This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/daf960-d060-49fc-af42-dee292ea87a3/1/lgTArLUMYrKA2h_soDmzPeEt-bE.roa File: lgTArLUMYrKA2h_soDmzPeEt-bE.roa (raw, json) Hash identifier: QFGAzr+Hh5GDcp3vsyzbp7//YxUomw2TKbl55PVM51U= Subject key identifier: 96:04:C0:AC:B5:0C:62:B2:80:DA:1F:EC:A0:39:B3:3D:E1:2D:F9:B1 Certificate issuer: /CN=8a1ce1d135bf2cf8e8c13f33ec11c8523703dc75 Certificate serial: 019B78A2B2259C3EE67C902430F5F1369849 Authority key identifier: 8A:1C:E1:D1:35:BF:2C:F8:E8:C1:3F:33:EC:11:C8:52:37:03:DC:75 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ihzh0TW_LPjowT8z7BHIUjcD3HU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/daf960-d060-49fc-af42-dee292ea87a3/1/lgTArLUMYrKA2h_soDmzPeEt-bE.roa Signing time: Thu 01 Jan 2026 08:18:06 +0000 ROA not before: Thu 01 Jan 2026 08:18:06 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 214903 IP address blocks: 45.133.102.0/23 maxlen: 23 45.133.102.0/24 maxlen: 24 45.133.103.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/daf960-d060-49fc-af42-dee292ea87a3/1/ihzh0TW_LPjowT8z7BHIUjcD3HU.crl rsync://rpki.ripe.net/repository/DEFAULT/0c/daf960-d060-49fc-af42-dee292ea87a3/1/ihzh0TW_LPjowT8z7BHIUjcD3HU.mft rsync://rpki.ripe.net/repository/DEFAULT/ihzh0TW_LPjowT8z7BHIUjcD3HU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 11:00:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a2:b2:25:9c:3e:e6:7c:90:24:30:f5:f1:36:98:49 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8a1ce1d135bf2cf8e8c13f33ec11c8523703dc75 Validity Not Before: Jan 1 08:18:06 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=9604c0acb50c62b280da1feca039b33de12df9b1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:d0:e2:16:83:08:ff:f4:61:9b:9e:52:d6:4b: d8:b7:6f:da:c7:8f:43:1b:61:03:d1:f0:69:63:3f: 97:f4:a0:33:90:23:ff:7e:0f:ba:a8:b9:fd:6c:a4: a7:e8:da:3b:ca:e2:c4:55:c1:4d:e5:63:32:1c:cf: 09:17:b0:b5:71:6b:16:3d:52:83:0e:4c:43:a5:50: 7c:cd:11:58:25:37:5b:bc:d7:04:75:b5:72:59:93: 9b:d8:bc:1f:8b:dd:7c:2c:10:16:d0:74:f3:4e:df: a1:09:0f:16:5b:60:29:be:9b:e6:31:3d:1b:dd:a5: c3:14:97:95:1a:f9:c4:27:94:bc:57:ea:dd:54:03: 96:f3:b4:f8:e5:ce:4c:1a:14:06:6f:72:b4:73:eb: 0b:d8:75:2c:40:0f:34:ac:8c:37:1d:56:27:0c:2e: 75:73:6e:ce:d6:15:30:93:8f:b0:f5:15:b5:01:f8: 6b:b6:69:44:d4:3a:d6:74:ce:d4:76:35:30:2e:df: 65:61:a2:5d:15:47:88:fe:44:5c:ce:53:e5:0c:71: 2d:60:bb:18:0b:ca:10:bd:3d:99:0f:1c:6e:49:42: b1:1e:4e:9b:57:c9:3b:ba:b5:ee:7b:8e:2c:2f:00: 6d:5b:0e:25:21:e7:ed:b1:03:50:8f:ac:fd:4f:cb: 82:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 96:04:C0:AC:B5:0C:62:B2:80:DA:1F:EC:A0:39:B3:3D:E1:2D:F9:B1 X509v3 Authority Key Identifier: keyid:8A:1C:E1:D1:35:BF:2C:F8:E8:C1:3F:33:EC:11:C8:52:37:03:DC:75 