This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/919fff-252f-4720-ade4-bbfe2196c6af/1/LzPbWPG_oBuqooZgf6q0Sv5qFwU.roa File: LzPbWPG_oBuqooZgf6q0Sv5qFwU.roa (raw, json) Hash identifier: bu4M8RVjwRLKi11CH/UZIu1ckgHwkgbJ1aYgZl/VVfo= Subject key identifier: 2F:33:DB:58:F1:BF:A0:1B:AA:A2:86:60:7F:AA:B4:4A:FE:6A:17:05 Certificate issuer: /CN=bcfd2da5447d007616ebddc2a70feac5e77c4a8b Certificate serial: 019BA99727BE4119B8F01AFD83D4900C84E5 Authority key identifier: BC:FD:2D:A5:44:7D:00:76:16:EB:DD:C2:A7:0F:EA:C5:E7:7C:4A:8B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vP0tpUR9AHYW693Cpw_qxed8Sos.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/919fff-252f-4720-ade4-bbfe2196c6af/1/LzPbWPG_oBuqooZgf6q0Sv5qFwU.roa Signing time: Sat 10 Jan 2026 20:26:54 +0000 ROA not before: Sat 10 Jan 2026 20:26:54 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 41451 IP address blocks: 185.46.172.0/24 maxlen: 24 195.43.80.0/23 maxlen: 23 2a0c:f40::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/919fff-252f-4720-ade4-bbfe2196c6af/1/vP0tpUR9AHYW693Cpw_qxed8Sos.crl rsync://rpki.ripe.net/repository/DEFAULT/21/919fff-252f-4720-ade4-bbfe2196c6af/1/vP0tpUR9AHYW693Cpw_qxed8Sos.mft rsync://rpki.ripe.net/repository/DEFAULT/vP0tpUR9AHYW693Cpw_qxed8Sos.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 02 Feb 2026 21:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:a9:97:27:be:41:19:b8:f0:1a:fd:83:d4:90:0c:84:e5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=bcfd2da5447d007616ebddc2a70feac5e77c4a8b Validity Not Before: Jan 10 20:26:54 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=2f33db58f1bfa01baaa286607faab44afe6a1705 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:f6:66:0c:2b:82:62:f9:ff:83:d5:3f:1b:b3: 35:4b:d7:31:49:50:1e:f6:bf:94:67:35:c7:85:5e: de:2f:04:2e:f4:05:d5:aa:3f:09:8f:e0:5f:b3:1a: 82:e7:21:9c:35:69:1f:8b:b8:e5:1c:16:f8:3c:fd: b7:b4:a2:d4:d3:26:98:7b:d5:0c:73:05:bf:49:18: 83:80:1c:64:99:73:0a:e9:2c:85:58:2b:8d:97:e7: fa:04:39:9a:3e:ce:0c:0d:82:bd:64:78:c4:bf:1c: bd:ce:f6:82:87:6c:8a:e5:a2:49:49:55:a0:1a:bd: 39:af:57:92:c3:d2:7b:b2:f2:3c:98:46:d2:bf:f4: c2:c6:6b:95:e2:98:68:38:9d:42:f2:05:6d:c8:65: 99:c0:02:bc:2f:13:ea:30:f4:06:db:bf:28:f1:08: 4f:d5:b7:ed:ea:5e:5c:af:b2:f0:21:fa:4f:c8:6f: 6c:fb:44:31:36:ee:88:28:18:7c:bb:81:b9:a9:65: 39:16:4b:ec:08:04:cf:0a:47:a0:80:76:60:26:9f: ea:ae:0e:84:c6:10:ff:c7:b5:ff:2c:75:03:cb:aa: 82:b6:43:65:f0:c4:61:2b:78:0a:43:f3:c8:ef:f4: 2a:a5:4e:61:69:4e:40:c0:b3:cb:a6:5d:4e:ed:c3: 87:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2F:33:DB:58:F1:BF:A0:1B:AA:A2:86:60:7F:AA:B4:4A:FE:6A:17:05 X509v3 Authority Key Identifier: keyid:BC:FD:2D:A5:44:7D:00:76:16:EB:DD:C2:A7:0F:EA:C5:E7:7C:4A:8B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vP0tpUR9AHYW693Cpw_qxed8Sos.