This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/a87ea8-c3b6-472d-a96c-a971a334faa4/1/UKN4qXdB5emZZX9TzM0PF4jJuRs.roa File: UKN4qXdB5emZZX9TzM0PF4jJuRs.roa (raw, json) Hash identifier: Y842Sm+wv4FkMHDbdNeBmo19SEMhJtIByCHRBpFd6qo= Subject key identifier: 50:A3:78:A9:77:41:E5:E9:99:65:7F:53:CC:CD:0F:17:88:C9:B9:1B Certificate issuer: /CN=407ce78f4ac3ba902a0c38dc01a0c5f2126519b0 Certificate serial: 019B7C1327E9E9AD8FA3706988988B5070B1 Authority key identifier: 40:7C:E7:8F:4A:C3:BA:90:2A:0C:38:DC:01:A0:C5:F2:12:65:19:B0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QHznj0rDupAqDDjcAaDF8hJlGbA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/a87ea8-c3b6-472d-a96c-a971a334faa4/1/UKN4qXdB5emZZX9TzM0PF4jJuRs.roa Signing time: Fri 02 Jan 2026 00:19:48 +0000 ROA not before: Fri 02 Jan 2026 00:19:48 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 206376 IP address blocks: 185.106.240.0/24 maxlen: 24 185.106.242.0/24 maxlen: 24 2a06:4100::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c1/a87ea8-c3b6-472d-a96c-a971a334faa4/1/QHznj0rDupAqDDjcAaDF8hJlGbA.crl rsync://rpki.ripe.net/repository/DEFAULT/c1/a87ea8-c3b6-472d-a96c-a971a334faa4/1/QHznj0rDupAqDDjcAaDF8hJlGbA.mft rsync://rpki.ripe.net/repository/DEFAULT/QHznj0rDupAqDDjcAaDF8hJlGbA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 08 Jan 2026 14:32:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:13:27:e9:e9:ad:8f:a3:70:69:88:98:8b:50:70:b1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=407ce78f4ac3ba902a0c38dc01a0c5f2126519b0 Validity Not Before: Jan 2 00:19:48 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=50a378a97741e5e999657f53cccd0f1788c9b91b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:8b:35:93:e0:94:88:71:b8:7d:c0:c3:ce:d1: 87:7a:1d:a4:85:85:a3:b0:c4:5f:87:84:73:64:67: be:56:3b:0b:12:c6:22:5b:9a:84:0d:0b:5d:8c:5f: 56:5b:c9:b3:d9:31:b7:6b:a1:77:eb:b1:2f:3a:0e: a3:67:d1:9c:63:64:6e:3d:5f:a1:a0:1d:93:df:34: e8:57:32:ef:0b:d4:55:61:ef:db:09:ed:fa:a9:73: 08:0c:53:93:95:41:f6:96:33:80:9d:e9:a7:4a:5c: e4:da:79:3d:0b:4f:e6:06:17:a9:7e:19:e5:eb:28: 31:25:b5:b6:c9:6c:08:a9:1b:83:e8:5b:bb:e0:0c: 23:df:b1:01:5d:1a:e3:aa:9a:56:e1:43:67:45:fb: e1:b4:d1:00:f7:55:39:64:88:9f:f2:b8:5d:69:49: 2c:7a:b0:d1:76:2f:cb:69:36:f0:71:14:62:e0:0c: 67:90:2c:50:96:4c:fd:34:55:a4:c4:64:76:a1:4b: b2:82:11:ca:3e:07:fd:48:63:85:fb:90:65:77:9a: bf:2b:cf:ae:e0:79:71:2a:e3:18:e5:37:91:61:7f: e7:a9:d8:79:61:b2:9c:48:c5:a2:80:e8:1a:87:e3: dc:b9:7c:5d:56:a4:fa:64:5b:83:b1:c6:1f:3d:a8: 37:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 50:A3:78:A9:77:41:E5:E9:99:65:7F:53:CC:CD:0F:17:88:C9:B9:1B X509v3 Authority Key Identifier: keyid:40:7C:E7:8F:4A:C3:BA:90:2A:0C:38:DC:01:A0:C5:F2:12:65:19:B0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QHznj0rDupAqDDjcAaDF8hJlGbA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/a87ea8-c3b6-472d-a96c-a971a334faa4/1/UKN4qXdB5emZZX9TzM0PF4jJuRs.