This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/UhGW6dl-ME2u7P68oZQR4ngjVTM.roa File: UhGW6dl-ME2u7P68oZQR4ngjVTM.roa (raw, json) Hash identifier: yHH1bOJVbDxIUnOJRWdM16USF7uKpZsUS8QEK6mDBRM= Subject key identifier: 52:11:96:E9:D9:7E:30:4D:AE:EC:FE:BC:A1:94:11:E2:78:23:55:33 Certificate issuer: /CN=b05d28d16626bc5dcabf2e915435782b96e14071 Certificate serial: 019B7E38959BC80BA3917B58D2F399851D8D Authority key identifier: B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/UhGW6dl-ME2u7P68oZQR4ngjVTM.roa Signing time: Fri 02 Jan 2026 10:19:56 +0000 ROA not before: Fri 02 Jan 2026 10:19:56 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 13127 IP address blocks: 2a04:9a00:1118::/48 maxlen: 48 2a07:3501:1080::/48 maxlen: 48 2a07:3501:1081::/48 maxlen: 48 2a07:3502:1190::/48 maxlen: 48 2a07:3502:1192::/48 maxlen: 48 2a07:3502:1193::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.crl rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.mft rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 19:01:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:38:95:9b:c8:0b:a3:91:7b:58:d2:f3:99:85:1d:8d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b05d28d16626bc5dcabf2e915435782b96e14071 Validity Not Before: Jan 2 10:19:56 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=521196e9d97e304daeecfebca19411e278235533 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:1d:46:21:5b:50:ad:ec:a2:2e:6c:77:fa:51: b7:58:d3:e3:62:dd:30:b9:ce:7c:28:c9:70:31:7d: bc:4e:94:cc:16:60:0e:2b:29:ca:d6:09:14:d3:0d: a5:ce:1d:e2:d5:15:4a:96:9f:13:ca:93:94:6f:7e: a0:15:f7:73:46:16:fe:0f:51:ce:74:c3:ac:d2:a4: e3:cc:96:c4:dc:24:f6:e5:3d:c3:30:01:3c:6b:e6: 87:42:69:73:60:8e:79:c3:8d:37:ad:71:c3:6f:ed: 36:59:11:32:b9:6d:7a:24:a2:b2:85:df:55:9f:c1: cd:0f:3b:69:bf:d8:76:24:e6:e8:90:ca:12:6b:6c: 77:e2:b4:46:a9:77:58:2b:2b:56:78:05:60:01:eb: bf:c9:8c:21:7c:68:6d:b3:db:e1:ea:cb:06:31:39: 35:c8:ac:f5:0d:4c:8f:2e:fc:72:74:d5:e8:6c:00: 30:6c:ea:05:ec:e8:fb:d4:ec:c1:59:2c:0c:6e:14: 87:3f:fd:c6:d0:5b:0a:f4:59:28:1d:bc:b0:0c:eb: e2:6d:b8:00:1b:21:c7:99:1c:ea:3d:bb:fe:30:91: be:d3:22:c9:59:e3:2e:f7:08:27:53:2e:07:d4:01: e1:59:23:d8:84:f5:b2:28:18:ba:d5:86:68:7d:84: 15:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 52:11:96:E9:D9:7E:30:4D:AE:EC:FE:BC:A1:94:11:E2:78:23:55:33 X509v3 Authority Key Identifier: keyid:B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/UhGW6dl-ME2u7P68oZQR4ngjVTM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a04:9a00:1118::/48 