This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/1c49eb-4dda-44ef-bf04-ec00e1a27cc8/1/uhmE3at76dYLrtDiQbzMepv_16I.roa File: uhmE3at76dYLrtDiQbzMepv_16I.roa (raw, json) Hash identifier: /LKq8mUsMWaHICUc9KVgvqVuRJ8efqGttlCEBaJ+7kE= Subject key identifier: BA:19:84:DD:AB:7B:E9:D6:0B:AE:D0:E2:41:BC:CC:7A:9B:FF:D7:A2 Certificate issuer: /CN=421cba589920beebb19bc572ae6d501b8cf6bbf0 Certificate serial: 019B77C67183CF26C278EEAF372383011814 Authority key identifier: 42:1C:BA:58:99:20:BE:EB:B1:9B:C5:72:AE:6D:50:1B:8C:F6:BB:F0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Qhy6WJkgvuuxm8Vyrm1QG4z2u_A.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/1c49eb-4dda-44ef-bf04-ec00e1a27cc8/1/uhmE3at76dYLrtDiQbzMepv_16I.roa Signing time: Thu 01 Jan 2026 04:17:32 +0000 ROA not before: Thu 01 Jan 2026 04:17:32 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 214790 IP address blocks: 185.37.8.0/24 maxlen: 24 194.117.88.0/24 maxlen: 24 2a10:c943::/32 maxlen: 32 2a10:c943:100::/48 maxlen: 48 2a10:c943:200::/48 maxlen: 48 2a10:c944::/32 maxlen: 32 2a10:c944:100::/48 maxlen: 48 2a10:c944:321::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0f/1c49eb-4dda-44ef-bf04-ec00e1a27cc8/1/Qhy6WJkgvuuxm8Vyrm1QG4z2u_A.crl rsync://rpki.ripe.net/repository/DEFAULT/0f/1c49eb-4dda-44ef-bf04-ec00e1a27cc8/1/Qhy6WJkgvuuxm8Vyrm1QG4z2u_A.mft rsync://rpki.ripe.net/repository/DEFAULT/Qhy6WJkgvuuxm8Vyrm1QG4z2u_A.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:01:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c6:71:83:cf:26:c2:78:ee:af:37:23:83:01:18:14 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=421cba589920beebb19bc572ae6d501b8cf6bbf0 Validity Not Before: Jan 1 04:17:32 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=ba1984ddab7be9d60baed0e241bccc7a9bffd7a2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:f5:8a:7f:4d:03:fa:61:22:2e:7f:7c:4d:1e: 5e:5c:b8:08:d2:8c:6e:cf:2f:0a:d9:02:12:48:71: b9:84:bb:85:dd:c2:02:3d:f5:c2:b5:89:3b:65:2f: 7a:a4:f1:64:b3:dc:9f:cc:46:38:03:45:c4:bb:63: d6:c7:ae:b4:54:c4:e7:ea:fa:99:0d:4d:77:be:7f: 38:79:ec:d5:9f:56:b8:dc:7e:c2:3c:10:89:ed:ef: 8f:10:3c:87:b0:0d:6e:d9:bc:c0:43:5e:d5:2c:e8: 68:ff:c4:8c:71:7a:db:fd:61:10:2c:79:f6:dd:d3: 60:4f:5a:b4:33:95:ed:a6:fd:02:50:df:f2:1b:17: 32:de:43:fa:02:cd:b1:82:10:ba:13:d7:a5:64:1a: 71:88:bc:3d:6f:f4:a1:a1:57:78:1f:8c:aa:98:02: ad:b4:53:29:69:47:98:e8:54:59:85:77:22:a8:be: 40:6d:90:c3:d0:de:79:d5:3e:8b:45:ce:37:3c:7b: a7:e0:74:19:9c:73:15:d5:1d:10:bb:41:a8:a1:c5: 00:f5:89:88:73:01:73:95:25:d4:18:a0:a6:f7:9d: 26:73:5d:bb:40:a9:67:22:d2:04:28:cf:f7:c8:8d: eb:63:8c:9d:8b:6a:db:ac:06:0b:e2:d3:5a:fa:35: 52:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BA:19:84:DD:AB:7B:E9:D6:0B:AE:D0:E2:41:BC:CC:7A:9B:FF:D7:A2 X509v3 Authority Key Identifier: keyid:42:1C:BA:58:99:20:BE:EB:B1:9B:C5:72:AE:6D:50:1B:8C:F6:BB:F0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qhy6WJkgvuuxm8Vyrm1QG4z2u_A.