This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/e08318-2975-417a-b863-85ea63c24474/1/uOT6tJlrkH7uNore0SwrHv6B2q8.roa File: uOT6tJlrkH7uNore0SwrHv6B2q8.roa (raw, json) Hash identifier: sj7kmuH/7FdqL+TtQaRY1OsxURdzt9SlOSUYNlEq6iI= Subject key identifier: B8:E4:FA:B4:99:6B:90:7E:EE:36:8A:DE:D1:2C:2B:1E:FE:81:DA:AF Certificate issuer: /CN=87992088e7655cb134020ca95b0e57d4e6daf40f Certificate serial: 019B7B35DCA59C5E304950976A34908D5C7C Authority key identifier: 87:99:20:88:E7:65:5C:B1:34:02:0C:A9:5B:0E:57:D4:E6:DA:F4:0F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h5kgiOdlXLE0AgypWw5X1Oba9A8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/e08318-2975-417a-b863-85ea63c24474/1/uOT6tJlrkH7uNore0SwrHv6B2q8.roa Signing time: Thu 01 Jan 2026 20:18:05 +0000 ROA not before: Thu 01 Jan 2026 20:18:05 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 203201 IP address blocks: 185.146.128.0/22 maxlen: 22 2a07:50c0::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d2/e08318-2975-417a-b863-85ea63c24474/1/h5kgiOdlXLE0AgypWw5X1Oba9A8.crl rsync://rpki.ripe.net/repository/DEFAULT/d2/e08318-2975-417a-b863-85ea63c24474/1/h5kgiOdlXLE0AgypWw5X1Oba9A8.mft rsync://rpki.ripe.net/repository/DEFAULT/h5kgiOdlXLE0AgypWw5X1Oba9A8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 05:00:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:35:dc:a5:9c:5e:30:49:50:97:6a:34:90:8d:5c:7c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=87992088e7655cb134020ca95b0e57d4e6daf40f Validity Not Before: Jan 1 20:18:05 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=b8e4fab4996b907eee368aded12c2b1efe81daaf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:93:68:17:0f:df:3c:6f:26:0f:57:59:c7:90:ae: 5b:23:b5:af:b8:3c:1f:d4:1c:50:7d:04:18:d0:5f: cc:68:52:44:77:ec:49:a1:e5:78:35:7e:9a:6d:0c: a9:9d:72:e6:b9:aa:28:20:fc:90:b7:f1:54:0b:3e: c2:c9:41:16:a9:93:ff:dd:c3:1e:b3:92:86:e1:09: ce:35:fd:c3:9b:95:da:1a:e2:d2:d1:36:f3:c7:75: 5e:3a:ef:6e:ba:5e:d4:5d:89:25:90:32:e1:88:56: 21:53:d5:f4:75:69:30:01:a1:26:5b:16:83:fd:55: 02:88:71:84:2c:4e:57:fb:28:7b:0f:03:63:05:96: 24:db:2e:7b:c9:89:37:e8:13:9f:6c:3e:21:0b:9c: 96:30:1d:ee:27:6b:6e:47:99:4f:06:62:e1:4a:3c: 28:b6:0e:9f:13:45:4c:17:40:3a:36:9f:39:6e:cc: db:dc:0b:81:9d:78:96:51:2c:61:57:b0:f1:0c:cc: 34:f2:7a:0e:15:05:c5:df:3b:3a:7d:31:06:c0:32: d4:c8:65:92:b7:75:1d:d2:23:7e:1e:93:85:35:66: 1f:34:47:f1:85:2f:88:a6:47:62:7f:c9:08:08:e6: 39:61:9a:d5:0e:d6:1a:a7:9d:bb:c7:57:c3:72:01: d8:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B8:E4:FA:B4:99:6B:90:7E:EE:36:8A:DE:D1:2C:2B:1E:FE:81:DA:AF X509v3 Authority Key Identifier: