This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/uBzvm71VAJIjS9oXOzzgbdAbwTQ.roa File: uBzvm71VAJIjS9oXOzzgbdAbwTQ.roa (raw, json) Hash identifier: Km5VRE7tBd96n2M5uc47Oim9JP4lJW6hKMdElqTzBXs= Subject key identifier: B8:1C:EF:9B:BD:55:00:92:23:4B:DA:17:3B:3C:E0:6D:D0:1B:C1:34 Certificate issuer: /CN=b05d28d16626bc5dcabf2e915435782b96e14071 Certificate serial: 019B7E38953DDA21E8012C5520F3C600DE95 Authority key identifier: B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/uBzvm71VAJIjS9oXOzzgbdAbwTQ.roa Signing time: Fri 02 Jan 2026 10:19:55 +0000 ROA not before: Fri 02 Jan 2026 10:19:55 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 8075 IP address blocks: 2a04:9a00:1480::/48 maxlen: 48 2a04:9a00:1484::/48 maxlen: 48 2a04:9a00:1488::/48 maxlen: 48 2a04:9a00:148c::/48 maxlen: 48 2a07:3502:1191::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.crl rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.mft rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 19 Jan 2026 06:00:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:38:95:3d:da:21:e8:01:2c:55:20:f3:c6:00:de:95 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b05d28d16626bc5dcabf2e915435782b96e14071 Validity Not Before: Jan 2 10:19:55 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=b81cef9bbd550092234bda173b3ce06dd01bc134 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:9f:22:03:e7:22:ed:c0:bb:e1:71:87:cc:cf: 2b:6a:87:77:fb:c6:4a:e6:27:00:1d:11:36:75:27: c4:b8:b8:39:11:f9:fe:4c:81:0a:ef:1d:dc:fa:65: 0c:3e:1e:fd:c4:cf:ac:c2:f5:b4:19:11:27:64:87: 87:23:4e:dd:dc:52:ed:05:df:ad:6a:2b:24:45:aa: 22:99:6b:c0:ec:fc:d3:ce:eb:14:df:56:0e:e6:2b: 6a:0d:b6:9f:c8:9a:10:a3:1a:27:a8:7a:17:3b:6c: 66:97:73:f3:72:28:42:f5:14:60:2f:4b:5d:33:fc: 6a:a4:4f:c6:b7:93:d7:85:11:2f:bd:16:da:3d:93: 61:00:7d:63:c1:f9:ed:61:d4:7b:9e:ef:d7:85:b7: 13:01:5a:31:8a:0b:94:5b:3c:7f:f1:56:a3:12:a4: f7:8d:d4:c3:6c:e1:85:14:3d:ca:59:48:3e:b6:38: 21:08:de:7c:01:7e:34:6d:d9:38:4e:1f:3f:82:77: 65:de:d5:b4:46:44:51:9d:dc:86:7e:d4:bc:68:c7: a3:2b:97:34:b8:2c:5c:43:96:d5:f5:b9:5d:fd:f2: 14:fb:3d:cc:32:b5:7d:ea:88:ab:b9:d9:38:07:a7: b1:c9:b5:53:bb:6f:7d:7f:c5:31:6a:20:49:9b:08: b8:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B8:1C:EF:9B:BD:55:00:92:23:4B:DA:17:3B:3C:E0:6D:D0:1B:C1:34 X509v3 Authority Key Identifier: keyid:B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/uBzvm71VAJIjS9oXOzzgbdAbwTQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a04:9a00:1480::/48 