This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/016efc-9255-4cab-bf9a-8edc52dc60cf/1/UIXAZ8txjJ28tjI6SmjoL7WxOag.roa File: UIXAZ8txjJ28tjI6SmjoL7WxOag.roa (raw, json) Hash identifier: lLU1RMXC6Ac97Z2Do9ddKzJUd44r/EFTzj2qCxh0kr8= Subject key identifier: 50:85:C0:67:CB:71:8C:9D:BC:B6:32:3A:4A:68:E8:2F:B5:B1:39:A8 Certificate issuer: /CN=08e754c3a3db2ed14aa6c06a99d797291702001c Certificate serial: 019B7F853EC9F06350831636A6032E7047B0 Authority key identifier: 08:E7:54:C3:A3:DB:2E:D1:4A:A6:C0:6A:99:D7:97:29:17:02:00:1C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/COdUw6PbLtFKpsBqmdeXKRcCABw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/016efc-9255-4cab-bf9a-8edc52dc60cf/1/UIXAZ8txjJ28tjI6SmjoL7WxOag.roa Signing time: Fri 02 Jan 2026 16:23:17 +0000 ROA not before: Fri 02 Jan 2026 16:23:17 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 49433 IP address blocks: 2a14:1dc0::/48 maxlen: 48 2a14:1dc0:1::/48 maxlen: 48 2a14:1dc0:2::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/016efc-9255-4cab-bf9a-8edc52dc60cf/1/COdUw6PbLtFKpsBqmdeXKRcCABw.crl rsync://rpki.ripe.net/repository/DEFAULT/7a/016efc-9255-4cab-bf9a-8edc52dc60cf/1/COdUw6PbLtFKpsBqmdeXKRcCABw.mft rsync://rpki.ripe.net/repository/DEFAULT/COdUw6PbLtFKpsBqmdeXKRcCABw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:85:3e:c9:f0:63:50:83:16:36:a6:03:2e:70:47:b0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=08e754c3a3db2ed14aa6c06a99d797291702001c Validity Not Before: Jan 2 16:23:17 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5085c067cb718c9dbcb6323a4a68e82fb5b139a8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:ff:ac:de:13:a9:48:2c:29:10:9a:ed:0a:63: 2a:89:59:18:01:ea:73:ed:a9:a0:c3:8e:2d:ab:a5: 96:22:9b:14:af:d8:3e:70:bc:72:47:6d:c8:9b:40: 2e:b1:2c:2a:d0:9e:0e:36:08:73:3e:d8:35:fd:34: e6:d1:6d:0e:95:4a:81:0a:98:0a:16:04:fd:3d:d1: 8b:c6:c1:39:92:89:65:b7:83:64:44:5c:82:ad:ba: 90:2c:a0:ec:12:b9:d4:18:6a:42:63:68:62:01:45: 40:60:34:02:f0:5a:e0:9e:01:9b:03:13:25:2e:d6: 9f:0f:38:74:44:8a:04:4c:5c:2c:59:d7:db:50:76: f9:1c:af:a0:ea:9d:43:e8:f5:8a:51:56:60:92:c3: c6:1c:3d:70:8b:7e:a7:49:48:76:24:e9:f0:c2:2c: 87:23:8c:96:89:b2:12:2a:e0:c2:2b:fa:09:e8:d1: 45:02:35:aa:44:13:62:df:28:b5:a7:32:de:4b:21: 49:f5:fe:0b:bc:65:25:a8:33:cf:c4:fc:88:f0:6f: c5:0c:3e:f9:14:0f:29:d1:be:1c:38:fc:0a:45:59: 0d:74:67:e7:02:ac:a1:4f:12:c9:7d:25:05:64:b3: 2e:6d:aa:1d:65:90:07:4c:f2:9a:af:24:fc:db:cc: 7c:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 50:85:C0:67:CB:71:8C:9D:BC:B6:32:3A:4A:68:E8:2F:B5:B1:39:A8 X509v3 Authority Key Identifier: keyid:08:E7:54:C3:A3:DB:2E:D1:4A:A6:C0:6A:99:D7:97:29:17:02:00:1C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/COdUw6PbLtFKpsBqmdeXKRcCABw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/016efc-9255-4cab-bf9a-8edc52dc60cf/1/UIXAZ8txjJ28tjI6SmjoL7WxOag.