This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/6de7a0-4073-4272-bf44-07a1d65548ba/1/lBMdn2iQdHUL-cwEEQDm3tFBaok.roa File: lBMdn2iQdHUL-cwEEQDm3tFBaok.roa (raw, json) Hash identifier: 92N+I3r+uRw8V9HIiYjj1Tx/aQGHG9DB0so6vrEW//w= Subject key identifier: 94:13:1D:9F:68:90:74:75:0B:F9:CC:04:11:00:E6:DE:D1:41:6A:89 Certificate issuer: /CN=74aebc154a56c83025cbd8641a9ac315cb551c06 Certificate serial: 019B78A2DB6A7B885C46DCDF1A15A3BBA90F Authority key identifier: 74:AE:BC:15:4A:56:C8:30:25:CB:D8:64:1A:9A:C3:15:CB:55:1C:06 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dK68FUpWyDAly9hkGprDFctVHAY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/6de7a0-4073-4272-bf44-07a1d65548ba/1/lBMdn2iQdHUL-cwEEQDm3tFBaok.roa Signing time: Thu 01 Jan 2026 08:18:17 +0000 ROA not before: Thu 01 Jan 2026 08:18:17 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 9009 IP address blocks: 45.15.21.0/24 maxlen: 24 194.53.136.0/24 maxlen: 24 194.53.137.0/24 maxlen: 24 2a0e:1d80:6::/48 maxlen: 48 2a0e:1d80:8::/48 maxlen: 48 2a0e:1d80:9::/48 maxlen: 48 2a0e:1d80:10::/48 maxlen: 48 2a0e:1d80:11::/48 maxlen: 48 2a0e:1d80:12::/48 maxlen: 48 2a0e:1d80:13::/48 maxlen: 48 2a0e:1d80:14::/48 maxlen: 48 2a0e:1d80:15::/48 maxlen: 48 2a0e:1d80:117::/64 maxlen: 64 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/6de7a0-4073-4272-bf44-07a1d65548ba/1/dK68FUpWyDAly9hkGprDFctVHAY.crl rsync://rpki.ripe.net/repository/DEFAULT/13/6de7a0-4073-4272-bf44-07a1d65548ba/1/dK68FUpWyDAly9hkGprDFctVHAY.mft rsync://rpki.ripe.net/repository/DEFAULT/dK68FUpWyDAly9hkGprDFctVHAY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 19 Jan 2026 04:45:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a2:db:6a:7b:88:5c:46:dc:df:1a:15:a3:bb:a9:0f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=74aebc154a56c83025cbd8641a9ac315cb551c06 Validity Not Before: Jan 1 08:18:17 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=94131d9f689074750bf9cc041100e6ded1416a89 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:e7:56:1c:68:75:1d:14:15:d0:2b:db:d0:60: fe:8d:1c:9c:1b:49:e6:63:65:b3:11:99:6a:99:49: 28:66:f9:b3:50:62:8e:b5:ce:de:98:c2:a9:85:84: ad:68:ae:5b:a3:1b:db:3c:9d:a8:ac:49:a6:3b:bc: 02:11:74:12:ad:bf:7a:69:33:3e:9c:12:67:c5:f3: ad:5c:f6:9c:b7:ab:db:9d:7c:61:ad:af:35:09:9a: ac:be:c4:bc:b2:b8:cb:6b:2f:f9:79:31:f3:ff:14: 9f:ba:fb:99:76:3c:c3:e1:5e:45:ff:49:65:ad:d9: 31:62:14:1b:bf:72:98:91:60:c9:36:61:ef:3b:25: 3a:5f:6f:64:72:b9:a5:15:79:dc:f3:d5:e6:07:59: c4:26:0b:3f:98:b8:42:14:4b:d8:8a:6a:3a:78:9a: da:9b:b7:f0:56:14:ba:8f:a4:5f:be:b1:09:60:33: 72:a6:e2:40:06:cc:2b:1d:cc:87:d7:1b:bc:75:cb: 4e:2f:6f:09:30:f2:8e:d5:d0:0f:b5:34:3e:06:fd: 77:bb:87:a1:13:45:e2:89:a6:a1:c3:ea:f2:93:40: 59:f5:03:cb:f3:86:f9:a3:26:57:e6:98:c1:c9:e7: 22:ee:df:ea:5a:20:7b:b6:6e:35:e6:77:1a:cb:6a: 2b:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 94:13:1D:9F:68:90:74:75:0B:F9:CC:04:11:00:E6:DE:D1:41:6A:89 X509v3 Authority Key Identifier: keyid:74:AE:BC:15:4A:56:C8:30:25:CB:D8:64:1A:9A:C3:15:CB:55:1C:06 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dK68FUpWyDAly9hkGprDFctVHAY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/6de7a0-4073-4272-bf44-07a1d65548ba/1/lBMdn2iQdHUL-cwEEQDm3tFBaok.