This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/c4f144-6e68-46b8-858d-53a672d14b7a/1/lf7LSKbMZbGm86tBlbPIL648oFo.roa File: lf7LSKbMZbGm86tBlbPIL648oFo.roa (raw, json) Hash identifier: /K9bAYZ5YiuaJN+PfS4nniv3V/XkGZzBzxnTsucRsCI= Subject key identifier: 95:FE:CB:48:A6:CC:65:B1:A6:F3:AB:41:95:B3:C8:2F:AE:3C:A0:5A Certificate issuer: /CN=d18c2030a5971c4a54096a8edbb21211e54216a7 Certificate serial: 019B7BA44C54E95E74144CDC33027A15FFB1 Authority key identifier: D1:8C:20:30:A5:97:1C:4A:54:09:6A:8E:DB:B2:12:11:E5:42:16:A7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0YwgMKWXHEpUCWqO27ISEeVCFqc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/c4f144-6e68-46b8-858d-53a672d14b7a/1/lf7LSKbMZbGm86tBlbPIL648oFo.roa Signing time: Thu 01 Jan 2026 22:18:43 +0000 ROA not before: Thu 01 Jan 2026 22:18:43 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 35758 IP address blocks: 185.191.204.0/24 maxlen: 24 185.191.205.0/24 maxlen: 24 185.191.206.0/24 maxlen: 24 185.191.207.0/24 maxlen: 24 2a0a:1dc0::/30 maxlen: 30 2a0a:1dc4::/30 maxlen: 30 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2e/c4f144-6e68-46b8-858d-53a672d14b7a/1/0YwgMKWXHEpUCWqO27ISEeVCFqc.crl rsync://rpki.ripe.net/repository/DEFAULT/2e/c4f144-6e68-46b8-858d-53a672d14b7a/1/0YwgMKWXHEpUCWqO27ISEeVCFqc.mft rsync://rpki.ripe.net/repository/DEFAULT/0YwgMKWXHEpUCWqO27ISEeVCFqc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 19 Jan 2026 06:00:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a4:4c:54:e9:5e:74:14:4c:dc:33:02:7a:15:ff:b1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d18c2030a5971c4a54096a8edbb21211e54216a7 Validity Not Before: Jan 1 22:18:43 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=95fecb48a6cc65b1a6f3ab4195b3c82fae3ca05a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:95:75:62:41:b4:18:ed:71:21:23:c5:6f:fe:4d: 73:54:d4:a4:a5:37:5c:e5:5c:38:33:26:ae:62:2a: 8e:cf:4c:b1:91:97:70:f9:e8:b6:af:3a:6b:45:f8: 05:24:37:0c:c9:b9:af:86:e4:4c:fd:cf:c3:4d:05: b0:42:0c:dc:2f:26:4d:72:b4:3e:da:70:e7:12:09: f2:9a:ef:cf:53:21:76:9a:58:37:53:74:11:9c:a3: 0a:1d:25:57:dd:6f:58:19:a2:c8:81:c0:7b:a5:b4: 56:97:9d:be:7b:43:49:55:ce:7f:a5:24:fb:b1:69: d5:74:ab:f1:43:48:04:09:b4:1e:aa:ee:60:f3:20: a3:9e:46:c1:60:0b:89:9d:dc:3a:19:11:7e:53:33: 89:45:09:ec:18:9d:fc:22:83:f5:3c:e7:cd:39:97: b3:cc:2f:6a:7d:a3:a9:56:9f:37:4a:d3:90:b0:cd: fa:81:34:19:72:d2:fd:17:51:8a:7f:0d:b4:3f:6e: c7:ec:f7:5b:de:68:fb:57:e5:c3:b1:c2:a4:47:e9: 38:0b:59:25:8f:72:73:08:37:5e:33:a8:6b:b9:65: 0c:d9:a7:7e:92:cd:92:fd:a8:96:b5:e0:d6:d6:0f: 4d:47:82:e5:35:c8:d0:b5:46:f3:e1:2a:06:7f:a4: 90:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 95:FE:CB:48:A6:CC:65:B1:A6:F3:AB:41:95:B3:C8:2F:AE:3C:A0:5A X509v3 Authority Key Identifier: keyid:D1:8C:20:30:A5:97:1C:4A:54:09:6A:8E:DB:B2:12:11:E5:42:16:A7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0YwgMKWXHEpUCWqO27ISEeVCFqc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/c4f144-6e68-46b8-858d-53a672d14b7a/1/lf7LSKbMZbGm86tBlbPIL648oFo.