This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/7cf0b1-2298-4484-bd80-6cc9f6cbaac4/1/ugj21aD88s1RRp9wztrYsSAwiUE.roa File: ugj21aD88s1RRp9wztrYsSAwiUE.roa (raw, json) Hash identifier: WrSZz+UwR+wMXec4SQ0VJG4/1M5x7d6VE4FHoit+kYI= Subject key identifier: BA:08:F6:D5:A0:FC:F2:CD:51:46:9F:70:CE:DA:D8:B1:20:30:89:41 Certificate issuer: /CN=f219383a3e3f116a9bcc4769c8517cdce40765c7 Certificate serial: 019B7F853B894F88825D1EAB2B16A6F93ADC Authority key identifier: F2:19:38:3A:3E:3F:11:6A:9B:CC:47:69:C8:51:7C:DC:E4:07:65:C7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8hk4Oj4_EWqbzEdpyFF83OQHZcc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/7cf0b1-2298-4484-bd80-6cc9f6cbaac4/1/ugj21aD88s1RRp9wztrYsSAwiUE.roa Signing time: Fri 02 Jan 2026 16:23:16 +0000 ROA not before: Fri 02 Jan 2026 16:23:16 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 203557 IP address blocks: 84.38.129.0/24 maxlen: 24 84.38.133.0/24 maxlen: 24 185.29.11.0/24 maxlen: 24 2a02:4840:101::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/75/7cf0b1-2298-4484-bd80-6cc9f6cbaac4/1/8hk4Oj4_EWqbzEdpyFF83OQHZcc.crl rsync://rpki.ripe.net/repository/DEFAULT/75/7cf0b1-2298-4484-bd80-6cc9f6cbaac4/1/8hk4Oj4_EWqbzEdpyFF83OQHZcc.mft rsync://rpki.ripe.net/repository/DEFAULT/8hk4Oj4_EWqbzEdpyFF83OQHZcc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:85:3b:89:4f:88:82:5d:1e:ab:2b:16:a6:f9:3a:dc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f219383a3e3f116a9bcc4769c8517cdce40765c7 Validity Not Before: Jan 2 16:23:16 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=ba08f6d5a0fcf2cd51469f70cedad8b120308941 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:58:db:7d:bc:a4:c4:8e:6d:4f:14:68:c1:00: ba:f3:bd:73:85:54:47:9d:34:c8:54:98:b0:66:c5: ae:98:81:56:84:51:b0:46:9a:62:3e:12:c4:7f:86: 34:de:c8:32:cb:a8:81:d4:16:d5:62:3a:cd:d9:1c: f0:d9:66:74:f4:b1:0e:63:ac:19:13:d8:a2:1d:89: 5e:fb:bf:92:29:6e:6f:fd:33:4a:9d:a1:ff:aa:be: 07:f0:af:ff:1a:35:a3:46:77:f4:75:6e:0d:0d:da: 69:5a:d5:f3:21:29:53:6c:83:00:05:c8:bf:3d:3f: 7d:f5:87:c9:29:c8:eb:63:ca:ff:9c:11:f6:29:3c: 32:91:cc:b4:a1:cc:f2:2d:42:6b:53:6d:d9:9a:71: 87:88:d6:aa:db:9b:93:a5:d4:a1:54:ac:dc:6b:b1: 48:aa:2e:f2:bc:6a:5a:70:1c:3a:28:e2:4d:ec:6b: 6f:57:f4:48:cc:16:9b:a1:a5:bd:3e:f4:5e:58:93: 15:c1:b9:55:67:01:eb:2f:66:f0:ce:88:0d:6c:93: 86:17:d0:2d:19:5f:43:d6:21:a0:34:f8:5a:11:0c: 24:a5:fe:aa:73:ed:ca:a8:0d:12:be:b3:34:00:78: 4c:7c:df:9d:b5:71:b4:56:cd:03:06:88:91:ff:04: 6d:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BA:08:F6:D5:A0:FC:F2:CD:51:46:9F:70:CE:DA:D8:B1:20:30:89:41 X509v3 Authority Key Identifier: keyid:F2:19:38:3A:3E:3F:11:6A:9B:CC:47:69:C8:51:7C:DC:E4:07:65:C7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8hk4Oj4_EWqbzEdpyFF83OQHZcc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/7cf0b1-2298-4484-bd80-6cc9f6cbaac4/1/ugj21aD88s1RRp9wztrYsSAwiUE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/75/7cf0b1-2298-4484-bd80-6cc9f6cbaac4/1/8hk4Oj4_EWqbzEdpyFF83OQHZcc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 