This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/2c58fa-06d5-4d39-8b5d-74acf82af596/1/u20Y3FANdfmda1Xtsnh_0s435JM.roa File: u20Y3FANdfmda1Xtsnh_0s435JM.roa (raw, json) Hash identifier: S9BpRBE4oWaa9W/9qIMquDTbVfqR1JKGeq8wj5z0rN4= Subject key identifier: BB:6D:18:DC:50:0D:75:F9:9D:6B:55:ED:B2:78:7F:D2:CE:37:E4:93 Certificate issuer: /CN=7879eb9dd62d51afa5012efa1a9d10c66400c445 Certificate serial: 019B7C11D8B162A6727E9AC3779D59F7219C Authority key identifier: 78:79:EB:9D:D6:2D:51:AF:A5:01:2E:FA:1A:9D:10:C6:64:00:C4:45 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eHnrndYtUa-lAS76Gp0QxmQAxEU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/2c58fa-06d5-4d39-8b5d-74acf82af596/1/u20Y3FANdfmda1Xtsnh_0s435JM.roa Signing time: Fri 02 Jan 2026 00:18:22 +0000 ROA not before: Fri 02 Jan 2026 00:18:22 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 199118 IP address blocks: 80.241.56.0/21 maxlen: 24 91.198.250.0/24 maxlen: 24 91.223.20.0/24 maxlen: 24 185.97.172.0/22 maxlen: 24 195.10.208.0/24 maxlen: 24 2001:67c:2050::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/2c58fa-06d5-4d39-8b5d-74acf82af596/1/eHnrndYtUa-lAS76Gp0QxmQAxEU.crl rsync://rpki.ripe.net/repository/DEFAULT/44/2c58fa-06d5-4d39-8b5d-74acf82af596/1/eHnrndYtUa-lAS76Gp0QxmQAxEU.mft rsync://rpki.ripe.net/repository/DEFAULT/eHnrndYtUa-lAS76Gp0QxmQAxEU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:11:d8:b1:62:a6:72:7e:9a:c3:77:9d:59:f7:21:9c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7879eb9dd62d51afa5012efa1a9d10c66400c445 Validity Not Before: Jan 2 00:18:22 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=bb6d18dc500d75f99d6b55edb2787fd2ce37e493 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:a9:9d:89:ae:2e:d0:b0:77:04:1f:af:9b:42: 53:eb:77:5c:a0:d5:df:d7:1d:ee:0d:91:0b:5a:44: 78:af:9e:e2:74:27:ca:06:f6:4d:39:cf:79:8f:b9: a2:d4:7d:71:55:a1:d5:51:a1:90:03:db:60:ef:2c: a0:9c:77:eb:70:3e:9b:cf:dd:a3:4a:66:3d:70:82: f3:cd:37:1f:a4:b7:db:60:38:8b:79:f9:53:97:d5: 4b:ab:f6:a6:dc:bf:53:eb:85:ae:53:43:d1:71:35: 6b:52:7d:37:87:69:19:64:7a:9d:c5:9f:8f:0f:a5: e1:43:5b:61:9f:16:ef:59:3a:e1:63:8a:72:34:8e: c9:a1:fc:24:9b:e4:d2:5d:3d:65:ec:3a:81:1d:2e: 6f:54:a5:d4:0f:b9:f8:55:bc:8b:98:4f:74:6f:a1: 12:35:9b:ad:e0:20:5b:95:98:ff:82:f2:ee:f8:b2: 2b:93:be:7b:62:f1:14:c9:9d:a3:4b:b9:7b:b6:ed: ee:7b:a8:f8:ab:73:78:f8:36:89:51:c8:96:8b:60: fd:33:da:84:b2:95:e9:e9:66:d5:59:78:31:a5:f3: 09:ac:a9:c7:a5:d7:b6:fa:b5:11:4d:a4:c7:7d:78: 74:0e:2a:6d:fe:bc:5f:34:3e:29:87:4c:7b:17:01: a3:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BB:6D:18:DC:50:0D:75:F9:9D:6B:55:ED:B2:78:7F:D2:CE:37:E4:93 X509v3 Authority Key Identifier: keyid:78:79:EB:9D:D6:2D:51:AF:A5:01:2E:FA:1A:9D:10:C6:64:00:C4:45 