This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/9c6dad-377a-444e-b0dc-063ce6cf460d/1/1TMkY76y_V6mPJpsV1naKX6HlYE.roa File: 1TMkY76y_V6mPJpsV1naKX6HlYE.roa (raw, json) Hash identifier: 7g6t4h4bRD3CQ+x9cEpMvRx7n8nsWpYU3/XxpEQtDK8= Subject key identifier: D5:33:24:63:BE:B2:FD:5E:A6:3C:9A:6C:57:59:DA:29:7E:87:95:81 Certificate issuer: /CN=50c1e426f58e42ae30e56cdb7ff4d8f9ddd85b30 Certificate serial: 019B7EA457BA833DBBA58F5E3D2EBEF7573B Authority key identifier: 50:C1:E4:26:F5:8E:42:AE:30:E5:6C:DB:7F:F4:D8:F9:DD:D8:5B:30 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UMHkJvWOQq4w5Wzbf_TY-d3YWzA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/9c6dad-377a-444e-b0dc-063ce6cf460d/1/1TMkY76y_V6mPJpsV1naKX6HlYE.roa Signing time: Fri 02 Jan 2026 12:17:38 +0000 ROA not before: Fri 02 Jan 2026 12:17:38 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 8391 IP address blocks: 195.138.32.0/22 maxlen: 22 195.138.38.0/24 maxlen: 24 195.138.54.0/24 maxlen: 24 195.138.58.0/24 maxlen: 24 195.138.61.0/24 maxlen: 24 195.138.62.0/24 maxlen: 24 195.253.0.0/17 maxlen: 24 195.253.6.0/24 maxlen: 24 195.253.96.0/19 maxlen: 24 195.253.128.0/18 maxlen: 24 195.253.224.0/20 maxlen: 20 2a01:5b0::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/9c6dad-377a-444e-b0dc-063ce6cf460d/1/UMHkJvWOQq4w5Wzbf_TY-d3YWzA.crl rsync://rpki.ripe.net/repository/DEFAULT/7b/9c6dad-377a-444e-b0dc-063ce6cf460d/1/UMHkJvWOQq4w5Wzbf_TY-d3YWzA.mft rsync://rpki.ripe.net/repository/DEFAULT/UMHkJvWOQq4w5Wzbf_TY-d3YWzA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a4:57:ba:83:3d:bb:a5:8f:5e:3d:2e:be:f7:57:3b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=50c1e426f58e42ae30e56cdb7ff4d8f9ddd85b30 Validity Not Before: Jan 2 12:17:38 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d5332463beb2fd5ea63c9a6c5759da297e879581 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:10:51:bc:da:48:21:46:0a:8f:82:d7:52:0a: 84:83:13:e0:fe:40:b6:9d:a5:b6:34:5c:7a:ca:d4: fe:eb:7d:57:40:13:42:db:75:1a:59:cf:c2:07:e7: 71:db:3e:e2:7f:26:af:aa:09:c9:a1:e3:f2:95:7c: 00:d5:de:17:83:d1:c3:9f:49:1f:4c:f7:87:10:64: 13:c3:78:f8:3b:a0:1d:9d:29:47:54:29:c7:1c:21: 02:02:52:7c:49:92:aa:53:e7:77:7d:05:b1:ee:56: 2b:f3:d7:f5:11:3b:c2:1f:64:d3:6a:66:ba:ea:65: 57:46:74:86:0f:0b:63:b0:eb:78:8d:0e:f5:07:5e: 5d:14:46:24:73:89:19:5b:b7:40:51:d9:40:cf:c5: c3:27:f1:3e:2d:ad:76:b3:36:be:72:26:5a:c0:0b: 63:6a:51:62:26:14:e6:f4:6a:cc:b6:46:46:bc:39: 67:85:66:02:03:5a:35:65:f8:c5:85:ba:11:16:6f: bd:0f:a1:cc:d5:10:6d:72:34:06:91:5c:86:4d:16: 40:f4:bf:90:5c:ec:12:ad:6c:c2:b6:57:ab:ac:5a: dd:2b:ce:c1:76:b6:82:42:fc:5f:96:43:74:57:32: eb:05:a6:de:1a:6d:57:35:9e:99:26:4d:5e:7c:dd: 9d:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D5:33:24:63:BE:B2:FD:5E:A6:3C:9A:6C:57:59:DA:29:7E:87:95:81 X509v3 Authority Key Identifier: keyid:50:C1:E4:26:F5:8E:42:AE:30:E5:6C:DB:7F:F4:D8:F9:DD:D8:5B:30 