2a07:3501:1080::/47 2a07:3502:1190::/48 2a07:3502:1192::/47 Signature Algorithm: sha256WithRSAEncryption 43:a1:05:6f:f3:23:c0:c5:09:bf:5c:8f:ff:a8:a5:c9:d6:75: 53:48:57:87:3f:74:db:8b:1d:44:64:6f:5c:6a:c3:02:be:54: 4a:a4:d6:56:6b:fc:6b:c9:63:32:c2:4a:1c:41:35:2c:14:36: 23:c3:cb:0f:cd:6e:b6:77:75:e2:11:0d:6a:3a:64:6c:e5:1b: e5:1c:39:4a:85:b5:ee:f7:86:88:72:c9:89:26:79:0b:97:76: 97:3b:03:3b:bf:c0:ac:dc:35:04:f7:1a:07:2b:96:4b:4c:d1: 71:37:5e:ab:d2:63:1e:d5:4d:57:63:e1:5d:0b:0b:50:50:1a: 5e:b4:ab:77:41:56:09:d0:11:4a:dc:6b:02:f9:46:8e:90:de: d2:94:8d:df:de:33:52:bd:b7:2a:d7:f9:2d:49:ad:bb:8a:09: 54:9c:e1:c1:b3:09:88:e6:08:da:0b:95:b9:03:07:58:61:37: bf:91:f3:3f:85:8e:55:c9:0d:9b:f8:78:43:a1:0a:d2:4a:32: fd:c1:2b:9a:f7:7e:64:87:d2:b4:ed:55:94:9b:f3:69:6c:53: eb:ae:92:5a:28:cb:79:02:97:6d:b4:52:f3:6f:ee:4e:79:59: ec:06:ab:90:e8:11:98:1a:7a:06:84:7c:e3:ea:9e:4b:5b:54: b8:6a:36:f3 -----BEGIN CERTIFICATE----- MIIFGzCCBAOgAwIBAgISAZt+OJWbyAujkXtY0vOZhR2NMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIwNWQyOGQxNjYyNmJjNWRjYWJmMmU5MTU0MzU3ODJiOTZl MTQwNzEwHhcNMjYwMTAyMTAxOTU2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1MjExOTZlOWQ5N2UzMDRkYWVlY2ZlYmNhMTk0MTFlMjc4MjM1NTMzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2R1GIVtQreyiLmx3+lG3WNPjYt0w uc58KMlwMX28TpTMFmAOKynK1gkU0w2lzh3i1RVKlp8TypOUb36gFfdzRhb+D1HO dMOs0qTjzJbE3CT25T3DMAE8a+aHQmlzYI55w403rXHDb+02WREyuW16JKKyhd9V n8HNDztpv9h2JObokMoSa2x34rRGqXdYKytWeAVgAeu/yYwhfGhts9vh6ssGMTk1 yKz1DUyPLvxydNXobAAwbOoF7Oj71OzBWSwMbhSHP/3G0FsK9FkoHbywDOvibbgA GyHHmRzqPbv+MJG+0yLJWeMu9wgnUy4H1AHhWSPYhPWyKBi61YZofYQV1wIDAQAB o4ICJzCCAiMwHQYDVR0OBBYEFFIRlunZfjBNruz+vKGUEeJ4I1UzMB8GA1UdIwQY MBaAFLBdKNFmJrxdyr8ukVQ1eCuW4UBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEt YWQ1NzU1MjJiMzY1LzEvVWhHVzZkbC1NRTJ1N1A2OG9aUVI0bmdqVlRNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEtYWQ1NzU1MjJiMzY1 LzEvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAAjAkAwcAKgSaABEY AwcBKgc1ARCAAwcAKgc1AhGQAwcBKgc1AhGSMA0GCSqGSIb3DQEBCwUAA4IBAQBD oQVv8yPAxQm/XI//qKXJ1nVTSFeHP3Tbix1EZG9casMCvlRKpNZWa/xryWMywkoc QTUsFDYjw8sPzW62d3XiEQ1qOmRs5RvlHDlKhbXu94aIcsmJJnkLl3aXOwM7v8Cs 3DUE9xoHK5ZLTNFxN16r0mMe1U1XY+FdCwtQUBpetKt3QVYJ0BFK3GsC+UaOkN7S lI3f3jNSvbcq1/ktSa27iglUnOHBswmI5gjaC5W5AwdYYTe/kfM/hY5VyQ2b+HhD oQrSSjL9wSua935kh9K07VWUm/NpbFPrrpJaKMt5ApdttFLzb+5OeVnsBquQ6BGY GnoGhHzj6p5LW1S4ajbz -----END CERTIFICATE-----Generated at Tue Jan 20 04:47:37 2026 by rpki-client