This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/uAPoqs4XSc5_GKACeOHF5LLX89k.roa File: uAPoqs4XSc5_GKACeOHF5LLX89k.roa (raw, json) Hash identifier: 0Kc24VcBAtQsQHN2WWJmVuSPxh0vQzVYQwNYhKs4Ue0= Subject key identifier: B8:03:E8:AA:CE:17:49:CE:7F:18:A0:02:78:E1:C5:E4:B2:D7:F3:D9 Certificate issuer: /CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4 Certificate serial: 019B77C74E1CE3AD2B0168171AF3B519DD02 Authority key identifier: D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/uAPoqs4XSc5_GKACeOHF5LLX89k.roa Signing time: Thu 01 Jan 2026 04:18:28 +0000 ROA not before: Thu 01 Jan 2026 04:18:28 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 211415 IP address blocks: 89.42.29.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.mft rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 02 Jan 2026 13:01:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c7:4e:1c:e3:ad:2b:01:68:17:1a:f3:b5:19:dd:02 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4 Validity Not Before: Jan 1 04:18:28 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=b803e8aace1749ce7f18a00278e1c5e4b2d7f3d9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:94:3d:3b:62:10:e1:1a:cf:a2:54:4e:85:89: f6:ca:86:0c:37:a2:0b:f7:43:06:db:d7:75:d7:56: 06:4d:8d:bd:4a:cf:b1:d3:d8:41:4e:77:ca:a8:63: d0:66:1b:d3:ad:a0:dc:ae:c0:65:ce:80:b8:2a:da: 80:bc:fe:05:ca:52:78:af:eb:9e:1e:fa:5a:3e:ab: 2d:a2:dd:55:ce:9f:4a:70:0d:43:f0:25:c4:1a:53: b6:e5:5d:cf:6f:3d:cb:14:72:34:48:42:c1:7c:43: 62:6f:84:19:40:23:f1:97:43:74:c9:3c:92:78:01: c1:ae:ef:fa:8b:15:a3:8a:c3:0b:1d:9f:4f:46:af: 6c:19:b0:8e:dc:85:9e:1f:ce:d0:99:22:ac:0a:b4: c1:52:ce:40:b0:67:be:ec:0f:f5:e8:7d:7e:b3:27: da:94:b0:44:dd:be:ce:80:65:89:75:88:ff:c5:ab: 23:c0:c2:71:cb:7e:ac:8c:4b:28:26:e9:80:71:3d: 75:5f:fb:ff:77:49:82:4f:08:15:ca:86:b7:d2:64: 63:7b:50:f0:63:18:0b:6a:83:28:6f:9f:15:47:6c: c6:ff:d9:22:f5:fe:fe:38:1f:fc:4a:6e:cf:3e:00: 29:75:ff:54:b7:ce:5b:e9:64:5e:e5:d2:c5:33:d4: ba:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B8:03:E8:AA:CE:17:49:CE:7F:18:A0:02:78:E1:C5:E4:B2:D7:F3:D9 X509v3 Authority Key Identifier: keyid:D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/uAPoqs4XSc5_GKACeOHF5LLX89k.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 89.42.29.0/24 Signature Algorithm: sha256WithRSAEncryption 29:a5:c6:bd:49:8c:c3:c9:1c:8d:ee:a8:44:d6:6e:23:7e:be: d3:75:d1:e6:cf:98:1a:09:4f:23:c1:f1:02:0c:3e:1e:5c:ca: 16:a4:3c:10:0b:4e:89:74:d2:38:2c:89:3b:20:63:ef:c8:33: a2:11:11:45:9d:c2:78:73:d1:b8:8b:69:4b:a4:cd:be:8d:2e: 24:58:a4:e2:df:c7:70:7a:68:7d:9a:76:43:ae:93:6f:9f:f8: 85:cd:3e:32:f5:0c:4f:d2:e8:5f:e2:b3:8f:b8:43:6b:ca:34: 85:3f:7c:01:18:1b:cf:03:c2:05:cb:75:5f:e4:78:cb:9a:0b: 5b:96:c6:41:6f:ea:b6:e0:cb:8a:f1:56:bd:66:08:77:5b:ad: bb:39:89:36:6a:93:a4:85:fa:33:9a:d0:5c:76:5e:35:45:a9: f8:dc:37:0a:c7:f0:f0:f0:2d:ba:5d:21:84:53:d8:25:7c:f0: 04:eb:2b:e1:9c:6f:d2:3a:c4:52:f4:f0:ae:f3:41:16:ff:18: ad:08:3a:12:82:d7:7a:d9:9c:ea:af:20:ff:48:7d:cc:c5:34: 9f:4b:1e:91:23:ea:2b:92:c4:83:51:fa:32:a2:ce:5f:93:43: d1:48:00:f6:7f:32:d6:7b:3c:17:97:be:b6:21:36:69:4f:e0: 82:78:a6:6d -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt3x04c460rAWgXGvO1Gd0CMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ0OGEyN2Y0NGIxMDQwNGM1MmY2ZmZjNGUwOGRjODJiZjhi NWRlZTQwHhcNMjYwMTAxMDQxODI4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiODAzZThhYWNlMTc0OWNlN2YxOGEwMDI3OGUxYzVlNGIyZDdmM2Q5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzJQ9O2IQ4RrPolROhYn2yoYMN6IL 90MG29d111YGTY29Ss+x09hBTnfKqGPQZhvTraDcrsBlzoC4KtqAvP4FylJ4r+ue HvpaPqstot1Vzp9KcA1D8CXEGlO25V3Pbz3LFHI0SELBfENib4QZQCPxl0N0yTyS eAHBru/6ixWjisMLHZ9PRq9sGbCO3IWeH87QmSKsCrTBUs5AsGe+7A/16H1+syfa lLBE3b7OgGWJdYj/xasjwMJxy36sjEsoJumAcT11X/v/d0mCTwgVyoa30mRje1Dw YxgLaoMob58VR2zG/9ki9f7+OB/8Sm7PPgApdf9Ut85b6WRe5dLFM9S6ZQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFLgD6KrOF0nOfxigAnjhxeSy1/PZMB8GA1UdIwQY MBaAFNSKJ/RLEEBMUvb/xOCNyCv4td7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYt NTlmNTk4NGI2NGVhLzEvdUFQb3FzNFhTYzVfR0tBQ2VPSEY1TExYODlrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYtNTlmNTk4NGI2NGVh LzEvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWSodMA0G CSqGSIb3DQEBCwUAA4IBAQAppca9SYzDyRyN7qhE1m4jfr7TddHmz5gaCU8jwfEC DD4eXMoWpDwQC06JdNI4LIk7IGPvyDOiERFFncJ4c9G4i2lLpM2+jS4kWKTi38dw emh9mnZDrpNvn/iFzT4y9QxP0uhf4rOPuENryjSFP3wBGBvPA8IFy3Vf5HjLmgtb lsZBb+q24MuK8Va9Zgh3W627OYk2apOkhfozmtBcdl41Ran43DcKx/Dw8C26XSGE U9glfPAE6yvhnG/SOsRS9PCu80EW/xitCDoSgtd62ZzqryD/SH3MxTSfSx6RI+or ksSDUfoyos5fk0PRSAD2fzLWezwXl762ITZpT+CCeKZt -----END CERTIFICATE-----Generated at Thu Jan 1 20:23:17 2026 by rpki-client