2a04:9a00:1484::/48 2a04:9a00:1488::/48 2a04:9a00:148c::/48 2a07:3502:1191::/48 Signature Algorithm: sha256WithRSAEncryption 88:d7:c4:13:72:f9:a8:6d:4d:2d:8f:ba:aa:4e:d9:a9:a6:eb: ce:24:48:36:65:9c:72:57:bb:40:ef:42:dc:0d:d7:d8:a3:64: ed:ff:57:dd:3f:eb:7a:fc:77:e3:94:99:31:51:11:c9:d3:54: ad:e0:1a:80:15:d8:7d:74:da:b8:ee:0a:6e:14:30:00:5a:68: 05:b4:3f:ae:45:33:c7:be:1e:70:06:81:49:3d:99:f9:a8:7f: c4:21:d5:12:6a:5c:49:0e:4e:45:b5:7e:2d:75:c6:77:64:d1: 54:a5:a7:be:b9:56:6a:89:9a:71:6f:5f:72:bf:7d:14:44:2d: b0:e9:e3:0a:0a:da:7b:ed:05:5b:3f:3f:68:44:2d:9a:6d:5f: 46:a0:bd:ee:b8:64:29:1d:fe:6d:c1:79:b3:ef:82:75:3f:9f: 94:91:74:8a:9b:e0:3e:b0:4d:b4:76:53:ff:a6:7a:07:15:52: 73:96:65:c5:9a:88:9d:24:8e:38:f8:1a:6e:b9:32:0e:e3:9d: a8:4e:5d:4f:5f:77:90:a9:db:e2:62:e2:52:a8:81:e3:59:9c: 8c:67:ae:8e:72:18:da:77:86:48:fc:60:bc:ba:10:81:15:91: 3e:ad:28:44:f5:fd:14:fc:fb:23:46:9d:de:d2:5f:73:fb:80: 79:61:c5:bf -----BEGIN CERTIFICATE----- MIIFJDCCBAygAwIBAgISAZt+OJU92iHoASxVIPPGAN6VMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIwNWQyOGQxNjYyNmJjNWRjYWJmMmU5MTU0MzU3ODJiOTZl MTQwNzEwHhcNMjYwMTAyMTAxOTU1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiODFjZWY5YmJkNTUwMDkyMjM0YmRhMTczYjNjZTA2ZGQwMWJjMTM0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuZ8iA+ci7cC74XGHzM8raod3+8ZK 5icAHRE2dSfEuLg5Efn+TIEK7x3c+mUMPh79xM+swvW0GREnZIeHI07d3FLtBd+t aiskRaoimWvA7PzTzusU31YO5itqDbafyJoQoxonqHoXO2xml3PzcihC9RRgL0td M/xqpE/Gt5PXhREvvRbaPZNhAH1jwfntYdR7nu/XhbcTAVoxiguUWzx/8VajEqT3 jdTDbOGFFD3KWUg+tjghCN58AX40bdk4Th8/gndl3tW0RkRRndyGftS8aMejK5c0 uCxcQ5bV9bld/fIU+z3MMrV96oirudk4B6exybVTu299f8UxaiBJmwi4fQIDAQAB o4ICMDCCAiwwHQYDVR0OBBYEFLgc75u9VQCSI0vaFzs84G3QG8E0MB8GA1UdIwQY MBaAFLBdKNFmJrxdyr8ukVQ1eCuW4UBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEt YWQ1NzU1MjJiMzY1LzEvdUJ6dm03MVZBSklqUzlvWE96emdiZEFid1RRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEtYWQ1NzU1MjJiMzY1 LzEvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAzBAIAAjAtAwcAKgSaABSA AwcAKgSaABSEAwcAKgSaABSIAwcAKgSaABSMAwcAKgc1AhGRMA0GCSqGSIb3DQEB CwUAA4IBAQCI18QTcvmobU0tj7qqTtmppuvOJEg2ZZxyV7tA70LcDdfYo2Tt/1fd P+t6/HfjlJkxURHJ01St4BqAFdh9dNq47gpuFDAAWmgFtD+uRTPHvh5wBoFJPZn5 qH/EIdUSalxJDk5FtX4tdcZ3ZNFUpae+uVZqiZpxb19yv30URC2w6eMKCtp77QVb Pz9oRC2abV9GoL3uuGQpHf5twXmz74J1P5+UkXSKm+A+sE20dlP/pnoHFVJzlmXF moidJI44+BpuuTIO452oTl1PX3eQqdviYuJSqIHjWZyMZ66Ochjad4ZI/GC8uhCB FZE+rShE9f0U/PsjRp3e0l9z+4B5YcW/ -----END CERTIFICATE-----Generated at Sun Jan 18 15:29:20 2026 by rpki-client