This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/3e61d0-f6ce-4aad-9764-762d27277591/1/lXUAxU6WVwpNoYD3PNJupX0IdnQ.roa File: lXUAxU6WVwpNoYD3PNJupX0IdnQ.roa (raw, json) Hash identifier: 1IXDFDpAZ7cDUUd7sdHkzjt07vGwbPC7cOUCYW3+UFQ= Subject key identifier: 95:75:00:C5:4E:96:57:0A:4D:A1:80:F7:3C:D2:6E:A5:7D:08:76:74 Certificate issuer: /CN=8f51aad0e4148abe3f2a8b8d4318f34b456b65f1 Certificate serial: 019B7DCA588533B83C6171D932F816F89F7F Authority key identifier: 8F:51:AA:D0:E4:14:8A:BE:3F:2A:8B:8D:43:18:F3:4B:45:6B:65:F1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j1Gq0OQUir4_KouNQxjzS0VrZfE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/3e61d0-f6ce-4aad-9764-762d27277591/1/lXUAxU6WVwpNoYD3PNJupX0IdnQ.roa Signing time: Fri 02 Jan 2026 08:19:31 +0000 ROA not before: Fri 02 Jan 2026 08:19:31 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 16509 IP address blocks: 157.167.134.0/24 maxlen: 24 157.167.135.0/24 maxlen: 24 157.167.136.0/21 maxlen: 21 157.167.144.0/21 maxlen: 21 157.167.152.0/24 maxlen: 24 157.167.153.0/24 maxlen: 24 157.167.155.0/24 maxlen: 24 157.167.156.0/24 maxlen: 24 157.167.225.0/24 maxlen: 24 157.167.226.0/24 maxlen: 24 157.167.227.0/24 maxlen: 24 157.167.228.0/24 maxlen: 24 157.167.229.0/24 maxlen: 24 157.167.230.0/24 maxlen: 24 157.167.231.0/24 maxlen: 24 157.167.232.0/24 maxlen: 24 157.167.233.0/24 maxlen: 24 157.167.234.0/24 maxlen: 24 157.167.235.0/24 maxlen: 24 157.167.236.0/24 maxlen: 24 157.167.237.0/24 maxlen: 24 157.167.238.0/24 maxlen: 24 157.167.239.0/24 maxlen: 24 157.167.240.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/76/3e61d0-f6ce-4aad-9764-762d27277591/1/j1Gq0OQUir4_KouNQxjzS0VrZfE.crl rsync://rpki.ripe.net/repository/DEFAULT/76/3e61d0-f6ce-4aad-9764-762d27277591/1/j1Gq0OQUir4_KouNQxjzS0VrZfE.mft rsync://rpki.ripe.net/repository/DEFAULT/j1Gq0OQUir4_KouNQxjzS0VrZfE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 17 Jan 2026 23:00:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:ca:58:85:33:b8:3c:61:71:d9:32:f8:16:f8:9f:7f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8f51aad0e4148abe3f2a8b8d4318f34b456b65f1 Validity Not Before: Jan 2 08:19:31 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=957500c54e96570a4da180f73cd26ea57d087674 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:bf:e5:5f:ea:77:0a:90:b0:8b:2a:2c:9c:97: c2:b0:09:2d:ea:38:61:c5:0c:9d:d3:c1:cd:32:50: de:5a:ed:7e:61:a8:e5:6a:d9:b5:8d:39:32:c3:ad: 2b:e1:aa:40:4f:23:33:c4:89:5c:13:d1:06:fb:87: 56:9b:90:ea:67:6c:e2:e4:4e:0a:2f:74:60:49:47: 35:2b:7e:14:54:3c:7c:f5:c6:b6:96:26:5b:f2:30: e9:a8:20:fd:b6:c7:48:94:ed:15:0c:60:fa:d0:f1: 31:a3:e2:58:f1:8e:89:4c:d1:27:81:cb:0b:26:71: 72:77:21:95:74:f1:17:b4:5f:8a:c7:a0:dd:36:69: d1:1f:81:44:50:57:8e:5e:9b:4b:b5:c3:fb:42:07: 67:e1:36:98:1a:04:9c:37:53:9b:04:87:45:a6:1e: 73:94:a0:1a:b9:79:72:5a:79:f6:5d:9f:1c:53:75: 3f:f5:54:ba:78:69:eb:1e:05:a2:41:ce:19:90:97: d3:f9:e7:f9:b4:ef:8a:b2:93:29:f7:c9:e9:52:63: 45:eb:ed:5a:f8:41:07:ab:94:7e:8b:e3:2d:52:d4: 93:1f:7d:ac:06:81:aa:e5:cf:b3:9a:d8:3f:4f:57: 69:9c:17:4c:2a:2e:0c:48:54:86:b4:90:b0:24:77: cf:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 