This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/1cf0b2-c51d-45f5-84dc-7499a8231f56/1/uU9WSNDEX66vzzhhXOoe21fcdxo.roa File: uU9WSNDEX66vzzhhXOoe21fcdxo.roa (raw, json) Hash identifier: 6MvyTg+A5MSPoBXPWElfN6DEbE9gMvp/ra0DMu41c84= Subject key identifier: B9:4F:56:48:D0:C4:5F:AE:AF:CF:38:61:5C:EA:1E:DB:57:DC:77:1A Certificate issuer: /CN=450c581248b11ae2a46f552e5ca43c69d65e72a8 Certificate serial: 019B7B366030DC66F26CBDFC999702FF30D8 Authority key identifier: 45:0C:58:12:48:B1:1A:E2:A4:6F:55:2E:5C:A4:3C:69:D6:5E:72:A8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RQxYEkixGuKkb1UuXKQ8adZecqg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/1cf0b2-c51d-45f5-84dc-7499a8231f56/1/uU9WSNDEX66vzzhhXOoe21fcdxo.roa Signing time: Thu 01 Jan 2026 20:18:39 +0000 ROA not before: Thu 01 Jan 2026 20:18:39 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 12480 IP address blocks: 193.101.11.0/24 maxlen: 24 193.101.24.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/1cf0b2-c51d-45f5-84dc-7499a8231f56/1/RQxYEkixGuKkb1UuXKQ8adZecqg.crl rsync://rpki.ripe.net/repository/DEFAULT/f1/1cf0b2-c51d-45f5-84dc-7499a8231f56/1/RQxYEkixGuKkb1UuXKQ8adZecqg.mft rsync://rpki.ripe.net/repository/DEFAULT/RQxYEkixGuKkb1UuXKQ8adZecqg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 11:01:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:36:60:30:dc:66:f2:6c:bd:fc:99:97:02:ff:30:d8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=450c581248b11ae2a46f552e5ca43c69d65e72a8 Validity Not Before: Jan 1 20:18:39 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=b94f5648d0c45faeafcf38615cea1edb57dc771a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:42:18:93:7b:ca:6e:b2:af:4b:c2:06:39:7e: e7:69:bf:f8:a1:54:98:02:d9:c6:b9:74:77:1b:7f: 6f:45:24:54:e8:8a:68:64:e9:8f:d1:03:f7:cc:f8: 57:98:a6:33:13:89:1a:32:0a:5b:37:85:ef:b2:bc: 1c:9f:da:e9:d2:7b:76:99:d8:f4:72:f9:31:54:0e: 72:c1:16:e8:e5:21:51:79:a6:37:70:b1:6f:dd:c3: 66:9f:c6:51:f8:67:3e:53:8a:46:4c:db:f4:06:73: b3:bd:59:6e:8e:1c:0c:91:a1:4d:d2:54:6c:29:43: b8:39:d8:6c:fd:78:0d:74:c9:8f:04:4a:53:a7:00: 72:b9:7a:ac:79:63:e7:14:be:38:86:35:f4:cf:dd: e2:d1:ca:3d:eb:1c:04:52:4f:72:13:30:9b:8f:09: 62:98:3d:ff:86:72:95:a1:93:94:f9:59:9c:93:24: 4b:e0:d5:55:02:cb:99:bc:09:36:92:16:e5:f5:35: bf:81:c2:44:4a:ab:47:ce:e3:ce:32:f9:78:ab:79: 23:0c:22:9d:4f:2e:cc:80:ac:bd:a0:9f:c5:e4:d9: d8:9a:41:a8:7e:a3:cb:4e:e7:d5:a3:f4:be:db:9b: d4:1e:ab:36:35:96:e4:01:60:b2:b2:61:3e:48:ec: f6:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B9:4F:56:48:D0:C4:5F:AE:AF:CF:38:61:5C:EA:1E:DB:57:DC:77:1A X509v3 Authority Key Identifier: keyid:45:0C:58:12:48:B1:1A:E2:A4:6F:55:2E:5C:A4:3C:69:D6:5E:72:A8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RQxYEkixGuKkb1UuXKQ8adZecqg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/1cf0b2-c51d-45f5-84dc-7499a8231f56/1/uU9WSNDEX66vzzhhXOoe21fcdxo.