This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/UNcwmzZVzRQr8GbUBkJ92x7O5eE.roa File: UNcwmzZVzRQr8GbUBkJ92x7O5eE.roa (raw, json) Hash identifier: meiM5bZ9UOA85hqFTKPoirVYKHNyJXm9Ra4fb/AWC3o= Subject key identifier: 50:D7:30:9B:36:55:CD:14:2B:F0:66:D4:06:42:7D:DB:1E:CE:E5:E1 Certificate issuer: /CN=0551605b675ece4e0fce7175ae31a93fa8272ba6 Certificate serial: 019B7F159CD433D1A8E850944DD938DCED90 Authority key identifier: 05:51:60:5B:67:5E:CE:4E:0F:CE:71:75:AE:31:A9:3F:A8:27:2B:A6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BVFgW2dezk4PznF1rjGpP6gnK6Y.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/UNcwmzZVzRQr8GbUBkJ92x7O5eE.roa Signing time: Fri 02 Jan 2026 14:21:21 +0000 ROA not before: Fri 02 Jan 2026 14:21:21 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 399641 IP address blocks: 213.170.145.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/BVFgW2dezk4PznF1rjGpP6gnK6Y.crl rsync://rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/BVFgW2dezk4PznF1rjGpP6gnK6Y.mft rsync://rpki.ripe.net/repository/DEFAULT/BVFgW2dezk4PznF1rjGpP6gnK6Y.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 11:00:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:15:9c:d4:33:d1:a8:e8:50:94:4d:d9:38:dc:ed:90 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0551605b675ece4e0fce7175ae31a93fa8272ba6 Validity Not Before: Jan 2 14:21:21 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=50d7309b3655cd142bf066d406427ddb1ecee5e1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:49:5c:1d:fe:69:35:be:10:8d:3c:b7:c7:e4: 02:02:81:82:56:1b:91:26:4b:18:48:e1:36:c2:8e: 51:d1:13:ec:16:69:8e:74:dd:ba:7e:26:87:69:fd: 38:23:32:be:6f:93:2a:32:9a:c5:48:92:4c:a7:b7: 6f:a4:bb:fc:f6:4c:62:f5:e6:ab:8d:ce:7c:41:d5: 16:6b:d8:46:96:1e:a7:bd:f8:c9:53:09:78:4a:a7: 5e:f5:7a:ab:f6:1d:9f:0e:b3:ac:54:29:41:55:67: ba:95:13:49:bb:2c:54:83:8a:01:1d:e4:89:cc:73: 29:88:d6:cf:39:0c:fc:e6:ff:0f:b7:74:1e:aa:6d: a1:a6:e3:9e:8c:0b:f6:72:b9:ab:1c:60:42:ee:bf: 1e:09:86:56:af:06:fd:34:af:30:07:02:2c:86:e7: f6:d4:6e:b2:6a:24:a0:07:cf:38:95:bd:5e:aa:48: b8:ab:18:4b:07:f8:c3:1f:b4:f7:7c:d3:5c:1c:76: 0e:46:f9:71:76:06:3f:46:fa:39:a3:70:0a:0f:96: 25:59:e7:d3:c2:d5:5e:61:1c:a4:3f:ae:e0:a6:6c: f3:9f:93:78:a9:9d:a0:16:19:04:cb:f7:fb:80:c2: 3a:86:7a:7c:a2:81:55:a8:26:7e:fd:94:f9:38:39: 31:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 50:D7:30:9B:36:55:CD:14:2B:F0:66:D4:06:42:7D:DB:1E:CE:E5:E1 X509v3 Authority Key Identifier: keyid:05:51:60:5B:67:5E:CE:4E:0F:CE:71:75:AE:31:A9:3F:A8:27:2B:A6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BVFgW2dezk4PznF1rjGpP6gnK6Y.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/UNcwmzZVzRQr8GbUBkJ92x7O5eE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/BVFgW2dezk4PznF1rjGpP6gnK6Y.