This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/cee55d-985a-4e36-8e39-82bc8a3180c6/1/UUfjp8DsgnyXyAKHpxYY24nPV9k.roa File: UUfjp8DsgnyXyAKHpxYY24nPV9k.roa (raw, json) Hash identifier: z2A5oacpxbaOodlp6c1sfM8uFMWqz0u+N2Xu9qkatg0= Subject key identifier: 51:47:E3:A7:C0:EC:82:7C:97:C8:02:87:A7:16:18:DB:89:CF:57:D9 Certificate issuer: /CN=607656b8f7e81b5149b4860f8127b1d4e3b487dc Certificate serial: 019B7910C63525D5044B28E290EBD4F520A6 Authority key identifier: 60:76:56:B8:F7:E8:1B:51:49:B4:86:0F:81:27:B1:D4:E3:B4:87:DC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YHZWuPfoG1FJtIYPgSex1OO0h9w.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/cee55d-985a-4e36-8e39-82bc8a3180c6/1/UUfjp8DsgnyXyAKHpxYY24nPV9k.roa Signing time: Thu 01 Jan 2026 10:18:20 +0000 ROA not before: Thu 01 Jan 2026 10:18:20 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 204571 IP address blocks: 2001:67c:a1c::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d2/cee55d-985a-4e36-8e39-82bc8a3180c6/1/YHZWuPfoG1FJtIYPgSex1OO0h9w.crl rsync://rpki.ripe.net/repository/DEFAULT/d2/cee55d-985a-4e36-8e39-82bc8a3180c6/1/YHZWuPfoG1FJtIYPgSex1OO0h9w.mft rsync://rpki.ripe.net/repository/DEFAULT/YHZWuPfoG1FJtIYPgSex1OO0h9w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 10:00:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:10:c6:35:25:d5:04:4b:28:e2:90:eb:d4:f5:20:a6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=607656b8f7e81b5149b4860f8127b1d4e3b487dc Validity Not Before: Jan 1 10:18:20 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5147e3a7c0ec827c97c80287a71618db89cf57d9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:9e:3d:37:1a:79:c2:05:de:42:8e:9f:aa:c0: b8:7f:08:58:36:fc:c8:28:3f:d9:3d:81:61:18:17: d7:39:bd:e7:c0:8b:1c:59:12:22:01:64:06:d7:6b: 2c:a4:00:20:d7:64:9c:11:f9:c1:3d:07:79:80:eb: 86:fa:13:a5:b1:04:26:ef:94:2d:35:c1:bf:d4:83: 6c:33:c0:15:32:c9:fc:39:2d:61:d8:77:45:28:01: bb:ac:e7:94:42:01:d2:da:09:67:2e:a3:08:97:6c: b1:1e:7f:7c:e0:9f:b4:c0:3d:0d:40:bd:b2:c0:75: a0:bc:f0:d6:4a:b6:79:c7:10:f7:1f:ed:ff:71:4c: 18:ee:58:d6:be:bf:f1:45:61:f8:19:3f:93:df:3c: 6b:5e:45:50:8d:74:9f:71:08:46:07:cd:09:45:7b: 7e:0a:66:8f:56:b5:15:39:24:7b:79:fa:18:81:73: c2:dc:a5:0c:20:72:3a:f8:2d:f3:50:bb:c6:bc:8e: 6c:73:55:3d:ac:c0:30:28:6f:aa:aa:44:4f:ba:1e: 61:5f:34:44:0a:1f:55:48:6e:f9:c7:c3:52:21:8e: 8a:08:ae:5a:2a:23:48:21:86:d8:33:5f:5a:2c:16: a3:dd:bc:1c:eb:5f:af:7e:62:2b:e5:4f:f6:aa:40: 54:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 51:47:E3:A7:C0:EC:82:7C:97:C8:02:87:A7:16:18:DB:89:CF:57:D9 X509v3 Authority Key Identifier: keyid:60:76:56:B8:F7:E8:1B:51:49:B4:86:0F:81:27:B1:D4:E3:B4:87:DC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YHZWuPfoG1FJtIYPgSex1OO0h9w.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/cee55d-985a-4e36-8e39-82bc8a3180c6/1/UUfjp8DsgnyXyAKHpxYY24nPV9k.