keyid:87:99:20:88:E7:65:5C:B1:34:02:0C:A9:5B:0E:57:D4:E6:DA:F4:0F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h5kgiOdlXLE0AgypWw5X1Oba9A8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/e08318-2975-417a-b863-85ea63c24474/1/uOT6tJlrkH7uNore0SwrHv6B2q8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/e08318-2975-417a-b863-85ea63c24474/1/h5kgiOdlXLE0AgypWw5X1Oba9A8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.146.128.0/22 IPv6: 2a07:50c0::/29 Signature Algorithm: sha256WithRSAEncryption 43:ac:1f:00:a5:3d:56:7e:aa:55:ea:e2:b0:74:47:fb:c8:7f: c6:5a:37:d8:9a:ff:c8:08:66:c0:c1:4b:85:c3:6b:41:a1:a2: 8a:22:b3:51:3a:31:88:bb:4b:dd:61:7f:e7:ef:4b:44:09:09: 01:be:d2:80:53:e5:b3:de:96:8d:57:ca:75:55:04:e8:4d:f0: 48:6d:de:6c:3c:11:aa:f0:53:18:09:a5:ae:63:c5:f0:8d:af: 59:c0:41:3b:c1:68:27:f0:68:1b:d6:40:1e:64:a4:4e:8f:03: 41:61:73:53:ad:8e:7a:98:8d:40:57:8f:45:5a:f9:26:1d:04: cc:4a:f7:fc:51:ef:dc:41:13:b6:a2:8b:99:0c:2f:59:59:c1: 77:ea:66:30:e6:49:ab:9e:82:c3:9c:d1:52:09:71:a1:7f:bd: 40:10:84:e5:77:a5:41:2d:7e:e5:53:89:56:11:b6:32:3c:9f: db:10:79:a9:6e:1e:e7:d8:77:a1:23:5c:5b:da:f4:cd:39:b1: f9:08:83:c7:49:6a:99:26:f0:bd:8f:ca:63:64:d0:5c:82:44: d7:60:e8:7d:f6:f0:14:2e:f1:fb:9f:63:87:e2:8c:3b:30:18: 84:7b:8d:0c:0c:7d:d6:ad:de:e3:b5:81:43:8f:c1:8c:02:5c: 7a:0f:5e:ad -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt7NdylnF4wSVCXajSQjVx8MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg3OTkyMDg4ZTc2NTVjYjEzNDAyMGNhOTViMGU1N2Q0ZTZk YWY0MGYwHhcNMjYwMTAxMjAxODA1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiOGU0ZmFiNDk5NmI5MDdlZWUzNjhhZGVkMTJjMmIxZWZlODFkYWFmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk2gXD988byYPV1nHkK5bI7WvuDwf 1BxQfQQY0F/MaFJEd+xJoeV4NX6abQypnXLmuaooIPyQt/FUCz7CyUEWqZP/3cMe s5KG4QnONf3Dm5XaGuLS0Tbzx3VeOu9uul7UXYklkDLhiFYhU9X0dWkwAaEmWxaD /VUCiHGELE5X+yh7DwNjBZYk2y57yYk36BOfbD4hC5yWMB3uJ2tuR5lPBmLhSjwo tg6fE0VMF0A6Np85bszb3AuBnXiWUSxhV7DxDMw08noOFQXF3zs6fTEGwDLUyGWS t3Ud0iN+HpOFNWYfNEfxhS+Ipkdif8kICOY5YZrVDtYap527x1fDcgHY1wIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFLjk+rSZa5B+7jaK3tEsKx7+gdqvMB8GA1UdIwQY MBaAFIeZIIjnZVyxNAIMqVsOV9Tm2vQPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaDVrZ2lPZGxYTEUwQWd5cFd3NVgxT2JhOUE4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi9lMDgzMTgtMjk3NS00MTdhLWI4NjMt ODVlYTYzYzI0NDc0LzEvdU9UNnRKbHJrSDd1Tm9yZTBTd3JIdjZCMnE4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMi9lMDgzMTgtMjk3NS00MTdhLWI4NjMtODVlYTYzYzI0NDc0 LzEvaDVrZ2lPZGxYTEUwQWd5cFd3NVgxT2JhOUE4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZKAMA0E AgACMAcDBQMqB1DAMA0GCSqGSIb3DQEBCwUAA4IBAQBDrB8ApT1WfqpV6uKwdEf7 yH/GWjfYmv/ICGbAwUuFw2tBoaKKIrNROjGIu0vdYX/n70tECQkBvtKAU+Wz3paN V8p1VQToTfBIbd5sPBGq8FMYCaWuY8Xwja9ZwEE7wWgn8Ggb1kAeZKROjwNBYXNT rY56mI1AV49FWvkmHQTMSvf8Ue/cQRO2oouZDC9ZWcF36mYw5kmrnoLDnNFSCXGh f71AEITld6VBLX7lU4lWEbYyPJ/bEHmpbh7n2HehI1xb2vTNObH5CIPHSWqZJvC9 j8pjZNBcgkTXYOh99vAULvH7n2OH4ow7MBiEe40MDH3Wrd7jtYFDj8GMAlx6D16t -----END CERTIFICATE-----Generated at Mon Jan 26 14:55:14 2026 by rpki-client