This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/de6383-4ad5-457b-953c-a776fede9905/1/1-UcYB_bC1Q74xvMeMptRl_v4GSM.roa File: 1-UcYB_bC1Q74xvMeMptRl_v4GSM.roa (raw, json) Hash identifier: CZsJE/C7u1KFT+BSHVUsJyL6cOqDP5qXckw/MXkpdZw= Subject key identifier: F9:47:18:07:F6:C2:D5:0E:F8:C6:F3:1E:32:9B:51:97:FB:F8:19:23 Certificate issuer: /CN=53f3590809d187f7b361fb24cd43f93f664b20b3 Certificate serial: 019B7F13B50C3583E3A32253319C2B6E2693 Authority key identifier: 53:F3:59:08:09:D1:87:F7:B3:61:FB:24:CD:43:F9:3F:66:4B:20:B3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U_NZCAnRh_ezYfskzUP5P2ZLILM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/de6383-4ad5-457b-953c-a776fede9905/1/1-UcYB_bC1Q74xvMeMptRl_v4GSM.roa Signing time: Fri 02 Jan 2026 14:19:16 +0000 ROA not before: Fri 02 Jan 2026 14:19:16 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 60349 IP address blocks: 194.38.36.0/22 maxlen: 23 194.38.36.0/24 maxlen: 24 194.38.38.0/24 maxlen: 24 194.38.39.0/24 maxlen: 24 2a09:6d40::/31 maxlen: 31 2a09:6d40::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/de6383-4ad5-457b-953c-a776fede9905/1/U_NZCAnRh_ezYfskzUP5P2ZLILM.crl rsync://rpki.ripe.net/repository/DEFAULT/c3/de6383-4ad5-457b-953c-a776fede9905/1/U_NZCAnRh_ezYfskzUP5P2ZLILM.mft rsync://rpki.ripe.net/repository/DEFAULT/U_NZCAnRh_ezYfskzUP5P2ZLILM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 21 Jan 2026 03:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:13:b5:0c:35:83:e3:a3:22:53:31:9c:2b:6e:26:93 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=53f3590809d187f7b361fb24cd43f93f664b20b3 Validity Not Before: Jan 2 14:19:16 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=f9471807f6c2d50ef8c6f31e329b5197fbf81923 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:55:9b:f1:87:1b:1a:38:35:d7:f6:e9:5f:62: 84:80:20:14:e9:7f:c8:0c:5e:29:f6:12:3d:5b:e6: b0:d8:a4:9d:0d:ba:ef:58:e7:3f:4b:d7:a8:c1:b0: 38:44:2b:ce:14:d7:73:43:d7:1d:71:55:db:be:a7: 9d:11:2c:82:a1:9b:2d:8b:4e:e6:63:21:81:bc:9a: 8f:23:76:3f:65:9b:f2:3f:6d:5b:c3:d4:c6:0f:be: a8:0e:7c:b8:7e:2b:d2:53:f8:44:c0:6e:e3:2e:5e: ab:c0:72:b8:4b:fd:a5:60:bb:af:46:ff:27:85:8d: f5:aa:b9:97:1f:7a:b9:b0:82:ac:ba:4b:2e:44:7b: c2:b3:f8:df:30:00:dd:6d:30:cb:d4:86:b1:72:8a: 49:3a:c4:f5:f4:28:9c:59:6c:a0:48:37:94:d2:3a: 8e:2b:e9:f9:9a:7d:8a:6d:46:0d:42:ad:0b:0d:0f: 41:bc:ea:f0:70:35:f6:24:fe:1d:50:15:ac:97:5b: a1:fe:7f:8c:fb:eb:42:54:90:ea:4d:51:79:21:8c: 29:70:d7:76:69:4a:48:01:ee:23:1e:12:95:6c:3f: b6:9b:77:77:6d:6e:4e:28:4d:62:a4:9c:72:db:bc: 50:98:71:a3:1a:74:31:66:df:77:cc:dd:de:74:43: 09:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F9:47:18:07:F6:C2:D5:0E:F8:C6:F3:1E:32:9B:51:97:FB:F8:19:23 X509v3 Authority Key Identifier: keyid:53:F3:59:08:09:D1:87:F7:B3:61:FB:24:CD:43:F9:3F:66:4B:20:B3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U_NZCAnRh_ezYfskzUP5P2ZLILM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/de6383-4ad5-457b-953c-a776fede9905/1/1-UcYB_bC1Q74xvMeMptRl_v4GSM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/de6383-4ad5-457b-953c-a776fede9905/1/U_NZCAnRh_ezYfskzUP5P2ZLILM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 194.38.36.0/22 IPv6: 2a09:6d40::/31 Signature Algorithm: sha256WithRSAEncryption 25:01:48:c8:5f:75:6f:2b:3e:7a:19:00:00:ca:0c:2e:8e:f9: 95:2c:89:40:0e:7a:8e:17:99:2c:05:0b:a6:9c:3f:54:3d:b3: bb:02:85:f8:94:66:68:0f:51:79:00:61:d4:00:8e:b0:42:15: 14:e1:ea:8c:4d:9f:81:f4:25:7f:a6:0e:08:8b:9e:1f:a9:75: 08:ea:da:14:c6:27:d8:be:7a:87:c3:c9:35:67:27:57:78:6a: 55:34:db:ad:97:aa:dc:71:73:1b:bf:dc:61:4a:26:3c:94:0c: 95:8c:b4:38:74:a7:90:0f:79:f0:1c:c1:4e:4a:06:46:87:2b: 98:54:30:4f:a0:4a:b1:49:79:5f:d0:5b:bd:69:af:5c:19:8e: 87:b4:cf:aa:b4:4e:1b:83:cc:51:6a:97:59:11:3f:f8:ad:8c: 56:9c:99:6a:4a:7f:66:ed:fe:1b:07:73:d4:43:2e:31:47:59: c7:08:b1:6d:af:79:41:e4:79:76:71:49:87:38:9f:9d:2d:79: 94:62:97:b1:7e:7e:0f:db:bf:26:e3:49:8b:c2:1f:f6:88:0d: ac:5a:13:9e:8c:7e:d0:a5:05:22:71:e6:e2:f5:1e:3a:5a:31: f9:0b:10:72:c7:bd:81:49:cd:78:6c:00:e4:47:b0:23:49:69: d0:31:28:fb -----BEGIN CERTIFICATE----- MIIFDTCCA/WgAwIBAgISAZt/E7UMNYPjoyJTMZwrbiaTMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDUzZjM1OTA4MDlkMTg3ZjdiMzYxZmIyNGNkNDNmOTNmNjY0 YjIwYjMwHhcNMjYwMTAyMTQxOTE2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmOTQ3MTgwN2Y2YzJkNTBlZjhjNmYzMWUzMjliNTE5N2ZiZjgxOTIzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsVWb8YcbGjg11/bpX2KEgCAU6X/I DF4p9hI9W+aw2KSdDbrvWOc/S9eowbA4RCvOFNdzQ9cdcVXbvqedESyCoZsti07m YyGBvJqPI3Y/ZZvyP21bw9TGD76oDny4fivSU/hEwG7jLl6rwHK4S/2lYLuvRv8n hY31qrmXH3q5sIKsuksuRHvCs/jfMADdbTDL1IaxcopJOsT19CicWWygSDeU0jqO K+n5mn2KbUYNQq0LDQ9BvOrwcDX2JP4dUBWsl1uh/n+M++tCVJDqTVF5IYwpcNd2 aUpIAe4jHhKVbD+2m3d3bW5OKE1ipJxy27xQmHGjGnQxZt93zN3edEMJawIDAQAB o4ICGTCCAhUwHQYDVR0OBBYEFPlHGAf2wtUO+MbzHjKbUZf7+BkjMB8GA1UdIwQY MBaAFFPzWQgJ0Yf3s2H7JM1D+T9mSyCzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVV9OWkNBblJoX2V6WWZza3pVUDVQMlpMSUxNLmNlcjCB jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9kZTYzODMtNGFkNS00NTdiLTk1M2Mt YTc3NmZlZGU5OTA1LzEvMS1VY1lCX2JDMVE3NHh2TWVNcHRSbF92NEdTTS5yb2Ew gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0 b3J5L0RFRkFVTFQvYzMvZGU2MzgzLTRhZDUtNDU3Yi05NTNjLWE3NzZmZWRlOTkw NS8xL1VfTlpDQW5SaF9lellmc2t6VVA1UDJaTElMTS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAsImJDAN BAIAAjAHAwUBKgltQDANBgkqhkiG9w0BAQsFAAOCAQEAJQFIyF91bys+ehkAAMoM Lo75lSyJQA56jheZLAULppw/VD2zuwKF+JRmaA9ReQBh1ACOsEIVFOHqjE2fgfQl f6YOCIueH6l1COraFMYn2L56h8PJNWcnV3hqVTTbrZeq3HFzG7/cYUomPJQMlYy0 OHSnkA958BzBTkoGRocrmFQwT6BKsUl5X9BbvWmvXBmOh7TPqrROG4PMUWqXWRE/ +K2MVpyZakp/Zu3+Gwdz1EMuMUdZxwixba95QeR5dnFJhzifnS15lGKXsX5+D9u/ JuNJi8If9ogNrFoTnox+0KUFInHm4vUeOlox+QsQcse9gUnNeGwA5EewI0lp0DEo +w== -----END CERTIFICATE-----Generated at Tue Jan 20 10:11:07 2026 by rpki-client