This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/250127-85d7-46b4-8865-bf0da5e8ce7f/1/uhDIc0uEZUElVgS-_EocXKCrnM4.roa File: uhDIc0uEZUElVgS-_EocXKCrnM4.roa (raw, json) Hash identifier: Q1EY9r/YhBigZO4RXwGxgcBbj+7/3SMubwYfDCdrIGM= Subject key identifier: BA:10:C8:73:4B:84:65:41:25:56:04:BE:FC:4A:1C:5C:A0:AB:9C:CE Certificate issuer: /CN=4de70403c9d2d7962cf113d93c462f9493d87362 Certificate serial: 019B7EA721C54A6E3A250F63F32F772EF28F Authority key identifier: 4D:E7:04:03:C9:D2:D7:96:2C:F1:13:D9:3C:46:2F:94:93:D8:73:62 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TecEA8nS15Ys8RPZPEYvlJPYc2I.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/250127-85d7-46b4-8865-bf0da5e8ce7f/1/uhDIc0uEZUElVgS-_EocXKCrnM4.roa Signing time: Fri 02 Jan 2026 12:20:40 +0000 ROA not before: Fri 02 Jan 2026 12:20:40 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 25540 IP address blocks: 185.31.0.0/23 maxlen: 23 185.31.2.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/250127-85d7-46b4-8865-bf0da5e8ce7f/1/TecEA8nS15Ys8RPZPEYvlJPYc2I.crl rsync://rpki.ripe.net/repository/DEFAULT/ca/250127-85d7-46b4-8865-bf0da5e8ce7f/1/TecEA8nS15Ys8RPZPEYvlJPYc2I.mft rsync://rpki.ripe.net/repository/DEFAULT/TecEA8nS15Ys8RPZPEYvlJPYc2I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 18:01:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a7:21:c5:4a:6e:3a:25:0f:63:f3:2f:77:2e:f2:8f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4de70403c9d2d7962cf113d93c462f9493d87362 Validity Not Before: Jan 2 12:20:40 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=ba10c8734b846541255604befc4a1c5ca0ab9cce Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8d:84:40:4a:e5:16:dd:af:7a:da:05:f5:b9:cb: 84:f9:2c:3b:7a:91:34:47:49:29:cd:46:60:21:0d: 26:be:37:ae:70:eb:5f:94:c7:a7:c4:f9:a4:6c:13: f6:3f:ad:1f:b9:a1:c0:7d:f5:ef:20:a6:d2:d8:0f: 56:0a:bc:5e:60:59:01:c7:7f:ea:5a:87:83:d5:c2: 78:e3:2f:97:21:d9:93:4e:66:da:a0:7a:a5:aa:40: 9f:3e:ea:a7:51:5f:d0:8b:2d:e1:9d:4f:e0:62:e2: f1:58:69:21:bb:62:ff:04:1e:54:46:f1:dc:88:73: 48:0e:f9:07:65:23:34:07:34:d5:59:7e:8a:cf:44: e1:2a:61:a2:42:ac:6b:5f:82:32:3a:7b:c0:09:3e: ca:77:6e:b4:32:a4:c7:dd:c5:8d:b9:23:69:ed:df: 5e:17:ff:82:7b:02:77:dd:d7:59:ad:27:da:19:23: 97:40:d9:57:e0:f5:d3:3d:1a:0c:e0:bc:ad:bd:c4: f7:ba:5b:26:a9:8b:84:b8:ea:53:f4:9d:38:2d:b7: a7:b8:5b:63:c9:f2:32:03:5a:c7:cd:a9:40:b3:f6: 9f:00:4b:ae:8f:c4:83:b4:96:46:80:ba:0c:a4:02: f5:0f:de:83:78:21:f2:92:a2:63:98:7d:ff:24:95: f8:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BA:10:C8:73:4B:84:65:41:25:56:04:BE:FC:4A:1C:5C:A0:AB:9C:CE X509v3 Authority Key Identifier: keyid:4D:E7:04:03:C9:D2:D7:96:2C:F1:13:D9:3C:46:2F:94:93:D8:73:62 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TecEA8nS15Ys8RPZPEYvlJPYc2I.