This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/983b47-47a9-4251-a129-20024918ee66/1/1ULsjrhU_Mgs_8Mvd-oE1b7ANaE.roa File: 1ULsjrhU_Mgs_8Mvd-oE1b7ANaE.roa (raw, json) Hash identifier: BPqaZcuEdD+lQrMI+iPU/GW6APEbwg38yW1mZjGwXr8= Subject key identifier: D5:42:EC:8E:B8:54:FC:C8:2C:FF:C3:2F:77:EA:04:D5:BE:C0:35:A1 Certificate issuer: /CN=779fbaaac6541ab318529eb025613c6520e47646 Certificate serial: 019B78A2D75F572A5E5D1BDA107E1D820A5C Authority key identifier: 77:9F:BA:AA:C6:54:1A:B3:18:52:9E:B0:25:61:3C:65:20:E4:76:46 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d5-6qsZUGrMYUp6wJWE8ZSDkdkY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/983b47-47a9-4251-a129-20024918ee66/1/1ULsjrhU_Mgs_8Mvd-oE1b7ANaE.roa Signing time: Thu 01 Jan 2026 08:18:16 +0000 ROA not before: Thu 01 Jan 2026 08:18:16 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 20836 IP address blocks: 91.142.143.0/24 maxlen: 24 185.142.120.0/24 maxlen: 24 2a07:2840::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/983b47-47a9-4251-a129-20024918ee66/1/d5-6qsZUGrMYUp6wJWE8ZSDkdkY.crl rsync://rpki.ripe.net/repository/DEFAULT/2f/983b47-47a9-4251-a129-20024918ee66/1/d5-6qsZUGrMYUp6wJWE8ZSDkdkY.mft rsync://rpki.ripe.net/repository/DEFAULT/d5-6qsZUGrMYUp6wJWE8ZSDkdkY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a2:d7:5f:57:2a:5e:5d:1b:da:10:7e:1d:82:0a:5c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=779fbaaac6541ab318529eb025613c6520e47646 Validity Not Before: Jan 1 08:18:16 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d542ec8eb854fcc82cffc32f77ea04d5bec035a1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:d6:47:e9:32:43:d2:5b:36:5e:59:20:76:2d: 5f:65:fb:af:b2:d8:f1:8f:b7:42:0e:ce:35:af:ae: 92:22:b7:aa:77:a9:5c:23:d3:75:c5:4d:2e:a2:74: 51:2b:1e:c3:fd:63:9c:84:b9:92:0f:7f:ec:61:57: bf:3d:b9:e1:50:36:c7:11:1a:c1:73:1a:43:fc:86: 1e:bc:c6:f0:57:10:c9:6e:6e:74:6a:1d:7d:13:95: 27:a6:4d:b5:0d:fd:de:ba:bc:01:77:35:0f:a0:ce: c2:65:d9:4f:1d:75:02:f7:f4:d2:78:4a:dc:91:56: 9d:f4:4e:8e:43:f2:fb:74:23:52:58:a0:6f:16:ef: c1:f9:75:59:d1:77:ba:25:ab:ac:27:15:e5:8f:cc: 73:96:15:cd:0f:28:a3:e0:ec:20:75:b0:9a:ff:c3: b3:b6:a0:c0:14:93:82:d1:8a:32:7d:13:37:ce:9e: 81:72:64:83:5c:52:21:67:44:f0:27:ca:91:db:5e: 60:43:54:1f:54:fd:7a:84:3f:65:e8:4f:14:bc:33: d9:e8:6a:82:bc:48:3a:c0:24:7b:c0:a7:e0:cc:52: dd:f3:91:23:b4:91:a8:93:d3:51:54:0e:14:df:8a: 50:d4:82:9e:bc:00:fa:da:29:78:99:04:75:a7:d8: 3c:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D5:42:EC:8E:B8:54:FC:C8:2C:FF:C3:2F:77:EA:04:D5:BE:C0:35:A1 X509v3 Authority Key Identifier: keyid:77:9F:BA:AA:C6:54:1A:B3:18:52:9E:B0:25:61:3C:65:20:E4:76:46 