84.38.129.0/24 84.38.133.0/24 185.29.11.0/24 IPv6: 2a02:4840:101::/48 Signature Algorithm: sha256WithRSAEncryption 21:44:10:39:f3:79:d6:05:c3:aa:36:51:37:a0:09:98:51:0a: 9a:ac:4e:f6:b5:e2:de:d4:5b:70:4a:f1:b8:9f:7e:75:99:d4: 22:79:b6:aa:fb:c9:2e:15:18:07:1f:05:d4:17:63:26:8a:16: 10:b6:12:eb:58:9c:90:bc:94:e8:1a:70:0b:77:c2:2a:42:b4: 07:f1:76:b2:32:69:f4:7b:e2:f0:52:7e:62:ef:56:14:da:6c: 13:a0:89:20:92:96:8c:6a:92:0a:93:c8:cb:75:f8:13:e5:18: c6:b3:c8:e6:99:d8:c2:be:7c:57:76:fb:12:bd:c0:76:94:2e: 34:13:a8:43:64:ad:f5:42:a5:de:19:78:7e:38:39:58:df:f9: 10:36:e7:ff:4c:0f:52:ef:aa:ec:cc:07:82:f8:33:b2:64:4f: 0a:b8:7c:d0:6c:10:28:a6:90:cf:bc:ed:4b:00:0a:21:56:9d: 31:e6:be:75:b1:14:96:58:6a:5e:fb:76:c8:d9:f3:87:76:9d: b1:70:ab:e7:a6:a6:5c:b0:f8:4c:d8:c6:a3:01:5e:e9:25:6a: 57:61:16:10:1f:68:d0:eb:30:8c:8b:24:1b:32:3f:e5:0d:3c: bc:3d:70:c4:e7:18:40:11:09:5c:fc:f5:9c:0d:f4:d5:6d:51: e0:68:8f:01 -----BEGIN CERTIFICATE----- MIIFGjCCBAKgAwIBAgISAZt/hTuJT4iCXR6rKxam+TrcMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGYyMTkzODNhM2UzZjExNmE5YmNjNDc2OWM4NTE3Y2RjZTQw NzY1YzcwHhcNMjYwMTAyMTYyMzE2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiYTA4ZjZkNWEwZmNmMmNkNTE0NjlmNzBjZWRhZDhiMTIwMzA4OTQxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsVjbfbykxI5tTxRowQC6871zhVRH nTTIVJiwZsWumIFWhFGwRppiPhLEf4Y03sgyy6iB1BbVYjrN2Rzw2WZ09LEOY6wZ E9iiHYle+7+SKW5v/TNKnaH/qr4H8K//GjWjRnf0dW4NDdppWtXzISlTbIMABci/ PT999YfJKcjrY8r/nBH2KTwykcy0oczyLUJrU23ZmnGHiNaq25uTpdShVKzca7FI qi7yvGpacBw6KOJN7GtvV/RIzBaboaW9PvReWJMVwblVZwHrL2bwzogNbJOGF9At GV9D1iGgNPhaEQwkpf6qc+3KqA0SvrM0AHhMfN+dtXG0Vs0DBoiR/wRtaQIDAQAB o4ICJjCCAiIwHQYDVR0OBBYEFLoI9tWg/PLNUUafcM7a2LEgMIlBMB8GA1UdIwQY MBaAFPIZODo+PxFqm8xHachRfNzkB2XHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvOGhrNE9qNF9FV3FiekVkcHlGRjgzT1FIWmNjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS83Y2YwYjEtMjI5OC00NDg0LWJkODAt NmNjOWY2Y2JhYWM0LzEvdWdqMjFhRDg4czFSUnA5d3p0cllzU0F3aVVFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83NS83Y2YwYjEtMjI5OC00NDg0LWJkODAtNmNjOWY2Y2JhYWM0 LzEvOGhrNE9qNF9FV3FiekVkcHlGRjgzT1FIWmNjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQAVCaBAwQA VCaFAwQAuR0LMA8EAgACMAkDBwAqAkhAAQEwDQYJKoZIhvcNAQELBQADggEBACFE EDnzedYFw6o2UTegCZhRCpqsTva14t7UW3BK8biffnWZ1CJ5tqr7yS4VGAcfBdQX YyaKFhC2EutYnJC8lOgacAt3wipCtAfxdrIyafR74vBSfmLvVhTabBOgiSCSloxq kgqTyMt1+BPlGMazyOaZ2MK+fFd2+xK9wHaULjQTqENkrfVCpd4ZeH44OVjf+RA2 5/9MD1LvquzMB4L4M7JkTwq4fNBsECimkM+87UsACiFWnTHmvnWxFJZYal77dsjZ 84d2nbFwq+emplyw+EzYxqMBXuklaldhFhAfaNDrMIyLJBsyP+UNPLw9cMTnGEAR CVz89ZwN9NVtUeBojwE= -----END CERTIFICATE-----Generated at Mon Jan 26 07:09:31 2026 by rpki-client