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 213.170.145.0/24 Signature Algorithm: sha256WithRSAEncryption 3f:14:bf:23:fa:8f:14:82:c3:90:99:dd:fc:4f:6b:8d:bf:8c: 7e:4d:da:91:f2:75:a6:70:41:af:a1:d2:2b:72:8a:b5:c4:8b: bf:7b:0c:cb:6e:3c:6f:b3:4f:b6:5e:04:68:92:25:69:c3:f6: 8a:cf:bb:b0:d2:38:c8:59:0c:2d:b4:ec:91:c3:74:c9:4d:92: 7e:ce:93:dc:29:34:be:5f:a7:ef:2c:07:7e:7d:a0:c6:8b:8d: 6e:81:9d:b0:a5:2a:c8:58:07:69:30:3d:b3:3b:99:27:fb:4f: e9:48:13:a6:f6:cf:f3:fa:71:e5:d1:8c:55:75:94:a6:7c:cb: 6b:32:d7:93:d4:d3:95:bc:a5:15:0e:b2:49:66:e8:07:46:63: ef:8e:33:4b:ee:5c:0d:cf:d7:d6:4d:91:08:a2:9d:d9:59:f4: b5:67:40:83:21:b4:4e:db:f5:70:a5:1b:43:c3:2d:c1:9a:c4: 03:18:36:7a:bc:f7:7f:d3:4f:51:07:3a:6b:37:53:49:4d:d7: b0:3e:dd:f1:6a:40:11:f1:61:c2:1b:ec:f6:36:d6:4f:60:46: 21:27:a3:50:8c:68:7f:7a:0d:cb:54:5d:48:a8:ec:21:7f:47: 8a:0f:13:65:e2:9d:27:f4:24:4b:3a:36:60:fe:05:8b:e7:6f: e0:e4:b7:9a -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt/FZzUM9Go6FCUTdk43O2QMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA1NTE2MDViNjc1ZWNlNGUwZmNlNzE3NWFlMzFhOTNmYTgy NzJiYTYwHhcNMjYwMTAyMTQyMTIxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1MGQ3MzA5YjM2NTVjZDE0MmJmMDY2ZDQwNjQyN2RkYjFlY2VlNWUxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoElcHf5pNb4QjTy3x+QCAoGCVhuR JksYSOE2wo5R0RPsFmmOdN26fiaHaf04IzK+b5MqMprFSJJMp7dvpLv89kxi9ear jc58QdUWa9hGlh6nvfjJUwl4Sqde9Xqr9h2fDrOsVClBVWe6lRNJuyxUg4oBHeSJ zHMpiNbPOQz85v8Pt3Qeqm2hpuOejAv2crmrHGBC7r8eCYZWrwb9NK8wBwIshuf2 1G6yaiSgB884lb1eqki4qxhLB/jDH7T3fNNcHHYORvlxdgY/Rvo5o3AKD5YlWefT wtVeYRykP67gpmzzn5N4qZ2gFhkEy/f7gMI6hnp8ooFVqCZ+/ZT5ODkx4wIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFFDXMJs2Vc0UK/Bm1AZCfdsezuXhMB8GA1UdIwQY MBaAFAVRYFtnXs5OD85xda4xqT+oJyumMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQlZGZ1cyZGV6azRQem5GMXJqR3BQNmduSzZZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8yOGVhNDUtN2QzMC00NmRmLThmMmEt MDc3OWY0OGVjZWEwLzEvVU5jd216WlZ6UlFyOEdiVUJrSjkyeDdPNWVFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zMC8yOGVhNDUtN2QzMC00NmRmLThmMmEtMDc3OWY0OGVjZWEw LzEvQlZGZ1cyZGV6azRQem5GMXJqR3BQNmduSzZZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1aqRMA0G CSqGSIb3DQEBCwUAA4IBAQA/FL8j+o8UgsOQmd38T2uNv4x+TdqR8nWmcEGvodIr coq1xIu/ewzLbjxvs0+2XgRokiVpw/aKz7uw0jjIWQwttOyRw3TJTZJ+zpPcKTS+ X6fvLAd+faDGi41ugZ2wpSrIWAdpMD2zO5kn+0/pSBOm9s/z+nHl0YxVdZSmfMtr MteT1NOVvKUVDrJJZugHRmPvjjNL7lwNz9fWTZEIop3ZWfS1Z0CDIbRO2/VwpRtD wy3BmsQDGDZ6vPd/009RBzprN1NJTdewPt3xakAR8WHCG+z2NtZPYEYhJ6NQjGh/ eg3LVF1IqOwhf0eKDxNl4p0n9CRLOjZg/gWL52/g5Lea -----END CERTIFICATE-----Generated at Sun Jan 25 18:07:38 2026 by rpki-client