This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/2b7cd1-49b6-4921-a5e1-61f91ededf0a/1/u5hJOCynJQAu4PH5D56C-AeKtEc.roa File: u5hJOCynJQAu4PH5D56C-AeKtEc.roa (raw, json) Hash identifier: 53JyrjI2rSv7IJ0kdQIBEc2NY8BsRGlwPaWvUaVHA/o= Subject key identifier: BB:98:49:38:2C:A7:25:00:2E:E0:F1:F9:0F:9E:82:F8:07:8A:B4:47 Certificate issuer: /CN=6c890ef6a88ab33fa5a206760768dd3251c238af Certificate serial: 019B7F831147455F558E1B53DF3A17B0C914 Authority key identifier: 6C:89:0E:F6:A8:8A:B3:3F:A5:A2:06:76:07:68:DD:32:51:C2:38:AF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bIkO9qiKsz-logZ2B2jdMlHCOK8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/2b7cd1-49b6-4921-a5e1-61f91ededf0a/1/u5hJOCynJQAu4PH5D56C-AeKtEc.roa Signing time: Fri 02 Jan 2026 16:20:54 +0000 ROA not before: Fri 02 Jan 2026 16:20:54 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 41652 IP address blocks: 185.212.224.0/22 maxlen: 22 193.93.181.0/24 maxlen: 24 2a0b:7cc0::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/2b7cd1-49b6-4921-a5e1-61f91ededf0a/1/bIkO9qiKsz-logZ2B2jdMlHCOK8.crl rsync://rpki.ripe.net/repository/DEFAULT/4e/2b7cd1-49b6-4921-a5e1-61f91ededf0a/1/bIkO9qiKsz-logZ2B2jdMlHCOK8.mft rsync://rpki.ripe.net/repository/DEFAULT/bIkO9qiKsz-logZ2B2jdMlHCOK8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 07:01:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:83:11:47:45:5f:55:8e:1b:53:df:3a:17:b0:c9:14 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6c890ef6a88ab33fa5a206760768dd3251c238af Validity Not Before: Jan 2 16:20:54 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=bb9849382ca725002ee0f1f90f9e82f8078ab447 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:b8:20:f5:06:f6:16:a4:d6:a5:ce:4a:b6:26: 39:4f:0e:db:9f:ae:1e:58:71:a9:dc:38:21:12:13: ac:fe:76:08:e3:e9:ba:2c:e5:20:68:1a:bc:db:1e: 29:0b:08:20:08:3e:eb:99:09:9c:c2:96:15:bd:5a: f0:4e:37:2c:2e:28:7a:27:ad:9d:ec:90:97:d2:da: 72:69:3a:13:a8:4b:44:6f:bf:f2:a4:6e:ba:ea:9b: e3:d0:23:e9:38:91:b4:df:2c:ad:71:15:8f:8e:07: 87:a2:1f:7f:6a:5d:20:95:a2:69:27:a3:85:0c:28: 5b:e5:8d:4f:3e:42:00:20:09:d3:b9:f6:ed:df:ea: a2:41:8b:a9:9a:b8:c1:a0:14:23:78:8c:ad:14:dc: 57:56:60:68:d1:c8:77:f1:63:30:2f:1c:42:02:30: 8a:3e:7a:86:fa:94:06:63:28:48:27:7f:49:a5:4d: a9:3e:8a:42:7f:87:08:5e:9f:6b:2f:c7:8a:cb:9c: f3:e0:b3:c5:a2:98:f1:23:9a:08:c0:f2:4b:c5:88: ea:eb:57:3b:99:6c:72:b7:e8:67:30:42:e3:33:d2: 52:d8:1d:2a:d0:be:25:f0:7d:f5:9d:13:1a:a3:85: f2:3b:be:0c:57:df:50:df:ef:1d:e1:7d:d6:37:3c: fe:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BB:98:49:38:2C:A7:25:00:2E:E0:F1:F9:0F:9E:82:F8:07:8A:B4:47 X509v3 Authority Key Identifier: keyid:6C:89:0E:F6:A8:8A:B3:3F:A5:A2:06:76:07:68:DD:32:51:C2:38:AF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bIkO9qiKsz-logZ2B2jdMlHCOK8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/2b7cd1-49b6-4921-a5e1-61f91ededf0a/1/u5hJOCynJQAu4PH5D56C-AeKtEc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/2b7cd1-49b6-4921-a5e1-61f91ededf0a/1/bIkO9qiKsz-logZ2B2jdMlHCOK8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.212.224.0/22 193.93.181.0/24 IPv6: 2a0b:7cc0::/29 Signature Algorithm: sha256WithRSAEncryption 4b:ed:3c:a5:72:cd:78:62:e2:1e:9b:f8:20:06:1a:e5:4b:3e: 2c:17:af:2e:7a:3c:27:ec:da:7e:e9:e5:69:89:04:e0:eb:66: f3:cc:99:8d:16:9a:d4:fc:1d:3c:e1:61:12:67:78:ea:f6:0d: 38:60:c0:3b:1a:ed:ed:99:e1:78:34:88:06:15:1e:57:57:1a: 75:04:2f:45:02:a8:5a:fa:e1:f4:78:d9:2e:a9:51:ca:89:f1: 33:d9:c4:85:3f:bd:df:df:9a:a3:f9:7f:6f:90:a7:70:70:74: b6:45:c5:5a:c8:df:0e:b9:cc:66:b9:a5:b6:ba:a1:33:11:1c: 2b:e9:15:cf:47:dd:f9:7d:a7:73:5f:8c:51:0a:f6:a5:54:5c: 25:ac:21:f0:e9:86:8d:f8:71:12:1e:2e:cc:b5:4e:c9:d1:b8: 06:5b:62:f9:87:09:f6:d8:6c:4d:9a:c6:1d:fd:6b:48:c3:2d: 39:cc:ef:5a:9c:86:84:ea:1f:bf:4d:8f:e2:b3:77:5a:a7:68: c1:dc:fa:9d:6e:94:aa:be:e4:72:2c:fd:65:ba:b0:83:53:7f: 0f:db:bf:92:96:ac:bf:31:bd:65:fc:97:ba:71:78:cc:47:77: 9b:28:4f:62:d5:fb:a8:0e:52:56:c1:9f:99:95:3e:a6:06:4b: e6:0d:c0:2d -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt/gxFHRV9VjhtT3zoXsMkUMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZjODkwZWY2YTg4YWIzM2ZhNWEyMDY3NjA3NjhkZDMyNTFj MjM4YWYwHhcNMjYwMTAyMTYyMDU0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiYjk4NDkzODJjYTcyNTAwMmVlMGYxZjkwZjllODJmODA3OGFiNDQ3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAurgg9Qb2FqTWpc5KtiY5Tw7bn64e WHGp3DghEhOs/nYI4+m6LOUgaBq82x4pCwggCD7rmQmcwpYVvVrwTjcsLih6J62d 7JCX0tpyaToTqEtEb7/ypG666pvj0CPpOJG03yytcRWPjgeHoh9/al0glaJpJ6OF DChb5Y1PPkIAIAnTufbt3+qiQYupmrjBoBQjeIytFNxXVmBo0ch38WMwLxxCAjCK PnqG+pQGYyhIJ39JpU2pPopCf4cIXp9rL8eKy5zz4LPFopjxI5oIwPJLxYjq61c7 mWxyt+hnMELjM9JS2B0q0L4l8H31nRMao4XyO74MV99Q3+8d4X3WNzz+WwIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFLuYSTgspyUALuDx+Q+egvgHirRHMB8GA1UdIwQY MBaAFGyJDvaoirM/paIGdgdo3TJRwjivMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYklrTzlxaUtzei1sb2daMkIyamRNbEhDT0s4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS8yYjdjZDEtNDliNi00OTIxLWE1ZTEt NjFmOTFlZGVkZjBhLzEvdTVoSk9DeW5KUUF1NFBINUQ1NkMtQWVLdEVjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80ZS8yYjdjZDEtNDliNi00OTIxLWE1ZTEtNjFmOTFlZGVkZjBh LzEvYklrTzlxaUtzei1sb2daMkIyamRNbEhDT0s4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCudTgAwQA wV21MA0EAgACMAcDBQMqC3zAMA0GCSqGSIb3DQEBCwUAA4IBAQBL7Tylcs14YuIe m/ggBhrlSz4sF68uejwn7Np+6eVpiQTg62bzzJmNFprU/B084WESZ3jq9g04YMA7 Gu3tmeF4NIgGFR5XVxp1BC9FAqha+uH0eNkuqVHKifEz2cSFP73f35qj+X9vkKdw cHS2RcVayN8OucxmuaW2uqEzERwr6RXPR935fadzX4xRCvalVFwlrCHw6YaN+HES Hi7MtU7J0bgGW2L5hwn22GxNmsYd/WtIwy05zO9anIaE6h+/TY/is3dap2jB3Pqd bpSqvuRyLP1lurCDU38P27+Slqy/Mb1l/Je6cXjMR3ebKE9i1fuoDlJWwZ+ZlT6m BkvmDcAt -----END CERTIFICATE-----Generated at Mon Jan 26 14:44:59 2026 by rpki-client