This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/e39a42-67b7-473c-83cd-196455524a62/1/UjFwX21JbiqjDw7jVogurOY6vK0.roa File: UjFwX21JbiqjDw7jVogurOY6vK0.roa (raw, json) Hash identifier: StMP6W4VJaKc6UNnpuMnvzgEyfJwsKnjjavPWXE2/og= Subject key identifier: 52:31:70:5F:6D:49:6E:2A:A3:0F:0E:E3:56:88:2E:AC:E6:3A:BC:AD Certificate issuer: /CN=d47d79c78a830699781b3e4331be092597c34b90 Certificate serial: 019B7A5B37594F065B4E94008BBFAECE664D Authority key identifier: D4:7D:79:C7:8A:83:06:99:78:1B:3E:43:31:BE:09:25:97:C3:4B:90 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1H15x4qDBpl4Gz5DMb4JJZfDS5A.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/e39a42-67b7-473c-83cd-196455524a62/1/UjFwX21JbiqjDw7jVogurOY6vK0.roa Signing time: Thu 01 Jan 2026 16:19:16 +0000 ROA not before: Thu 01 Jan 2026 16:19:16 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 197558 IP address blocks: 46.253.48.0/20 maxlen: 24 77.237.252.0/22 maxlen: 22 185.10.148.0/22 maxlen: 24 185.98.48.0/22 maxlen: 22 185.103.224.0/22 maxlen: 22 2a00:6400::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/e39a42-67b7-473c-83cd-196455524a62/1/1H15x4qDBpl4Gz5DMb4JJZfDS5A.crl rsync://rpki.ripe.net/repository/DEFAULT/a3/e39a42-67b7-473c-83cd-196455524a62/1/1H15x4qDBpl4Gz5DMb4JJZfDS5A.mft rsync://rpki.ripe.net/repository/DEFAULT/1H15x4qDBpl4Gz5DMb4JJZfDS5A.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 13 Jan 2026 12:01:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5b:37:59:4f:06:5b:4e:94:00:8b:bf:ae:ce:66:4d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d47d79c78a830699781b3e4331be092597c34b90 Validity Not Before: Jan 1 16:19:16 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5231705f6d496e2aa30f0ee356882eace63abcad Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8e:c2:69:d5:9b:18:06:3d:ab:17:c7:0f:e2:30: bf:a2:5b:a9:29:87:17:5c:ff:f5:59:2e:fb:46:6c: 60:59:84:0c:2d:f3:b8:12:52:ff:d4:d5:1d:57:90: 3f:d7:f6:27:18:19:4f:34:58:58:d1:f4:c2:70:61: 9b:c8:4a:f9:e8:28:7f:26:1b:2a:78:46:eb:14:44: cd:1f:ca:f3:ff:57:08:9c:34:1f:d4:27:06:76:c8: da:1c:77:f0:3b:6d:28:02:cd:c4:00:8f:73:62:23: 77:ca:8f:00:32:f8:07:fd:ae:0c:03:6e:33:c5:f4: 0e:49:30:69:6f:af:d1:9a:31:1f:d8:d2:81:a0:15: 70:a5:0c:df:49:6a:4c:83:e2:85:a4:1c:8b:f9:a3: 68:9c:13:33:56:1a:d4:fd:39:2b:09:c9:c6:42:2e: 04:29:b4:7a:9a:4c:52:6f:56:7a:9c:3f:4d:43:97: f1:c1:e0:6d:9d:2d:fd:59:4a:f6:39:4b:55:01:73: db:59:c3:52:52:43:11:76:3b:99:8d:50:4c:c9:94: 64:6b:e5:d2:fb:cf:bc:01:15:ec:03:8f:7f:bc:b1: 4e:1f:b0:cf:33:bd:cd:bf:c2:65:6b:32:5b:7e:e9: b0:7c:14:8b:ca:b4:22:fb:27:6e:02:dd:12:82:2c: 10:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 52:31:70:5F:6D:49:6E:2A:A3:0F:0E:E3:56:88:2E:AC:E6:3A:BC:AD X509v3 Authority Key Identifier: keyid:D4:7D:79:C7:8A:83:06:99:78:1B:3E:43:31:BE:09:25:97:C3:4B:90 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1H15x4qDBpl4Gz5DMb4JJZfDS5A.