This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/8819e2-c4e3-4bce-a61c-305d41d53a65/1/8y3Tj4TsEaNV9uqE3_Wm8d75SXY.roa File: 8y3Tj4TsEaNV9uqE3_Wm8d75SXY.roa (raw, json) Hash identifier: yZH4sqNiTJoNNbuM1J9mJYZWJbe1HILioSLqth5sEdY= Subject key identifier: F3:2D:D3:8F:84:EC:11:A3:55:F6:EA:84:DF:F5:A6:F1:DE:F9:49:76 Certificate issuer: /CN=b85b0c8a75893a4f8e1ef0d9a4d41478d8b33278 Certificate serial: 019B7CEDA66AAA10ED68FD9E31695B4A7163 Authority key identifier: B8:5B:0C:8A:75:89:3A:4F:8E:1E:F0:D9:A4:D4:14:78:D8:B3:32:78 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uFsMinWJOk-OHvDZpNQUeNizMng.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/8819e2-c4e3-4bce-a61c-305d41d53a65/1/8y3Tj4TsEaNV9uqE3_Wm8d75SXY.roa Signing time: Fri 02 Jan 2026 04:18:27 +0000 ROA not before: Fri 02 Jan 2026 04:18:27 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 13287 IP address blocks: 185.127.128.0/24 maxlen: 24 185.127.130.0/24 maxlen: 24 185.127.131.0/24 maxlen: 24 2a06:c980::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/8819e2-c4e3-4bce-a61c-305d41d53a65/1/uFsMinWJOk-OHvDZpNQUeNizMng.crl rsync://rpki.ripe.net/repository/DEFAULT/bd/8819e2-c4e3-4bce-a61c-305d41d53a65/1/uFsMinWJOk-OHvDZpNQUeNizMng.mft rsync://rpki.ripe.net/repository/DEFAULT/uFsMinWJOk-OHvDZpNQUeNizMng.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 28 Jan 2026 09:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:ed:a6:6a:aa:10:ed:68:fd:9e:31:69:5b:4a:71:63 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b85b0c8a75893a4f8e1ef0d9a4d41478d8b33278 Validity Not Before: Jan 2 04:18:27 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=f32dd38f84ec11a355f6ea84dff5a6f1def94976 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f3:4c:64:87:4d:3a:8c:7e:1d:ab:1d:5b:72:c7: 1c:85:5d:ee:66:60:9b:ca:fb:81:bd:79:56:39:52: b5:30:a5:0d:c8:f5:60:47:37:36:28:26:f7:90:31: bb:a8:72:7e:a8:7d:fd:32:b5:01:8a:5b:02:e9:0a: a5:18:d1:10:34:e8:b4:0a:56:9b:1c:81:db:3f:f7: 92:71:57:70:bb:9f:64:3e:fc:d3:94:07:e3:91:09: 99:62:93:30:47:4f:86:5c:4d:aa:9c:32:69:3c:a7: 23:33:c7:fb:f0:f9:73:6b:05:3a:88:41:1d:1d:b1: e7:a4:b3:bc:bd:02:74:00:40:ff:b1:bc:02:ed:c4: 09:67:2a:5c:79:d6:cb:3f:7e:c0:5c:dc:a2:ed:54: 77:db:9e:2e:40:1f:dc:51:aa:bf:8c:2c:94:54:a3: e1:57:02:a4:00:ed:b2:01:af:7f:11:f6:d1:57:bf: 38:9d:22:f0:2a:b2:28:fd:00:69:77:7d:b0:63:fe: 55:fa:e7:1a:bf:62:20:71:98:eb:5b:39:ac:f5:00: 70:db:9c:b3:47:66:e1:7e:90:ab:84:93:a0:f4:95: 50:f1:29:3d:66:00:8e:6d:16:d7:e7:e0:76:d7:97: 80:13:5a:26:93:71:d7:70:5d:7f:ff:51:3a:f7:68: ae:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F3:2D:D3:8F:84:EC:11:A3:55:F6:EA:84:DF:F5:A6:F1:DE:F9:49:76 X509v3 Authority Key Identifier: keyid:B8:5B:0C:8A:75:89:3A:4F:8E:1E:F0:D9:A4:D4:14:78:D8:B3:32:78 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uFsMinWJOk-OHvDZpNQUeNizMng.