This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/219cae-264d-46a7-9e64-e604b61be0ea/1/UMUzqPaZVIHXXirp9-_OtB8U8ZU.roa File: UMUzqPaZVIHXXirp9-_OtB8U8ZU.roa (raw, json) Hash identifier: cbHmOZDkt9KB/VNrOStC9gT2Pe3X9bm47dYrL5UFqvE= Subject key identifier: 50:C5:33:A8:F6:99:54:81:D7:5E:2A:E9:F7:EF:CE:B4:1F:14:F1:95 Certificate issuer: /CN=172537601a31697404922d957e74450f5a9cbe73 Certificate serial: 019B791029D533254A3624C9F771778F1584 Authority key identifier: 17:25:37:60:1A:31:69:74:04:92:2D:95:7E:74:45:0F:5A:9C:BE:73 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FyU3YBoxaXQEki2VfnRFD1qcvnM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/219cae-264d-46a7-9e64-e604b61be0ea/1/UMUzqPaZVIHXXirp9-_OtB8U8ZU.roa Signing time: Thu 01 Jan 2026 10:17:40 +0000 ROA not before: Thu 01 Jan 2026 10:17:40 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 25534 IP address blocks: 185.146.16.0/22 maxlen: 24 185.146.16.0/23 maxlen: 24 217.15.176.0/20 maxlen: 24 217.15.176.0/22 maxlen: 24 217.15.180.0/22 maxlen: 24 217.15.184.0/22 maxlen: 24 217.15.188.0/22 maxlen: 24 2a00:1a08::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/77/219cae-264d-46a7-9e64-e604b61be0ea/1/FyU3YBoxaXQEki2VfnRFD1qcvnM.crl rsync://rpki.ripe.net/repository/DEFAULT/77/219cae-264d-46a7-9e64-e604b61be0ea/1/FyU3YBoxaXQEki2VfnRFD1qcvnM.mft rsync://rpki.ripe.net/repository/DEFAULT/FyU3YBoxaXQEki2VfnRFD1qcvnM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 05:00:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:10:29:d5:33:25:4a:36:24:c9:f7:71:77:8f:15:84 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=172537601a31697404922d957e74450f5a9cbe73 Validity Not Before: Jan 1 10:17:40 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=50c533a8f6995481d75e2ae9f7efceb41f14f195 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:f4:76:db:90:71:54:1f:a7:a9:09:7f:84:f2: 61:fa:6b:20:fe:74:bb:4a:6b:06:51:26:ab:7b:ac: fd:f6:e0:b6:26:5f:2f:3f:55:39:dc:88:a6:4a:d2: 01:15:61:52:f4:e0:ad:8d:62:46:be:15:32:f6:1b: 8f:2b:4b:06:7c:3a:b2:88:d3:51:96:cc:41:fe:6e: bc:55:92:f7:84:b8:33:34:e7:92:3b:4c:55:a3:8e: 5b:8b:1a:3d:fe:bd:68:ec:00:27:f9:fa:52:b6:db: d2:f8:96:79:e5:5d:6c:d0:28:b9:76:61:d4:14:84: fd:3a:01:ba:67:9f:ea:fa:d4:ff:68:1d:bc:2a:9a: f0:85:5d:6f:9e:24:91:42:e1:9e:d6:31:58:84:55: 70:50:f3:3b:2f:ca:aa:6c:fd:52:fb:10:c2:58:37: 8d:6a:91:70:cd:ca:2b:25:cb:ff:69:89:92:f1:d8: 69:22:47:57:79:71:2b:ff:44:86:95:8e:24:44:ad: 1d:59:9b:37:ef:62:44:3f:c1:85:59:5b:82:4c:0a: 2a:dd:0b:07:7b:ca:9f:36:86:8c:e0:c3:83:d2:f9: aa:4f:ac:33:3d:40:97:db:55:f0:93:ba:9f:56:21: 3a:b9:5b:08:48:16:98:9a:8e:ea:20:4a:96:9c:d0: 87:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 50:C5:33:A8:F6:99:54:81:D7:5E:2A:E9:F7:EF:CE:B4:1F:14:F1:95 X509v3 Authority Key Identifier: keyid:17:25:37:60:1A:31:69:74:04:92:2D:95:7E:74:45:0F:5A:9C:BE:73 