This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/uhAPyaTiF5gl3TBMq0piXbi4fPk.roa File: uhAPyaTiF5gl3TBMq0piXbi4fPk.roa (raw, json) Hash identifier: EZ4TB/002dVlIpKn8pHIRrTR/WnXQCXO5I6eEHg2h/A= Subject key identifier: BA:10:0F:C9:A4:E2:17:98:25:DD:30:4C:AB:4A:62:5D:B8:B8:7C:F9 Certificate issuer: /CN=57c670c8db32dd748df797c5c93013d8c91fa839 Certificate serial: 019B7C808073E58D87219149D09390907FBB Authority key identifier: 57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/uhAPyaTiF5gl3TBMq0piXbi4fPk.roa Signing time: Fri 02 Jan 2026 02:19:14 +0000 ROA not before: Fri 02 Jan 2026 02:19:14 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 51722 IP address blocks: 2a03:f7c0::/29 maxlen: 29 2a06:ddc0::/29 maxlen: 29 2a0b:e9c0::/29 maxlen: 29 2a0c:5c0::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.crl rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.mft rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 00:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:80:80:73:e5:8d:87:21:91:49:d0:93:90:90:7f:bb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=57c670c8db32dd748df797c5c93013d8c91fa839 Validity Not Before: Jan 2 02:19:14 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=ba100fc9a4e2179825dd304cab4a625db8b87cf9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:4b:47:89:e4:ac:66:c5:9b:c9:71:b6:d8:25: 27:d2:e9:33:94:8e:9d:60:26:f4:2e:eb:74:c7:51: 18:95:5c:89:d3:53:44:fc:ee:d2:cd:2e:05:fb:d5: 53:e3:d7:cb:a5:94:28:a3:2f:20:df:7c:bb:ad:2d: 78:10:7c:13:a5:bb:43:fb:4e:fb:0c:d1:d4:42:6f: f8:71:e0:f8:c1:79:69:12:9b:65:65:99:3e:d1:7a: a8:bf:91:83:51:89:63:83:77:95:06:86:72:d5:8b: c5:08:e9:09:3f:6f:d3:11:53:0f:ce:96:ad:e8:02: e9:00:7c:a4:fd:bb:30:16:6a:6c:93:07:f9:6d:61: 36:8f:b8:96:be:b1:b1:2e:10:42:dd:66:c6:f0:82: ff:74:72:50:e2:45:e0:e7:c8:d0:86:98:9e:b7:a4: d2:2c:e6:f4:13:8c:c0:a8:94:86:89:12:46:b8:e0: 96:64:f8:0f:b1:f4:b7:5e:12:47:df:b4:fb:8b:18: 03:11:b9:d9:15:40:44:54:e3:bb:14:5c:8b:9d:bb: 73:6e:5d:c5:c3:fc:71:fe:cd:e7:81:6a:bb:96:e7: 8a:9a:c7:04:84:1a:59:2a:28:a8:bc:c9:b9:59:95: 42:88:2b:1f:00:ff:d4:ca:78:f1:d6:08:73:eb:56: 36:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BA:10:0F:C9:A4:E2:17:98:25:DD:30:4C:AB:4A:62:5D:B8:B8:7C:F9 X509v3 Authority Key Identifier: keyid:57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/uhAPyaTiF5gl3TBMq0piXbi4fPk.