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5-6qsZUGrMYUp6wJWE8ZSDkdkY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/983b47-47a9-4251-a129-20024918ee66/1/1ULsjrhU_Mgs_8Mvd-oE1b7ANaE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/983b47-47a9-4251-a129-20024918ee66/1/d5-6qsZUGrMYUp6wJWE8ZSDkdkY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.142.143.0/24 185.142.120.0/24 IPv6: 2a07:2840::/32 Signature Algorithm: sha256WithRSAEncryption 3e:7f:96:c2:d9:d1:cf:a1:80:64:b4:ee:f4:9d:a7:84:38:93: 9d:cc:47:cf:d9:59:d5:85:fa:db:f7:ad:b1:ce:6b:17:63:8d: 35:5d:56:a5:8e:59:8a:ea:00:2d:09:a0:cf:5e:f5:c2:ac:f1: 69:c1:fa:92:75:cb:d4:bf:8d:a6:b8:26:b9:60:90:fd:c5:13: 0c:c8:31:89:44:ba:cd:c9:9f:8c:ff:87:d3:34:c1:b8:7d:5f: 2f:90:bb:e2:c2:c2:f3:6b:12:7d:3b:77:7c:3b:b5:f1:b1:62: 99:4a:f4:49:89:0d:cf:ee:bd:02:72:6d:9a:2a:55:2b:10:f8: ce:53:0c:d1:8c:84:3f:62:4d:a1:d8:f0:73:2e:c5:b6:39:fb: 99:80:6e:c9:5f:bd:0d:a4:37:37:99:14:06:47:a3:30:53:5e: 26:d8:1a:33:e1:45:57:78:cd:07:62:41:73:a1:64:f8:94:29: 2a:1b:78:d9:d9:fd:4e:f6:b2:b7:59:ca:e8:03:3a:03:39:9b: b7:2f:84:20:7e:a3:14:7f:9f:7e:75:75:23:91:e4:f4:6e:29: 20:3f:e7:f8:99:84:8a:fc:81:44:1b:21:21:52:9f:9f:b6:e5: 72:09:2f:66:0a:5f:38:1a:dc:3d:a0:15:4e:c8:39:3f:c7:7c: bd:2a:e1:2c -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt4otdfVypeXRvaEH4dggpcMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc3OWZiYWFhYzY1NDFhYjMxODUyOWViMDI1NjEzYzY1MjBl NDc2NDYwHhcNMjYwMTAxMDgxODE2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkNTQyZWM4ZWI4NTRmY2M4MmNmZmMzMmY3N2VhMDRkNWJlYzAzNWExMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs9ZH6TJD0ls2Xlkgdi1fZfuvstjx j7dCDs41r66SIreqd6lcI9N1xU0uonRRKx7D/WOchLmSD3/sYVe/PbnhUDbHERrB cxpD/IYevMbwVxDJbm50ah19E5Unpk21Df3eurwBdzUPoM7CZdlPHXUC9/TSeErc kVad9E6OQ/L7dCNSWKBvFu/B+XVZ0Xe6JausJxXlj8xzlhXNDyij4OwgdbCa/8Oz tqDAFJOC0YoyfRM3zp6BcmSDXFIhZ0TwJ8qR215gQ1QfVP16hD9l6E8UvDPZ6GqC vEg6wCR7wKfgzFLd85EjtJGok9NRVA4U34pQ1IKevAD62il4mQR1p9g8DQIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFNVC7I64VPzILP/DL3fqBNW+wDWhMB8GA1UdIwQY MBaAFHefuqrGVBqzGFKesCVhPGUg5HZGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZDUtNnFzWlVHck1ZVXA2d0pXRThaU0RrZGtZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi85ODNiNDctNDdhOS00MjUxLWExMjkt MjAwMjQ5MThlZTY2LzEvMVVMc2pyaFVfTWdzXzhNdmQtb0UxYjdBTmFFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yZi85ODNiNDctNDdhOS00MjUxLWExMjktMjAwMjQ5MThlZTY2 LzEvZDUtNnFzWlVHck1ZVXA2d0pXRThaU0RrZGtZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAW46PAwQA uY54MA0EAgACMAcDBQAqByhAMA0GCSqGSIb3DQEBCwUAA4IBAQA+f5bC2dHPoYBk tO70naeEOJOdzEfP2VnVhfrb962xzmsXY401XValjlmK6gAtCaDPXvXCrPFpwfqS dcvUv42muCa5YJD9xRMMyDGJRLrNyZ+M/4fTNMG4fV8vkLviwsLzaxJ9O3d8O7Xx sWKZSvRJiQ3P7r0Ccm2aKlUrEPjOUwzRjIQ/Yk2h2PBzLsW2OfuZgG7JX70NpDc3 mRQGR6MwU14m2Boz4UVXeM0HYkFzoWT4lCkqG3jZ2f1O9rK3WcroAzoDOZu3L4Qg fqMUf59+dXUjkeT0bikgP+f4mYSK/IFEGyEhUp+ftuVyCS9mCl84Gtw9oBVOyDk/ x3y9KuEs -----END CERTIFICATE-----Generated at Sun Jan 25 16:40:23 2026 by rpki-client