This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/U-NZgOTQL6e54Vp5pYCcRGiaV6E.roa File: U-NZgOTQL6e54Vp5pYCcRGiaV6E.roa (raw, json) Hash identifier: s3JUiRJNPMenyiuJ8J9y99Jr3iPWkRb99SEPzR2emag= Subject key identifier: 53:E3:59:80:E4:D0:2F:A7:B9:E1:5A:79:A5:80:9C:44:68:9A:57:A1 Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b Certificate serial: 019B78343ABD59828C18231ABEDA2EC8D15E Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/U-NZgOTQL6e54Vp5pYCcRGiaV6E.roa Signing time: Thu 01 Jan 2026 06:17:27 +0000 ROA not before: Thu 01 Jan 2026 06:17:27 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 719 IP address blocks: 192.121.144.0/24 maxlen: 24 194.71.87.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.mft rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 05:00:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:34:3a:bd:59:82:8c:18:23:1a:be:da:2e:c8:d1:5e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b Validity Not Before: Jan 1 06:17:27 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=53e35980e4d02fa7b9e15a79a5809c44689a57a1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:bf:13:49:bd:77:9b:d8:a6:ac:cf:8d:fe:61: f8:5a:62:88:ee:aa:05:e1:57:ba:30:4e:d9:c0:d5: 33:65:cf:32:a8:33:7c:51:06:c6:12:0e:98:b6:b0: 43:21:61:7b:ba:8e:25:7c:21:b6:6d:41:ea:0d:7b: 65:29:32:38:a9:0d:14:55:d3:c7:aa:92:b9:2e:a1: 26:72:2b:8c:19:65:28:5e:0f:ba:1f:09:7c:1f:ce: b7:a1:4d:24:51:44:f3:52:49:fc:32:a4:6b:f2:3a: 4d:c9:e0:ef:5f:b5:e7:a8:27:87:db:9c:93:8f:53: 05:72:21:73:91:ce:d7:d8:98:5a:4a:4d:66:46:75: 5e:75:19:5c:a4:25:74:74:1f:fc:15:e9:ea:7b:a6: 5a:31:ab:6d:e6:14:da:e6:c4:91:94:6a:ec:d3:f1: 62:cc:b2:10:01:c9:cb:94:97:05:c0:55:c1:ba:85: 74:e2:15:df:72:55:8b:c4:27:77:f1:bd:a4:5c:c6: 63:c6:72:65:d3:48:9d:7c:78:d8:bb:7c:31:22:71: b6:7a:60:7a:ff:1c:f1:5d:60:43:40:f9:a6:6d:13: 90:2a:db:01:73:08:b9:7f:82:80:9c:0f:5f:0f:67: 66:d5:07:7b:44:3c:c2:ea:67:68:3f:c2:29:60:cc: 6b:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 53:E3:59:80:E4:D0:2F:A7:B9:E1:5A:79:A5:80:9C:44:68:9A:57:A1 X509v3 Authority Key Identifier: keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/U-NZgOTQL6e54Vp5pYCcRGiaV6E.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 192.121.144.0/24 194.71.87.0/24 Signature Algorithm: sha256WithRSAEncryption 96:fd:9f:dc:be:17:e1:5c:09:18:e0:ba:c9:94:34:a3:58:53: 6b:49:44:c7:80:42:76:ff:31:27:63:35:b2:62:91:c2:45:62: 91:fb:cb:3b:55:ce:b5:48:fc:e7:cd:74:79:20:da:e8:25:a7: d7:bb:37:f0:22:e1:66:81:c3:dd:3a:92:1c:9e:fa:fe:c9:0e: f4:4c:37:69:e4:2f:5d:5e:3f:3f:6c:1d:98:63:99:19:d6:e1: b9:ed:01:f4:8d:b1:92:06:05:f1:17:97:19:a2:76:d8:a7:c4: 1d:62:80:cc:f8:d7:4c:2b:55:7d:fe:eb:2e:7c:a8:66:b8:20: f7:c7:d6:12:5d:62:11:75:bb:17:c5:30:3e:a6:7d:dd:80:e4: 8c:95:1e:91:a1:34:1a:d3:53:a3:48:de:07:60:b1:e5:0a:8f: 40:58:ac:28:e2:3a:0c:f0:61:c2:91:cc:60:3b:43:17:ee:59: 1e:d5:bd:13:9f:da:a4:25:b7:47:dd:8c:03:7f:45:68:fc:0e: d0:83:0c:a4:31:51:6e:e0:5a:ed:8b:16:9e:2b:10:31:37:d5: 23:d2:e1:c2:e5:10:c7:88:83:87:b0:a4:e6:ae:12:8a:d6:6c: 62:7c:74:73:99:f0:37:9e:bd:c6:ab:b4:82:1d:09:2f:3e:67: ce:c6:8e:f1 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt4NDq9WYKMGCMavtouyNFeMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh ZGFmMWIwHhcNMjYwMTAxMDYxNzI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1M2UzNTk4MGU0ZDAyZmE3YjllMTVhNzlhNTgwOWM0NDY4OWE1N2ExMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs78TSb13m9imrM+N/mH4WmKI7qoF 4Ve6ME7ZwNUzZc8yqDN8UQbGEg6YtrBDIWF7uo4lfCG2bUHqDXtlKTI4qQ0UVdPH qpK5LqEmciuMGWUoXg+6Hwl8H863oU0kUUTzUkn8MqRr8jpNyeDvX7XnqCeH25yT j1MFciFzkc7X2JhaSk1mRnVedRlcpCV0dB/8Fenqe6ZaMatt5hTa5sSRlGrs0/Fi zLIQAcnLlJcFwFXBuoV04hXfclWLxCd38b2kXMZjxnJl00idfHjYu3wxInG2emB6 /xzxXWBDQPmmbROQKtsBcwi5f4KAnA9fD2dm1Qd7RDzC6mdoP8IpYMxroQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFFPjWYDk0C+nueFaeaWAnERomlehMB8GA1UdIwQY MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt OTQzZDAzMzIxMzI2LzEvVS1OWmdPVFFMNmU1NFZwNXBZQ2NSR2lhVjZFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2 LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwHmQAwQA wkdXMA0GCSqGSIb3DQEBCwUAA4IBAQCW/Z/cvhfhXAkY4LrJlDSjWFNrSUTHgEJ2 /zEnYzWyYpHCRWKR+8s7Vc61SPznzXR5INroJafXuzfwIuFmgcPdOpIcnvr+yQ70 TDdp5C9dXj8/bB2YY5kZ1uG57QH0jbGSBgXxF5cZonbYp8QdYoDM+NdMK1V9/usu fKhmuCD3x9YSXWIRdbsXxTA+pn3dgOSMlR6RoTQa01OjSN4HYLHlCo9AWKwo4joM 8GHCkcxgO0MX7lke1b0Tn9qkJbdH3YwDf0Vo/A7QgwykMVFu4FrtixaeKxAxN9Uj 0uHC5RDHiIOHsKTmrhKK1mxifHRzmfA3nr3Gq7SCHQkvPmfOxo7x -----END CERTIFICATE-----Generated at Sun Jan 25 13:43:46 2026 by rpki-client