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a03:f7c0::/29 2a06:ddc0::/29 2a0b:e9c0::/29 2a0c:5c0::/29 Signature Algorithm: sha256WithRSAEncryption 0d:5a:1c:e0:05:b3:1f:d8:f9:c5:d6:0b:85:e1:c0:b7:a4:71: 92:60:4d:25:19:4e:d0:a6:8c:bc:d6:80:c3:83:3c:59:1f:c3: 8a:2e:a4:60:9b:7c:35:f3:1e:3f:c3:a2:8e:a6:a4:dd:d3:a5: 56:fb:0c:34:27:99:93:67:8f:cb:41:13:f2:de:ca:9b:eb:9c: 81:51:8a:d3:42:44:9c:b2:84:98:1c:30:a8:2e:df:f9:74:e5: db:34:ad:f7:22:d6:20:1b:7f:4c:8f:a9:69:51:05:26:75:d8: ad:fa:a9:ad:2e:01:b9:14:c4:ec:23:c5:0a:0e:f3:38:38:ad: d1:57:a5:0c:c1:3d:a2:36:a4:fb:85:4a:ed:cb:66:31:ca:e0: 0d:eb:fa:1f:76:4c:2d:df:bf:31:17:1e:62:52:92:5c:59:a0: 96:cc:76:ee:50:e7:d3:66:b3:56:69:13:ed:fd:d7:ce:c4:ec: ef:46:89:92:c2:95:99:9c:75:57:ba:5f:76:0a:ce:18:e6:8e: 43:67:9e:8f:52:08:0b:a2:c6:f5:56:53:51:f7:ca:33:9f:33: a5:33:91:11:d6:53:a5:b7:b4:82:48:87:d0:59:e6:31:75:31: a0:4a:52:1e:52:69:ee:12:0c:5d:68:7e:0b:68:22:e4:87:ba: 3f:0d:d1:b2 -----BEGIN CERTIFICATE----- MIIFEzCCA/ugAwIBAgISAZt8gIBz5Y2HIZFJ0JOQkH+7MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDU3YzY3MGM4ZGIzMmRkNzQ4ZGY3OTdjNWM5MzAxM2Q4Yzkx ZmE4MzkwHhcNMjYwMTAyMDIxOTE0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiYTEwMGZjOWE0ZTIxNzk4MjVkZDMwNGNhYjRhNjI1ZGI4Yjg3Y2Y5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1EtHieSsZsWbyXG22CUn0ukzlI6d YCb0Lut0x1EYlVyJ01NE/O7SzS4F+9VT49fLpZQooy8g33y7rS14EHwTpbtD+077 DNHUQm/4ceD4wXlpEptlZZk+0Xqov5GDUYljg3eVBoZy1YvFCOkJP2/TEVMPzpat 6ALpAHyk/bswFmpskwf5bWE2j7iWvrGxLhBC3WbG8IL/dHJQ4kXg58jQhpiet6TS LOb0E4zAqJSGiRJGuOCWZPgPsfS3XhJH37T7ixgDEbnZFUBEVOO7FFyLnbtzbl3F w/xx/s3ngWq7lueKmscEhBpZKiiovMm5WZVCiCsfAP/Uynjx1ghz61Y2dQIDAQAB o4ICHzCCAhswHQYDVR0OBBYEFLoQD8mk4heYJd0wTKtKYl24uHz5MB8GA1UdIwQY MBaAFFfGcMjbMt10jfeXxckwE9jJH6g5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQt MzA0OTVmNDAzNzg0LzEvdWhBUHlhVGlGNWdsM1RCTXEwcGlYYmk0ZlBrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQtMzA0OTVmNDAzNzg0 LzEvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUDKgP3wAMF AyoG3cADBQMqC+nAAwUDKgwFwDANBgkqhkiG9w0BAQsFAAOCAQEADVoc4AWzH9j5 xdYLheHAt6RxkmBNJRlO0KaMvNaAw4M8WR/Dii6kYJt8NfMeP8Oijqak3dOlVvsM NCeZk2ePy0ET8t7Km+ucgVGK00JEnLKEmBwwqC7f+XTl2zSt9yLWIBt/TI+paVEF JnXYrfqprS4BuRTE7CPFCg7zODit0VelDME9ojak+4VK7ctmMcrgDev6H3ZMLd+/ MRceYlKSXFmglsx27lDn02azVmkT7f3XzsTs70aJksKVmZx1V7pfdgrOGOaOQ2ee j1IIC6LG9VZTUffKM58zpTOREdZTpbe0gkiH0FnmMXUxoEpSHlJp7hIMXWh+C2gi 5Ie6Pw3Rsg== -----END CERTIFICATE-----Generated at Wed Jan 21 08:03:58 2026 by rpki-client