This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/UIkdYyq7U5QFbqj8nm1MDHYTA3Q.roa File: UIkdYyq7U5QFbqj8nm1MDHYTA3Q.roa (raw, json) Hash identifier: Iqc4WSi7CKegZAP5q2zgSZuEbW0P2I5TjvdbiCFvKKE= Subject key identifier: 50:89:1D:63:2A:BB:53:94:05:6E:A8:FC:9E:6D:4C:0C:76:13:03:74 Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf Certificate serial: 019B7C1395A17FF68AAAD96A15594828F845 Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/UIkdYyq7U5QFbqj8nm1MDHYTA3Q.roa Signing time: Fri 02 Jan 2026 00:20:16 +0000 ROA not before: Fri 02 Jan 2026 00:20:16 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 211826 IP address blocks: 185.209.39.0/24 maxlen: 24 185.209.72.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.mft rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 19:40:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:13:95:a1:7f:f6:8a:aa:d9:6a:15:59:48:28:f8:45 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf Validity Not Before: Jan 2 00:20:16 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=50891d632abb5394056ea8fc9e6d4c0c76130374 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:0b:ea:3a:37:7f:14:c3:a4:1a:90:47:f3:c7: 1c:aa:d4:83:e3:0d:92:ef:16:bf:53:86:70:eb:80: a0:f8:8d:a0:28:eb:16:55:b7:56:38:d6:a9:cc:f9: 91:ed:c5:a9:ed:b4:83:9c:11:58:4e:e7:3a:9f:12: 34:ae:05:f8:2c:e2:df:1b:6e:fd:37:cf:b4:60:2a: 5d:71:e8:c1:f3:8e:35:e1:00:71:3c:ef:79:79:9d: 1a:eb:a6:2f:62:44:74:0c:c8:94:a2:25:79:b2:52: 19:66:06:8f:88:c9:96:d0:ea:73:e2:e2:ef:d8:93: 48:29:65:8f:de:8e:eb:28:c4:d5:45:34:a5:2a:65: 56:89:ae:63:d3:ea:5e:fd:a3:77:68:fc:f5:50:60: 6d:19:81:8b:a4:fc:eb:50:08:7f:e0:ad:ee:2d:4c: d3:68:60:b4:bb:fe:b4:2f:59:6c:4b:4b:a3:18:24: f6:46:d3:dc:44:77:1f:5a:28:01:ec:08:af:d6:88: 6b:ec:34:f7:94:38:7f:95:b3:dd:c2:1a:7f:0d:35: ed:90:0d:73:fe:b4:1b:16:ee:92:68:40:76:1c:26: e5:be:d5:0d:37:a5:3a:85:93:7c:bc:90:48:30:1f: 59:f2:f8:60:59:8a:59:e3:77:fe:a6:6e:b3:cf:18: 0c:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 50:89:1D:63:2A:BB:53:94:05:6E:A8:FC:9E:6D:4C:0C:76:13:03:74 X509v3 Authority Key Identifier: keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/UIkdYyq7U5QFbqj8nm1MDHYTA3Q.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.209.39.0/24 185.209.72.0/24 Signature Algorithm: sha256WithRSAEncryption bb:8a:4a:53:c2:61:34:36:6b:c0:a8:63:3a:d3:41:5c:e9:b5: 5c:63:17:c2:30:a2:57:4b:22:6d:d7:29:08:37:0b:5d:09:60: d6:72:ca:7b:fd:40:5a:2c:9d:6b:0a:32:ab:bd:35:01:bf:b7: 6a:85:fd:20:3e:4d:84:29:33:1f:80:41:72:91:7e:61:9b:27: e9:bb:c2:ce:29:81:4e:5d:e9:b4:59:2d:fd:b9:5e:42:90:de: 51:20:ce:9a:b0:60:e9:e6:0f:1c:7a:48:c3:cb:da:94:f8:de: 16:4c:dd:98:65:1a:fb:eb:2c:48:cc:ef:73:f5:2c:58:ca:09: a7:cb:b8:b4:2f:73:6b:e5:c8:48:1d:2c:8f:e0:8f:d7:69:58: f8:dd:13:3a:a8:71:11:6e:46:46:2d:2e:19:68:ea:e5:85:5d: 7e:9a:1e:5e:20:c3:22:70:cd:5a:d0:f0:69:68:83:1c:1c:56: ca:1a:2c:14:e1:d7:5f:a8:0d:ae:43:59:f2:0e:05:f6:35:a1: 12:5a:ff:f7:fd:ca:de:3f:3e:aa:44:5b:22:bb:7a:9c:60:55: e8:ec:1b:05:a7:07:1b:98:f4:cf:5e:03:19:1d:8a:8f:df:d5: b6:5a:f8:dd:cd:0f:a1:f9:75:f8:4e:89:f2:77:bf:fa:27:35: 07:85:8f:5e -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt8E5Whf/aKqtlqFVlIKPhFMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx MTRjYWYwHhcNMjYwMTAyMDAyMDE2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1MDg5MWQ2MzJhYmI1Mzk0MDU2ZWE4ZmM5ZTZkNGMwYzc2MTMwMzc0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0wvqOjd/FMOkGpBH88ccqtSD4w2S 7xa/U4Zw64Cg+I2gKOsWVbdWONapzPmR7cWp7bSDnBFYTuc6nxI0rgX4LOLfG279 N8+0YCpdcejB84414QBxPO95eZ0a66YvYkR0DMiUoiV5slIZZgaPiMmW0Opz4uLv 2JNIKWWP3o7rKMTVRTSlKmVWia5j0+pe/aN3aPz1UGBtGYGLpPzrUAh/4K3uLUzT aGC0u/60L1lsS0ujGCT2RtPcRHcfWigB7Aiv1ohr7DT3lDh/lbPdwhp/DTXtkA1z /rQbFu6SaEB2HCblvtUNN6U6hZN8vJBIMB9Z8vhgWYpZ43f+pm6zzxgMjwIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFFCJHWMqu1OUBW6o/J5tTAx2EwN0MB8GA1UdIwQY MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt YjQzNDJiYTkxYWJjLzEvVUlrZFl5cTdVNVFGYnFqOG5tMU1ESFlUQTNRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAudEnAwQA udFIMA0GCSqGSIb3DQEBCwUAA4IBAQC7ikpTwmE0NmvAqGM600Fc6bVcYxfCMKJX SyJt1ykINwtdCWDWcsp7/UBaLJ1rCjKrvTUBv7dqhf0gPk2EKTMfgEFykX5hmyfp u8LOKYFOXem0WS39uV5CkN5RIM6asGDp5g8cekjDy9qU+N4WTN2YZRr76yxIzO9z 9SxYygmny7i0L3Nr5chIHSyP4I/XaVj43RM6qHERbkZGLS4ZaOrlhV1+mh5eIMMi cM1a0PBpaIMcHFbKGiwU4ddfqA2uQ1nyDgX2NaESWv/3/crePz6qRFsiu3qcYFXo 7BsFpwcbmPTPXgMZHYqP39W2WvjdzQ+h+XX4Tonyd7/6JzUHhY9e -----END CERTIFICATE-----Generated at Fri Jan 2 23:48:19 2026 by rpki-client