This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/3b104a-c039-42c2-9ff1-85cbd2068e8f/1/lTfd7GgHfFfG-NrFVv4P-oURL84.roa File: lTfd7GgHfFfG-NrFVv4P-oURL84.roa (raw, json) Hash identifier: flnE10R0DAa5/66iQpSm47J0K/6sHRptDOR5dGtHv+k= Subject key identifier: 95:37:DD:EC:68:07:7C:57:C6:F8:DA:C5:56:FE:0F:FA:85:11:2F:CE Certificate issuer: /CN=043a9c35d9e1a2f4d34a754fa26d203657847218 Certificate serial: 019B7C123E47A57D469F277C35FE38C710F5 Authority key identifier: 04:3A:9C:35:D9:E1:A2:F4:D3:4A:75:4F:A2:6D:20:36:57:84:72:18 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BDqcNdnhovTTSnVPom0gNleEchg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/3b104a-c039-42c2-9ff1-85cbd2068e8f/1/lTfd7GgHfFfG-NrFVv4P-oURL84.roa Signing time: Fri 02 Jan 2026 00:18:48 +0000 ROA not before: Fri 02 Jan 2026 00:18:48 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 211300 IP address blocks: 152.89.240.0/24 maxlen: 24 152.89.241.0/24 maxlen: 24 152.89.242.0/24 maxlen: 24 152.89.243.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/3b104a-c039-42c2-9ff1-85cbd2068e8f/1/BDqcNdnhovTTSnVPom0gNleEchg.crl rsync://rpki.ripe.net/repository/DEFAULT/24/3b104a-c039-42c2-9ff1-85cbd2068e8f/1/BDqcNdnhovTTSnVPom0gNleEchg.mft rsync://rpki.ripe.net/repository/DEFAULT/BDqcNdnhovTTSnVPom0gNleEchg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:00:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:12:3e:47:a5:7d:46:9f:27:7c:35:fe:38:c7:10:f5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=043a9c35d9e1a2f4d34a754fa26d203657847218 Validity Not Before: Jan 2 00:18:48 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=9537ddec68077c57c6f8dac556fe0ffa85112fce Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:af:19:97:91:26:c8:60:c7:7a:00:ce:08:b6: 08:83:51:66:6f:b2:f8:87:d2:a5:71:d0:79:c0:8e: 37:f4:ea:49:99:75:56:af:30:f2:59:dd:20:b8:90: a8:2d:e2:14:8c:a2:27:df:6d:54:16:2b:ee:e0:e5: 74:b8:62:7c:43:bd:00:db:63:48:b1:46:4a:41:ba: 6e:12:35:e6:4b:fc:16:1a:62:c5:6d:19:d5:7c:86: f7:ed:6a:59:86:1b:bc:f0:da:a2:d9:86:5b:40:a2: 02:80:6d:99:cc:4b:ab:ea:a3:30:d9:9c:47:00:85: a4:b5:44:f9:32:14:56:8e:11:22:56:8e:69:65:b7: 3f:2b:4c:4d:c1:45:54:b5:c8:72:60:e5:d4:c1:c4: d0:3b:fb:bc:74:2c:54:35:2c:0d:6a:f7:6c:f7:ea: 5b:8b:11:01:c2:05:95:e2:07:b3:10:97:08:85:13: fb:35:82:51:56:a3:64:3a:cb:c3:16:c4:4d:9a:dd: c8:f3:0a:7d:f0:96:e8:e7:c4:c7:e3:3a:e7:21:79: 16:1f:16:aa:27:68:5e:7a:6c:1d:18:6c:a3:6d:8a: 5b:15:07:24:7b:88:31:28:8d:8c:d8:bf:25:7c:67: 88:dd:f0:21:5d:32:0a:5e:7f:3a:31:c8:ce:7e:c2: 80:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 95:37:DD:EC:68:07:7C:57:C6:F8:DA:C5:56:FE:0F:FA:85:11:2F:CE X509v3 Authority Key Identifier: keyid:04:3A:9C:35:D9:E1:A2:F4:D3:4A:75:4F:A2:6D:20:36:57:84:72:18 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BDqcNdnhovTTSnVPom0gNleEchg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/3b104a-c039-42c2-9ff1-85cbd2068e8f/1/lTfd7GgHfFfG-NrFVv4P-oURL84.