95:75:00:C5:4E:96:57:0A:4D:A1:80:F7:3C:D2:6E:A5:7D:08:76:74 X509v3 Authority Key Identifier: keyid:8F:51:AA:D0:E4:14:8A:BE:3F:2A:8B:8D:43:18:F3:4B:45:6B:65:F1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j1Gq0OQUir4_KouNQxjzS0VrZfE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/3e61d0-f6ce-4aad-9764-762d27277591/1/lXUAxU6WVwpNoYD3PNJupX0IdnQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/76/3e61d0-f6ce-4aad-9764-762d27277591/1/j1Gq0OQUir4_KouNQxjzS0VrZfE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.167.134.0-157.167.153.255 157.167.155.0-157.167.156.255 157.167.225.0-157.167.240.255 Signature Algorithm: sha256WithRSAEncryption 31:f7:59:71:ef:a4:96:bc:f8:7e:77:5c:dd:9b:bd:07:36:cb: 95:b4:48:78:99:86:06:7c:2c:8d:3d:7d:95:cf:61:ff:ba:0f: 51:e7:07:29:dd:11:c5:7a:36:49:4c:d2:30:c9:21:8f:83:d9: ec:8e:9c:71:fb:bc:b0:14:bd:ef:08:4d:2e:6d:82:71:79:b6: 21:03:a4:d8:c3:05:36:84:35:bd:7c:46:c4:d6:4a:c8:02:77: e9:a7:43:20:fd:73:43:f7:a1:dc:b4:63:3a:ba:81:0a:98:d2: 46:de:92:5f:e0:8d:39:b0:32:13:45:78:47:f3:0e:d5:e6:8c: 97:b9:60:ca:4c:7f:06:0c:a9:65:5f:2d:e5:35:96:9e:e3:d1: 61:13:84:25:89:04:6d:65:19:aa:88:d8:f4:73:12:f7:35:3b: 35:58:f6:33:83:5c:c6:65:02:80:40:6e:11:97:d7:ea:af:a7: c9:ff:ba:be:bf:5f:9d:92:1e:c1:0d:8e:fe:22:01:0c:0d:af: 45:01:a6:f2:f8:d4:ba:44:a1:62:66:9d:3e:7e:78:db:35:8f: 23:b5:3c:28:85:48:32:5e:69:03:e9:b4:6e:9d:6e:14:14:4d: 4e:f2:27:de:9c:00:b7:5b:81:b3:2b:5c:e8:ca:7d:bf:9c:41: 10:d1:e8:45 -----BEGIN CERTIFICATE----- MIIFITCCBAmgAwIBAgISAZt9yliFM7g8YXHZMvgW+J9/MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDhmNTFhYWQwZTQxNDhhYmUzZjJhOGI4ZDQzMThmMzRiNDU2 YjY1ZjEwHhcNMjYwMTAyMDgxOTMxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5NTc1MDBjNTRlOTY1NzBhNGRhMTgwZjczY2QyNmVhNTdkMDg3Njc0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuL/lX+p3CpCwiyosnJfCsAkt6jhh xQyd08HNMlDeWu1+Yajlatm1jTkyw60r4apATyMzxIlcE9EG+4dWm5DqZ2zi5E4K L3RgSUc1K34UVDx89ca2liZb8jDpqCD9tsdIlO0VDGD60PExo+JY8Y6JTNEngcsL JnFydyGVdPEXtF+Kx6DdNmnRH4FEUFeOXptLtcP7Qgdn4TaYGgScN1ObBIdFph5z lKAauXlyWnn2XZ8cU3U/9VS6eGnrHgWiQc4ZkJfT+ef5tO+KspMp98npUmNF6+1a +EEHq5R+i+MtUtSTH32sBoGq5c+zmtg/T1dpnBdMKi4MSFSGtJCwJHfPfwIDAQAB o4ICLTCCAikwHQYDVR0OBBYEFJV1AMVOllcKTaGA9zzSbqV9CHZ0MB8GA1UdIwQY MBaAFI9RqtDkFIq+PyqLjUMY80tFa2XxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvajFHcTBPUVVpcjRfS291TlF4anpTMFZyWmZFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni8zZTYxZDAtZjZjZS00YWFkLTk3NjQt NzYyZDI3Mjc3NTkxLzEvbFhVQXhVNldWd3BOb1lEM1BOSnVwWDBJZG5RLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83Ni8zZTYxZDAtZjZjZS00YWFkLTk3NjQtNzYyZDI3Mjc3NTkx LzEvajFHcTBPUVVpcjRfS291TlF4anpTMFZyWmZFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqMAwDBAGdp4YD BAGdp5gwDAMEAJ2nmwMEAJ2nnDAMAwQAnafhAwQAnafwMA0GCSqGSIb3DQEBCwUA A4IBAQAx91lx76SWvPh+d1zdm70HNsuVtEh4mYYGfCyNPX2Vz2H/ug9R5wcp3RHF ejZJTNIwySGPg9nsjpxx+7ywFL3vCE0ubYJxebYhA6TYwwU2hDW9fEbE1krIAnfp p0Mg/XND96HctGM6uoEKmNJG3pJf4I05sDITRXhH8w7V5oyXuWDKTH8GDKllXy3l NZae49FhE4QliQRtZRmqiNj0cxL3NTs1WPYzg1zGZQKAQG4Rl9fqr6fJ/7q+v1+d kh7BDY7+IgEMDa9FAaby+NS6RKFiZp0+fnjbNY8jtTwohUgyXmkD6bRunW4UFE1O 8ifenAC3W4GzK1zoyn2/nEEQ0ehF -----END CERTIFICATE-----Generated at Sat Jan 17 06:46:20 2026 by rpki-client