This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/c4817e-8281-42f7-9f4d-8cf805511002/1/8UGI1s0WR4wlzQNu5QcJqIgdD6o.roa File: 8UGI1s0WR4wlzQNu5QcJqIgdD6o.roa (raw, json) Hash identifier: 0o0yTMQX8eIMkMe3RKQudDE1yMjJHai1D53A4eswsuo= Subject key identifier: F1:41:88:D6:CD:16:47:8C:25:CD:03:6E:E5:07:09:A8:88:1D:0F:AA Certificate issuer: /CN=0321ea39508e0e17a651fe92ac29ea38832d0bff Certificate serial: 019B79112ACD975D5654D350F32B53582915 Authority key identifier: 03:21:EA:39:50:8E:0E:17:A6:51:FE:92:AC:29:EA:38:83:2D:0B:FF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AyHqOVCODhemUf6SrCnqOIMtC_8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/c4817e-8281-42f7-9f4d-8cf805511002/1/8UGI1s0WR4wlzQNu5QcJqIgdD6o.roa Signing time: Thu 01 Jan 2026 10:18:46 +0000 ROA not before: Thu 01 Jan 2026 10:18:46 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 31027 IP address blocks: 78.31.32.0/21 maxlen: 21 85.202.64.0/20 maxlen: 20 91.198.144.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/c4817e-8281-42f7-9f4d-8cf805511002/1/AyHqOVCODhemUf6SrCnqOIMtC_8.crl rsync://rpki.ripe.net/repository/DEFAULT/dc/c4817e-8281-42f7-9f4d-8cf805511002/1/AyHqOVCODhemUf6SrCnqOIMtC_8.mft rsync://rpki.ripe.net/repository/DEFAULT/AyHqOVCODhemUf6SrCnqOIMtC_8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 16:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:11:2a:cd:97:5d:56:54:d3:50:f3:2b:53:58:29:15 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0321ea39508e0e17a651fe92ac29ea38832d0bff Validity Not Before: Jan 1 10:18:46 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=f14188d6cd16478c25cd036ee50709a8881d0faa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:78:bc:3a:4b:b5:e3:7c:02:c0:e4:6f:db:7c: d3:38:e6:94:3e:d3:cf:e9:6c:fc:26:a8:d5:be:14: 12:ac:59:e3:40:46:3a:2e:db:d8:8a:70:67:28:98: c3:04:89:97:c2:db:57:2f:05:36:9a:a0:85:26:8a: a9:5f:98:13:72:7c:dd:18:bb:8a:f8:67:3b:1a:d0: c0:ec:c8:ef:74:a0:45:7f:da:bf:6e:1d:0c:ad:bd: 07:57:7c:11:89:fe:04:5e:f1:cf:dc:e0:fc:08:16: da:e2:81:f5:a0:6b:64:68:46:a7:a4:4e:7f:da:c7: 5f:62:ce:45:db:4b:92:f5:b7:aa:d6:61:81:f3:18: 0e:13:1b:5d:3e:09:ba:f9:37:40:50:b1:c5:ce:d0: 5d:43:64:21:cc:2d:3e:c0:51:43:2a:d4:1b:e0:89: f8:8c:f0:b8:41:56:d2:3d:0a:1c:0e:b4:18:49:42: f6:b3:f6:a9:5c:62:a4:ee:73:4a:a8:df:48:b9:b9: 96:ff:76:c1:f0:6e:e4:e4:e0:23:cf:b4:39:2f:05: fa:28:37:95:a1:35:28:2e:07:bc:94:a4:e6:bf:4e: e5:cd:42:77:23:90:5c:96:de:06:37:d4:31:35:29: ba:62:97:c9:89:d2:e1:21:fb:3a:b4:26:62:03:23: f7:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F1:41:88:D6:CD:16:47:8C:25:CD:03:6E:E5:07:09:A8:88:1D:0F:AA X509v3 Authority Key Identifier: keyid:03:21:EA:39:50:8E:0E:17:A6:51:FE:92:AC:29:EA:38:83:2D:0B:FF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AyHqOVCODhemUf6SrCnqOIMtC_8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/c4817e-8281-42f7-9f4d-8cf805511002/1/8UGI1s0WR4wlzQNu5QcJqIgdD6o.