This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/2cf2c1-1962-4b70-9e5b-fe855dabb75e/1/uHGjwPoMHu2IEBccrs2elf1N18A.roa File: uHGjwPoMHu2IEBccrs2elf1N18A.roa (raw, json) Hash identifier: g4Yg85Lk+WZoS7yWIAuAp+ehz/I0N5gf+zz3O65XQ14= Subject key identifier: B8:71:A3:C0:FA:0C:1E:ED:88:10:17:1C:AE:CD:9E:95:FD:4D:D7:C0 Certificate issuer: /CN=43fad79548afc5c83e59bbfe388c64492cb55013 Certificate serial: 019B7A5B6E320E1B09BBDAAEDA71944D35B1 Authority key identifier: 43:FA:D7:95:48:AF:C5:C8:3E:59:BB:FE:38:8C:64:49:2C:B5:50:13 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q_rXlUivxcg-Wbv-OIxkSSy1UBM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/2cf2c1-1962-4b70-9e5b-fe855dabb75e/1/uHGjwPoMHu2IEBccrs2elf1N18A.roa Signing time: Thu 01 Jan 2026 16:19:30 +0000 ROA not before: Thu 01 Jan 2026 16:19:30 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 1299 IP address blocks: 188.73.0.0/18 maxlen: 24 188.231.0.0/17 maxlen: 24 188.231.9.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/2cf2c1-1962-4b70-9e5b-fe855dabb75e/1/Q_rXlUivxcg-Wbv-OIxkSSy1UBM.crl rsync://rpki.ripe.net/repository/DEFAULT/f8/2cf2c1-1962-4b70-9e5b-fe855dabb75e/1/Q_rXlUivxcg-Wbv-OIxkSSy1UBM.mft rsync://rpki.ripe.net/repository/DEFAULT/Q_rXlUivxcg-Wbv-OIxkSSy1UBM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 00:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5b:6e:32:0e:1b:09:bb:da:ae:da:71:94:4d:35:b1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=43fad79548afc5c83e59bbfe388c64492cb55013 Validity Not Before: Jan 1 16:19:30 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=b871a3c0fa0c1eed8810171caecd9e95fd4dd7c0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:b3:01:1d:38:f6:91:cc:ec:52:29:6d:64:4f: fa:a2:fe:32:d7:be:d7:fe:2b:99:f8:d8:17:62:e4: cb:35:73:fa:d4:7d:30:d5:de:93:be:78:40:40:63: df:dd:4c:f1:66:b9:8d:90:09:59:ac:5f:5f:d9:21: fb:44:4a:b9:d6:80:d3:41:5f:6e:23:b7:40:10:2d: 24:b4:21:3b:5c:e1:15:fa:d4:f0:b9:91:b8:f8:2a: c4:60:06:2c:de:b7:ff:4c:ef:c6:7e:a0:36:86:63: 79:08:94:b2:03:05:b6:e5:d3:a9:bd:51:83:cc:5f: c5:71:58:44:4a:15:68:3d:49:cc:9a:04:c3:45:e9: 06:82:9c:83:36:55:91:5c:09:8c:28:ba:0a:91:86: 6e:cc:13:18:4c:f8:19:de:4b:65:9f:7a:2b:d9:fb: 2f:68:f6:1a:ba:24:ad:ac:25:67:7e:bc:15:8f:e8: c7:78:0d:f2:52:fc:b9:93:16:b3:0e:0d:94:c2:c9: 2f:35:2f:5b:24:74:95:c7:e0:82:5f:b9:09:41:13: 8b:fb:67:b6:fa:40:b0:e5:6f:52:56:5e:94:05:4c: a3:62:2c:14:e1:23:53:f5:c9:5d:71:f9:49:b5:bf: d4:fb:ca:4a:18:de:da:6b:80:eb:a8:61:d1:7a:32: af:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B8:71:A3:C0:FA:0C:1E:ED:88:10:17:1C:AE:CD:9E:95:FD:4D:D7:C0 X509v3 Authority Key Identifier: keyid:43:FA:D7:95:48:AF:C5:C8:3E:59:BB:FE:38:8C:64:49:2C:B5:50:13 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q_rXlUivxcg-Wbv-OIxkSSy1UBM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/2cf2c1-1962-4b70-9e5b-fe855dabb75e/1/uHGjwPoMHu2IEBccrs2elf1N18A.