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/cee55d-985a-4e36-8e39-82bc8a3180c6/1/YHZWuPfoG1FJtIYPgSex1OO0h9w.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:67c:a1c::/48 Signature Algorithm: sha256WithRSAEncryption 7a:68:2f:20:d8:56:65:47:b9:6c:d8:8d:c6:92:6c:67:4a:8f: 06:9e:46:f7:82:5e:53:82:c4:81:32:a7:e4:63:bb:89:1a:ea: 0d:33:07:78:fb:2e:80:fb:c4:4f:14:e0:36:a3:da:a3:67:de: 1b:99:f5:06:bc:87:d6:bc:38:8e:bf:31:f0:39:e9:b0:08:81: 64:5d:17:da:14:d2:ca:d5:83:bc:24:ed:7d:ea:65:9f:53:b2: 17:05:f7:49:be:80:df:08:c1:65:16:54:f9:e6:7f:e7:72:c0: 73:28:6d:2a:87:6c:6c:75:38:de:f6:75:d7:3f:44:26:69:d4: ea:98:74:cf:f6:9e:7c:f9:ac:f3:4c:ac:23:aa:7d:6a:86:15: 73:82:6c:aa:57:dc:6d:1e:db:cb:5e:6c:52:97:03:eb:85:49: ab:bc:63:5e:10:91:28:96:cc:c2:3e:0f:d6:d2:3d:70:11:a9: 28:c7:e9:52:a8:2b:b5:26:c3:8c:bc:bb:cf:07:3f:7b:42:91: 3c:2b:c7:fe:b4:e7:70:1d:f1:e9:83:fb:49:7b:17:8d:c7:18: 77:2d:c2:f3:43:be:72:36:b1:cc:09:16:ff:66:eb:ac:5a:62: 4e:ee:e0:f0:22:db:6c:ca:ce:da:d8:65:d2:8a:ac:af:75:7d: 01:f9:1f:ac -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt5EMY1JdUESyjikOvU9SCmMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYwNzY1NmI4ZjdlODFiNTE0OWI0ODYwZjgxMjdiMWQ0ZTNi NDg3ZGMwHhcNMjYwMTAxMTAxODIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1MTQ3ZTNhN2MwZWM4MjdjOTdjODAyODdhNzE2MThkYjg5Y2Y1N2Q5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmZ49Nxp5wgXeQo6fqsC4fwhYNvzI KD/ZPYFhGBfXOb3nwIscWRIiAWQG12sspAAg12ScEfnBPQd5gOuG+hOlsQQm75Qt NcG/1INsM8AVMsn8OS1h2HdFKAG7rOeUQgHS2glnLqMIl2yxHn984J+0wD0NQL2y wHWgvPDWSrZ5xxD3H+3/cUwY7ljWvr/xRWH4GT+T3zxrXkVQjXSfcQhGB80JRXt+ CmaPVrUVOSR7efoYgXPC3KUMIHI6+C3zULvGvI5sc1U9rMAwKG+qqkRPuh5hXzRE Ch9VSG75x8NSIY6KCK5aKiNIIYbYM19aLBaj3bwc61+vfmIr5U/2qkBULwIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFFFH46fA7IJ8l8gCh6cWGNuJz1fZMB8GA1UdIwQY MBaAFGB2Vrj36BtRSbSGD4EnsdTjtIfcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWUhaV3VQZm9HMUZKdElZUGdTZXgxT08waDl3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi9jZWU1NWQtOTg1YS00ZTM2LThlMzkt ODJiYzhhMzE4MGM2LzEvVVVmanA4RHNnbnlYeUFLSHB4WVkyNG5QVjlrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMi9jZWU1NWQtOTg1YS00ZTM2LThlMzktODJiYzhhMzE4MGM2 LzEvWUhaV3VQZm9HMUZKdElZUGdTZXgxT08waDl3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAoc MA0GCSqGSIb3DQEBCwUAA4IBAQB6aC8g2FZlR7ls2I3GkmxnSo8Gnkb3gl5TgsSB MqfkY7uJGuoNMwd4+y6A+8RPFOA2o9qjZ94bmfUGvIfWvDiOvzHwOemwCIFkXRfa FNLK1YO8JO196mWfU7IXBfdJvoDfCMFlFlT55n/ncsBzKG0qh2xsdTje9nXXP0Qm adTqmHTP9p58+azzTKwjqn1qhhVzgmyqV9xtHtvLXmxSlwPrhUmrvGNeEJEolszC Pg/W0j1wEakox+lSqCu1JsOMvLvPBz97QpE8K8f+tOdwHfHpg/tJexeNxxh3LcLz Q75yNrHMCRb/ZuusWmJO7uDwIttsys7a2GXSiqyvdX0B+R+s -----END CERTIFICATE-----Generated at Mon Feb 9 18:42:30 2026 by rpki-client