This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/aa8b46-9645-4620-8479-5d560989cf7b/1/ump-T-Zk5smBJGROWuvq0wKLYtU.roa File: ump-T-Zk5smBJGROWuvq0wKLYtU.roa (raw, json) Hash identifier: d7Jxavk2v4nvC9HxmOaWBHBF05sdZuO02u6a4JXxdtI= Subject key identifier: BA:6A:7E:4F:E6:64:E6:C9:81:24:64:4E:5A:EB:EA:D3:02:8B:62:D5 Certificate issuer: /CN=05f3e160172ecc75c8cab1bae271be3ebf407a80 Certificate serial: 019B7D5B7935BC40ED8DB6A1C1C7A67C3AFB Authority key identifier: 05:F3:E1:60:17:2E:CC:75:C8:CA:B1:BA:E2:71:BE:3E:BF:40:7A:80 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BfPhYBcuzHXIyrG64nG-Pr9AeoA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/aa8b46-9645-4620-8479-5d560989cf7b/1/ump-T-Zk5smBJGROWuvq0wKLYtU.roa Signing time: Fri 02 Jan 2026 06:18:25 +0000 ROA not before: Fri 02 Jan 2026 06:18:25 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 3257 IP address blocks: 80.253.96.0/19 maxlen: 24 83.245.0.0/17 maxlen: 24 89.167.128.0/17 maxlen: 24 92.60.240.0/20 maxlen: 24 213.228.192.0/18 maxlen: 24 217.79.160.0/20 maxlen: 24 2a02:9e8::/32 maxlen: 64 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ce/aa8b46-9645-4620-8479-5d560989cf7b/1/BfPhYBcuzHXIyrG64nG-Pr9AeoA.crl rsync://rpki.ripe.net/repository/DEFAULT/ce/aa8b46-9645-4620-8479-5d560989cf7b/1/BfPhYBcuzHXIyrG64nG-Pr9AeoA.mft rsync://rpki.ripe.net/repository/DEFAULT/BfPhYBcuzHXIyrG64nG-Pr9AeoA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 06:21:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5b:79:35:bc:40:ed:8d:b6:a1:c1:c7:a6:7c:3a:fb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=05f3e160172ecc75c8cab1bae271be3ebf407a80 Validity Not Before: Jan 2 06:18:25 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=ba6a7e4fe664e6c98124644e5aebead3028b62d5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:6a:8f:af:5c:31:42:b0:0f:a8:7d:50:fd:c4: a6:05:74:1a:5c:8b:ad:ec:d7:47:22:1b:98:2e:c5: 1e:de:74:8a:ad:ab:a8:7c:08:98:01:59:ca:62:a0: e4:b1:c2:9b:ff:44:7b:85:f8:1c:c0:fe:73:b4:91: b8:f5:db:dc:66:e5:a7:63:e8:21:de:30:6b:2f:72: d8:d0:5f:90:e4:4b:df:95:a5:f3:97:73:f6:e6:6a: c3:05:ca:8f:86:93:22:09:65:f6:01:1e:f1:01:cd: 5b:51:21:d6:08:f0:ae:74:75:bb:17:7e:80:60:1c: dd:2f:78:7a:3c:41:6d:87:81:ba:3a:46:97:1d:4b: 0a:29:aa:6e:99:22:54:99:c7:93:26:65:b3:e3:68: 5d:cb:2d:b2:ac:7a:69:97:9d:92:f8:24:08:0f:b3: 85:18:f6:c0:c0:03:81:cf:5d:e5:c3:53:01:e2:d1: 2c:33:a3:61:9a:dd:fc:6c:79:32:5e:c7:56:40:cf: e5:08:b0:66:04:65:db:1e:95:dd:4b:c0:a0:46:ca: 0d:58:be:29:5f:e0:22:19:cb:01:ca:de:ad:13:77: f7:6e:42:9a:7f:d0:aa:ec:70:d1:34:39:58:43:d1: d3:f9:43:3c:ff:7b:68:f2:f9:50:31:16:b4:55:64: 29:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BA:6A:7E:4F:E6:64:E6:C9:81:24:64:4E:5A:EB:EA:D3:02:8B:62:D5 X509v3 Authority Key Identifier: keyid:05:F3:E1:60:17:2E:CC:75:C8:CA:B1:BA:E2:71:BE:3E:BF:40:7A:80 