This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/421e40-edf6-47aa-9abe-1b0f254de619/1/Utsq8tMmY3izY1fN7UB7ffBp7M0.roa File: Utsq8tMmY3izY1fN7UB7ffBp7M0.roa (raw, json) Hash identifier: kD7h2+kSGCGsnzgnalUMgkhy9wvQ1pxuWkQeWsMBxuE= Subject key identifier: 52:DB:2A:F2:D3:26:63:78:B3:63:57:CD:ED:40:7B:7D:F0:69:EC:CD Certificate issuer: /CN=ccf9a6d2f6cd588a77f423622e6b8d1c654bcdf2 Certificate serial: 019B76EB6BF7D2353484C8ED5FAAF048BC2D Authority key identifier: CC:F9:A6:D2:F6:CD:58:8A:77:F4:23:62:2E:6B:8D:1C:65:4B:CD:F2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zPmm0vbNWIp39CNiLmuNHGVLzfI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/421e40-edf6-47aa-9abe-1b0f254de619/1/Utsq8tMmY3izY1fN7UB7ffBp7M0.roa Signing time: Thu 01 Jan 2026 00:18:18 +0000 ROA not before: Thu 01 Jan 2026 00:18:18 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 31349 IP address blocks: 62.201.16.0/20 maxlen: 24 185.185.128.0/22 maxlen: 24 2a06:8080::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/421e40-edf6-47aa-9abe-1b0f254de619/1/zPmm0vbNWIp39CNiLmuNHGVLzfI.crl rsync://rpki.ripe.net/repository/DEFAULT/4e/421e40-edf6-47aa-9abe-1b0f254de619/1/zPmm0vbNWIp39CNiLmuNHGVLzfI.mft rsync://rpki.ripe.net/repository/DEFAULT/zPmm0vbNWIp39CNiLmuNHGVLzfI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:76:eb:6b:f7:d2:35:34:84:c8:ed:5f:aa:f0:48:bc:2d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ccf9a6d2f6cd588a77f423622e6b8d1c654bcdf2 Validity Not Before: Jan 1 00:18:18 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=52db2af2d3266378b36357cded407b7df069eccd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:3a:33:af:54:b3:f8:d1:49:9e:65:b1:c2:12: 02:fe:d8:37:a0:0d:7a:95:8c:0f:0e:ae:e7:60:2f: 77:dc:43:b8:66:f8:b3:62:b7:ef:2d:b9:ea:54:93: f0:c0:37:32:a8:3d:3d:d8:77:26:08:f4:f0:b0:34: 2e:55:c7:b3:46:43:59:43:30:f0:be:80:1e:3c:ae: 9e:40:5d:c9:70:50:40:3f:84:91:c0:23:a2:c5:47: 35:20:db:08:af:54:5b:06:52:8e:b1:01:d4:30:24: 7b:0e:19:86:6f:54:3d:56:ea:82:6d:09:48:52:a3: 9d:52:ef:46:44:af:92:54:78:00:e4:6b:da:e0:f7: c6:30:f7:61:71:b5:fb:03:13:15:06:e0:4f:f4:e2: aa:2a:14:b3:8c:78:09:13:b8:2c:29:3b:f4:9f:b4: 5e:72:06:7a:c2:7c:1e:38:a2:30:c3:d6:da:49:9b: a1:4f:17:88:eb:b9:3e:40:47:ec:87:14:34:4a:fb: 0d:8f:dd:04:ee:cc:3c:4a:87:e8:8c:68:7f:88:7c: e8:42:cc:13:62:b7:61:f2:03:0a:51:74:c5:ea:77: 47:c0:15:91:fb:2d:b8:84:c9:64:6f:ed:36:63:29: a1:7b:16:03:cb:e0:c2:e3:f2:40:57:75:c8:ac:e9: 0a:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 52:DB:2A:F2:D3:26:63:78:B3:63:57:CD:ED:40:7B:7D:F0:69:EC:CD X509v3 Authority Key Identifier: keyid:CC:F9:A6:D2:F6:CD:58:8A:77:F4:23:62:2E:6B:8D:1C:65:4B:CD:F2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zPmm0vbNWIp39CNiLmuNHGVLzfI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/421e40-edf6-47aa-9abe-1b0f254de619/1/Utsq8tMmY3izY1fN7UB7ffBp7M0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/421e40-edf6-47aa-9abe-1b0f254de619/1/zPmm0vbNWIp39CNiLmuNHGVLzfI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 