This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/9b76e3-e4f1-41a2-9f0e-937e00d0732f/1/Uwq4fgrazLwEGWvCfkhNBfYlPZA.roa File: Uwq4fgrazLwEGWvCfkhNBfYlPZA.roa (raw, json) Hash identifier: vwAFLTe2SVcS4DhCcFTz3AjD8TipO0c+U4k+Iwqqzxk= Subject key identifier: 53:0A:B8:7E:0A:DA:CC:BC:04:19:6B:C2:7E:48:4D:05:F6:25:3D:90 Certificate issuer: /CN=28035893a257a654f3f85495c4169ebe86de18d1 Certificate serial: 019B797F4D5B9C36C282A9E5AD81C25FB69F Authority key identifier: 28:03:58:93:A2:57:A6:54:F3:F8:54:95:C4:16:9E:BE:86:DE:18:D1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KANYk6JXplTz-FSVxBaevobeGNE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/9b76e3-e4f1-41a2-9f0e-937e00d0732f/1/Uwq4fgrazLwEGWvCfkhNBfYlPZA.roa Signing time: Thu 01 Jan 2026 12:19:04 +0000 ROA not before: Thu 01 Jan 2026 12:19:04 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 15815 IP address blocks: 217.14.96.0/20 maxlen: 22 217.14.111.0/24 maxlen: 24 2a00:7da0::/32 maxlen: 36 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f9/9b76e3-e4f1-41a2-9f0e-937e00d0732f/1/KANYk6JXplTz-FSVxBaevobeGNE.crl rsync://rpki.ripe.net/repository/DEFAULT/f9/9b76e3-e4f1-41a2-9f0e-937e00d0732f/1/KANYk6JXplTz-FSVxBaevobeGNE.mft rsync://rpki.ripe.net/repository/DEFAULT/KANYk6JXplTz-FSVxBaevobeGNE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 12:00:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7f:4d:5b:9c:36:c2:82:a9:e5:ad:81:c2:5f:b6:9f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=28035893a257a654f3f85495c4169ebe86de18d1 Validity Not Before: Jan 1 12:19:04 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=530ab87e0adaccbc04196bc27e484d05f6253d90 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:ca:c4:62:ef:1c:f9:5a:da:7f:6e:05:ea:8d: 79:52:45:b5:0d:50:05:b8:50:66:3e:e5:9d:74:3b: 41:e2:3a:7c:51:da:9d:8e:cd:e1:aa:de:89:35:25: 08:bb:a0:08:07:24:fb:6b:0f:1e:23:b9:d9:08:31: 0d:ee:ce:5f:a9:49:ef:71:67:2b:a1:8d:3e:f8:c6: 0b:c6:8d:fa:01:fc:16:b2:30:cb:3d:5e:eb:b1:e1: bc:4b:12:af:43:f5:48:43:a8:f4:b7:99:33:57:cc: 00:37:1d:68:e5:c6:0f:c2:05:cb:95:91:97:b7:f7: 87:a5:12:74:bc:8b:6b:6a:c7:f1:f1:92:05:c9:78: ff:52:28:e2:4e:16:d6:c4:21:97:22:c0:37:3e:fb: 17:db:b2:ce:12:92:94:b8:02:be:fe:19:65:38:09: cb:16:15:f2:f3:35:f9:a0:98:58:fa:c8:47:9e:5d: 99:81:38:75:b5:71:5c:0a:c3:b2:fb:ee:00:cb:81: 2d:c0:46:fa:c5:2e:65:22:8c:7b:20:de:1f:24:e5: b5:fb:60:84:e7:d9:f9:56:f1:78:b0:2a:4d:ab:12: de:fa:be:1f:d2:1c:f3:84:35:48:ee:2d:2e:ad:85: c3:57:14:22:2d:94:2a:32:fd:0e:72:f1:35:8b:e2: 1d:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 53:0A:B8:7E:0A:DA:CC:BC:04:19:6B:C2:7E:48:4D:05:F6:25:3D:90 X509v3 Authority Key Identifier: keyid:28:03:58:93:A2:57:A6:54:F3:F8:54:95:C4:16:9E:BE:86:DE:18:D1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KANYk6JXplTz-FSVxBaevobeGNE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/9b76e3-e4f1-41a2-9f0e-937e00d0732f/1/Uwq4fgrazLwEGWvCfkhNBfYlPZA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/9b76e3-e4f1-41a2-9f0e-937e00d0732f/1/KANYk6JXplTz-FSVxBaevobeGNE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 217.14.96.0/20 IPv6: 2a00:7da0::/32 Signature Algorithm: sha256WithRSAEncryption 0a:74:b4:12:40:b6:56:3e:ac:90:0f:28:90:20:67:71:df:0a: 23:18:50:6e:31:29:b9:5f:ad:00:96:f0:75:e4:39:71:0d:8d: 19:82:0b:17:2b:12:e8:ad:7c:dc:dd:11:56:90:34:a1:ed:40: 48:a4:17:0f:7e:06:b7:63:fe:ba:65:50:7e:db:5a:4a:8d:19: 12:97:ac:08:8f:71:50:2b:3d:ae:56:32:a3:60:ca:43:6b:6f: 6f:b5:34:ec:28:88:14:40:62:a8:00:ab:e6:83:56:a5:2d:a0: be:f3:c8:52:9a:15:9e:98:72:5f:f7:80:eb:1b:0f:7f:05:40: b6:a1:8a:83:ff:70:b2:ef:7d:98:77:39:70:d3:33:8e:de:22: 90:db:bf:29:08:3e:81:f1:e9:fa:75:34:4b:26:b0:ad:a1:72: 18:a2:b4:51:fa:b7:05:24:48:b6:af:ae:ad:5d:7b:7f:4c:2f: 96:de:f1:94:6b:3a:a1:88:67:1f:c5:a4:9c:f5:c3:11:63:7f: 12:c9:e1:38:b8:f7:ed:b9:8c:06:74:dd:87:08:19:3b:f0:22: 46:37:55:bf:7b:81:7f:4f:cc:25:11:25:b5:0b:c7:90:02:49: 4e:c2:ef:b0:e6:0a:2e:56:85:4a:2a:4f:31:d0:48:e1:01:0e: 38:d1:4d:0d -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt5f01bnDbCgqnlrYHCX7afMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI4MDM1ODkzYTI1N2E2NTRmM2Y4NTQ5NWM0MTY5ZWJlODZk ZTE4ZDEwHhcNMjYwMTAxMTIxOTA0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1MzBhYjg3ZTBhZGFjY2JjMDQxOTZiYzI3ZTQ4NGQwNWY2MjUzZDkwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0MrEYu8c+Vraf24F6o15UkW1DVAF uFBmPuWddDtB4jp8Udqdjs3hqt6JNSUIu6AIByT7aw8eI7nZCDEN7s5fqUnvcWcr oY0++MYLxo36AfwWsjDLPV7rseG8SxKvQ/VIQ6j0t5kzV8wANx1o5cYPwgXLlZGX t/eHpRJ0vItrasfx8ZIFyXj/UijiThbWxCGXIsA3PvsX27LOEpKUuAK+/hllOAnL FhXy8zX5oJhY+shHnl2ZgTh1tXFcCsOy++4Ay4EtwEb6xS5lIox7IN4fJOW1+2CE 59n5VvF4sCpNqxLe+r4f0hzzhDVI7i0urYXDVxQiLZQqMv0OcvE1i+Id0QIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFFMKuH4K2sy8BBlrwn5ITQX2JT2QMB8GA1UdIwQY MBaAFCgDWJOiV6ZU8/hUlcQWnr6G3hjRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS0FOWWs2SlhwbFR6LUZTVnhCYWV2b2JlR05FLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS85Yjc2ZTMtZTRmMS00MWEyLTlmMGUt OTM3ZTAwZDA3MzJmLzEvVXdxNGZncmF6THdFR1d2Q2ZraE5CZllsUFpBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mOS85Yjc2ZTMtZTRmMS00MWEyLTlmMGUtOTM3ZTAwZDA3MzJm LzEvS0FOWWs2SlhwbFR6LUZTVnhCYWV2b2JlR05FLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQE2Q5gMA0E AgACMAcDBQAqAH2gMA0GCSqGSIb3DQEBCwUAA4IBAQAKdLQSQLZWPqyQDyiQIGdx 3wojGFBuMSm5X60AlvB15DlxDY0ZggsXKxLorXzc3RFWkDSh7UBIpBcPfga3Y/66 ZVB+21pKjRkSl6wIj3FQKz2uVjKjYMpDa29vtTTsKIgUQGKoAKvmg1alLaC+88hS mhWemHJf94DrGw9/BUC2oYqD/3Cy732Ydzlw0zOO3iKQ278pCD6B8en6dTRLJrCt oXIYorRR+rcFJEi2r66tXXt/TC+W3vGUazqhiGcfxaSc9cMRY38SyeE4uPftuYwG dN2HCBk78CJGN1W/e4F/T8wlESW1C8eQAklOwu+w5gouVoVKKk8x0EjhAQ440U0N -----END CERTIFICATE-----Generated at Mon Feb 9 22:15:21 2026 by rpki-client