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BfPhYBcuzHXIyrG64nG-Pr9AeoA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/aa8b46-9645-4620-8479-5d560989cf7b/1/ump-T-Zk5smBJGROWuvq0wKLYtU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/aa8b46-9645-4620-8479-5d560989cf7b/1/BfPhYBcuzHXIyrG64nG-Pr9AeoA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 80.253.96.0/19 83.245.0.0/17 89.167.128.0/17 92.60.240.0/20 213.228.192.0/18 217.79.160.0/20 IPv6: 2a02:9e8::/32 Signature Algorithm: sha256WithRSAEncryption 47:c7:6e:0e:b9:1e:d3:54:4d:fb:ca:3a:39:d0:21:f6:e9:8b: 26:d9:c7:8f:ca:d7:be:d7:5a:c4:7b:34:55:0f:24:f3:85:35: 99:5d:37:ec:64:6f:16:3d:64:99:03:f2:de:d5:b4:00:9f:4b: 40:bc:fc:0f:9d:72:c3:5e:65:23:98:df:c2:45:00:dd:da:4c: c8:81:0b:fb:4d:a8:3f:b4:fd:3d:d0:87:0e:65:75:25:c2:06: 6d:9a:da:7e:b0:14:d8:00:cb:9e:c3:8b:76:fb:e8:68:d7:0e: e8:44:ec:3b:ec:08:d5:81:51:bb:cb:31:b0:8d:ec:32:e6:fe: f8:53:46:bb:4b:ca:72:d7:58:e2:d6:93:37:2c:0f:8b:0a:e9: 26:ea:fa:1c:31:3d:88:df:de:ce:a3:c3:3e:55:c3:56:44:d7: 4e:19:35:20:2e:75:26:70:64:b4:d5:9a:5c:77:09:7b:bc:2d: bf:31:bd:91:d9:31:1b:93:85:91:d4:de:f9:f5:63:4c:bf:1f: 16:e0:df:e6:98:a3:58:bf:42:cc:57:97:83:f4:8d:b1:b0:7a: cc:db:2a:e7:9f:b6:af:7c:09:49:d6:b3:75:cf:b1:35:65:0e: 3c:11:57:0c:01:c2:91:8b:44:73:15:b9:d2:18:57:af:b4:a1: 3a:39:a2:c3 -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgISAZt9W3k1vEDtjbahwcemfDr7MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA1ZjNlMTYwMTcyZWNjNzVjOGNhYjFiYWUyNzFiZTNlYmY0 MDdhODAwHhcNMjYwMTAyMDYxODI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiYTZhN2U0ZmU2NjRlNmM5ODEyNDY0NGU1YWViZWFkMzAyOGI2MmQ1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs2qPr1wxQrAPqH1Q/cSmBXQaXIut 7NdHIhuYLsUe3nSKrauofAiYAVnKYqDkscKb/0R7hfgcwP5ztJG49dvcZuWnY+gh 3jBrL3LY0F+Q5EvflaXzl3P25mrDBcqPhpMiCWX2AR7xAc1bUSHWCPCudHW7F36A YBzdL3h6PEFth4G6OkaXHUsKKapumSJUmceTJmWz42hdyy2yrHppl52S+CQID7OF GPbAwAOBz13lw1MB4tEsM6Nhmt38bHkyXsdWQM/lCLBmBGXbHpXdS8CgRsoNWL4p X+AiGcsByt6tE3f3bkKaf9Cq7HDRNDlYQ9HT+UM8/3to8vlQMRa0VWQpfwIDAQAB o4ICNjCCAjIwHQYDVR0OBBYEFLpqfk/mZObJgSRkTlrr6tMCi2LVMB8GA1UdIwQY MBaAFAXz4WAXLsx1yMqxuuJxvj6/QHqAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQmZQaFlCY3V6SFhJeXJHNjRuRy1QcjlBZW9BLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS9hYThiNDYtOTY0NS00NjIwLTg0Nzkt NWQ1NjA5ODljZjdiLzEvdW1wLVQtWms1c21CSkdST1d1dnEwd0tMWXRVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jZS9hYThiNDYtOTY0NS00NjIwLTg0NzktNWQ1NjA5ODljZjdi LzEvQmZQaFlCY3V6SFhJeXJHNjRuRy1QcjlBZW9BLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQFUP1gAwQH U/UAAwQHWaeAAwQEXDzwAwQG1eTAAwQE2U+gMA0EAgACMAcDBQAqAgnoMA0GCSqG SIb3DQEBCwUAA4IBAQBHx24OuR7TVE37yjo50CH26Ysm2cePyte+11rEezRVDyTz hTWZXTfsZG8WPWSZA/Le1bQAn0tAvPwPnXLDXmUjmN/CRQDd2kzIgQv7Tag/tP09 0IcOZXUlwgZtmtp+sBTYAMuew4t2++ho1w7oROw77AjVgVG7yzGwjewy5v74U0a7 S8py11ji1pM3LA+LCukm6vocMT2I397Oo8M+VcNWRNdOGTUgLnUmcGS01Zpcdwl7 vC2/Mb2R2TEbk4WR1N759WNMvx8W4N/mmKNYv0LMV5eD9I2xsHrM2yrnn7avfAlJ 1rN1z7E1ZQ48EVcMAcKRi0RzFbnSGFevtKE6OaLD -----END CERTIFICATE-----Generated at Fri Jan 2 16:27:19 2026 by rpki-client