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/250127-85d7-46b4-8865-bf0da5e8ce7f/1/uhDIc0uEZUElVgS-_EocXKCrnM4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/250127-85d7-46b4-8865-bf0da5e8ce7f/1/TecEA8nS15Ys8RPZPEYvlJPYc2I.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.31.0.0-185.31.2.255 Signature Algorithm: sha256WithRSAEncryption 64:f8:78:30:b2:3f:0d:48:f0:cc:d8:ea:50:35:c9:46:0e:cd: f9:89:6e:72:71:7c:4f:be:0a:10:63:7f:a5:3b:5d:fe:61:a0: a7:ef:c4:81:54:58:7f:24:d7:73:8e:88:db:7a:9a:17:2f:e3: 29:9e:cd:19:85:98:3f:4d:e5:d2:e8:7b:5c:cb:07:8c:a4:1d: e9:50:31:f3:46:65:a1:38:75:8d:cf:f6:d6:34:65:48:ce:65: f5:67:cd:ec:32:4a:c4:d8:cb:2a:5e:21:85:86:83:38:02:a8: d3:d5:ee:2f:7f:c1:b5:7e:95:d8:55:fa:42:56:14:ba:94:51: c0:4c:6b:35:d4:f1:e4:4e:a8:cb:52:f5:74:d7:78:5e:79:cf: 77:a0:10:18:01:93:e7:eb:a9:c9:ea:da:d2:3b:2e:64:04:94: 5d:7a:36:2b:dc:84:1c:cd:21:aa:34:41:a5:2f:f1:dd:76:45: 82:b1:ce:ac:d8:a8:c5:28:5b:e5:63:d7:75:4d:b8:1a:33:ed: 35:f4:b3:89:a5:d8:79:de:90:5b:6a:e5:ef:a0:15:1b:c5:fc: 7c:5d:7d:d4:d8:d4:4d:81:eb:a8:19:83:d4:b8:5d:5d:91:34: 40:18:9d:2b:fb:a5:9d:30:1f:fc:d5:f2:85:cd:bf:f2:99:bc: 21:3a:27:ec -----BEGIN CERTIFICATE----- MIIFBDCCA+ygAwIBAgISAZt+pyHFSm46JQ9j8y93LvKPMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRkZTcwNDAzYzlkMmQ3OTYyY2YxMTNkOTNjNDYyZjk0OTNk ODczNjIwHhcNMjYwMTAyMTIyMDQwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiYTEwYzg3MzRiODQ2NTQxMjU1NjA0YmVmYzRhMWM1Y2EwYWI5Y2NlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjYRASuUW3a962gX1ucuE+Sw7epE0 R0kpzUZgIQ0mvjeucOtflMenxPmkbBP2P60fuaHAffXvIKbS2A9WCrxeYFkBx3/q WoeD1cJ44y+XIdmTTmbaoHqlqkCfPuqnUV/Qiy3hnU/gYuLxWGkhu2L/BB5URvHc iHNIDvkHZSM0BzTVWX6Kz0ThKmGiQqxrX4IyOnvACT7Kd260MqTH3cWNuSNp7d9e F/+CewJ33ddZrSfaGSOXQNlX4PXTPRoM4LytvcT3ulsmqYuEuOpT9J04LbenuFtj yfIyA1rHzalAs/afAEuuj8SDtJZGgLoMpAL1D96DeCHykqJjmH3/JJX47QIDAQAB o4ICEDCCAgwwHQYDVR0OBBYEFLoQyHNLhGVBJVYEvvxKHFygq5zOMB8GA1UdIwQY MBaAFE3nBAPJ0teWLPET2TxGL5ST2HNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVGVjRUE4blMxNVlzOFJQWlBFWXZsSlBZYzJJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8yNTAxMjctODVkNy00NmI0LTg4NjUt YmYwZGE1ZThjZTdmLzEvdWhESWMwdUVaVUVsVmdTLV9Fb2NYS0Nybk00LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jYS8yNTAxMjctODVkNy00NmI0LTg4NjUtYmYwZGE1ZThjZTdm LzEvVGVjRUE4blMxNVlzOFJQWlBFWXZsSlBZYzJJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCYGCCsGAQUFBwEHAQH/BBcwFTATBAIAATANMAsDAwC5HwME ALkfAjANBgkqhkiG9w0BAQsFAAOCAQEAZPh4MLI/DUjwzNjqUDXJRg7N+YlucnF8 T74KEGN/pTtd/mGgp+/EgVRYfyTXc46I23qaFy/jKZ7NGYWYP03l0uh7XMsHjKQd 6VAx80ZloTh1jc/21jRlSM5l9WfN7DJKxNjLKl4hhYaDOAKo09XuL3/BtX6V2FX6 QlYUupRRwExrNdTx5E6oy1L1dNd4XnnPd6AQGAGT5+upyera0jsuZASUXXo2K9yE HM0hqjRBpS/x3XZFgrHOrNioxShb5WPXdU24GjPtNfSziaXYed6QW2rl76AVG8X8 fF191NjUTYHrqBmD1LhdXZE0QBidK/ulnTAf/NXyhc2/8pm8ITon7A== -----END CERTIFICATE-----Generated at Mon Jan 26 04:50:31 2026 by rpki-client