This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/U53a-4wPR2mlAW4QMvyFBmFDPQI.roa File: U53a-4wPR2mlAW4QMvyFBmFDPQI.roa (raw, json) Hash identifier: DdkcUrbApGJMbtFryxRgCxJDEJ0loZBaVqM1N/UINOc= Subject key identifier: 53:9D:DA:FB:8C:0F:47:69:A5:01:6E:10:32:FC:85:06:61:43:3D:02 Certificate issuer: /CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4 Certificate serial: 019B7DCADFF0056828DE7F31F3C23AD50B5E Authority key identifier: 0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/U53a-4wPR2mlAW4QMvyFBmFDPQI.roa Signing time: Fri 02 Jan 2026 08:20:06 +0000 ROA not before: Fri 02 Jan 2026 08:20:06 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 53356 IP address blocks: 217.25.12.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/D_gMvf4YNUo8_bov4HmqLrxY3NQ.crl rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/D_gMvf4YNUo8_bov4HmqLrxY3NQ.mft rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 16:01:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:ca:df:f0:05:68:28:de:7f:31:f3:c2:3a:d5:0b:5e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4 Validity Not Before: Jan 2 08:20:06 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=539ddafb8c0f4769a5016e1032fc850661433d02 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:ba:47:ec:11:fb:d0:c4:f4:26:7d:e5:27:7c: 73:be:72:c1:b5:f7:a1:05:79:e6:21:0b:3f:1e:bb: 21:2e:62:6b:72:ee:e2:82:15:d7:7a:45:45:56:10: 81:74:44:6c:17:1f:cd:67:73:27:38:cb:08:47:4c: 3f:70:82:af:db:55:94:5a:fc:82:01:c9:41:5c:b6: 20:56:4b:31:df:ff:e0:91:ba:1d:0b:50:f9:6b:f5: 0e:d3:2b:03:57:d2:8c:4e:7d:8a:b5:25:4f:d0:33: ef:78:d8:bc:77:ed:2c:10:ca:35:2a:8a:32:58:dd: 81:47:ea:58:3a:5e:de:91:ae:57:eb:50:2e:a1:81: 96:d1:ce:e2:43:2c:0a:db:b3:bc:53:d4:ba:5e:9a: 47:fb:75:66:d5:01:77:0b:5b:0a:a6:51:12:58:24: 41:89:3f:29:8c:02:13:8e:1f:be:68:8b:13:33:cb: 35:b4:cf:5a:f0:3b:0c:ea:cc:dc:01:65:29:df:32: c7:3e:7c:15:12:9a:f3:6a:5e:37:51:c4:43:34:e9: b8:18:c8:9d:28:b4:6a:44:dd:f6:e1:d3:47:c3:89: 5d:88:8d:12:a3:14:e2:41:5e:31:5d:4c:ae:37:2a: bb:92:66:c8:d0:22:c6:e4:42:f7:a2:56:b8:88:de: 99:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 53:9D:DA:FB:8C:0F:47:69:A5:01:6E:10:32:FC:85:06:61:43:3D:02 X509v3 Authority Key Identifier: keyid:0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/U53a-4wPR2mlAW4QMvyFBmFDPQI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/D_gMvf4YNUo8_bov4HmqLrxY3NQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 217.25.12.0/24 Signature Algorithm: sha256WithRSAEncryption 29:15:65:95:bf:df:40:44:be:e1:b5:bd:80:83:a1:84:2c:10: ee:a1:67:aa:8d:c1:8c:ed:6e:dc:ff:71:91:81:e8:27:6d:de: ee:dc:1a:50:c6:d5:2b:7e:71:94:a3:57:2f:c1:bd:dc:80:2c: 98:c5:0b:50:3a:8c:d5:2d:05:b7:09:75:db:d5:8e:53:0b:6d: 7c:d0:76:86:2c:46:34:0e:29:2c:e8:86:c1:63:0f:0a:94:c2: 2c:8a:9f:f3:5a:ba:ca:3f:b2:44:02:8b:1a:b7:52:76:ad:b5: ba:b2:c1:e6:ab:83:1d:12:5a:57:50:0a:72:53:ff:92:0d:9f: 83:6b:c2:f8:8a:c1:df:23:46:65:46:91:0e:bb:01:fb:f3:ad: 87:81:57:9c:b7:9b:1c:23:63:18:b4:57:eb:8b:30:3a:75:d6: 39:3f:c3:76:ca:81:5f:1a:90:e3:a7:a5:b2:92:07:e7:e7:24: 4d:2d:dd:bd:05:10:41:d9:25:bf:90:fd:15:3c:3f:09:b2:0c: 57:80:74:14:f8:66:11:44:46:0a:83:97:71:fb:11:3a:fe:c6: 85:44:31:25:51:16:35:bf:d7:9e:6e:f4:08:cb:cd:36:62:c4: 30:8b:e4:0a:48:c2:4b:6b:32:2d:71:cb:1b:8b:82:c2:59:fc: 04:7b:a2:77 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt9yt/wBWgo3n8x88I61QteMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBmZjgwY2JkZmUxODM1NGEzY2ZkYmEyZmUwNzlhYTJlYmM1 OGRjZDQwHhcNMjYwMTAyMDgyMDA2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1MzlkZGFmYjhjMGY0NzY5YTUwMTZlMTAzMmZjODUwNjYxNDMzZDAyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1LpH7BH70MT0Jn3lJ3xzvnLBtfeh BXnmIQs/HrshLmJrcu7ighXXekVFVhCBdERsFx/NZ3MnOMsIR0w/cIKv21WUWvyC AclBXLYgVksx3//gkbodC1D5a/UO0ysDV9KMTn2KtSVP0DPveNi8d+0sEMo1Kooy WN2BR+pYOl7eka5X61AuoYGW0c7iQywK27O8U9S6XppH+3Vm1QF3C1sKplESWCRB iT8pjAITjh++aIsTM8s1tM9a8DsM6szcAWUp3zLHPnwVEprzal43UcRDNOm4GMid KLRqRN324dNHw4ldiI0SoxTiQV4xXUyuNyq7kmbI0CLG5EL3ola4iN6ZHQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFFOd2vuMD0dppQFuEDL8hQZhQz0CMB8GA1UdIwQY MBaAFA/4DL3+GDVKPP26L+B5qi68WNzUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYt NmZjZGNkNWFiNjYwLzEvVTUzYS00d1BSMm1sQVc0UU12eUZCbUZEUFFJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYtNmZjZGNkNWFiNjYw LzEvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2RkMMA0G CSqGSIb3DQEBCwUAA4IBAQApFWWVv99ARL7htb2Ag6GELBDuoWeqjcGM7W7c/3GR gegnbd7u3BpQxtUrfnGUo1cvwb3cgCyYxQtQOozVLQW3CXXb1Y5TC2180HaGLEY0 Diks6IbBYw8KlMIsip/zWrrKP7JEAosat1J2rbW6ssHmq4MdElpXUApyU/+SDZ+D a8L4isHfI0ZlRpEOuwH7862HgVect5scI2MYtFfrizA6ddY5P8N2yoFfGpDjp6Wy kgfn5yRNLd29BRBB2SW/kP0VPD8JsgxXgHQU+GYRREYKg5dx+xE6/saFRDElURY1 v9eebvQIy802YsQwi+QKSMJLazItccsbi4LCWfwEe6J3 -----END CERTIFICATE-----Generated at Mon Jan 19 23:21:53 2026 by rpki-client