This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/lHfeFmEHnr3WZ342z2VJbw3pSSQ.roa File: lHfeFmEHnr3WZ342z2VJbw3pSSQ.roa (raw, json) Hash identifier: qlVYoZock7UPFlmYzI3cW4K8Wu/YGZLe4z2/QeDCV3Y= Subject key identifier: 94:77:DE:16:61:07:9E:BD:D6:67:7E:36:CF:65:49:6F:0D:E9:49:24 Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56 Certificate serial: 019B7B360B05119EB7F9AEE99915E1C7393B Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/lHfeFmEHnr3WZ342z2VJbw3pSSQ.roa Signing time: Thu 01 Jan 2026 20:18:17 +0000 ROA not before: Thu 01 Jan 2026 20:18:17 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 58061 IP address blocks: 2.56.112.0/24 maxlen: 24 2.56.113.0/24 maxlen: 24 5.183.128.0/24 maxlen: 24 45.132.48.0/24 maxlen: 24 45.157.136.0/24 maxlen: 24 62.68.83.0/24 maxlen: 24 62.68.86.0/24 maxlen: 24 62.68.87.0/24 maxlen: 24 62.204.36.0/24 maxlen: 24 62.204.57.0/24 maxlen: 24 62.233.35.0/24 maxlen: 24 62.233.45.0/24 maxlen: 24 62.233.49.0/24 maxlen: 24 62.233.56.0/24 maxlen: 24 62.233.60.0/24 maxlen: 24 80.68.145.0/24 maxlen: 24 80.68.158.0/24 maxlen: 24 80.91.209.0/24 maxlen: 24 80.91.210.0/24 maxlen: 24 91.213.117.0/24 maxlen: 24 91.226.247.0/24 maxlen: 24 91.242.225.0/24 maxlen: 24 91.242.236.0/24 maxlen: 24 93.177.104.0/24 maxlen: 24 93.177.105.0/24 maxlen: 24 93.177.107.0/24 maxlen: 24 94.143.226.0/24 maxlen: 24 94.158.191.0/24 maxlen: 24 130.193.79.0/24 maxlen: 24 130.255.169.0/24 maxlen: 24 146.19.108.0/24 maxlen: 24 146.19.137.0/24 maxlen: 24 146.19.148.0/24 maxlen: 24 146.19.150.0/24 maxlen: 24 146.19.152.0/24 maxlen: 24 146.19.185.0/24 maxlen: 24 146.19.187.0/24 maxlen: 24 146.19.190.0/24 maxlen: 24 146.19.194.0/24 maxlen: 24 176.56.38.0/24 maxlen: 24 185.122.206.0/24 maxlen: 24 185.155.101.0/24 maxlen: 24 185.198.153.0/24 maxlen: 24 185.218.1.0/24 maxlen: 24 185.232.47.0/24 maxlen: 24 193.3.22.0/24 maxlen: 24 193.141.53.0/24 maxlen: 24 193.239.209.0/24 maxlen: 24 194.26.221.0/24 maxlen: 24 194.32.243.0/24 maxlen: 24 195.64.106.0/24 maxlen: 24 195.64.109.0/24 maxlen: 24 195.64.112.0/24 maxlen: 24 195.64.114.0/24 maxlen: 24 195.64.117.0/24 maxlen: 24 195.93.249.0/24 maxlen: 24 195.96.136.0/24 maxlen: 24 195.96.148.0/24 maxlen: 24 195.96.157.0/24 maxlen: 24 212.18.96.0/24 maxlen: 24 212.52.5.0/24 maxlen: 24 217.114.32.0/24 maxlen: 24 217.119.130.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.mft rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 16 Jan 2026 04:00:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:36:0b:05:11:9e:b7:f9:ae:e9:99:15:e1:c7:39:3b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56 Validity Not Before: Jan 1 20:18:17 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=9477de1661079ebdd6677e36cf65496f0de94924 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:65:9d:0e:70:1a:1d:d7:a2:5f:40:3a:34:e8: 97:fa:c3:b5:91:54:2e:a2:ce:ce:88:7f:d3:e4:d1: a4:6b:44:51:7b:2a:aa:5a:29:ba:e6:37:68:cc:59: 8a:e2:7a:04:3a:29:78:cc:22:b9:db:25:47:