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/2cf2c1-1962-4b70-9e5b-fe855dabb75e/1/Q_rXlUivxcg-Wbv-OIxkSSy1UBM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 188.73.0.0/18 188.231.0.0/17 Signature Algorithm: sha256WithRSAEncryption ce:50:35:cc:38:70:31:38:79:88:6e:3b:4d:79:ba:ff:fb:0d: c0:b6:72:ac:22:12:ad:5c:7d:62:dd:af:2d:9f:4b:35:08:86: 30:81:28:24:a3:3c:8f:00:1a:e6:4e:ed:a1:ed:de:0d:6a:b9: a0:71:63:2f:a6:c7:7f:b6:a2:e7:c3:64:b4:ea:5c:56:e0:31: 89:ec:b7:49:f7:05:b0:3d:7f:8d:f6:45:a8:b1:44:79:ad:40: be:0e:2f:45:36:4d:ed:25:aa:11:09:f7:72:be:af:74:26:43: 1b:2d:cc:ff:9a:94:44:85:1a:b2:11:a2:74:ff:23:b9:30:a9: 89:3f:2a:8a:3c:5d:06:eb:b1:b7:77:3f:39:3e:ed:0d:47:1f: 00:c4:24:d4:27:70:f7:33:16:27:db:0d:83:6c:9a:f5:74:fc: 88:d0:6a:1f:a7:5c:65:7c:b7:5d:0f:0e:f0:02:60:c4:f5:72: 90:8f:36:4c:d0:c0:9a:23:ae:29:a1:04:4d:be:e4:35:39:f7: fd:99:d4:04:a6:d5:7e:10:2a:0e:29:6d:9d:cc:fc:70:55:4c: 29:da:a2:e7:ad:35:6c:66:94:f7:bf:af:1a:5b:d0:dd:4a:ff: a6:c7:ad:86:73:36:3e:ac:28:18:f4:d8:2c:dd:a1:16:12:b1: c2:e6:ab:7a -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt6W24yDhsJu9qu2nGUTTWxMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQzZmFkNzk1NDhhZmM1YzgzZTU5YmJmZTM4OGM2NDQ5MmNi NTUwMTMwHhcNMjYwMTAxMTYxOTMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiODcxYTNjMGZhMGMxZWVkODgxMDE3MWNhZWNkOWU5NWZkNGRkN2MwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs7MBHTj2kczsUiltZE/6ov4y177X /iuZ+NgXYuTLNXP61H0w1d6TvnhAQGPf3UzxZrmNkAlZrF9f2SH7REq51oDTQV9u I7dAEC0ktCE7XOEV+tTwuZG4+CrEYAYs3rf/TO/GfqA2hmN5CJSyAwW25dOpvVGD zF/FcVhEShVoPUnMmgTDRekGgpyDNlWRXAmMKLoKkYZuzBMYTPgZ3ktln3or2fsv aPYauiStrCVnfrwVj+jHeA3yUvy5kxazDg2UwskvNS9bJHSVx+CCX7kJQROL+2e2 +kCw5W9SVl6UBUyjYiwU4SNT9cldcflJtb/U+8pKGN7aa4DrqGHRejKvtQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFLhxo8D6DB7tiBAXHK7NnpX9TdfAMB8GA1UdIwQY MBaAFEP615VIr8XIPlm7/jiMZEkstVATMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUV9yWGxVaXZ4Y2ctV2J2LU9JeGtTU3kxVUJNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC8yY2YyYzEtMTk2Mi00YjcwLTllNWIt ZmU4NTVkYWJiNzVlLzEvdUhHandQb01IdTJJRUJjY3JzMmVsZjFOMThBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mOC8yY2YyYzEtMTk2Mi00YjcwLTllNWItZmU4NTVkYWJiNzVl LzEvUV9yWGxVaXZ4Y2ctV2J2LU9JeGtTU3kxVUJNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQGvEkAAwQH vOcAMA0GCSqGSIb3DQEBCwUAA4IBAQDOUDXMOHAxOHmIbjtNebr/+w3AtnKsIhKt XH1i3a8tn0s1CIYwgSgkozyPABrmTu2h7d4NarmgcWMvpsd/tqLnw2S06lxW4DGJ 7LdJ9wWwPX+N9kWosUR5rUC+Di9FNk3tJaoRCfdyvq90JkMbLcz/mpREhRqyEaJ0 /yO5MKmJPyqKPF0G67G3dz85Pu0NRx8AxCTUJ3D3MxYn2w2DbJr1dPyI0Gofp1xl fLddDw7wAmDE9XKQjzZM0MCaI64poQRNvuQ1Off9mdQEptV+ECoOKW2dzPxwVUwp 2qLnrTVsZpT3v68aW9DdSv+mx62GczY+rCgY9Ngs3aEWErHC5qt6 -----END CERTIFICATE-----Generated at Wed Jan 21 07:21:59 2026 by rpki-client