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/24/3b104a-c039-42c2-9ff1-85cbd2068e8f/1/BDqcNdnhovTTSnVPom0gNleEchg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 152.89.240.0/22 Signature Algorithm: sha256WithRSAEncryption 91:2f:fe:7e:d7:8c:44:6d:fc:4e:ec:c7:57:02:bf:53:6d:34: d4:f5:ab:e1:c8:99:4c:f9:c5:40:90:e7:77:e0:01:5b:29:ff: 89:e9:17:45:75:af:3b:c0:3c:7a:15:f1:63:bc:15:b0:ad:9d: 1a:06:51:05:a7:84:b2:0f:84:a4:81:6b:48:6b:04:b3:94:18: 36:9f:72:9d:fe:55:63:ae:59:87:13:5b:e3:b3:8d:dd:f0:18: 99:9e:a2:b7:49:b5:97:ca:c7:59:30:e4:d2:9e:14:ee:51:67: 17:79:47:9a:f0:71:a6:90:90:6a:c2:0d:ef:bd:b5:67:ed:45: f5:05:b5:c2:02:b6:d6:81:f0:ca:8a:81:47:6a:ae:35:8f:b9: ae:da:5d:fc:d2:46:91:a8:04:db:35:9d:a2:fe:72:0c:57:00: 21:b8:c3:2a:f5:d5:e3:8b:6f:7e:fe:20:9e:a6:ca:bd:0e:a8: eb:0d:fa:6c:56:e4:4e:a4:b0:3e:59:1b:8d:30:b6:4c:46:d5: 3a:53:f9:5a:77:6c:2c:91:f7:88:6d:dc:22:df:3f:ab:b8:58: e5:6d:47:fd:a3:e8:e6:81:39:39:ea:fd:0a:eb:46:c0:65:cb: cc:2c:8c:cb:4b:0f:e9:b3:c5:08:52:f0:d3:8f:1a:77:d2:bb: da:b0:d4:e8 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt8Ej5HpX1Gnyd8Nf44xxD1MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA0M2E5YzM1ZDllMWEyZjRkMzRhNzU0ZmEyNmQyMDM2NTc4 NDcyMTgwHhcNMjYwMTAyMDAxODQ4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5NTM3ZGRlYzY4MDc3YzU3YzZmOGRhYzU1NmZlMGZmYTg1MTEyZmNlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq68Zl5EmyGDHegDOCLYIg1Fmb7L4 h9KlcdB5wI439OpJmXVWrzDyWd0guJCoLeIUjKIn321UFivu4OV0uGJ8Q70A22NI sUZKQbpuEjXmS/wWGmLFbRnVfIb37WpZhhu88Nqi2YZbQKICgG2ZzEur6qMw2ZxH AIWktUT5MhRWjhEiVo5pZbc/K0xNwUVUtchyYOXUwcTQO/u8dCxUNSwNavds9+pb ixEBwgWV4gezEJcIhRP7NYJRVqNkOsvDFsRNmt3I8wp98Jbo58TH4zrnIXkWHxaq J2heemwdGGyjbYpbFQcke4gxKI2M2L8lfGeI3fAhXTIKXn86McjOfsKALQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFJU33exoB3xXxvjaxVb+D/qFES/OMB8GA1UdIwQY MBaAFAQ6nDXZ4aL000p1T6JtIDZXhHIYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQkRxY05kbmhvdlRUU25WUG9tMGdObGVFY2hnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8zYjEwNGEtYzAzOS00MmMyLTlmZjEt ODVjYmQyMDY4ZThmLzEvbFRmZDdHZ0hmRmZHLU5yRlZ2NFAtb1VSTDg0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNC8zYjEwNGEtYzAzOS00MmMyLTlmZjEtODVjYmQyMDY4ZThm LzEvQkRxY05kbmhvdlRUU25WUG9tMGdObGVFY2hnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmFnwMA0G CSqGSIb3DQEBCwUAA4IBAQCRL/5+14xEbfxO7MdXAr9TbTTU9avhyJlM+cVAkOd3 4AFbKf+J6RdFda87wDx6FfFjvBWwrZ0aBlEFp4SyD4SkgWtIawSzlBg2n3Kd/lVj rlmHE1vjs43d8BiZnqK3SbWXysdZMOTSnhTuUWcXeUea8HGmkJBqwg3vvbVn7UX1 BbXCArbWgfDKioFHaq41j7mu2l380kaRqATbNZ2i/nIMVwAhuMMq9dXji29+/iCe psq9DqjrDfpsVuROpLA+WRuNMLZMRtU6U/lad2wskfeIbdwi3z+ruFjlbUf9o+jm gTk56v0K60bAZcvMLIzLSw/ps8UIUvDTjxp30rvasNTo -----END CERTIFICATE-----Generated at Tue Feb 10 01:13:07 2026 by rpki-client