This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/375522-b695-431b-8d49-66b434fdf9ae/1/ubLK8V8AN7yzYWZ8GjbAC2BzmVk.roa File: ubLK8V8AN7yzYWZ8GjbAC2BzmVk.roa (raw, json) Hash identifier: soBVeg6Yikd3nUzcvoeLHOcCe6rQjh4SHsU1xYr91hM= Subject key identifier: B9:B2:CA:F1:5F:00:37:BC:B3:61:66:7C:1A:36:C0:0B:60:73:99:59 Certificate issuer: /CN=2802b5b025cf4ea13395fc57b5a4d6898e7332cf Certificate serial: 019B78A36E5CDF1F899AB5501F2116D1E4FD Authority key identifier: 28:02:B5:B0:25:CF:4E:A1:33:95:FC:57:B5:A4:D6:89:8E:73:32:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KAK1sCXPTqEzlfxXtaTWiY5zMs8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/375522-b695-431b-8d49-66b434fdf9ae/1/ubLK8V8AN7yzYWZ8GjbAC2BzmVk.roa Signing time: Thu 01 Jan 2026 08:18:55 +0000 ROA not before: Thu 01 Jan 2026 08:18:55 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 48152 IP address blocks: 193.200.218.0/24 maxlen: 24 2001:678:878::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/73/375522-b695-431b-8d49-66b434fdf9ae/1/KAK1sCXPTqEzlfxXtaTWiY5zMs8.crl rsync://rpki.ripe.net/repository/DEFAULT/73/375522-b695-431b-8d49-66b434fdf9ae/1/KAK1sCXPTqEzlfxXtaTWiY5zMs8.mft rsync://rpki.ripe.net/repository/DEFAULT/KAK1sCXPTqEzlfxXtaTWiY5zMs8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 11:01:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a3:6e:5c:df:1f:89:9a:b5:50:1f:21:16:d1:e4:fd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2802b5b025cf4ea13395fc57b5a4d6898e7332cf Validity Not Before: Jan 1 08:18:55 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=b9b2caf15f0037bcb361667c1a36c00b60739959 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ee:9b:46:d7:39:af:a4:66:13:63:29:02:42:ad: e3:71:90:5b:bc:bf:ed:71:3e:6d:b2:1a:45:6c:4f: ef:b1:86:c8:54:5f:72:05:bd:9e:7b:e8:6f:ae:f9: 21:83:96:9d:b4:3a:88:ce:76:64:7b:f6:fe:fb:e9: b8:7c:4a:4a:b2:09:26:5f:41:15:c4:d1:c7:88:0c: 0b:c5:2a:5f:17:35:c8:16:2f:03:b8:59:de:63:47: 74:ba:88:d5:c1:4b:4f:ff:5c:d4:1b:d7:1e:5b:9a: 46:49:4a:50:06:2d:24:6f:6e:39:af:59:ee:49:58: c2:34:75:68:ab:a5:05:a8:d8:47:41:24:c5:f8:c1: c0:23:c2:80:b5:0c:9f:aa:30:4b:9e:0b:db:23:1b: 40:bc:78:61:46:29:8a:06:c3:5b:84:d6:e4:78:c4: 95:d3:c9:f9:35:bd:01:23:25:82:8b:58:e7:b2:95: 05:80:6d:34:d2:38:d0:7d:f8:60:9a:e8:c9:5e:ba: db:7a:58:e3:3d:4b:c3:f4:69:a0:91:c6:ba:65:c8: c8:78:d2:da:69:5c:50:ef:5b:07:6d:f3:a2:4e:cb: 5e:5f:da:d7:59:48:31:46:29:52:35:2e:ea:1b:a0: a6:18:b7:b9:64:4d:c1:1e:35:69:fc:c0:b6:ae:55: ff:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B9:B2:CA:F1:5F:00:37:BC:B3:61:66:7C:1A:36:C0:0B:60:73:99:59 X509v3 Authority Key Identifier: keyid:28:02:B5:B0:25:CF:4E:A1:33:95:FC:57:B5:A4:D6:89:8E:73:32:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KAK1sCXPTqEzlfxXtaTWiY5zMs8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/375522-b695-431b-8d49-66b434fdf9ae/1/ubLK8V8AN7yzYWZ8GjbAC2BzmVk.