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/c4f144-6e68-46b8-858d-53a672d14b7a/1/0YwgMKWXHEpUCWqO27ISEeVCFqc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.191.204.0/22 IPv6: 2a0a:1dc0::/29 Signature Algorithm: sha256WithRSAEncryption 2e:7e:e6:6b:a3:ff:3b:fe:06:03:b7:94:89:76:2c:cc:42:d9: 5c:fc:17:85:f1:82:d7:27:98:dc:8b:59:6b:92:ff:39:f4:52: e6:2d:aa:73:81:04:a7:62:fb:da:d1:5b:80:54:fe:56:d3:72: 86:cd:62:47:d1:81:5e:f3:4e:39:42:13:ad:d9:13:9c:23:fc: 26:bf:dd:03:31:23:17:25:6b:c4:22:40:05:32:25:b8:6e:19: f4:22:ea:17:fb:e3:8d:81:82:fb:82:8d:73:ee:66:68:30:8a: eb:cb:6f:e5:ff:52:c1:da:16:38:7b:b5:48:4e:f6:b7:9c:82: 5c:f4:73:8c:2b:62:7b:30:d1:28:61:84:7b:eb:34:60:9f:07: 03:a5:a3:4c:3c:9f:c3:8b:82:f5:b1:68:52:bc:87:26:ca:96: 7a:d3:f4:71:42:fa:29:01:5a:9c:d7:b1:9b:61:45:e4:e5:5b: 38:81:bb:0d:5c:59:38:97:1d:77:b1:ce:09:6e:b9:ef:e9:67: ed:44:09:5e:46:7d:0b:2a:74:39:ee:8c:49:2b:27:82:c4:8f: 97:94:33:47:86:75:22:b0:bc:2c:23:28:61:5f:81:95:c4:bd: 0d:21:29:97:f0:9c:0d:3b:12:f3:fc:ba:61:12:8c:28:f4:53: 0f:4e:e8:b2 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt7pExU6V50FEzcMwJ6Ff+xMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQxOGMyMDMwYTU5NzFjNGE1NDA5NmE4ZWRiYjIxMjExZTU0 MjE2YTcwHhcNMjYwMTAxMjIxODQzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5NWZlY2I0OGE2Y2M2NWIxYTZmM2FiNDE5NWIzYzgyZmFlM2NhMDVhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlXViQbQY7XEhI8Vv/k1zVNSkpTdc 5Vw4MyauYiqOz0yxkZdw+ei2rzprRfgFJDcMybmvhuRM/c/DTQWwQgzcLyZNcrQ+ 2nDnEgnymu/PUyF2mlg3U3QRnKMKHSVX3W9YGaLIgcB7pbRWl52+e0NJVc5/pST7 sWnVdKvxQ0gECbQequ5g8yCjnkbBYAuJndw6GRF+UzOJRQnsGJ38IoP1POfNOZez zC9qfaOpVp83StOQsM36gTQZctL9F1GKfw20P27H7Pdb3mj7V+XDscKkR+k4C1kl j3JzCDdeM6hruWUM2ad+ks2S/aiWteDW1g9NR4LlNcjQtUbz4SoGf6SQ3QIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFJX+y0imzGWxpvOrQZWzyC+uPKBaMB8GA1UdIwQY MBaAFNGMIDCllxxKVAlqjtuyEhHlQhanMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMFl3Z01LV1hIRXBVQ1dxTzI3SVNFZVZDRnFjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9jNGYxNDQtNmU2OC00NmI4LTg1OGQt NTNhNjcyZDE0YjdhLzEvbGY3TFNLYk1aYkdtODZ0QmxiUElMNjQ4b0ZvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yZS9jNGYxNDQtNmU2OC00NmI4LTg1OGQtNTNhNjcyZDE0Yjdh LzEvMFl3Z01LV1hIRXBVQ1dxTzI3SVNFZVZDRnFjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCub/MMA0E AgACMAcDBQMqCh3AMA0GCSqGSIb3DQEBCwUAA4IBAQAufuZro/87/gYDt5SJdizM Qtlc/BeF8YLXJ5jci1lrkv859FLmLapzgQSnYvva0VuAVP5W03KGzWJH0YFe8045 QhOt2ROcI/wmv90DMSMXJWvEIkAFMiW4bhn0IuoX++ONgYL7go1z7mZoMIrry2/l /1LB2hY4e7VITva3nIJc9HOMK2J7MNEoYYR76zRgnwcDpaNMPJ/Di4L1sWhSvIcm ypZ60/RxQvopAVqc17GbYUXk5Vs4gbsNXFk4lx13sc4Jbrnv6WftRAleRn0LKnQ5 7oxJKyeCxI+XlDNHhnUisLwsIyhhX4GVxL0NISmX8JwNOxLz/LphEowo9FMPTuiy -----END CERTIFICATE-----Generated at Sun Jan 18 13:13:21 2026 by rpki-client