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/919fff-252f-4720-ade4-bbfe2196c6af/1/LzPbWPG_oBuqooZgf6q0Sv5qFwU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/21/919fff-252f-4720-ade4-bbfe2196c6af/1/vP0tpUR9AHYW693Cpw_qxed8Sos.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.46.172.0/24 195.43.80.0/23 IPv6: 2a0c:f40::/32 Signature Algorithm: sha256WithRSAEncryption 9c:bf:5f:d7:5b:b2:03:0c:02:30:36:70:40:b7:6e:84:e8:f1: 51:b2:1c:5d:6f:2c:b8:37:a7:c4:56:56:a5:82:31:83:f8:ea: 04:d8:ea:fd:7f:a6:58:e1:cf:8b:b9:9e:ed:48:92:28:5b:cf: 87:26:3c:3e:e2:22:c1:d2:4a:8b:4c:1f:63:e0:74:0a:5b:02: bb:1a:32:fe:eb:05:87:b5:98:20:9f:e6:d8:55:b9:74:ee:6b: 79:65:93:41:33:f5:7d:88:2a:a3:68:0b:b0:75:08:75:db:b8: 63:c3:86:0d:2d:4c:a1:71:56:3a:0d:9e:95:b1:e8:85:7f:88: 66:8c:3c:bb:2a:d2:e0:23:3f:3a:cd:eb:cb:33:8a:57:c9:0d: 7d:5c:91:6a:e5:72:1a:15:5e:a0:22:04:76:43:6e:fe:04:cb: fa:d9:4f:29:53:5a:56:fc:7d:ff:29:b3:90:d1:b7:20:0b:b9: 79:06:0e:4b:27:e0:3a:5d:86:60:4e:13:4e:d8:23:e9:7e:7f: 01:aa:ff:48:42:ef:ef:e4:5e:88:ed:31:24:93:4e:ac:27:d0: 9c:e8:e9:bf:29:16:54:b2:e6:2d:03:0e:54:28:61:19:46:6d: 57:53:1a:18:08:d4:32:bb:53:73:04:a9:1f:29:c7:0c:8c:5d: e6:c4:e3:5d -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZuplye+QRm48Br9g9SQDITlMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGJjZmQyZGE1NDQ3ZDAwNzYxNmViZGRjMmE3MGZlYWM1ZTc3 YzRhOGIwHhcNMjYwMTEwMjAyNjU0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyZjMzZGI1OGYxYmZhMDFiYWFhMjg2NjA3ZmFhYjQ0YWZlNmExNzA1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArfZmDCuCYvn/g9U/G7M1S9cxSVAe 9r+UZzXHhV7eLwQu9AXVqj8Jj+BfsxqC5yGcNWkfi7jlHBb4PP23tKLU0yaYe9UM cwW/SRiDgBxkmXMK6SyFWCuNl+f6BDmaPs4MDYK9ZHjEvxy9zvaCh2yK5aJJSVWg Gr05r1eSw9J7svI8mEbSv/TCxmuV4phoOJ1C8gVtyGWZwAK8LxPqMPQG278o8QhP 1bft6l5cr7LwIfpPyG9s+0QxNu6IKBh8u4G5qWU5FkvsCATPCkeggHZgJp/qrg6E xhD/x7X/LHUDy6qCtkNl8MRhK3gKQ/PI7/QqpU5haU5AwLPLpl1O7cOHDQIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFC8z21jxv6AbqqKGYH+qtEr+ahcFMB8GA1UdIwQY MBaAFLz9LaVEfQB2FuvdwqcP6sXnfEqLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdlAwdHBVUjlBSFlXNjkzQ3B3X3F4ZWQ4U29zLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS85MTlmZmYtMjUyZi00NzIwLWFkZTQt YmJmZTIxOTZjNmFmLzEvTHpQYldQR19vQnVxb29aZ2Y2cTBTdjVxRndVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMS85MTlmZmYtMjUyZi00NzIwLWFkZTQtYmJmZTIxOTZjNmFm LzEvdlAwdHBVUjlBSFlXNjkzQ3B3X3F4ZWQ4U29zLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAuS6sAwQB wytQMA0EAgACMAcDBQAqDA9AMA0GCSqGSIb3DQEBCwUAA4IBAQCcv1/XW7IDDAIw NnBAt26E6PFRshxdbyy4N6fEVlalgjGD+OoE2Or9f6ZY4c+LuZ7tSJIoW8+HJjw+ 4iLB0kqLTB9j4HQKWwK7GjL+6wWHtZggn+bYVbl07mt5ZZNBM/V9iCqjaAuwdQh1 27hjw4YNLUyhcVY6DZ6VseiFf4hmjDy7KtLgIz86zevLM4pXyQ19XJFq5XIaFV6g IgR2Q27+BMv62U8pU1pW/H3/KbOQ0bcgC7l5Bg5LJ+A6XYZgThNO2CPpfn8Bqv9I Qu/v5F6I7TEkk06sJ9Cc6Om/KRZUsuYtAw5UKGEZRm1XUxoYCNQyu1NzBKkfKccM jF3mxONd -----END CERTIFICATE-----Generated at Mon Feb 2 07:54:49 2026 by rpki-client