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/8819e2-c4e3-4bce-a61c-305d41d53a65/1/8y3Tj4TsEaNV9uqE3_Wm8d75SXY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/8819e2-c4e3-4bce-a61c-305d41d53a65/1/uFsMinWJOk-OHvDZpNQUeNizMng.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.127.128.0/24 185.127.130.0/23 IPv6: 2a06:c980::/29 Signature Algorithm: sha256WithRSAEncryption 17:c4:22:a1:a5:4d:59:64:2a:21:91:13:81:b6:f7:76:cd:24: 8a:2e:30:91:d5:62:f4:77:cc:b3:11:c8:00:7c:92:e5:06:5d: 6d:80:3c:9a:9f:10:6e:8b:db:4e:2f:e0:b7:41:53:cc:94:b5: 3c:1d:5c:43:d1:b6:4d:c9:62:ef:f8:c8:a8:33:85:5b:30:85: 39:4f:8a:e7:62:c9:fe:26:24:71:24:43:b4:d2:98:9a:5a:fb: 8d:01:1d:40:f8:bf:12:2d:36:e1:48:c2:35:24:f3:0a:90:aa: c0:7f:29:a6:6a:55:2b:ef:ec:01:fe:e4:a5:1b:bb:db:43:2e: d3:c8:26:92:b0:da:31:80:7f:1b:8a:fe:0f:1f:16:c4:56:d7: 27:78:89:8f:f0:26:94:a0:db:d4:d6:03:cc:58:93:05:9d:9e: 4a:49:91:3c:da:31:23:14:df:51:f7:ee:d6:78:0b:c9:cf:29: 4e:5a:71:d0:cf:0c:5c:60:16:4e:7f:41:d9:c1:db:19:42:b9: ad:9a:9d:94:c6:2c:66:9e:88:09:c7:54:4d:ec:09:0a:d0:4f: ce:83:48:13:a5:44:45:9a:4c:d8:35:be:4d:a9:f0:23:fd:61: 7c:f9:89:ad:06:8b:df:36:97:b0:0f:da:c6:24:ac:31:9e:04: 26:c5:04:b8 -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt87aZqqhDtaP2eMWlbSnFjMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI4NWIwYzhhNzU4OTNhNGY4ZTFlZjBkOWE0ZDQxNDc4ZDhi MzMyNzgwHhcNMjYwMTAyMDQxODI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmMzJkZDM4Zjg0ZWMxMWEzNTVmNmVhODRkZmY1YTZmMWRlZjk0OTc2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA80xkh006jH4dqx1bcscchV3uZmCb yvuBvXlWOVK1MKUNyPVgRzc2KCb3kDG7qHJ+qH39MrUBilsC6QqlGNEQNOi0Clab HIHbP/eScVdwu59kPvzTlAfjkQmZYpMwR0+GXE2qnDJpPKcjM8f78PlzawU6iEEd HbHnpLO8vQJ0AED/sbwC7cQJZypcedbLP37AXNyi7VR3254uQB/cUaq/jCyUVKPh VwKkAO2yAa9/EfbRV784nSLwKrIo/QBpd32wY/5V+ucav2IgcZjrWzms9QBw25yz R2bhfpCrhJOg9JVQ8Sk9ZgCObRbX5+B215eAE1omk3HXcF1//1E692iudQIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFPMt04+E7BGjVfbqhN/1pvHe+Ul2MB8GA1UdIwQY MBaAFLhbDIp1iTpPjh7w2aTUFHjYszJ4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdUZzTWluV0pPay1PSHZEWnBOUVVlTml6TW5nLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC84ODE5ZTItYzRlMy00YmNlLWE2MWMt MzA1ZDQxZDUzYTY1LzEvOHkzVGo0VHNFYU5WOXVxRTNfV204ZDc1U1hZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iZC84ODE5ZTItYzRlMy00YmNlLWE2MWMtMzA1ZDQxZDUzYTY1 LzEvdUZzTWluV0pPay1PSHZEWnBOUVVlTml6TW5nLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAuX+AAwQB uX+CMA0EAgACMAcDBQMqBsmAMA0GCSqGSIb3DQEBCwUAA4IBAQAXxCKhpU1ZZCoh kROBtvd2zSSKLjCR1WL0d8yzEcgAfJLlBl1tgDyanxBui9tOL+C3QVPMlLU8HVxD 0bZNyWLv+MioM4VbMIU5T4rnYsn+JiRxJEO00piaWvuNAR1A+L8SLTbhSMI1JPMK kKrAfymmalUr7+wB/uSlG7vbQy7TyCaSsNoxgH8biv4PHxbEVtcneImP8CaUoNvU 1gPMWJMFnZ5KSZE82jEjFN9R9+7WeAvJzylOWnHQzwxcYBZOf0HZwdsZQrmtmp2U xixmnogJx1RN7AkK0E/Og0gTpURFmkzYNb5NqfAj/WF8+YmtBovfNpewD9rGJKwx ngQmxQS4 -----END CERTIFICATE-----Generated at Tue Jan 27 18:01:02 2026 by rpki-client