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/1c49eb-4dda-44ef-bf04-ec00e1a27cc8/1/uhmE3at76dYLrtDiQbzMepv_16I.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/1c49eb-4dda-44ef-bf04-ec00e1a27cc8/1/Qhy6WJkgvuuxm8Vyrm1QG4z2u_A.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.37.8.0/24 194.117.88.0/24 IPv6: 2a10:c943::-2a10:c944:ffff:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 8d:83:a0:7b:07:05:cc:27:5a:d9:66:50:1b:c9:0d:04:ca:26: dd:57:ec:13:94:b6:63:88:a7:97:a3:00:4c:42:f7:6c:5b:5a: 5e:bd:2f:fc:4d:73:04:cf:1c:9a:b9:a6:bc:21:f1:fb:90:68: 70:73:24:e3:04:c6:79:20:93:02:07:99:d4:89:30:db:cb:cb: cc:22:1f:6e:88:35:05:d1:b4:a8:7b:22:fa:b0:d9:0b:6a:77: 41:f5:b1:9b:8d:56:36:a4:9b:ef:8e:55:a3:6b:7d:49:03:af: 64:6b:15:3b:fb:be:c0:77:18:17:f4:61:ae:2d:f6:27:44:06: aa:f1:d2:c9:b3:e9:9c:b9:65:f4:1c:64:c6:96:89:51:2d:c2: ee:77:f4:93:14:ac:1f:bd:0a:f5:32:74:86:5d:66:6b:c6:13: 10:87:14:e0:35:6a:81:76:36:4c:32:9c:b2:ad:66:ce:e9:6b: 40:3f:4a:71:e5:0a:3f:92:6a:86:03:4c:7b:61:8f:6a:ed:8a: 2a:66:71:73:e8:14:b7:b0:96:18:09:5c:d3:5a:57:5c:a5:95: 57:d4:a7:7b:29:24:b1:96:1e:ba:4d:c0:9a:31:fc:57:b4:e0: c4:22:e7:af:1b:f6:ee:44:dc:2a:ef:90:5c:f9:5f:86:b6:e9: af:47:ba:63 -----BEGIN CERTIFICATE----- MIIFGzCCBAOgAwIBAgISAZt3xnGDzybCeO6vNyODARgUMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQyMWNiYTU4OTkyMGJlZWJiMTliYzU3MmFlNmQ1MDFiOGNm NmJiZjAwHhcNMjYwMTAxMDQxNzMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiYTE5ODRkZGFiN2JlOWQ2MGJhZWQwZTI0MWJjY2M3YTliZmZkN2EyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu/WKf00D+mEiLn98TR5eXLgI0oxu zy8K2QISSHG5hLuF3cICPfXCtYk7ZS96pPFks9yfzEY4A0XEu2PWx660VMTn6vqZ DU13vn84eezVn1a43H7CPBCJ7e+PEDyHsA1u2bzAQ17VLOho/8SMcXrb/WEQLHn2 3dNgT1q0M5Xtpv0CUN/yGxcy3kP6As2xghC6E9elZBpxiLw9b/ShoVd4H4yqmAKt tFMpaUeY6FRZhXciqL5AbZDD0N551T6LRc43PHun4HQZnHMV1R0Qu0GoocUA9YmI cwFzlSXUGKCm950mc127QKlnItIEKM/3yI3rY4ydi2rbrAYL4tNa+jVStwIDAQAB o4ICJzCCAiMwHQYDVR0OBBYEFLoZhN2re+nWC67Q4kG8zHqb/9eiMB8GA1UdIwQY MBaAFEIculiZIL7rsZvFcq5tUBuM9rvwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUWh5NldKa2d2dXV4bThWeXJtMVFHNHoydV9BLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8xYzQ5ZWItNGRkYS00NGVmLWJmMDQt ZWMwMGUxYTI3Y2M4LzEvdWhtRTNhdDc2ZFlMcnREaVFiek1lcHZfMTZJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wZi8xYzQ5ZWItNGRkYS00NGVmLWJmMDQtZWMwMGUxYTI3Y2M4 LzEvUWh5NldKa2d2dXV4bThWeXJtMVFHNHoydV9BLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQAuSUIAwQA wnVYMBYEAgACMBAwDgMFACoQyUMDBQAqEMlEMA0GCSqGSIb3DQEBCwUAA4IBAQCN g6B7BwXMJ1rZZlAbyQ0EyibdV+wTlLZjiKeXowBMQvdsW1pevS/8TXMEzxyauaa8 IfH7kGhwcyTjBMZ5IJMCB5nUiTDby8vMIh9uiDUF0bSoeyL6sNkLandB9bGbjVY2 pJvvjlWja31JA69kaxU7+77AdxgX9GGuLfYnRAaq8dLJs+mcuWX0HGTGlolRLcLu d/STFKwfvQr1MnSGXWZrxhMQhxTgNWqBdjZMMpyyrWbO6WtAP0px5Qo/kmqGA0x7 YY9q7YoqZnFz6BS3sJYYCVzTWldcpZVX1Kd7KSSxlh66TcCaMfxXtODEIuevG/bu RNwq75Bc+V+GtumvR7pj -----END CERTIFICATE-----Generated at Sun Jan 25 19:35:52 2026 by rpki-client