This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/LtUxQGmA-yTucxXQikzySwfJRVo.roa File: LtUxQGmA-yTucxXQikzySwfJRVo.roa (raw, json) Hash identifier: +U4rkOUlD1dgIV7ucOTqZzsmG9EMNogrKAPziGzE4tA= Subject key identifier: 2E:D5:31:40:69:80:FB:24:EE:73:15:D0:8A:4C:F2:4B:07:C9:45:5A Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d Certificate serial: 019B78A30FF1D1F305B0E6EF4C3B255B4E9B Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/LtUxQGmA-yTucxXQikzySwfJRVo.roa Signing time: Thu 01 Jan 2026 08:18:30 +0000 ROA not before: Thu 01 Jan 2026 08:18:30 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 60230 IP address blocks: 31.13.244.0/24 maxlen: 24 31.13.244.99/32 maxlen: 32 2a00:1728:a::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 02:00:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a3:0f:f1:d1:f3:05:b0:e6:ef:4c:3b:25:5b:4e:9b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d Validity Not Before: Jan 1 08:18:30 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=2ed531406980fb24ee7315d08a4cf24b07c9455a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e9:83:ef:9f:ca:aa:f0:ea:18:a8:85:55:f8:f4: ac:ba:29:a2:98:d6:06:f5:5e:a5:ec:b0:9f:2b:c7: b7:49:14:b3:2d:58:34:dd:b5:38:6b:b6:2f:2f:60: 93:ca:74:30:96:78:ca:aa:eb:6c:ca:11:a3:7b:7e: 1a:39:38:fb:08:07:4f:9f:6e:fd:f9:b5:5f:2e:05: 64:98:0b:a5:dd:53:e6:5e:a1:41:48:2e:39:6b:62: 66:c8:3d:f8:94:83:33:e1:8e:f5:5b:ce:95:6f:ba: 92:d7:e9:84:1d:51:30:85:e9:3c:32:37:8d:8a:84: fa:b9:ee:f0:41:2d:ec:68:22:a9:4e:0d:02:62:93: 1c:0a:3b:c3:39:91:69:ef:e2:61:7c:42:db:5b:14: a5:f3:ea:8e:7c:d9:91:7f:8c:ce:47:7f:83:9a:48: 6f:2d:25:85:c0:3c:8a:9d:18:5c:77:f2:ab:a4:79: 5b:0a:5f:70:08:dc:34:2f:74:fb:4f:29:86:4f:fb: b0:e8:ce:f8:5a:e3:b6:5e:1e:6a:ce:a1:f3:fd:7a: a4:4e:d4:9a:53:07:6b:7f:ce:07:58:af:a0:a2:9c: ed:75:90:d6:5b:5e:d8:4e:63:fa:3e:d6:30:0e:40: 6a:60:75:02:7d:e7:8c:71:a8:85:f1:9b:a7:df:29: ca:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2E:D5:31:40:69:80:FB:24:EE:73:15:D0:8A:4C:F2:4B:07:C9:45:5A X509v3 Authority Key Identifier: keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/LtUxQGmA-yTucxXQikzySwfJRVo.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.13.244.0/24 IPv6: 2a00:1728:a::/48 Signature Algorithm: sha256WithRSAEncryption 4a:c4:43:3c:d9:2a:fa:67:1e:8b:00:5c:dc:7b:99:91:67:30: bd:07:82:19:06:85:d1:e5:fb:68:a0:e1:00:21:c5:d0:5a:b5: 1d:27:1a:50:75:48:88:f6:72:25:2a:58:39:d8:b7:d3:e9:06: e9:18:fa:00:fe:57:f1:a0:65:39:24:23:c2:71:f2:42:f8:8b: e8:42:99:78:24:a9:73:3a:5f:44:1f:69:f6:95:4f:0a:5d:35: ff:83:d8:89:8a:13:fd:3a:5d:85:b6:91:e6:84:76:9a:90:46: 72:6f:40:e3:3a:5e:4e:3a:db:8f:fb:b6:d9:69:5b:5c:f6:37: d8:e0:4c:1f:d1:7b:21:07:76:b1:46:d6:9d:ca:6f:4a:da:36: 62:7c:18:4e:2d:60:8d:34:69:0e:98:0f:1c:58:3d:3e:1d:69: 8c:b9:d2:5a:3b:31:9c:c3:f3:03:e6:5c:f0:10:f4:6e:51:eb: 86:eb:3f:25:cc:b6:db:9b:3d:0c:25:07:91:00:0f:c3:86:77: 3a:42:4c:f6:1c:12:3a:48:a0:2a:76:74:00:38:e0:ea:2c:6a: 52:32:77:d0:be:90:15:7d:2a:34:cc:1b:7f:4c:73:d4:57:cc: 12:61:67:d5:de:52:5e:fc:0a:3a:a1:24:41:76:85:54:ae:d6: e7:08:9a:00 -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgISAZt4ow/x0fMFsObvTDslW06bMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3 NzVlOWQwHhcNMjYwMTAxMDgxODMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyZWQ1MzE0MDY5ODBmYjI0ZWU3MzE1ZDA4YTRjZjI0YjA3Yzk0NTVhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6YPvn8qq8OoYqIVV+PSsuimimNYG 9V6l7LCfK8e3SRSzLVg03bU4a7YvL2CTynQwlnjKqutsyhGje34aOTj7CAdPn279 +bVfLgVkmAul3VPmXqFBSC45a2JmyD34lIMz4Y71W86Vb7qS1+mEHVEwhek8MjeN ioT6ue7wQS3saCKpTg0CYpMcCjvDOZFp7+JhfELbWxSl8+qOfNmRf4zOR3+Dmkhv LSWFwDyKnRhcd/KrpHlbCl9wCNw0L3T7TymGT/uw6M74WuO2Xh5qzqHz/XqkTtSa Uwdrf84HWK+gopztdZDWW17YTmP6PtYwDkBqYHUCfeeMcaiF8Zun3ynKpwIDAQAB o4ICGjCCAhYwHQYDVR0OBBYEFC7VMUBpgPsk7nMV0IpM8ksHyUVaMB8GA1UdIwQY MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct Y2QzY2E1OTc1NzEyLzEvTHRVeFFHbUEteVR1Y3hYUWlrenlTd2ZKUlZvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAHw30MA8E AgACMAkDBwAqABcoAAowDQYJKoZIhvcNAQELBQADggEBAErEQzzZKvpnHosAXNx7 mZFnML0HghkGhdHl+2ig4QAhxdBatR0nGlB1SIj2ciUqWDnYt9PpBukY+gD+V/Gg ZTkkI8Jx8kL4i+hCmXgkqXM6X0QfafaVTwpdNf+D2ImKE/06XYW2keaEdpqQRnJv QOM6Xk4624/7ttlpW1z2N9jgTB/ReyEHdrFG1p3Kb0raNmJ8GE4tYI00aQ6YDxxY PT4daYy50lo7MZzD8wPmXPAQ9G5R64brPyXMttubPQwlB5EAD8OGdzpCTPYcEjpI oCp2dAA44OosalIyd9C+kBV9KjTMG39Mc9RXzBJhZ9XeUl78CjqhJEF2hVSu1ucI mgA= -----END CERTIFICATE-----Generated at Fri Jan 2 12:07:57 2026 by rpki-client