This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/74a1b5-3c2e-48e2-90fd-b49d89e30ddd/1/UmiyGlAKeVSGM9owvAHcbjgh7iE.roa File: UmiyGlAKeVSGM9owvAHcbjgh7iE.roa (raw, json) Hash identifier: 9qPTC4+fv8bleeF17R0jz4ih1d6GM3RKI4JmMBNNV6k= Subject key identifier: 52:68:B2:1A:50:0A:79:54:86:33:DA:30:BC:01:DC:6E:38:21:EE:21 Certificate issuer: /CN=cbdfce3a5355f861fdc48c32012c78c9daf9a5a4 Certificate serial: 019B7911120E4B98690F66EA96B899C0B8B1 Authority key identifier: CB:DF:CE:3A:53:55:F8:61:FD:C4:8C:32:01:2C:78:C9:DA:F9:A5:A4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y9_OOlNV-GH9xIwyASx4ydr5paQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/74a1b5-3c2e-48e2-90fd-b49d89e30ddd/1/UmiyGlAKeVSGM9owvAHcbjgh7iE.roa Signing time: Thu 01 Jan 2026 10:18:40 +0000 ROA not before: Thu 01 Jan 2026 10:18:40 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 31655 IP address blocks: 5.2.96.0/19 maxlen: 24 5.144.156.0/22 maxlen: 24 62.223.128.0/17 maxlen: 24 80.252.64.0/20 maxlen: 24 88.215.0.0/18 maxlen: 29 89.213.8.0/21 maxlen: 24 89.213.16.0/20 maxlen: 24 89.213.32.0/21 maxlen: 24 185.4.196.0/22 maxlen: 24 185.21.208.0/22 maxlen: 24 188.66.64.0/18 maxlen: 24 195.162.96.0/19 maxlen: 24 213.218.192.0/20 maxlen: 24 2a02:c1c0::/29 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ef/74a1b5-3c2e-48e2-90fd-b49d89e30ddd/1/y9_OOlNV-GH9xIwyASx4ydr5paQ.crl rsync://rpki.ripe.net/repository/DEFAULT/ef/74a1b5-3c2e-48e2-90fd-b49d89e30ddd/1/y9_OOlNV-GH9xIwyASx4ydr5paQ.mft rsync://rpki.ripe.net/repository/DEFAULT/y9_OOlNV-GH9xIwyASx4ydr5paQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 10:01:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:11:12:0e:4b:98:69:0f:66:ea:96:b8:99:c0:b8:b1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cbdfce3a5355f861fdc48c32012c78c9daf9a5a4 Validity Not Before: Jan 1 10:18:40 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5268b21a500a79548633da30bc01dc6e3821ee21 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:eb:7a:d0:0a:8e:90:b1:b8:91:17:75:32:1a:58: 3e:3b:ed:79:5a:10:b3:8c:68:b2:28:63:e6:4e:69: bc:29:12:5f:4b:7a:51:7d:a6:80:e3:d3:ac:a1:fd: 4f:e4:cd:25:1b:9f:19:5b:c0:dc:dd:94:07:fd:de: bb:bc:01:e2:05:dd:f2:4b:00:e9:70:4a:07:d0:85: 71:09:fc:a6:0e:4e:f8:e6:4a:14:30:55:de:7a:9d: 35:31:72:cb:e0:60:0b:d4:84:87:70:55:7f:37:80: 03:c2:3b:39:75:0e:de:7f:d7:12:71:56:07:4e:80: 56:72:ca:30:ef:a5:8f:3a:07:5c:27:12:98:ce:e1: 8e:f5:bb:b2:9f:a0:e8:a4:e2:2a:11:c6:ca:2e:ef: 40:14:4d:73:c8:c0:c8:49:a8:20:5f:4c:c4:75:d0: 44:c6:bc:08:9d:b4:89:fa:c7:0c:87:6e:38:34:fb: 76:b5:aa:53:52:78:b5:1d:4a:58:d3:b1:b3:d4:d6: 96:f0:d1:bc:bc:f1:65:a4:ae:9e:58:29:77:ea:09: 6f:f2:14:cb:2f:05:9d:82:1a:6f:80:5d:db:55:1f: 3a:af:06:3f:d0:e0:df:7a:66:0e:2b:1a:53:d8:1c: 19:e5:0b:e4:22:95:40:c2:c1:75:e3:37:97:c5:8b: f7:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 52:68:B2:1A:50:0A:79:54:86:33:DA:30:BC:01:DC:6E:38:21:EE:21 X509v3 Authority Key Identifier: keyid:CB:DF:CE:3A:53:55:F8:61:FD:C4:8C:32:01:2C:78:C9:DA:F9:A5:A4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y9_OOlNV-GH9xIwyASx4ydr5paQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/74a1b5-3c2e-48e2-90fd-b49d89e30ddd/1/UmiyGlAKeVSGM9owvAHcbjgh7iE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/74a1b5-3c2e-48e2-90fd-b49d89e30ddd/1/y9_OOlNV-GH9xIwyASx4ydr5paQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.2.96.0/19 5.144.156.0/22 62.223.128.0/17 80.252.64.0/20 88.215.0.0/18 89.213.8.0-89.213.39.255 185.4.196.0/22 185.21.208.0/22 188.66.64.0/18 195.162.96.0/19 213.218.192.0/20 IPv6: 2a02:c1c0::/29 Signature Algorithm: sha256WithRSAEncryption 03:80:9c:55:e4:ef:30:62:96:3e:a9:41:f4:d7:b6:e3:6c:48: 23:07:5b:e5:8b:b7:2a:20:ea:0d:87:6a:51:38:49:69:ba:0e: b9:3a:86:a4:08:6e:c5:d7:af:5f:4d:3a:60:ff:9f:41:e7:a8: 11:b8:f0:6d:8c:96:0b:1c:fb:3b:c0:06:36:f8:c2:84:f7:f5: 36:f4:3c:b4:68:d7:3b:96:b2:f4:f3:0e:a6:95:5b:1e:a0:21: 81:ae:4d:50:70:43:3c:c8:83:11:61:2b:ec:79:e8:83:f5:b0: fb:23:b7:67:99:6d:01:f8:70:22:1e:3b:ce:37:a7:29:f7:30: e9:0c:e9:f9:e9:45:7d:41:48:a1:bc:eb:28:fd:85:ac:0e:ce: 3c:f3:3e:26:98:8a:81:7c:a5:33:62:21:3f:f0:34:20:75:da: fc:71:ca:cc:9f:f0:27:e6:aa:37:9c:a4:06:dd:f1:e0:74:0a: dc:5c:58:9f:5f:42:66:de:e9:9c:68:95:81:65:e2:ac:2e:a1: 8d:45:4b:2f:81:ad:2b:bd:dc:5e:8a:19:c6:37:38:31:36:61: 37:cc:20:1f:0e:1b:34:24:75:66:50:4f:e4:23:a7:41:4f:54: da:13:c0:85:e8:51:87:d4:f8:e6:71:f6:43:ca:98:9b:2b:09: fa:95:80:56 -----BEGIN CERTIFICATE----- MIIFUDCCBDigAwIBAgISAZt5ERIOS5hpD2bqlriZwLixMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNiZGZjZTNhNTM1NWY4NjFmZGM0OGMzMjAxMmM3OGM5ZGFm OWE1YTQwHhcNMjYwMTAxMTAxODQwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1MjY4YjIxYTUwMGE3OTU0ODYzM2RhMzBiYzAxZGM2ZTM4MjFlZTIxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA63rQCo6QsbiRF3UyGlg+O+15WhCz jGiyKGPmTmm8KRJfS3pRfaaA49Osof1P5M0lG58ZW8Dc3ZQH/d67vAHiBd3ySwDp cEoH0IVxCfymDk745koUMFXeep01MXLL4GAL1ISHcFV/N4ADwjs5dQ7ef9cScVYH ToBWcsow76WPOgdcJxKYzuGO9buyn6DopOIqEcbKLu9AFE1zyMDISaggX0zEddBE xrwInbSJ+scMh244NPt2tapTUni1HUpY07Gz1NaW8NG8vPFlpK6eWCl36glv8hTL LwWdghpvgF3bVR86rwY/0ODfemYOKxpT2BwZ5QvkIpVAwsF14zeXxYv37wIDAQAB o4ICXDCCAlgwHQYDVR0OBBYEFFJoshpQCnlUhjPaMLwB3G44Ie4hMB8GA1UdIwQY MBaAFMvfzjpTVfhh/cSMMgEseMna+aWkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveTlfT09sTlYtR0g5eEl3eUFTeDR5ZHI1cGFRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi83NGExYjUtM2MyZS00OGUyLTkwZmQt YjQ5ZDg5ZTMwZGRkLzEvVW1peUdsQUtlVlNHTTlvd3ZBSGNiamdoN2lFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lZi83NGExYjUtM2MyZS00OGUyLTkwZmQtYjQ5ZDg5ZTMwZGRk LzEveTlfT09sTlYtR0g5eEl3eUFTeDR5ZHI1cGFRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMHIGCCsGAQUFBwEHAQH/BGMwYTBQBAIAATBKAwQFBQJgAwQC BZCcAwQHPt+AAwQEUPxAAwQGWNcAMAwDBANZ1QgDBANZ1SADBAK5BMQDBAK5FdAD BAa8QkADBAXDomADBATV2sAwDQQCAAIwBwMFAyoCwcAwDQYJKoZIhvcNAQELBQAD ggEBAAOAnFXk7zBilj6pQfTXtuNsSCMHW+WLtyog6g2HalE4SWm6Drk6hqQIbsXX r19NOmD/n0HnqBG48G2Mlgsc+zvABjb4woT39Tb0PLRo1zuWsvTzDqaVWx6gIYGu TVBwQzzIgxFhK+x56IP1sPsjt2eZbQH4cCIeO843pyn3MOkM6fnpRX1BSKG86yj9 hawOzjzzPiaYioF8pTNiIT/wNCB12vxxysyf8CfmqjecpAbd8eB0CtxcWJ9fQmbe 6ZxolYFl4qwuoY1FSy+BrSu93F6KGcY3ODE2YTfMIB8OGzQkdWZQT+Qjp0FPVNoT wIXoUYfU+OZx9kPKmJsrCfqVgFY= -----END CERTIFICATE-----Generated at Sun Jan 25 20:48:37 2026 by rpki-client