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/13/6de7a0-4073-4272-bf44-07a1d65548ba/1/dK68FUpWyDAly9hkGprDFctVHAY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.15.21.0/24 194.53.136.0/23 IPv6: 2a0e:1d80:6::/48 2a0e:1d80:8::/47 2a0e:1d80:10::-2a0e:1d80:15:ffff:ffff:ffff:ffff:ffff 2a0e:1d80:117::/64 Signature Algorithm: sha256WithRSAEncryption 0b:4a:61:94:53:7a:a1:39:e1:a8:e2:49:df:d7:08:28:27:86: d0:fd:91:46:91:49:45:88:9a:c8:49:70:93:44:96:ad:05:d5: db:96:78:db:b9:21:7b:7e:1a:cb:73:66:0a:9a:4b:92:6f:71: ed:d6:25:22:ce:51:bd:0e:f1:e3:93:b5:1a:9b:10:02:05:42: 07:ed:cc:f3:89:54:7f:e7:7e:a7:8f:49:d4:d4:9c:be:c5:df: 89:14:e5:2e:ef:a0:6e:34:b9:2d:a4:ea:fd:02:e7:d7:01:5d: 30:73:f7:db:46:bb:94:90:de:dc:5a:bb:5b:e0:fa:13:f8:9d: 2b:f9:91:dd:a9:ab:e6:cd:45:c1:d5:ba:77:7f:b1:a0:36:96: 27:e0:d6:c6:25:40:e5:7b:fc:82:0a:31:4e:6d:12:f9:39:04: a9:e6:28:50:57:b7:71:a5:1d:64:43:05:e2:a0:81:3d:78:04: 23:a5:02:e1:ec:ce:5a:02:20:2a:26:e2:1b:c8:5d:db:44:df: 43:20:b0:7c:d1:c6:8c:1a:11:93:8e:2c:49:ee:1e:6d:4d:db: 93:54:6d:8d:72:8a:d7:ed:99:91:56:0a:86:83:a4:a2:57:a6: 89:0c:d0:b4:32:02:39:ab:cc:3b:1a:9a:e4:2d:48:82:da:be: d3:af:6c:0c -----BEGIN CERTIFICATE----- MIIFPDCCBCSgAwIBAgISAZt4ottqe4hcRtzfGhWju6kPMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc0YWViYzE1NGE1NmM4MzAyNWNiZDg2NDFhOWFjMzE1Y2I1 NTFjMDYwHhcNMjYwMTAxMDgxODE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5NDEzMWQ5ZjY4OTA3NDc1MGJmOWNjMDQxMTAwZTZkZWQxNDE2YTg5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0+dWHGh1HRQV0Cvb0GD+jRycG0nm Y2WzEZlqmUkoZvmzUGKOtc7emMKphYStaK5boxvbPJ2orEmmO7wCEXQSrb96aTM+ nBJnxfOtXPact6vbnXxhra81CZqsvsS8srjLay/5eTHz/xSfuvuZdjzD4V5F/0ll rdkxYhQbv3KYkWDJNmHvOyU6X29kcrmlFXnc89XmB1nEJgs/mLhCFEvYimo6eJra m7fwVhS6j6RfvrEJYDNypuJABswrHcyH1xu8dctOL28JMPKO1dAPtTQ+Bv13u4eh E0Xiiaahw+ryk0BZ9QPL84b5oyZX5pjByeci7t/qWiB7tm415ncay2orrwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFJQTHZ9okHR1C/nMBBEA5t7RQWqJMB8GA1UdIwQY MBaAFHSuvBVKVsgwJcvYZBqawxXLVRwGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZEs2OEZVcFd5REFseTloa0dwckRGY3RWSEFZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy82ZGU3YTAtNDA3My00MjcyLWJmNDQt MDdhMWQ2NTU0OGJhLzEvbEJNZG4yaVFkSFVMLWN3RUVRRG0zdEZCYW9rLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xMy82ZGU3YTAtNDA3My00MjcyLWJmNDQtMDdhMWQ2NTU0OGJh LzEvZEs2OEZVcFd5REFseTloa0dwckRGY3RWSEFZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTASBAIAATAMAwQALQ8VAwQB wjWIMDcEAgACMDEDBwAqDh2AAAYDBwEqDh2AAAgwEgMHBCoOHYAAEAMHASoOHYAA FAMJACoOHYABFwAAMA0GCSqGSIb3DQEBCwUAA4IBAQALSmGUU3qhOeGo4knf1wgo J4bQ/ZFGkUlFiJrISXCTRJatBdXblnjbuSF7fhrLc2YKmkuSb3Ht1iUizlG9DvHj k7UamxACBUIH7czziVR/536nj0nU1Jy+xd+JFOUu76BuNLktpOr9AufXAV0wc/fb RruUkN7cWrtb4PoT+J0r+ZHdqavmzUXB1bp3f7GgNpYn4NbGJUDle/yCCjFObRL5 OQSp5ihQV7dxpR1kQwXioIE9eAQjpQLh7M5aAiAqJuIbyF3bRN9DILB80caMGhGT jixJ7h5tTduTVG2NcorX7ZmRVgqGg6SiV6aJDNC0MgI5q8w7GprkLUiC2r7Tr2wM -----END CERTIFICATE-----Generated at Sun Jan 18 08:53:54 2026 by rpki-client