This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/LedjmSRgd505IlMpWgqfKJRuEfs.roa File: LedjmSRgd505IlMpWgqfKJRuEfs.roa (raw, json) Hash identifier: aDpi1xD4UKYwpZ0U/JKYw4GcU9dqYxS8ccngs1oZdAs= Subject key identifier: 2D:E7:63:99:24:60:77:9D:39:22:53:29:5A:0A:9F:28:94:6E:11:FB Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5 Certificate serial: 019B7EA764A871E6CF24E7D1BCC66385C32A Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/LedjmSRgd505IlMpWgqfKJRuEfs.roa Signing time: Fri 02 Jan 2026 12:20:58 +0000 ROA not before: Fri 02 Jan 2026 12:20:58 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 215427 IP address blocks: 2a07:f580::/29 maxlen: 29 2a0d:38c0::/29 maxlen: 29 2a14:41c0::/29 maxlen: 29 2a14:4240::/29 maxlen: 29 2a14:6240::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.mft rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 04 Jan 2026 15:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a7:64:a8:71:e6:cf:24:e7:d1:bc:c6:63:85:c3:2a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5 Validity Not Before: Jan 2 12:20:58 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=2de763992460779d392253295a0a9f28946e11fb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:2a:7a:2f:76:df:66:c9:21:34:ac:c2:ed:f0: 30:cd:8a:39:a3:c6:de:56:57:28:b1:f2:18:e8:5b: f0:7b:42:98:4f:0e:51:50:86:dc:72:55:a2:46:77: 73:10:23:dd:c3:80:06:35:c7:cc:8d:74:32:80:0a: 4b:01:bd:78:61:30:33:2b:e5:7e:57:b8:6c:6a:55: 29:f4:3b:a6:54:d8:a9:af:52:1f:00:97:02:5e:18: 59:c5:cc:89:cd:84:c9:40:92:68:c6:ba:53:6a:29: e5:78:55:80:c7:09:1b:0b:9c:d3:0c:80:33:a8:59: 90:82:72:ea:6d:5d:39:ee:a7:60:a4:e9:ee:25:78: a5:63:e8:a9:97:ab:33:e2:79:61:20:27:ad:b0:37: f4:9a:ab:87:40:0a:76:a5:b0:16:6f:96:dd:2d:98: 32:ff:d6:1b:48:d0:ce:7f:86:0f:66:81:f1:00:bc: 19:6b:4c:34:93:1a:fe:99:46:3c:93:4c:33:b7:92: 47:06:6a:17:21:0f:1c:42:d2:4c:30:81:63:17:7e: 8a:73:86:ed:51:c6:81:41:b3:1e:cb:f7:34:ff:e2: 6f:dd:05:06:b2:d9:6e:a4:9d:58:05:5e:a3:33:e3: dc:cc:b3:af:7f:46:98:92:75:52:5d:d5:1e:3a:f5: f0:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2D:E7:63:99:24:60:77:9D:39:22:53:29:5A:0A:9F:28:94:6E:11:FB X509v3 Authority Key Identifier: keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/LedjmSRgd505IlMpWgqfKJRuEfs.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a07:f580::/29 2a0d:38c0::/29 2a14:41c0::/29 2a14:4240::/29 2a14:6240::/29 Signature Algorithm: sha256WithRSAEncryption 6c:0f:3f:6b:cf:5e:68:ae:de:07:e0:b0:8e:b5:5c:ec:2a:86: 42:3c:bd:ba:0d:b6:9a:3b:7a:89:3c:f2:0c:44:3c:d3:17:4d: b4:ab:e8:74:bd:39:2d:7a:f9:a5:d3:04:cc:f3:ce:a2:dc:af: 01:4b:4d:66:48:50:f8:33:16:67:69:d3:1b:05:d2:79:83:0e: 97:14:92:d6:44:ca:71:9a:b7:39:d8:fe:e1:b2:0a:78:ac:6f: 51:ba:8f:24:a0:f3:cf:c6:9b:f6:d0:40:34:8d:12:cf:19:f1: d5:24:c8:f5:6d:63:94:2c:89:47:1c:d5:9e:c7:d8:e5:8a:93: c0:c0:b2:c8:78:66:37:68:02:ec:08:f1:3b:2e:c9:15:17:e9: 68:55:be:ec:a6:25:fd:9b:38:e9:ea:6c:2e:49:a7:3c:4f:55: 9a:3f:24:40:86:bd:d2:a8:4b:8c:98:16:6b:80:c4:e5:56:26: 03:5e:0e:b6:e4:5d:27:84:db:f7:17:b0:4a:52:45:89:bb:67: 70:b8:74:86:c7:2b:27:af:db:d1:08:03:82:67:6f:e6:e3:16: 0a:cb:1a:ea:70:cb:17:99:f3:16:f7:eb:4d:f7:69:d6:ea:b7: 2a:f7:88:33:38:b1:e5:78:9c:a6:8d:7f:84:17:a3:e0:d5:4d: d5:41:54:1e -----BEGIN CERTIFICATE----- MIIFGjCCBAKgAwIBAgISAZt+p2SocebPJOfRvMZjhcMqMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0 ZGIwYTUwHhcNMjYwMTAyMTIyMDU4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyZGU3NjM5OTI0NjA3NzlkMzkyMjUzMjk1YTBhOWYyODk0NmUxMWZiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzSp6L3bfZskhNKzC7fAwzYo5o8be VlcosfIY6Fvwe0KYTw5RUIbcclWiRndzECPdw4AGNcfMjXQygApLAb14YTAzK+V+ V7hsalUp9DumVNipr1IfAJcCXhhZxcyJzYTJQJJoxrpTainleFWAxwkbC5zTDIAz qFmQgnLqbV057qdgpOnuJXilY+ipl6sz4nlhICetsDf0mquHQAp2pbAWb5bdLZgy /9YbSNDOf4YPZoHxALwZa0w0kxr+mUY8k0wzt5JHBmoXIQ8cQtJMMIFjF36Kc4bt UcaBQbMey/c0/+Jv3QUGstlupJ1YBV6jM+PczLOvf0aYknVSXdUeOvXwiwIDAQAB o4ICJjCCAiIwHQYDVR0OBBYEFC3nY5kkYHedOSJTKVoKnyiUbhH7MB8GA1UdIwQY MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt YmFmYmRmYzgxMzJhLzEvTGVkam1TUmdkNTA1SWxNcFdncWZLSlJ1RWZzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzApBAIAAjAjAwUDKgf1gAMF AyoNOMADBQMqFEHAAwUDKhRCQAMFAyoUYkAwDQYJKoZIhvcNAQELBQADggEBAGwP P2vPXmiu3gfgsI61XOwqhkI8vboNtpo7eok88gxEPNMXTbSr6HS9OS16+aXTBMzz zqLcrwFLTWZIUPgzFmdp0xsF0nmDDpcUktZEynGatznY/uGyCnisb1G6jySg88/G m/bQQDSNEs8Z8dUkyPVtY5QsiUcc1Z7H2OWKk8DAssh4ZjdoAuwI8TsuyRUX6WhV vuymJf2bOOnqbC5JpzxPVZo/JECGvdKoS4yYFmuAxOVWJgNeDrbkXSeE2/cXsEpS RYm7Z3C4dIbHKyev29EIA4Jnb+bjFgrLGupwyxeZ8xb36033adbqtyr3iDM4seV4 nKaNf4QXo+DVTdVBVB4= -----END CERTIFICATE-----Generated at Sat Jan 3 18:58:50 2026 by rpki-client