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/1cf0b2-c51d-45f5-84dc-7499a8231f56/1/RQxYEkixGuKkb1UuXKQ8adZecqg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 193.101.11.0/24 193.101.24.0/21 Signature Algorithm: sha256WithRSAEncryption 92:e5:d5:09:54:c8:5d:1f:75:68:d5:fb:62:2e:89:af:72:c4: 77:0c:68:f6:c4:3a:ad:71:63:86:79:d1:d5:4b:0b:55:47:11: b4:8b:1e:5f:1c:fd:6f:d1:b4:9a:f8:4c:43:00:b8:67:23:7e: 6c:95:e0:a9:9e:54:a8:33:b5:f2:b6:e8:35:4d:5d:5f:97:a9: b0:23:c1:0c:47:98:29:bb:c6:d4:d2:0d:8b:a4:0e:6a:97:e4: 7c:eb:95:7f:ad:dc:f8:88:eb:f7:33:ea:17:51:f3:ab:72:6d: 5f:0a:63:03:c8:bb:41:78:10:35:46:d9:1d:a7:bc:1f:ce:ce: 00:11:e8:d7:e1:3d:cf:2d:2f:68:44:dc:9e:33:80:48:5b:16: f5:d3:08:14:38:24:32:8b:c7:78:5b:7a:38:91:34:7d:f0:04: b8:7b:a9:17:ff:85:f5:c3:4d:eb:3e:a6:ff:db:5e:64:5b:a5: 00:e9:50:de:95:1a:3d:09:82:19:e2:f7:18:04:e2:88:14:79: 00:59:52:0e:a1:c2:13:c8:03:be:2f:cf:d5:15:cd:a4:b5:50: 6c:1c:2c:4d:33:6b:ef:83:ca:fe:a3:85:5f:25:03:b4:60:44: 5b:7f:c2:6e:ac:56:26:1e:70:4c:da:b2:05:2e:0d:35:f7:88: 8c:46:c3:2e -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt7NmAw3GbybL38mZcC/zDYMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQ1MGM1ODEyNDhiMTFhZTJhNDZmNTUyZTVjYTQzYzY5ZDY1 ZTcyYTgwHhcNMjYwMTAxMjAxODM5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiOTRmNTY0OGQwYzQ1ZmFlYWZjZjM4NjE1Y2VhMWVkYjU3ZGM3NzFhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4UIYk3vKbrKvS8IGOX7nab/4oVSY AtnGuXR3G39vRSRU6IpoZOmP0QP3zPhXmKYzE4kaMgpbN4Xvsrwcn9rp0nt2mdj0 cvkxVA5ywRbo5SFReaY3cLFv3cNmn8ZR+Gc+U4pGTNv0BnOzvVlujhwMkaFN0lRs KUO4Odhs/XgNdMmPBEpTpwByuXqseWPnFL44hjX0z93i0co96xwEUk9yEzCbjwli mD3/hnKVoZOU+VmckyRL4NVVAsuZvAk2khbl9TW/gcJESqtHzuPOMvl4q3kjDCKd Ty7MgKy9oJ/F5NnYmkGofqPLTufVo/S+25vUHqs2NZbkAWCysmE+SOz2iQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFLlPVkjQxF+ur884YVzqHttX3HcaMB8GA1UdIwQY MBaAFEUMWBJIsRripG9VLlykPGnWXnKoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUlF4WUVraXhHdUtrYjFVdVhLUThhZFplY3FnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS8xY2YwYjItYzUxZC00NWY1LTg0ZGMt NzQ5OWE4MjMxZjU2LzEvdVU5V1NOREVYNjZ2enpoaFhPb2UyMWZjZHhvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mMS8xY2YwYjItYzUxZC00NWY1LTg0ZGMtNzQ5OWE4MjMxZjU2 LzEvUlF4WUVraXhHdUtrYjFVdVhLUThhZFplY3FnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwWULAwQD wWUYMA0GCSqGSIb3DQEBCwUAA4IBAQCS5dUJVMhdH3Vo1ftiLomvcsR3DGj2xDqt cWOGedHVSwtVRxG0ix5fHP1v0bSa+ExDALhnI35sleCpnlSoM7Xytug1TV1fl6mw I8EMR5gpu8bU0g2LpA5ql+R865V/rdz4iOv3M+oXUfOrcm1fCmMDyLtBeBA1Rtkd p7wfzs4AEejX4T3PLS9oRNyeM4BIWxb10wgUOCQyi8d4W3o4kTR98AS4e6kX/4X1 w03rPqb/215kW6UA6VDelRo9CYIZ4vcYBOKIFHkAWVIOocITyAO+L8/VFc2ktVBs HCxNM2vvg8r+o4VfJQO0YERbf8JurFYmHnBM2rIFLg0194iMRsMu -----END CERTIFICATE-----Generated at Sun Jan 25 19:16:11 2026 by rpki-client