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FyU3YBoxaXQEki2VfnRFD1qcvnM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/219cae-264d-46a7-9e64-e604b61be0ea/1/UMUzqPaZVIHXXirp9-_OtB8U8ZU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/77/219cae-264d-46a7-9e64-e604b61be0ea/1/FyU3YBoxaXQEki2VfnRFD1qcvnM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.146.16.0/22 217.15.176.0/20 IPv6: 2a00:1a08::/32 Signature Algorithm: sha256WithRSAEncryption 00:01:5b:11:17:26:d3:48:66:7b:22:b5:bf:95:7a:9d:3c:57: cb:40:df:1b:58:1c:ff:48:10:90:28:5c:5f:8a:a1:3d:6b:8f: 11:22:57:82:11:92:cc:73:c4:0a:cf:02:c4:91:70:42:98:75: 9b:91:26:b9:c6:23:d5:9f:ba:67:1e:00:7e:cb:b2:a6:e7:0c: ee:9e:ac:de:91:68:56:05:6d:00:83:dc:cb:fe:17:97:3b:86: 61:f1:81:05:c0:97:2c:91:dd:d3:e8:9f:64:c3:52:5f:62:00: d4:d5:3f:50:01:74:4d:8b:14:96:d2:9f:27:bc:d9:57:e4:e4: 1b:e1:5e:8c:51:6a:31:93:1b:11:09:d1:16:f4:20:51:18:a1: b9:98:51:19:ac:2d:67:f6:d8:58:36:80:0f:f2:9a:04:7c:41: 1d:d7:36:89:6d:3d:42:e4:75:73:f9:f6:8a:30:e4:3b:9f:0c: b7:10:0a:eb:db:f1:b1:f6:e3:66:2a:d2:ea:51:a4:80:55:07: 52:c5:11:ea:eb:13:42:e2:8e:de:22:0a:3e:6c:a4:83:74:14: 8d:7a:76:b5:79:5f:8b:a9:c2:10:d2:14:88:57:1c:11:43:60: fd:e5:ff:e1:6b:6e:97:72:6b:24:15:e9:bf:cc:8a:4f:2f:e7: a6:c8:43:68 -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt5ECnVMyVKNiTJ93F3jxWEMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDE3MjUzNzYwMWEzMTY5NzQwNDkyMmQ5NTdlNzQ0NTBmNWE5 Y2JlNzMwHhcNMjYwMTAxMTAxNzQwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1MGM1MzNhOGY2OTk1NDgxZDc1ZTJhZTlmN2VmY2ViNDFmMTRmMTk1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmfR225BxVB+nqQl/hPJh+msg/nS7 SmsGUSare6z99uC2Jl8vP1U53IimStIBFWFS9OCtjWJGvhUy9huPK0sGfDqyiNNR lsxB/m68VZL3hLgzNOeSO0xVo45bixo9/r1o7AAn+fpSttvS+JZ55V1s0Ci5dmHU FIT9OgG6Z5/q+tT/aB28KprwhV1vniSRQuGe1jFYhFVwUPM7L8qqbP1S+xDCWDeN apFwzcorJcv/aYmS8dhpIkdXeXEr/0SGlY4kRK0dWZs372JEP8GFWVuCTAoq3QsH e8qfNoaM4MOD0vmqT6wzPUCX21Xwk7qfViE6uVsISBaYmo7qIEqWnNCHlQIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFFDFM6j2mVSB114q6ffvzrQfFPGVMB8GA1UdIwQY MBaAFBclN2AaMWl0BJItlX50RQ9anL5zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRnlVM1lCb3hhWFFFa2kyVmZuUkZEMXFjdm5NLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny8yMTljYWUtMjY0ZC00NmE3LTllNjQt ZTYwNGI2MWJlMGVhLzEvVU1VenFQYVpWSUhYWGlycDktX090QjhVOFpVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83Ny8yMTljYWUtMjY0ZC00NmE3LTllNjQtZTYwNGI2MWJlMGVh LzEvRnlVM1lCb3hhWFFFa2kyVmZuUkZEMXFjdm5NLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuZIQAwQE 2Q+wMA0EAgACMAcDBQAqABoIMA0GCSqGSIb3DQEBCwUAA4IBAQAAAVsRFybTSGZ7 IrW/lXqdPFfLQN8bWBz/SBCQKFxfiqE9a48RIleCEZLMc8QKzwLEkXBCmHWbkSa5 xiPVn7pnHgB+y7Km5wzunqzekWhWBW0Ag9zL/heXO4Zh8YEFwJcskd3T6J9kw1Jf YgDU1T9QAXRNixSW0p8nvNlX5OQb4V6MUWoxkxsRCdEW9CBRGKG5mFEZrC1n9thY NoAP8poEfEEd1zaJbT1C5HVz+faKMOQ7nwy3EArr2/Gx9uNmKtLqUaSAVQdSxRHq 6xNC4o7eIgo+bKSDdBSNena1eV+LqcIQ0hSIVxwRQ2D95f/ha26XcmskFem/zIpP L+emyENo -----END CERTIFICATE-----Generated at Sun Jan 25 12:03:18 2026 by rpki-client