62.201.16.0/20 185.185.128.0/22 IPv6: 2a06:8080::/29 Signature Algorithm: sha256WithRSAEncryption 2e:52:42:d0:e1:09:8a:4e:fc:04:49:03:ba:eb:c5:ce:3c:b4: 30:36:ec:38:af:fa:28:49:b4:6f:bb:b9:90:dc:a0:5b:66:7e: bb:02:05:30:f4:8d:31:de:2a:05:fc:52:33:5c:cc:fe:d0:07: f1:e7:42:a0:11:c1:27:c1:1c:e1:d9:8d:f9:21:e4:07:a4:6a: d5:1a:0a:45:b8:a6:6e:ac:f5:a6:58:07:19:07:5c:5f:d3:28: 40:53:d7:84:30:0d:e2:0e:5e:83:88:3b:c4:e3:35:1b:61:af: 31:b3:dc:67:1d:11:02:81:ce:98:2d:fd:2b:93:24:8b:b9:24: 47:52:67:ed:fb:9c:e8:b8:de:1c:04:9c:fc:11:29:b9:70:d9: e6:4e:34:ec:05:0c:6a:ae:ff:3e:8d:10:44:b9:8b:63:77:2b: 4b:28:94:de:45:e5:78:72:81:6e:e4:e3:84:42:38:d7:71:05: c3:9e:2e:87:e0:40:d2:e7:a8:2a:b8:0c:d9:2c:f3:c9:6d:75: a1:86:25:f7:83:70:1e:47:d7:f6:ac:06:ce:01:db:ce:90:fe: b6:af:11:72:e8:e4:2d:dc:72:28:34:e1:41:2e:7d:3f:e3:8c: 32:9d:87:8c:97:f5:74:f7:1b:bb:b8:22:2e:fe:26:3f:52:47: 84:a6:18:eb -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt262v30jU0hMjtX6rwSLwtMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNjZjlhNmQyZjZjZDU4OGE3N2Y0MjM2MjJlNmI4ZDFjNjU0 YmNkZjIwHhcNMjYwMTAxMDAxODE4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1MmRiMmFmMmQzMjY2Mzc4YjM2MzU3Y2RlZDQwN2I3ZGYwNjllY2NkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Dozr1Sz+NFJnmWxwhIC/tg3oA16 lYwPDq7nYC933EO4ZvizYrfvLbnqVJPwwDcyqD092HcmCPTwsDQuVcezRkNZQzDw voAePK6eQF3JcFBAP4SRwCOixUc1INsIr1RbBlKOsQHUMCR7DhmGb1Q9VuqCbQlI UqOdUu9GRK+SVHgA5Gva4PfGMPdhcbX7AxMVBuBP9OKqKhSzjHgJE7gsKTv0n7Re cgZ6wnweOKIww9baSZuhTxeI67k+QEfshxQ0SvsNj90E7sw8SofojGh/iHzoQswT Yrdh8gMKUXTF6ndHwBWR+y24hMlkb+02YymhexYDy+DC4/JAV3XIrOkKJQIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFFLbKvLTJmN4s2NXze1Ae33waezNMB8GA1UdIwQY MBaAFMz5ptL2zViKd/QjYi5rjRxlS83yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvelBtbTB2Yk5XSXAzOUNOaUxtdU5IR1ZMemZJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS80MjFlNDAtZWRmNi00N2FhLTlhYmUt MWIwZjI1NGRlNjE5LzEvVXRzcTh0TW1ZM2l6WTFmTjdVQjdmZkJwN00wLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80ZS80MjFlNDAtZWRmNi00N2FhLTlhYmUtMWIwZjI1NGRlNjE5 LzEvelBtbTB2Yk5XSXAzOUNOaUxtdU5IR1ZMemZJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEPskQAwQC ubmAMA0EAgACMAcDBQMqBoCAMA0GCSqGSIb3DQEBCwUAA4IBAQAuUkLQ4QmKTvwE SQO668XOPLQwNuw4r/ooSbRvu7mQ3KBbZn67AgUw9I0x3ioF/FIzXMz+0Afx50Kg EcEnwRzh2Y35IeQHpGrVGgpFuKZurPWmWAcZB1xf0yhAU9eEMA3iDl6DiDvE4zUb Ya8xs9xnHRECgc6YLf0rkySLuSRHUmft+5zouN4cBJz8ESm5cNnmTjTsBQxqrv8+ jRBEuYtjdytLKJTeReV4coFu5OOEQjjXcQXDni6H4EDS56gquAzZLPPJbXWhhiX3 g3AeR9f2rAbOAdvOkP62rxFy6OQt3HIoNOFBLn0/44wynYeMl/V09xu7uCIu/iY/ UkeEphjr -----END CERTIFICATE-----Generated at Mon Jan 26 05:14:54 2026 by rpki-client