This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/e99b35-8cf6-4934-a591-9930f2194a0e/1/umcl7WnZK20q_yk2qfdqCvl0gZc.roa File: umcl7WnZK20q_yk2qfdqCvl0gZc.roa (raw, json) Hash identifier: a3iwx7aEh16G880sgnY2R852Jz2/uGuPT/7WcJXbeQc= Subject key identifier: BA:67:25:ED:69:D9:2B:6D:2A:FF:29:36:A9:F7:6A:0A:F9:74:81:97 Certificate issuer: /CN=c41c7221ede3af5ee92e3206af2f18bd010d5dd9 Certificate serial: 019B76EB0D2C8AA8EE252A6C4B1D6C9788F9 Authority key identifier: C4:1C:72:21:ED:E3:AF:5E:E9:2E:32:06:AF:2F:18:BD:01:0D:5D:D9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xBxyIe3jr17pLjIGry8YvQENXdk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/e99b35-8cf6-4934-a591-9930f2194a0e/1/umcl7WnZK20q_yk2qfdqCvl0gZc.roa Signing time: Thu 01 Jan 2026 00:17:54 +0000 ROA not before: Thu 01 Jan 2026 00:17:54 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 199667 IP address blocks: 128.127.89.0/24 maxlen: 24 213.109.37.0/24 maxlen: 24 213.109.38.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b8/e99b35-8cf6-4934-a591-9930f2194a0e/1/xBxyIe3jr17pLjIGry8YvQENXdk.crl rsync://rpki.ripe.net/repository/DEFAULT/b8/e99b35-8cf6-4934-a591-9930f2194a0e/1/xBxyIe3jr17pLjIGry8YvQENXdk.mft rsync://rpki.ripe.net/repository/DEFAULT/xBxyIe3jr17pLjIGry8YvQENXdk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 10:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:76:eb:0d:2c:8a:a8:ee:25:2a:6c:4b:1d:6c:97:88:f9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c41c7221ede3af5ee92e3206af2f18bd010d5dd9 Validity Not Before: Jan 1 00:17:54 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=ba6725ed69d92b6d2aff2936a9f76a0af9748197 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f1:e8:fe:84:26:c3:c7:df:c1:91:91:f1:48:3e: ef:a1:3c:28:50:eb:6e:d7:7c:ee:ca:c5:68:3b:62: 54:d3:db:72:55:33:70:95:b0:4c:47:7d:7d:27:6b: a5:41:44:a3:7a:d6:79:5f:65:44:f2:fa:ba:45:9a: bf:69:36:99:bf:45:07:43:5b:17:41:2b:59:c7:3e: 7a:0c:09:48:76:63:68:9f:af:78:55:ab:f1:ce:29: 72:ee:ca:9f:53:64:59:77:fe:45:91:0d:0f:38:87: 6e:e6:97:78:5a:56:f5:64:05:3e:c1:83:bf:e2:21: 26:52:fd:e1:04:fc:33:cf:af:99:85:14:f0:03:f3: 8b:f9:03:3f:89:a5:ae:7c:22:6c:1f:94:d7:5b:19: 40:d0:81:15:27:4a:ef:33:b6:29:3c:0b:8b:a1:ae: c3:63:f6:a4:a0:67:b2:44:a2:a6:78:d8:be:55:df: d8:0d:21:67:86:c3:3b:c7:da:86:df:bf:81:62:c6: 06:5c:2a:03:d5:57:36:bb:2d:8b:83:2d:aa:63:11: e2:71:fb:ad:10:de:73:4b:5b:b1:a1:c5:2d:18:bd: 2e:48:9c:22:ef:68:b4:e1:f6:ed:a5:f1:e0:28:0a: 5d:38:a8:6e:e4:88:b3:86:e1:c3:6a:37:5e:c1:ea: 09:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BA:67:25:ED:69:D9:2B:6D:2A:FF:29:36:A9:F7:6A:0A:F9:74:81:97 X509v3 Authority Key Identifier: keyid:C4:1C:72:21:ED:E3:AF:5E:E9:2E:32:06:AF:2F:18:BD:01:0D:5D:D9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xBxyIe3jr17pLjIGry8YvQENXdk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/e99b35-8cf6-4934-a591-9930f2194a0e/1/umcl7WnZK20q_yk2qfdqCvl0gZc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/e99b35-8cf6-4934-a591-9930f2194a0e/1/xBxyIe3jr17pLjIGry8YvQENXdk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 128.127.89.0/24 213.109.37.0-213.109.38.255 Signature Algorithm: sha256WithRSAEncryption 22:77:b9:5d:bf:5a:bd:4d:e2:7c:66:85:b3:23:53:b9:ad:94: a3:96:9c:39:66:ad:71:bf:aa:02:64:f2:a5:f4:99:d9:1c:51: 9d:58:00:96:3d:6a:e3:ee:12:ad:c3:b1:4f:19:5e:d4:aa:d4: 56:34:2a:10:58:e7:9c:00:3f:a2:78:af:6d:aa:6d:92:83:df: 4f:51:6f:e7:7f:1a:b1:5f:29:d7:1b:5f:3b:01:b9:c8:55:a3: 31:e3:56:58:d0:ed:ee:ae:a8:e1:da:0b:a6:17:62:ec:04:3a: 3a:de:cb:b3:f2:e2:2e:6a:a0:56:5b:ee:40:85:d9:86:d1:4a: 38:90:5e:f7:cb:ff:f1:b4:f9:80:0d:14:84:18:97:38:4f:a1: b5:8c:c3:22:a2:35:1e:0e:ba:16:2b:44:d5:76:73:5f:da:4c: e2:9f:c5:5f:88:97:eb:11:e6:ee:a7:ea:50:5b:59:d0:4b:d7: e7:ef:2d:19:eb:74:16:a3:e8:cb:df:d2:10:83:e9:fb:d3:d4: a6:d0:66:5c:a1:d3:b0:73:5a:cb:e4:1f:db:9b:b6:e9:c3:51: 22:b3:ad:15:a1:4e:a2:9b:3f:e4:c6:57:e7:dd:ec:94:4e:7c: b5:52:d5:53:dd:b2:3e:e2:9a:57:96:42:34:e2:68:db:03:7a: da:ae:27:0b -----BEGIN CERTIFICATE----- MIIFCzCCA/OgAwIBAgISAZt26w0siqjuJSpsSx1sl4j5MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM0MWM3MjIxZWRlM2FmNWVlOTJlMzIwNmFmMmYxOGJkMDEw ZDVkZDkwHhcNMjYwMTAxMDAxNzU0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiYTY3MjVlZDY5ZDkyYjZkMmFmZjI5MzZhOWY3NmEwYWY5NzQ4MTk3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8ej+hCbDx9/BkZHxSD7voTwoUOtu 13zuysVoO2JU09tyVTNwlbBMR319J2ulQUSjetZ5X2VE8vq6RZq/aTaZv0UHQ1sX QStZxz56DAlIdmNon694Vavxzily7sqfU2RZd/5FkQ0POIdu5pd4Wlb1ZAU+wYO/ 4iEmUv3hBPwzz6+ZhRTwA/OL+QM/iaWufCJsH5TXWxlA0IEVJ0rvM7YpPAuLoa7D Y/akoGeyRKKmeNi+Vd/YDSFnhsM7x9qG37+BYsYGXCoD1Vc2uy2Lgy2qYxHicfut EN5zS1uxocUtGL0uSJwi72i04fbtpfHgKApdOKhu5IizhuHDajdeweoJ0wIDAQAB o4ICFzCCAhMwHQYDVR0OBBYEFLpnJe1p2SttKv8pNqn3agr5dIGXMB8GA1UdIwQY MBaAFMQcciHt469e6S4yBq8vGL0BDV3ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveEJ4eUllM2pyMTdwTGpJR3J5OFl2UUVOWGRrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC9lOTliMzUtOGNmNi00OTM0LWE1OTEt OTkzMGYyMTk0YTBlLzEvdW1jbDdXblpLMjBxX3lrMnFmZHFDdmwwZ1pjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iOC9lOTliMzUtOGNmNi00OTM0LWE1OTEtOTkzMGYyMTk0YTBl LzEveEJ4eUllM2pyMTdwTGpJR3J5OFl2UUVOWGRrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAgH9ZMAwD BADVbSUDBADVbSYwDQYJKoZIhvcNAQELBQADggEBACJ3uV2/Wr1N4nxmhbMjU7mt lKOWnDlmrXG/qgJk8qX0mdkcUZ1YAJY9auPuEq3DsU8ZXtSq1FY0KhBY55wAP6J4 r22qbZKD309Rb+d/GrFfKdcbXzsBuchVozHjVljQ7e6uqOHaC6YXYuwEOjrey7Py 4i5qoFZb7kCF2YbRSjiQXvfL//G0+YANFIQYlzhPobWMwyKiNR4OuhYrRNV2c1/a TOKfxV+Il+sR5u6n6lBbWdBL1+fvLRnrdBaj6Mvf0hCD6fvT1KbQZlyh07BzWsvk H9ubtunDUSKzrRWhTqKbP+TGV+fd7JROfLVS1VPdsj7imleWQjTiaNsDetquJws= -----END CERTIFICATE-----Generated at Mon Jan 26 15:58:35 2026 by rpki-client