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/c4817e-8281-42f7-9f4d-8cf805511002/1/AyHqOVCODhemUf6SrCnqOIMtC_8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 78.31.32.0/21 85.202.64.0/20 91.198.144.0/24 Signature Algorithm: sha256WithRSAEncryption 00:d3:9e:cd:5a:44:ec:89:77:e2:35:e2:7f:cd:00:9e:88:c6: 17:56:fa:f4:31:31:45:ec:b4:9f:f4:53:ec:33:b6:dd:b3:bb: 0a:56:c9:41:2c:95:b8:f1:c2:54:75:1d:9a:ac:11:d9:5a:12: 9c:f5:62:3a:d1:f0:16:16:d2:98:9b:da:52:46:04:49:5e:78: dc:c1:95:3c:3e:e1:ec:e0:4e:b7:fb:b5:31:49:01:0c:81:bf: dc:ba:f4:7b:31:b9:c4:09:be:50:93:0d:d2:e2:74:17:c9:fc: 23:66:80:4c:50:86:a4:00:26:29:8e:ae:a7:0d:4a:f7:f9:ab: 8a:c2:26:4f:b0:6d:f9:90:99:c8:42:fc:9d:41:fe:53:66:90: 97:3e:51:84:f7:ed:dd:4b:9f:4f:85:df:9f:72:ad:a5:46:5a: 71:54:a9:d8:f9:99:da:d3:9d:05:37:16:86:68:ef:c2:57:12: cd:34:cb:92:d6:ec:c1:e1:ec:73:50:05:82:a2:08:ac:af:e3: 0b:88:22:ed:04:2b:82:8a:9f:18:64:c3:0c:fa:f1:69:46:26: fc:e2:a8:d3:9f:56:9c:e1:1c:af:16:79:31:51:0c:9b:fa:99: 64:7c:be:b0:51:88:97:53:a7:b0:09:dc:49:46:a0:40:3b:29: 25:fe:14:00 -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt5ESrNl11WVNNQ8ytTWCkVMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDAzMjFlYTM5NTA4ZTBlMTdhNjUxZmU5MmFjMjllYTM4ODMy ZDBiZmYwHhcNMjYwMTAxMTAxODQ2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmMTQxODhkNmNkMTY0NzhjMjVjZDAzNmVlNTA3MDlhODg4MWQwZmFhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn3i8Oku143wCwORv23zTOOaUPtPP 6Wz8JqjVvhQSrFnjQEY6LtvYinBnKJjDBImXwttXLwU2mqCFJoqpX5gTcnzdGLuK +Gc7GtDA7MjvdKBFf9q/bh0Mrb0HV3wRif4EXvHP3OD8CBba4oH1oGtkaEanpE5/ 2sdfYs5F20uS9beq1mGB8xgOExtdPgm6+TdAULHFztBdQ2QhzC0+wFFDKtQb4In4 jPC4QVbSPQocDrQYSUL2s/apXGKk7nNKqN9IubmW/3bB8G7k5OAjz7Q5LwX6KDeV oTUoLge8lKTmv07lzUJ3I5Bclt4GN9QxNSm6YpfJidLhIfs6tCZiAyP3OQIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFPFBiNbNFkeMJc0DbuUHCaiIHQ+qMB8GA1UdIwQY MBaAFAMh6jlQjg4XplH+kqwp6jiDLQv/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQXlIcU9WQ09EaGVtVWY2U3JDbnFPSU10Q184LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9jNDgxN2UtODI4MS00MmY3LTlmNGQt OGNmODA1NTExMDAyLzEvOFVHSTFzMFdSNHdselFOdTVRY0pxSWdkRDZvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kYy9jNDgxN2UtODI4MS00MmY3LTlmNGQtOGNmODA1NTExMDAy LzEvQXlIcU9WQ09EaGVtVWY2U3JDbnFPSU10Q184LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDTh8gAwQE VcpAAwQAW8aQMA0GCSqGSIb3DQEBCwUAA4IBAQAA057NWkTsiXfiNeJ/zQCeiMYX Vvr0MTFF7LSf9FPsM7bds7sKVslBLJW48cJUdR2arBHZWhKc9WI60fAWFtKYm9pS RgRJXnjcwZU8PuHs4E63+7UxSQEMgb/cuvR7MbnECb5Qkw3S4nQXyfwjZoBMUIak ACYpjq6nDUr3+auKwiZPsG35kJnIQvydQf5TZpCXPlGE9+3dS59Phd+fcq2lRlpx VKnY+Zna050FNxaGaO/CVxLNNMuS1uzB4exzUAWCogisr+MLiCLtBCuCip8YZMMM +vFpRib84qjTn1ac4RyvFnkxUQyb+plkfL6wUYiXU6ewCdxJRqBAOykl/hQA -----END CERTIFICATE-----Generated at Mon Jan 26 00:26:41 2026 by rpki-client