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ihzh0TW_LPjowT8z7BHIUjcD3HU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/daf960-d060-49fc-af42-dee292ea87a3/1/lgTArLUMYrKA2h_soDmzPeEt-bE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/daf960-d060-49fc-af42-dee292ea87a3/1/ihzh0TW_LPjowT8z7BHIUjcD3HU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.133.102.0/23 Signature Algorithm: sha256WithRSAEncryption 7d:e9:4f:aa:72:43:a9:ea:15:5f:ca:32:0f:fa:59:c6:61:48: 77:7f:02:dc:bb:44:5a:e7:b7:e7:53:96:00:48:23:4d:a4:6c: 17:ac:16:e0:d1:1b:a7:0f:64:90:5e:55:b5:f2:24:74:bb:a9: 37:1b:34:07:1b:5d:47:81:e7:0a:45:47:b6:c6:40:31:dd:bd: 5c:26:e4:85:0e:ae:1b:55:44:49:51:14:c2:71:b6:89:e8:21: 59:2a:4c:2e:a2:54:83:73:b6:5b:9b:4c:6f:26:8e:eb:97:66: f9:40:8a:79:9a:02:ac:3c:91:00:4b:6e:83:87:24:4b:89:f4: f9:be:97:0d:a7:69:b0:14:d7:ae:00:af:a2:ac:89:44:f9:6f: b9:41:1e:34:7d:b4:94:25:16:a4:18:55:28:8b:32:c5:3b:32: 8f:e0:1a:56:8c:ba:3e:c3:49:ee:9c:2a:cf:2a:a0:05:18:36: 2b:72:bb:1c:8e:4b:4c:77:22:8c:c5:9d:69:6f:98:f7:ba:39: 78:eb:67:1b:07:55:5d:a5:4a:6b:2e:67:5f:91:b0:59:05:9b: 60:e4:74:5c:91:69:2d:b9:e9:3f:e3:48:ab:6a:b6:f0:39:39: 30:7d:94:6b:f1:e5:66:3c:48:d8:22:d8:75:ef:11:7e:e0:a0: cc:01:87:a7 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt4orIlnD7mfJAkMPXxNphJMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDhhMWNlMWQxMzViZjJjZjhlOGMxM2YzM2VjMTFjODUyMzcw M2RjNzUwHhcNMjYwMTAxMDgxODA2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5NjA0YzBhY2I1MGM2MmIyODBkYTFmZWNhMDM5YjMzZGUxMmRmOWIxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs9DiFoMI//Rhm55S1kvYt2/ax49D G2ED0fBpYz+X9KAzkCP/fg+6qLn9bKSn6No7yuLEVcFN5WMyHM8JF7C1cWsWPVKD DkxDpVB8zRFYJTdbvNcEdbVyWZOb2Lwfi918LBAW0HTzTt+hCQ8WW2ApvpvmMT0b 3aXDFJeVGvnEJ5S8V+rdVAOW87T45c5MGhQGb3K0c+sL2HUsQA80rIw3HVYnDC51 c27O1hUwk4+w9RW1AfhrtmlE1DrWdM7UdjUwLt9lYaJdFUeI/kRczlPlDHEtYLsY C8oQvT2ZDxxuSUKxHk6bV8k7urXue44sLwBtWw4lIeftsQNQj6z9T8uCOQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFJYEwKy1DGKygNof7KA5sz3hLfmxMB8GA1UdIwQY MBaAFIoc4dE1vyz46ME/M+wRyFI3A9x1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaWh6aDBUV19MUGpvd1Q4ejdCSElVamNEM0hVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9kYWY5NjAtZDA2MC00OWZjLWFmNDIt ZGVlMjkyZWE4N2EzLzEvbGdUQXJMVU1ZcktBMmhfc29EbXpQZUV0LWJFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wYy9kYWY5NjAtZDA2MC00OWZjLWFmNDItZGVlMjkyZWE4N2Ez LzEvaWh6aDBUV19MUGpvd1Q4ejdCSElVamNEM0hVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLYVmMA0G CSqGSIb3DQEBCwUAA4IBAQB96U+qckOp6hVfyjIP+lnGYUh3fwLcu0Ra57fnU5YA SCNNpGwXrBbg0RunD2SQXlW18iR0u6k3GzQHG11HgecKRUe2xkAx3b1cJuSFDq4b VURJURTCcbaJ6CFZKkwuolSDc7Zbm0xvJo7rl2b5QIp5mgKsPJEAS26DhyRLifT5 vpcNp2mwFNeuAK+irIlE+W+5QR40fbSUJRakGFUoizLFOzKP4BpWjLo+w0nunCrP KqAFGDYrcrscjktMdyKMxZ1pb5j3ujl462cbB1VdpUprLmdfkbBZBZtg5HRckWkt uek/40irarbwOTkwfZRr8eVmPEjYIth17xF+4KDMAYen -----END CERTIFICATE-----Generated at Mon Jan 26 20:26:06 2026 by rpki-client