This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/a70a84-f552-4354-a104-0e1db98ad231/1/uo6gSQMEnLnAV0qz-0bBeE8OgZ0.roa File: uo6gSQMEnLnAV0qz-0bBeE8OgZ0.roa (raw, json) Hash identifier: Pa85d4W1Y3uoRK3pBu11YxeW750DtluZVOcA6r0YthI= Subject key identifier: BA:8E:A0:49:03:04:9C:B9:C0:57:4A:B3:FB:46:C1:78:4F:0E:81:9D Certificate issuer: /CN=5e1d4060fd501ebae93ed44da6b7a79e66705b2f Certificate serial: 019B7A5B409D7F45D257842972B53548ECA0 Authority key identifier: 5E:1D:40:60:FD:50:1E:BA:E9:3E:D4:4D:A6:B7:A7:9E:66:70:5B:2F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xh1AYP1QHrrpPtRNprennmZwWy8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/a70a84-f552-4354-a104-0e1db98ad231/1/uo6gSQMEnLnAV0qz-0bBeE8OgZ0.roa Signing time: Thu 01 Jan 2026 16:19:19 +0000 ROA not before: Thu 01 Jan 2026 16:19:19 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 204570 IP address blocks: 185.246.148.0/22 maxlen: 22 2a0d:8680::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/a70a84-f552-4354-a104-0e1db98ad231/1/Xh1AYP1QHrrpPtRNprennmZwWy8.crl rsync://rpki.ripe.net/repository/DEFAULT/28/a70a84-f552-4354-a104-0e1db98ad231/1/Xh1AYP1QHrrpPtRNprennmZwWy8.mft rsync://rpki.ripe.net/repository/DEFAULT/Xh1AYP1QHrrpPtRNprennmZwWy8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 01:01:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5b:40:9d:7f:45:d2:57:84:29:72:b5:35:48:ec:a0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5e1d4060fd501ebae93ed44da6b7a79e66705b2f Validity Not Before: Jan 1 16:19:19 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=ba8ea04903049cb9c0574ab3fb46c1784f0e819d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:7e:97:58:e9:4c:93:e8:70:71:2b:7d:b3:b7: 2f:f1:27:1a:03:36:cf:72:e7:e8:3f:41:44:80:41: 1d:ed:70:3c:08:85:b6:cc:3b:e1:b4:dd:84:9a:26: 54:df:4c:d9:dd:ac:5c:39:62:84:76:f2:19:6f:6e: a9:65:af:b5:71:12:ea:55:5d:78:0f:f3:f8:7e:3a: 6f:9b:b2:58:e5:a1:c0:f6:a5:b6:d4:b2:4b:38:f5: 0f:e8:11:69:31:88:a1:7a:bc:3c:d5:b5:b9:15:c8: d1:3a:07:cf:d3:77:92:f3:f9:75:62:4e:17:e0:00: 28:06:36:1a:8b:f4:7d:bb:86:fb:bd:e2:96:ae:51: ac:0e:8d:d8:87:c2:36:e8:e2:ee:92:d1:24:27:51: 43:5e:7e:ac:6d:23:43:21:0b:ca:31:7a:21:7b:de: 36:02:c7:04:8c:fd:6f:19:53:71:1f:f0:3b:b4:c3: 39:a2:8e:81:04:5c:27:4b:cc:9c:35:08:2e:b5:12: 8b:dd:1b:c6:03:4e:da:42:93:5c:b5:d6:80:19:03: be:73:cf:53:c4:6d:0e:50:46:f6:28:e6:b9:a8:4c: 27:e1:92:2c:6c:7f:69:49:c4:e7:a3:b6:48:81:dd: 38:2f:fe:51:73:1a:c6:89:7e:26:42:a8:01:1d:a1: fe:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BA:8E:A0:49:03:04:9C:B9:C0:57:4A:B3:FB:46:C1:78:4F:0E:81:9D X509v3 Authority Key Identifier: keyid:5E:1D:40:60:FD:50:1E:BA:E9:3E:D4:4D:A6:B7:A7:9E:66:70:5B:2F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xh1AYP1QHrrpPtRNprennmZwWy8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/a70a84-f552-4354-a104-0e1db98ad231/1/uo6gSQMEnLnAV0qz-0bBeE8OgZ0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/28/a70a84-f552-4354-a104-0e1db98ad231/1/Xh1AYP1QHrrpPtRNprennmZwWy8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.246.148.0/22 IPv6: 2a0d:8680::/32 Signature Algorithm: sha256WithRSAEncryption 08:0f:fb:12:ee:34:4a:9d:d8:98:62:a0:3a:5a:6e:db:8d:46: 13:f8:b4:e5:79:f8:f7:be:f6:c5:09:d5:54:c1:9a:17:be:e1: 55:4f:2d:b4:3c:1f:82:b8:eb:b9:bf:b8:e0:34:00:e3:4b:91: 66:21:e7:29:85:03:d0:ec:2a:a5:ce:a5:4d:53:f1:94:85:95: 39:46:8a:33:cb:d0:51:35:0d:21:09:ef:71:35:2e:36:40:bd: 2b:c6:6d:d4:a7:5c:ea:04:b4:cb:b9:31:a1:3a:63:27:fc:fc: 75:3f:82:60:97:fd:6d:43:f2:af:d3:73:fd:2a:d7:ef:cb:8d: 5b:50:35:5b:2a:72:bd:2a:72:f6:c1:78:3e:34:1a:43:cd:6b: 05:46:32:e6:6c:04:67:52:99:e0:93:ed:1d:01:e4:a0:ba:fc: 57:3a:c1:56:ee:05:1d:95:72:36:24:72:1a:68:5e:15:2c:9e: c1:8f:d1:2e:ec:45:23:2e:08:c0:15:10:ff:41:8f:6b:a7:b5: ae:1f:cd:c8:92:48:af:77:23:28:f3:cb:27:45:9a:40:49:29: 0c:c4:60:35:48:88:c7:32:f8:c1:33:64:ad:a4:8e:ad:c7:b4: b5:ea:6f:e2:89:65:e1:59:ec:9a:c6:eb:22:fb:3e:c9:54:a7: 8f:e1:95:b5 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt6W0Cdf0XSV4QpcrU1SOygMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVlMWQ0MDYwZmQ1MDFlYmFlOTNlZDQ0ZGE2YjdhNzllNjY3 MDViMmYwHhcNMjYwMTAxMTYxOTE5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiYThlYTA0OTAzMDQ5Y2I5YzA1NzRhYjNmYjQ2YzE3ODRmMGU4MTlkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA136XWOlMk+hwcSt9s7cv8ScaAzbP cufoP0FEgEEd7XA8CIW2zDvhtN2EmiZU30zZ3axcOWKEdvIZb26pZa+1cRLqVV14 D/P4fjpvm7JY5aHA9qW21LJLOPUP6BFpMYiherw81bW5FcjROgfP03eS8/l1Yk4X 4AAoBjYai/R9u4b7veKWrlGsDo3Yh8I26OLuktEkJ1FDXn6sbSNDIQvKMXohe942 AscEjP1vGVNxH/A7tMM5oo6BBFwnS8ycNQgutRKL3RvGA07aQpNctdaAGQO+c89T xG0OUEb2KOa5qEwn4ZIsbH9pScTno7ZIgd04L/5RcxrGiX4mQqgBHaH+DQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFLqOoEkDBJy5wFdKs/tGwXhPDoGdMB8GA1UdIwQY MBaAFF4dQGD9UB666T7UTaa3p55mcFsvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWGgxQVlQMVFIcnJwUHRSTnByZW5ubVp3V3k4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9hNzBhODQtZjU1Mi00MzU0LWExMDQt MGUxZGI5OGFkMjMxLzEvdW82Z1NRTUVuTG5BVjBxei0wYkJlRThPZ1owLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yOC9hNzBhODQtZjU1Mi00MzU0LWExMDQtMGUxZGI5OGFkMjMx LzEvWGgxQVlQMVFIcnJwUHRSTnByZW5ubVp3V3k4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCufaUMA0E AgACMAcDBQAqDYaAMA0GCSqGSIb3DQEBCwUAA4IBAQAID/sS7jRKndiYYqA6Wm7b jUYT+LTlefj3vvbFCdVUwZoXvuFVTy20PB+CuOu5v7jgNADjS5FmIecphQPQ7Cql zqVNU/GUhZU5Roozy9BRNQ0hCe9xNS42QL0rxm3Up1zqBLTLuTGhOmMn/Px1P4Jg l/1tQ/Kv03P9Ktfvy41bUDVbKnK9KnL2wXg+NBpDzWsFRjLmbARnUpngk+0dAeSg uvxXOsFW7gUdlXI2JHIaaF4VLJ7Bj9Eu7EUjLgjAFRD/QY9rp7WuH83IkkivdyMo 88snRZpASSkMxGA1SIjHMvjBM2StpI6tx7S16m/iiWXhWeyaxusi+z7JVKeP4ZW1 -----END CERTIFICATE-----Generated at Fri Jan 2 11:29:03 2026 by rpki-client