWgRYx+AAAln+bD2gDGM2DdOE JIq6n4PDJGOfY0i2sZGkof0Jjb/2xmTDWqZOkNRuEIAJgTM9wn2sV1rHjuX6NvWW wzUIRpBHZiWuzsFNx60m66ZodF2YP79kn+gdL87hlaKf/tG5Saq92NsrTLDXtneU aD13dKL5JKbNhrYCpKxVY3Zzb8EvONW9C9cYSM3WRQKHjF1rEm6ddt1yEo88b0Ef F8PqOeRR9voe1dFFnZtPQPVdVcSHkaoUVGMchfTy1BEVM8hinXOFVL6DCOIUkwdn GIzFZ+8p+HMhBpA4v0IDZEqh0AuzsxpILgHBmeK3tgmtFQeElv9PXDA= -----END CERTIFICATE-----Generated at Tue Jan 20 00:57:44 2026 by rpki-client