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/016efc-9255-4cab-bf9a-8edc52dc60cf/1/COdUw6PbLtFKpsBqmdeXKRcCABw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:1dc0::-2a14:1dc0:2:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 84:35:e7:f1:bf:ca:fd:36:d3:7e:b8:bb:e2:1d:c3:03:b6:55: 69:ef:e4:db:93:e5:84:46:e0:ab:11:f9:e8:96:b0:d9:a5:1c: af:37:87:e8:c1:58:04:3c:48:db:d8:2d:f1:86:52:a4:fe:50: 10:73:d1:64:3c:e4:ce:6d:1c:2f:bc:ed:1e:fe:f6:93:76:3b: fe:e5:a4:a8:8e:91:96:00:dc:17:3d:d7:57:0b:74:d4:6d:67: 73:54:9c:bc:2a:bb:83:2d:24:82:d1:2c:03:41:6a:b0:08:47: 56:8e:f6:90:7d:ee:26:81:51:9f:a4:c8:01:88:a1:20:60:5d: 3f:c8:b4:ed:7d:ca:9b:16:c4:5e:c4:11:5b:ea:31:ee:d6:bf: 91:ca:4d:cf:e2:26:f7:c8:7f:6e:3f:0d:e5:1f:31:a3:87:22: f8:56:29:a7:df:76:21:c7:be:03:7b:a9:f6:5f:af:f7:03:6b: 2c:17:ae:f4:07:b4:79:8b:24:9f:ed:25:40:03:09:2e:b0:fe: 50:3a:33:13:91:c9:28:44:18:bd:0a:1a:a5:0c:08:b9:db:1c: 17:48:1f:c2:95:7f:52:25:be:8c:43:a1:72:3e:99:f8:db:45: b7:e0:38:81:82:d2:f9:52:12:75:6b:7e:7d:5d:67:3b:46:cb: 7a:e7:3a:7b -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt/hT7J8GNQgxY2pgMucEewMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA4ZTc1NGMzYTNkYjJlZDE0YWE2YzA2YTk5ZDc5NzI5MTcw MjAwMWMwHhcNMjYwMTAyMTYyMzE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1MDg1YzA2N2NiNzE4YzlkYmNiNjMyM2E0YTY4ZTgyZmI1YjEzOWE4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4v+s3hOpSCwpEJrtCmMqiVkYAepz 7amgw44tq6WWIpsUr9g+cLxyR23Im0AusSwq0J4ONghzPtg1/TTm0W0OlUqBCpgK FgT9PdGLxsE5kollt4NkRFyCrbqQLKDsErnUGGpCY2hiAUVAYDQC8FrgngGbAxMl LtafDzh0RIoETFwsWdfbUHb5HK+g6p1D6PWKUVZgksPGHD1wi36nSUh2JOnwwiyH I4yWibISKuDCK/oJ6NFFAjWqRBNi3yi1pzLeSyFJ9f4LvGUlqDPPxPyI8G/FDD75 FA8p0b4cOPwKRVkNdGfnAqyhTxLJfSUFZLMubaodZZAHTPKaryT828x8AwIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFFCFwGfLcYydvLYyOkpo6C+1sTmoMB8GA1UdIwQY MBaAFAjnVMOj2y7RSqbAapnXlykXAgAcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQ09kVXc2UGJMdEZLcHNCcW1kZVhLUmNDQUJ3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS8wMTZlZmMtOTI1NS00Y2FiLWJmOWEt OGVkYzUyZGM2MGNmLzEvVUlYQVo4dHhqSjI4dGpJNlNtam9MN1d4T2FnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83YS8wMTZlZmMtOTI1NS00Y2FiLWJmOWEtOGVkYzUyZGM2MGNm LzEvQ09kVXc2UGJMdEZLcHNCcW1kZVhLUmNDQUJ3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASMBADBQYqFB3A AwcAKhQdwAACMA0GCSqGSIb3DQEBCwUAA4IBAQCENefxv8r9NtN+uLviHcMDtlVp 7+Tbk+WERuCrEfnolrDZpRyvN4fowVgEPEjb2C3xhlKk/lAQc9FkPOTObRwvvO0e /vaTdjv+5aSojpGWANwXPddXC3TUbWdzVJy8KruDLSSC0SwDQWqwCEdWjvaQfe4m gVGfpMgBiKEgYF0/yLTtfcqbFsRexBFb6jHu1r+Ryk3P4ib3yH9uPw3lHzGjhyL4 Vimn33Yhx74De6n2X6/3A2ssF670B7R5iySf7SVAAwkusP5QOjMTkckoRBi9Chql DAi52xwXSB/ClX9SJb6MQ6FyPpn420W34DiBgtL5UhJ1a359XWc7Rst65zp7 -----END CERTIFICATE-----Generated at Mon Jan 26 05:48:45 2026 by rpki-client