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eHnrndYtUa-lAS76Gp0QxmQAxEU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/2c58fa-06d5-4d39-8b5d-74acf82af596/1/u20Y3FANdfmda1Xtsnh_0s435JM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/44/2c58fa-06d5-4d39-8b5d-74acf82af596/1/eHnrndYtUa-lAS76Gp0QxmQAxEU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 80.241.56.0/21 91.198.250.0/24 91.223.20.0/24 185.97.172.0/22 195.10.208.0/24 IPv6: 2001:67c:2050::/48 Signature Algorithm: sha256WithRSAEncryption 23:fa:2e:5e:7d:97:49:b9:79:ee:2a:02:69:53:ea:b2:31:2c: ec:b5:c5:6f:0d:f0:62:1b:f1:97:87:f7:78:38:a5:a4:f4:7e: f3:96:38:31:53:1f:b6:8d:ab:19:b9:9e:ca:6a:8c:ff:a4:51: 79:fa:b0:ae:b6:d0:96:02:c1:67:9b:e5:01:98:cb:72:14:e4: f5:b5:4a:2d:7c:1d:c6:64:45:9a:4a:13:6f:2e:88:0a:7b:32: 4f:b0:a7:4c:e9:3f:16:ba:05:e0:f9:fe:ef:ab:bd:07:90:98: a3:22:e3:cf:1c:f3:88:9b:8f:32:db:d0:97:a7:06:f7:f7:e1: e4:33:b3:f4:0a:49:04:a7:eb:b4:91:b4:67:4e:bb:f3:b4:af: 78:57:4d:fa:51:8a:62:88:31:8b:98:89:2f:70:a7:15:d9:18: d1:93:92:58:a7:73:60:4a:1d:37:cd:52:74:dc:28:a0:04:a4: 01:88:37:82:0b:6c:55:47:1f:60:c7:f0:64:fd:2b:92:96:07: 90:a8:85:ec:e5:18:a6:87:92:68:3a:e2:c7:0d:26:16:54:9e: bb:72:92:fd:40:87:78:89:b7:08:e9:9a:5f:d1:87:de:b0:5c: a1:a0:43:d6:43:03:08:d2:e6:cc:58:37:45:30:4a:18:55:51: 4a:d4:e0:36 -----BEGIN CERTIFICATE----- MIIFJjCCBA6gAwIBAgISAZt8EdixYqZyfprDd51Z9yGcMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc4NzllYjlkZDYyZDUxYWZhNTAxMmVmYTFhOWQxMGM2NjQw MGM0NDUwHhcNMjYwMTAyMDAxODIyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiYjZkMThkYzUwMGQ3NWY5OWQ2YjU1ZWRiMjc4N2ZkMmNlMzdlNDkzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyKmdia4u0LB3BB+vm0JT63dcoNXf 1x3uDZELWkR4r57idCfKBvZNOc95j7mi1H1xVaHVUaGQA9tg7yygnHfrcD6bz92j SmY9cILzzTcfpLfbYDiLeflTl9VLq/am3L9T64WuU0PRcTVrUn03h2kZZHqdxZ+P D6XhQ1thnxbvWTrhY4pyNI7Jofwkm+TSXT1l7DqBHS5vVKXUD7n4VbyLmE90b6ES NZut4CBblZj/gvLu+LIrk757YvEUyZ2jS7l7tu3ue6j4q3N4+DaJUciWi2D9M9qE spXp6WbVWXgxpfMJrKnHpde2+rURTaTHfXh0Dipt/rxfND4ph0x7FwGjjwIDAQAB o4ICMjCCAi4wHQYDVR0OBBYEFLttGNxQDXX5nWtV7bJ4f9LON+STMB8GA1UdIwQY MBaAFHh5653WLVGvpQEu+hqdEMZkAMRFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZUhucm5kWXRVYS1sQVM3NkdwMFF4bVFBeEVVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC8yYzU4ZmEtMDZkNS00ZDM5LThiNWQt NzRhY2Y4MmFmNTk2LzEvdTIwWTNGQU5kZm1kYTFYdHNuaF8wczQzNUpNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80NC8yYzU4ZmEtMDZkNS00ZDM5LThiNWQtNzRhY2Y4MmFmNTk2 LzEvZUhucm5kWXRVYS1sQVM3NkdwMFF4bVFBeEVVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAkBAIAATAeAwQDUPE4AwQA W8b6AwQAW98UAwQCuWGsAwQAwwrQMA8EAgACMAkDBwAgAQZ8IFAwDQYJKoZIhvcN AQELBQADggEBACP6Ll59l0m5ee4qAmlT6rIxLOy1xW8N8GIb8ZeH93g4paT0fvOW ODFTH7aNqxm5nspqjP+kUXn6sK620JYCwWeb5QGYy3IU5PW1Si18HcZkRZpKE28u iAp7Mk+wp0zpPxa6BeD5/u+rvQeQmKMi488c84ibjzLb0JenBvf34eQzs/QKSQSn 67SRtGdOu/O0r3hXTfpRimKIMYuYiS9wpxXZGNGTklinc2BKHTfNUnTcKKAEpAGI N4ILbFVHH2DH8GT9K5KWB5CohezlGKaHkmg64scNJhZUnrtykv1Ah3iJtwjpml/R h96wXKGgQ9ZDAwjS5sxYN0UwShhVUUrU4DY= -----END CERTIFICATE-----Generated at Mon Jan 26 05:04:45 2026 by rpki-client