This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/393911-49a2-4a76-be14-f46d6ab3d326/1/lcX_BfSjVldf0AWvAKj1fHUxC84.roa File: lcX_BfSjVldf0AWvAKj1fHUxC84.roa (raw, json) Hash identifier: EI6Mzu5z6YSWUkBvK1kxjCqRN5l7TNUNJw5p8ATCsOY= Subject key identifier: 95:C5:FF:05:F4:A3:56:57:5F:D0:05:AF:00:A8:F5:7C:75:31:0B:CE Certificate issuer: /CN=03c6cea2a80220361231b6afbbc8c8cdaa4fd517 Certificate serial: 019B791095A803A6AEC8D2947782857E4353 Authority key identifier: 03:C6:CE:A2:A8:02:20:36:12:31:B6:AF:BB:C8:C8:CD:AA:4F:D5:17 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A8bOoqgCIDYSMbavu8jIzapP1Rc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/393911-49a2-4a76-be14-f46d6ab3d326/1/lcX_BfSjVldf0AWvAKj1fHUxC84.roa Signing time: Thu 01 Jan 2026 10:18:08 +0000 ROA not before: Thu 01 Jan 2026 10:18:08 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 16509 IP address blocks: 89.37.140.0/24 maxlen: 24 193.107.65.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/393911-49a2-4a76-be14-f46d6ab3d326/1/A8bOoqgCIDYSMbavu8jIzapP1Rc.crl rsync://rpki.ripe.net/repository/DEFAULT/14/393911-49a2-4a76-be14-f46d6ab3d326/1/A8bOoqgCIDYSMbavu8jIzapP1Rc.mft rsync://rpki.ripe.net/repository/DEFAULT/A8bOoqgCIDYSMbavu8jIzapP1Rc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:10:95:a8:03:a6:ae:c8:d2:94:77:82:85:7e:43:53 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=03c6cea2a80220361231b6afbbc8c8cdaa4fd517 Validity Not Before: Jan 1 10:18:08 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=95c5ff05f4a356575fd005af00a8f57c75310bce Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:a0:56:d5:f2:9c:b1:5c:59:22:68:91:82:d0: 1e:73:96:90:e4:ff:57:1e:3b:12:01:a4:84:0f:fa: 73:0c:8b:73:71:2a:b0:d6:ae:1c:5d:4e:9c:1a:5c: a6:74:f3:7d:9a:59:3d:4c:1a:9d:0f:36:ec:bd:84: 50:a9:65:d9:ce:76:10:db:d9:fc:9c:34:69:df:be: fc:e9:71:6f:c8:dc:d3:ea:5c:22:0d:e1:f4:36:dc: fb:5a:1f:54:c7:98:8f:83:2f:d0:e7:01:c8:f3:45: 83:10:ea:f1:b3:da:0c:4d:5d:67:ea:81:0f:ba:ca: 54:c0:83:52:ad:47:63:a6:ba:62:ce:6a:f0:68:46: 6c:ff:c0:4f:46:fe:02:84:da:48:48:62:33:85:1a: f6:38:24:61:b9:e5:ce:e1:a0:e1:de:eb:be:40:a1: 79:b7:d0:ef:2c:bd:aa:93:ed:65:8f:0d:7e:b7:06: 26:b3:72:48:fa:48:83:44:25:43:3e:82:ee:a4:5b: 64:6b:9c:76:4a:20:8f:1d:c0:d6:fa:19:1d:1c:b4: 7e:38:34:bb:07:fc:f7:65:d9:71:7a:85:56:fb:30: 03:b0:25:71:ed:d2:d0:c7:03:da:60:0f:85:b4:aa: fb:c3:14:99:33:08:0c:8a:95:8e:04:1f:71:5c:26: 53:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 95:C5:FF:05:F4:A3:56:57:5F:D0:05:AF:00:A8:F5:7C:75:31:0B:CE X509v3 Authority Key Identifier: keyid:03:C6:CE:A2:A8:02:20:36:12:31:B6:AF:BB:C8:C8:CD:AA:4F:D5:17 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A8bOoqgCIDYSMbavu8jIzapP1Rc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/393911-49a2-4a76-be14-f46d6ab3d326/1/lcX_BfSjVldf0AWvAKj1fHUxC84.