This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/8f0259-9bc8-4fdc-926d-1a80daffd796/1/U-Qwz6WM_evSO89uezz5oxCn1JQ.roa File: U-Qwz6WM_evSO89uezz5oxCn1JQ.roa (raw, json) Hash identifier: nuji8CNl3iLd6E/K17ABmg8QraIShYoAsJLchecsQpQ= Subject key identifier: 53:E4:30:CF:A5:8C:FD:EB:D2:3B:CF:6E:7B:3C:F9:A3:10:A7:D4:94 Certificate issuer: /CN=661691ca9c58d0859b6b870230b0f581be66a58a Certificate serial: 019B76EB0BF677E648D658CB5EE5DA46E4F1 Authority key identifier: 66:16:91:CA:9C:58:D0:85:9B:6B:87:02:30:B0:F5:81:BE:66:A5:8A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZhaRypxY0IWba4cCMLD1gb5mpYo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/8f0259-9bc8-4fdc-926d-1a80daffd796/1/U-Qwz6WM_evSO89uezz5oxCn1JQ.roa Signing time: Thu 01 Jan 2026 00:17:54 +0000 ROA not before: Thu 01 Jan 2026 00:17:54 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 199364 IP address blocks: 45.84.192.0/24 maxlen: 24 185.31.120.0/22 maxlen: 22 2a00:af60::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/8f0259-9bc8-4fdc-926d-1a80daffd796/1/ZhaRypxY0IWba4cCMLD1gb5mpYo.crl rsync://rpki.ripe.net/repository/DEFAULT/6a/8f0259-9bc8-4fdc-926d-1a80daffd796/1/ZhaRypxY0IWba4cCMLD1gb5mpYo.mft rsync://rpki.ripe.net/repository/DEFAULT/ZhaRypxY0IWba4cCMLD1gb5mpYo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 09:01:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:76:eb:0b:f6:77:e6:48:d6:58:cb:5e:e5:da:46:e4:f1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=661691ca9c58d0859b6b870230b0f581be66a58a Validity Not Before: Jan 1 00:17:54 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=53e430cfa58cfdebd23bcf6e7b3cf9a310a7d494 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:36:26:ce:87:94:f0:79:93:26:9f:93:5a:ba: b4:fa:12:3e:80:9b:86:b9:ae:b1:7b:98:14:06:af: 6a:a6:1e:08:e1:1f:7c:4a:33:38:a4:5c:58:79:a4: 92:93:54:7b:e3:79:fc:00:98:ac:16:4b:4b:55:cd: 71:53:57:da:7a:eb:bd:11:52:89:06:6b:f1:fa:18: 65:fd:b5:c0:ef:d0:9b:f5:9a:5e:24:52:73:37:06: 96:c4:67:88:7e:2a:3b:48:b4:a9:61:d0:5e:85:c0: 86:ed:7a:f4:11:34:26:e8:f7:d5:7f:f8:d3:47:a0: 38:5b:c5:8d:ca:05:82:30:09:99:08:9e:2d:eb:cd: 9d:8a:d2:c6:4a:78:61:0a:1d:38:ff:ec:5f:06:67: 48:11:9f:94:4f:3f:94:b6:2c:fd:0f:2e:45:f5:19: 3c:10:44:bd:64:19:55:cf:48:52:8a:a3:c0:eb:d0: 64:ba:e6:55:26:54:7c:78:22:b7:73:4d:48:d3:0e: 8c:fb:61:17:a3:29:f6:b5:5a:1d:f3:14:a3:b1:1d: 26:88:38:e6:3c:00:39:13:9c:c6:8e:fc:6a:c7:4b: 0a:06:b5:47:0d:cb:dd:38:dd:08:19:02:2d:e1:87: f4:7d:ba:77:c3:0b:3a:98:48:1f:ee:2c:70:a4:07: e5:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 53:E4:30:CF:A5:8C:FD:EB:D2:3B:CF:6E:7B:3C:F9:A3:10:A7:D4:94 X509v3 Authority Key Identifier: keyid:66:16:91:CA:9C:58:D0:85:9B:6B:87:02:30:B0:F5:81:BE:66:A5:8A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZhaRypxY0IWba4cCMLD1gb5mpYo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/8f0259-9bc8-4fdc-926d-1a80daffd796/1/U-Qwz6WM_evSO89uezz5oxCn1JQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/8f0259-9bc8-4fdc-926d-1a80daffd796/1/ZhaRypxY0IWba4cCMLD1gb5mpYo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.84.192.0/24 185.31.120.0/22 IPv6: 2a00:af60::/32 Signature Algorithm: sha256WithRSAEncryption 38:d1:80:76:90:d3:44:f2:a3:66:ed:73:b4:c7:1b:88:1c:a6: d4:a9:b7:65:12:9e:a4:66:31:68:36:73:21:f5:cd:56:8e:fb: 5a:b0:d3:ba:22:f8:dd:53:8b:3b:c2:01:59:1a:ff:43:59:a5: b9:ae:fe:ab:5a:6c:ef:13:cd:d1:2d:11:42:8b:16:82:48:eb: a8:0a:64:af:41:f7:00:e0:5f:02:f1:f8:c9:91:b4:dd:9c:fd: 6a:c2:44:72:b4:14:ee:11:5b:b4:b0:99:a1:8d:c9:3c:d9:47: 8e:64:ae:e9:9c:f6:ba:5a:b7:a7:8b:01:fa:e2:90:2a:0d:f2: 5f:00:be:d3:83:1f:b9:88:88:af:26:62:dd:ea:35:f2:9a:5c: a8:9e:81:52:b9:0e:42:6e:af:05:d1:45:df:ac:36:07:b2:93: c5:01:3b:13:bc:3e:d4:20:97:72:16:d9:55:b7:90:9e:71:95: 8d:1f:12:a8:fa:5f:7a:ef:6a:11:24:95:d0:58:f4:48:41:45: 61:fc:49:f0:cd:00:2f:4f:34:18:12:cb:c3:e7:79:7e:ff:d8: af:5f:22:60:84:93:05:65:8b:39:92:7c:ca:66:82:4e:9a:22: ac:0a:d6:c5:a9:79:fc:42:ef:fe:52:20:24:8d:fa:4f:1a:f3: 90:ef:98:65 -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt26wv2d+ZI1ljLXuXaRuTxMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY2MTY5MWNhOWM1OGQwODU5YjZiODcwMjMwYjBmNTgxYmU2 NmE1OGEwHhcNMjYwMTAxMDAxNzU0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1M2U0MzBjZmE1OGNmZGViZDIzYmNmNmU3YjNjZjlhMzEwYTdkNDk0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4TYmzoeU8HmTJp+TWrq0+hI+gJuG ua6xe5gUBq9qph4I4R98SjM4pFxYeaSSk1R743n8AJisFktLVc1xU1faeuu9EVKJ Bmvx+hhl/bXA79Cb9ZpeJFJzNwaWxGeIfio7SLSpYdBehcCG7Xr0ETQm6PfVf/jT R6A4W8WNygWCMAmZCJ4t682ditLGSnhhCh04/+xfBmdIEZ+UTz+Utiz9Dy5F9Rk8 EES9ZBlVz0hSiqPA69BkuuZVJlR8eCK3c01I0w6M+2EXoyn2tVod8xSjsR0miDjm PAA5E5zGjvxqx0sKBrVHDcvdON0IGQIt4Yf0fbp3wws6mEgf7ixwpAflMQIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFFPkMM+ljP3r0jvPbns8+aMQp9SUMB8GA1UdIwQY MBaAFGYWkcqcWNCFm2uHAjCw9YG+ZqWKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWmhhUnlweFkwSVdiYTRjQ01MRDFnYjVtcFlvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS84ZjAyNTktOWJjOC00ZmRjLTkyNmQt MWE4MGRhZmZkNzk2LzEvVS1Rd3o2V01fZXZTTzg5dWV6ejVveENuMUpRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82YS84ZjAyNTktOWJjOC00ZmRjLTkyNmQtMWE4MGRhZmZkNzk2 LzEvWmhhUnlweFkwSVdiYTRjQ01MRDFnYjVtcFlvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQALVTAAwQC uR94MA0EAgACMAcDBQAqAK9gMA0GCSqGSIb3DQEBCwUAA4IBAQA40YB2kNNE8qNm 7XO0xxuIHKbUqbdlEp6kZjFoNnMh9c1WjvtasNO6IvjdU4s7wgFZGv9DWaW5rv6r WmzvE83RLRFCixaCSOuoCmSvQfcA4F8C8fjJkbTdnP1qwkRytBTuEVu0sJmhjck8 2UeOZK7pnPa6WreniwH64pAqDfJfAL7Tgx+5iIivJmLd6jXymlyonoFSuQ5Cbq8F 0UXfrDYHspPFATsTvD7UIJdyFtlVt5CecZWNHxKo+l9672oRJJXQWPRIQUVh/Enw zQAvTzQYEsvD53l+/9ivXyJghJMFZYs5knzKZoJOmiKsCtbFqXn8Qu/+UiAkjfpP GvOQ75hl -----END CERTIFICATE-----Generated at Sun Jan 25 20:49:01 2026 by rpki-client