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/a87ea8-c3b6-472d-a96c-a971a334faa4/1/QHznj0rDupAqDDjcAaDF8hJlGbA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.106.240.0/24 185.106.242.0/24 IPv6: 2a06:4100::/32 Signature Algorithm: sha256WithRSAEncryption 76:29:04:a4:16:d0:d8:76:02:08:c9:a1:e2:ef:b1:77:96:07: a9:c0:f9:03:5c:52:f5:b5:73:d1:48:4a:04:ab:0e:fd:f2:fe: fd:af:db:82:10:4a:9a:eb:78:5e:b1:d9:c6:34:53:85:69:1b: 5f:ad:82:b5:f2:4a:f4:e5:2d:5c:d2:48:50:a5:e3:99:a4:c0: f9:73:d8:f5:29:07:b6:ba:68:ab:82:d6:0c:73:57:05:07:05: 44:75:98:3e:b8:3e:87:99:d4:4a:a6:a1:38:04:1a:80:b2:af: 62:2b:39:75:00:88:3b:3f:fa:9d:fa:30:3d:5e:68:29:4a:be: 2b:fe:16:03:f4:7d:f3:3e:94:84:df:0b:a6:69:a7:e9:0b:cf: ca:74:0d:40:ad:d6:09:c2:d4:d4:86:87:11:e1:f0:73:8e:8c: 7a:d4:ff:50:3d:d0:6a:04:51:4b:32:5c:ab:c4:36:5e:01:ee: cd:0c:82:eb:ea:e7:41:c6:70:52:13:83:d7:5e:5e:1b:c6:82: 00:b8:2f:7d:d6:c9:85:41:a4:a0:e8:93:70:fb:ee:5c:ed:fe: dc:67:e3:bf:0e:b8:58:41:a6:55:b7:3f:0a:b7:cb:7c:ca:3b: 0d:e2:51:60:c6:85:29:55:b2:25:a2:52:42:07:cb:63:95:e1: 1b:9a:9d:1a -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt8Eyfp6a2Po3BpiJiLUHCxMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQwN2NlNzhmNGFjM2JhOTAyYTBjMzhkYzAxYTBjNWYyMTI2 NTE5YjAwHhcNMjYwMTAyMDAxOTQ4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1MGEzNzhhOTc3NDFlNWU5OTk2NTdmNTNjY2NkMGYxNzg4YzliOTFiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzIs1k+CUiHG4fcDDztGHeh2khYWj sMRfh4RzZGe+VjsLEsYiW5qEDQtdjF9WW8mz2TG3a6F367EvOg6jZ9GcY2RuPV+h oB2T3zToVzLvC9RVYe/bCe36qXMIDFOTlUH2ljOAnemnSlzk2nk9C0/mBhepfhnl 6ygxJbW2yWwIqRuD6Fu74Awj37EBXRrjqppW4UNnRfvhtNEA91U5ZIif8rhdaUks erDRdi/LaTbwcRRi4AxnkCxQlkz9NFWkxGR2oUuyghHKPgf9SGOF+5Bld5q/K8+u 4HlxKuMY5TeRYX/nqdh5YbKcSMWigOgah+PcuXxdVqT6ZFuDscYfPag3OQIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFFCjeKl3QeXpmWV/U8zNDxeIybkbMB8GA1UdIwQY MBaAFEB8549Kw7qQKgw43AGgxfISZRmwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUUh6bmowckR1cEFxRERqY0FhREY4aEpsR2JBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS9hODdlYTgtYzNiNi00NzJkLWE5NmMt YTk3MWEzMzRmYWE0LzEvVUtONHFYZEI1ZW1aWlg5VHpNMFBGNGpKdVJzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jMS9hODdlYTgtYzNiNi00NzJkLWE5NmMtYTk3MWEzMzRmYWE0 LzEvUUh6bmowckR1cEFxRERqY0FhREY4aEpsR2JBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAuWrwAwQA uWryMA0EAgACMAcDBQAqBkEAMA0GCSqGSIb3DQEBCwUAA4IBAQB2KQSkFtDYdgII yaHi77F3lgepwPkDXFL1tXPRSEoEqw798v79r9uCEEqa63hesdnGNFOFaRtfrYK1 8kr05S1c0khQpeOZpMD5c9j1KQe2umirgtYMc1cFBwVEdZg+uD6HmdRKpqE4BBqA sq9iKzl1AIg7P/qd+jA9XmgpSr4r/hYD9H3zPpSE3wumaafpC8/KdA1ArdYJwtTU hocR4fBzjox61P9QPdBqBFFLMlyrxDZeAe7NDILr6udBxnBSE4PXXl4bxoIAuC99 1smFQaSg6JNw++5c7f7cZ+O/DrhYQaZVtz8Kt8t8yjsN4lFgxoUpVbIlolJCB8tj leEbmp0a -----END CERTIFICATE-----Generated at Wed Jan 7 16:45:55 2026 by rpki-client