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/14/393911-49a2-4a76-be14-f46d6ab3d326/1/A8bOoqgCIDYSMbavu8jIzapP1Rc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 89.37.140.0/24 193.107.65.0/24 Signature Algorithm: sha256WithRSAEncryption 29:23:ea:fe:ae:4c:14:6f:a6:92:e3:ae:c9:1d:a1:7c:54:ec: cc:28:67:bf:8f:b7:10:57:b0:ea:21:e6:90:1d:47:d5:b8:7f: 9b:bf:03:89:5f:d4:a8:33:18:12:a4:b3:80:93:d1:34:4f:de: 82:ef:3c:f6:e5:fb:82:32:14:fb:15:aa:ae:1c:89:a2:11:27: 94:8b:73:5a:ce:ca:ba:7b:06:3e:d6:ce:56:e2:15:8b:38:15: c1:6a:0a:b2:0a:94:cf:16:c3:4f:63:c7:5d:c4:f0:f3:09:72: dc:24:c8:aa:3e:67:b9:7d:21:ad:bb:7a:a0:3f:8f:08:6c:c2: 2d:f2:44:6f:65:b9:9f:df:88:8f:15:54:6b:16:d7:f4:eb:4a: 40:e8:cf:b8:c8:53:5d:ed:3e:6a:c0:79:7d:12:e4:9e:43:48: 6e:50:d2:4f:dc:ab:aa:88:52:6b:fc:82:29:23:20:d6:58:7f: 1a:28:00:0c:4e:d1:ca:1e:83:a5:75:53:b0:97:5b:43:7a:2c: 0e:a2:71:95:d8:18:f6:87:c9:4d:54:7b:0b:0c:12:c7:70:67: b0:7d:95:48:7e:7a:63:89:db:90:56:b7:a5:81:35:24:8f:bd: 7c:cf:59:9f:e6:83:ed:02:92:c8:a8:4a:7e:7c:2d:49:88:fb: a0:99:4d:d5 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt5EJWoA6auyNKUd4KFfkNTMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDAzYzZjZWEyYTgwMjIwMzYxMjMxYjZhZmJiYzhjOGNkYWE0 ZmQ1MTcwHhcNMjYwMTAxMTAxODA4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5NWM1ZmYwNWY0YTM1NjU3NWZkMDA1YWYwMGE4ZjU3Yzc1MzEwYmNlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsKBW1fKcsVxZImiRgtAec5aQ5P9X HjsSAaSED/pzDItzcSqw1q4cXU6cGlymdPN9mlk9TBqdDzbsvYRQqWXZznYQ29n8 nDRp37786XFvyNzT6lwiDeH0Ntz7Wh9Ux5iPgy/Q5wHI80WDEOrxs9oMTV1n6oEP uspUwINSrUdjprpizmrwaEZs/8BPRv4ChNpISGIzhRr2OCRhueXO4aDh3uu+QKF5 t9DvLL2qk+1ljw1+twYms3JI+kiDRCVDPoLupFtka5x2SiCPHcDW+hkdHLR+ODS7 B/z3ZdlxeoVW+zADsCVx7dLQxwPaYA+FtKr7wxSZMwgMipWOBB9xXCZTmwIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFJXF/wX0o1ZXX9AFrwCo9Xx1MQvOMB8GA1UdIwQY MBaAFAPGzqKoAiA2EjG2r7vIyM2qT9UXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQThiT29xZ0NJRFlTTWJhdnU4akl6YXBQMVJjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8zOTM5MTEtNDlhMi00YTc2LWJlMTQt ZjQ2ZDZhYjNkMzI2LzEvbGNYX0JmU2pWbGRmMEFXdkFLajFmSFV4Qzg0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNC8zOTM5MTEtNDlhMi00YTc2LWJlMTQtZjQ2ZDZhYjNkMzI2 LzEvQThiT29xZ0NJRFlTTWJhdnU4akl6YXBQMVJjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWSWMAwQA wWtBMA0GCSqGSIb3DQEBCwUAA4IBAQApI+r+rkwUb6aS467JHaF8VOzMKGe/j7cQ V7DqIeaQHUfVuH+bvwOJX9SoMxgSpLOAk9E0T96C7zz25fuCMhT7FaquHImiESeU i3Nazsq6ewY+1s5W4hWLOBXBagqyCpTPFsNPY8ddxPDzCXLcJMiqPme5fSGtu3qg P48IbMIt8kRvZbmf34iPFVRrFtf060pA6M+4yFNd7T5qwHl9EuSeQ0huUNJP3Kuq iFJr/IIpIyDWWH8aKAAMTtHKHoOldVOwl1tDeiwOonGV2Bj2h8lNVHsLDBLHcGew fZVIfnpjiduQVrelgTUkj718z1mf5oPtApLIqEp+fC1JiPugmU3V -----END CERTIFICATE-----Generated at Fri Jan 2 09:27:20 2026 by rpki-client