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/73/375522-b695-431b-8d49-66b434fdf9ae/1/KAK1sCXPTqEzlfxXtaTWiY5zMs8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 193.200.218.0/24 IPv6: 2001:678:878::/48 Signature Algorithm: sha256WithRSAEncryption 95:dd:c8:92:55:37:f9:53:4d:67:14:90:1a:d6:ca:91:97:be: 2f:b2:84:17:dd:05:0e:93:96:06:41:16:5a:41:36:b6:a3:17: 45:ea:3b:6f:36:5a:eb:e1:8a:50:3a:1a:ef:3e:0d:9c:02:ec: 07:5d:a6:2c:ff:48:9e:02:c2:2a:b6:ee:85:fd:fc:30:37:10: 81:5f:fa:a0:ed:2d:cd:30:63:4a:fc:6e:e8:6f:e0:53:88:2b: 21:2d:4a:04:20:a0:7e:6f:24:45:26:e6:da:1d:35:30:77:a5: c7:db:6c:b3:c3:f0:1d:c1:9c:7b:61:51:31:7b:79:75:cb:c9: 8f:3f:63:7a:7e:73:cd:49:ab:64:01:fc:6a:f3:1e:35:e2:d7: 26:f9:30:f2:57:fe:84:e4:5e:3f:46:1c:3a:15:ef:ae:58:09: fe:36:e9:55:81:fd:d3:18:a5:73:e4:63:49:40:d5:65:41:a7: 82:1f:47:2e:22:fa:01:d9:42:85:c2:f2:44:93:81:0f:af:d8: 43:ad:52:1a:99:a4:74:1b:c4:b1:68:a4:ee:9c:34:d0:67:33: bb:a4:06:0a:1e:27:d0:6c:69:7c:54:f9:d9:dd:13:58:f8:64: a8:db:de:60:12:12:ec:cd:a7:6a:1b:e0:98:54:bb:45:10:f6: 44:02:bd:80 -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgISAZt4o25c3x+JmrVQHyEW0eT9MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI4MDJiNWIwMjVjZjRlYTEzMzk1ZmM1N2I1YTRkNjg5OGU3 MzMyY2YwHhcNMjYwMTAxMDgxODU1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiOWIyY2FmMTVmMDAzN2JjYjM2MTY2N2MxYTM2YzAwYjYwNzM5OTU5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7ptG1zmvpGYTYykCQq3jcZBbvL/t cT5tshpFbE/vsYbIVF9yBb2ee+hvrvkhg5adtDqIznZke/b+++m4fEpKsgkmX0EV xNHHiAwLxSpfFzXIFi8DuFneY0d0uojVwUtP/1zUG9ceW5pGSUpQBi0kb245r1nu SVjCNHVoq6UFqNhHQSTF+MHAI8KAtQyfqjBLngvbIxtAvHhhRimKBsNbhNbkeMSV 08n5Nb0BIyWCi1jnspUFgG000jjQffhgmujJXrrbeljjPUvD9Gmgkca6ZcjIeNLa aVxQ71sHbfOiTsteX9rXWUgxRilSNS7qG6CmGLe5ZE3BHjVp/MC2rlX/1wIDAQAB o4ICGjCCAhYwHQYDVR0OBBYEFLmyyvFfADe8s2FmfBo2wAtgc5lZMB8GA1UdIwQY MBaAFCgCtbAlz06hM5X8V7Wk1omOczLPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS0FLMXNDWFBUcUV6bGZ4WHRhVFdpWTV6TXM4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My8zNzU1MjItYjY5NS00MzFiLThkNDkt NjZiNDM0ZmRmOWFlLzEvdWJMSzhWOEFON3l6WVdaOEdqYkFDMkJ6bVZrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83My8zNzU1MjItYjY5NS00MzFiLThkNDktNjZiNDM0ZmRmOWFl LzEvS0FLMXNDWFBUcUV6bGZ4WHRhVFdpWTV6TXM4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwcjaMA8E AgACMAkDBwAgAQZ4CHgwDQYJKoZIhvcNAQELBQADggEBAJXdyJJVN/lTTWcUkBrW ypGXvi+yhBfdBQ6TlgZBFlpBNrajF0XqO282WuvhilA6Gu8+DZwC7Addpiz/SJ4C wiq27oX9/DA3EIFf+qDtLc0wY0r8buhv4FOIKyEtSgQgoH5vJEUm5todNTB3pcfb bLPD8B3BnHthUTF7eXXLyY8/Y3p+c81Jq2QB/GrzHjXi1yb5MPJX/oTkXj9GHDoV 765YCf426VWB/dMYpXPkY0lA1WVBp4IfRy4i+gHZQoXC8kSTgQ+v2EOtUhqZpHQb xLFopO6cNNBnM7ukBgoeJ9BsaXxU+dndE1j4ZKjb3mASEuzNp2ob4JhUu0UQ9kQC vYA= -----END CERTIFICATE-----Generated at Mon Jan 26 16:23:57 2026 by rpki-client