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UMHkJvWOQq4w5Wzbf_TY-d3YWzA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/9c6dad-377a-444e-b0dc-063ce6cf460d/1/1TMkY76y_V6mPJpsV1naKX6HlYE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/9c6dad-377a-444e-b0dc-063ce6cf460d/1/UMHkJvWOQq4w5Wzbf_TY-d3YWzA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 195.138.32.0/22 195.138.38.0/24 195.138.54.0/24 195.138.58.0/24 195.138.61.0-195.138.62.255 195.253.0.0-195.253.191.255 195.253.224.0/20 IPv6: 2a01:5b0::/32 Signature Algorithm: sha256WithRSAEncryption 31:02:9f:26:8f:98:a6:f6:d1:a0:1f:d8:8a:df:aa:49:fe:bf: 16:15:9d:8b:c9:df:67:dc:29:fa:f8:4d:db:9a:90:72:34:10: 50:fd:63:e1:87:b7:11:23:22:c9:33:c0:6e:aa:bb:19:d3:bd: e1:0c:80:4a:49:76:96:0b:64:79:e0:97:ea:bb:95:38:fd:23: 84:6b:f9:95:99:45:44:45:47:4c:21:b4:62:76:ca:b2:cc:b2: 47:d0:72:9d:1a:a7:fe:68:97:6a:89:c0:bc:78:c4:12:90:f7: 08:e6:27:fd:68:ea:e7:71:fe:7d:8e:d5:02:73:e2:65:1b:96: fa:4e:55:b5:51:17:87:4f:84:39:f8:ca:3c:96:67:8b:1b:8f: ca:4b:c4:cf:59:ac:39:73:72:07:ff:58:16:ff:6f:ca:77:c1: f6:d0:41:2b:57:da:91:90:55:8a:58:1b:dc:0c:cb:7f:6e:f2: 25:7d:62:2e:f8:51:bb:bc:a1:31:f1:c2:54:09:57:3d:05:ce: a9:3f:5b:54:f9:2b:9b:ea:fd:16:51:e0:de:71:28:eb:e8:10: 8d:50:db:77:fc:2a:b9:2a:c1:b5:e3:24:1c:1d:63:d5:89:07: 87:64:3e:18:a3:14:ff:4d:bd:02:95:f9:78:c7:28:92:e7:a4: 2f:79:dd:e8 -----BEGIN CERTIFICATE----- MIIFPzCCBCegAwIBAgISAZt+pFe6gz27pY9ePS6+91c7MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDUwYzFlNDI2ZjU4ZTQyYWUzMGU1NmNkYjdmZjRkOGY5ZGRk ODViMzAwHhcNMjYwMTAyMTIxNzM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkNTMzMjQ2M2JlYjJmZDVlYTYzYzlhNmM1NzU5ZGEyOTdlODc5NTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxRBRvNpIIUYKj4LXUgqEgxPg/kC2 naW2NFx6ytT+631XQBNC23UaWc/CB+dx2z7ifyavqgnJoePylXwA1d4Xg9HDn0kf TPeHEGQTw3j4O6AdnSlHVCnHHCECAlJ8SZKqU+d3fQWx7lYr89f1ETvCH2TTama6 6mVXRnSGDwtjsOt4jQ71B15dFEYkc4kZW7dAUdlAz8XDJ/E+La12sza+ciZawAtj alFiJhTm9GrMtkZGvDlnhWYCA1o1ZfjFhboRFm+9D6HM1RBtcjQGkVyGTRZA9L+Q XOwSrWzCtlerrFrdK87BdraCQvxflkN0VzLrBabeGm1XNZ6ZJk1efN2d2QIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFNUzJGO+sv1epjyabFdZ2il+h5WBMB8GA1UdIwQY MBaAFFDB5Cb1jkKuMOVs23/02Pnd2FswMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVU1Ia0p2V09RcTR3NVd6YmZfVFktZDNZV3pBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi85YzZkYWQtMzc3YS00NDRlLWIwZGMt MDYzY2U2Y2Y0NjBkLzEvMVRNa1k3NnlfVjZtUEpwc1YxbmFLWDZIbFlFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83Yi85YzZkYWQtMzc3YS00NDRlLWIwZGMtMDYzY2U2Y2Y0NjBk LzEvVU1Ia0p2V09RcTR3NVd6YmZfVFktZDNZV3pBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDA/BAIAATA5AwQCw4ogAwQA w4omAwQAw4o2AwQAw4o6MAwDBADDij0DBADDij4wCwMDAMP9AwQGw/2AAwQEw/3g MA0EAgACMAcDBQAqAQWwMA0GCSqGSIb3DQEBCwUAA4IBAQAxAp8mj5im9tGgH9iK 36pJ/r8WFZ2Lyd9n3Cn6+E3bmpByNBBQ/WPhh7cRIyLJM8BuqrsZ073hDIBKSXaW C2R54Jfqu5U4/SOEa/mVmUVERUdMIbRidsqyzLJH0HKdGqf+aJdqicC8eMQSkPcI 5if9aOrncf59jtUCc+JlG5b6TlW1UReHT4Q5+Mo8lmeLG4/KS8TPWaw5c3IH/1gW /2/Kd8H20EErV9qRkFWKWBvcDMt/bvIlfWIu+FG7vKEx8cJUCVc9Bc6pP1tU+Sub 6v0WUeDecSjr6BCNUNt3/Cq5KsG14yQcHWPViQeHZD4YoxT/Tb0Clfl4xyiS56Qv ed3o -----END CERTIFICATE-----Generated at Sun Jan 25 15:14:09 2026 by rpki-client