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/e39a42-67b7-473c-83cd-196455524a62/1/UjFwX21JbiqjDw7jVogurOY6vK0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/e39a42-67b7-473c-83cd-196455524a62/1/1H15x4qDBpl4Gz5DMb4JJZfDS5A.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 46.253.48.0/20 77.237.252.0/22 185.10.148.0/22 185.98.48.0/22 185.103.224.0/22 IPv6: 2a00:6400::/32 Signature Algorithm: sha256WithRSAEncryption 4a:d9:e0:b7:dc:7d:db:fc:12:66:c3:5d:43:c1:16:0e:dc:e2: 16:12:94:56:27:f8:a4:d7:a5:59:a3:dd:1b:40:f7:d2:23:1c: c6:f5:4d:66:0f:84:45:2c:10:3d:b9:51:fd:25:2b:f6:0c:b0: ce:b9:c7:9b:4e:18:55:32:d7:ed:50:85:77:c0:d7:cc:a4:0f: 19:14:d1:fe:3d:02:29:49:7d:5b:32:f2:eb:5c:0c:08:a8:00: 4c:48:52:2e:3b:ba:65:ef:20:34:28:dc:1a:2a:77:d7:82:4b: 16:fe:44:3c:f0:9d:c6:6c:8c:a1:68:24:2a:4e:37:ca:dd:a3: bd:9d:8b:46:92:c1:46:b3:1c:87:4f:70:0e:2c:0e:6c:42:87: 58:2f:f9:ff:86:09:41:a8:30:ef:a1:a8:7f:0a:1b:3f:c5:eb: f7:09:f5:ee:85:02:3b:38:5c:a5:32:e0:b2:4d:07:6d:ce:10: c7:77:9c:a7:9c:ee:88:62:fb:16:a5:68:a6:f7:bf:d2:f2:47: 42:a7:b2:37:59:c7:0d:a3:75:da:4f:b9:41:b0:1d:8b:29:af: c5:57:d3:8e:1c:76:d3:2c:4a:ba:d2:19:ae:26:ed:c5:d3:bb: 4e:c4:20:06:05:a5:f6:50:b1:7b:69:f8:dc:6b:03:72:e7:f9: 35:73:7a:0f -----BEGIN CERTIFICATE----- MIIFJDCCBAygAwIBAgISAZt6WzdZTwZbTpQAi7+uzmZNMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ0N2Q3OWM3OGE4MzA2OTk3ODFiM2U0MzMxYmUwOTI1OTdj MzRiOTAwHhcNMjYwMTAxMTYxOTE2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1MjMxNzA1ZjZkNDk2ZTJhYTMwZjBlZTM1Njg4MmVhY2U2M2FiY2FkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjsJp1ZsYBj2rF8cP4jC/olupKYcX XP/1WS77RmxgWYQMLfO4ElL/1NUdV5A/1/YnGBlPNFhY0fTCcGGbyEr56Ch/Jhsq eEbrFETNH8rz/1cInDQf1CcGdsjaHHfwO20oAs3EAI9zYiN3yo8AMvgH/a4MA24z xfQOSTBpb6/RmjEf2NKBoBVwpQzfSWpMg+KFpByL+aNonBMzVhrU/TkrCcnGQi4E KbR6mkxSb1Z6nD9NQ5fxweBtnS39WUr2OUtVAXPbWcNSUkMRdjuZjVBMyZRka+XS +8+8ARXsA49/vLFOH7DPM73Nv8JlazJbfumwfBSLyrQi+yduAt0SgiwQTQIDAQAB o4ICMDCCAiwwHQYDVR0OBBYEFFIxcF9tSW4qow8O41aILqzmOrytMB8GA1UdIwQY MBaAFNR9eceKgwaZeBs+QzG+CSWXw0uQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMUgxNXg0cURCcGw0R3o1RE1iNEpKWmZEUzVBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9lMzlhNDItNjdiNy00NzNjLTgzY2Qt MTk2NDU1NTI0YTYyLzEvVWpGd1gyMUpiaXFqRHc3alZvZ3VyT1k2dkswLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hMy9lMzlhNDItNjdiNy00NzNjLTgzY2QtMTk2NDU1NTI0YTYy LzEvMUgxNXg0cURCcGw0R3o1RE1iNEpKWmZEUzVBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQELv0wAwQC Te38AwQCuQqUAwQCuWIwAwQCuWfgMA0EAgACMAcDBQAqAGQAMA0GCSqGSIb3DQEB CwUAA4IBAQBK2eC33H3b/BJmw11DwRYO3OIWEpRWJ/ik16VZo90bQPfSIxzG9U1m D4RFLBA9uVH9JSv2DLDOucebThhVMtftUIV3wNfMpA8ZFNH+PQIpSX1bMvLrXAwI qABMSFIuO7pl7yA0KNwaKnfXgksW/kQ88J3GbIyhaCQqTjfK3aO9nYtGksFGsxyH T3AOLA5sQodYL/n/hglBqDDvoah/Chs/xev3CfXuhQI7OFylMuCyTQdtzhDHd5yn nO6IYvsWpWim97/S8kdCp7I3WccNo3XaT7lBsB2LKa/FV9OOHHbTLEq60hmuJu3F 07tOxCAGBaX2ULF7afjcawNy5/k1c3oP -----END CERTIFICATE-----Generated at Mon Jan 12 22:23:44 2026 by rpki-client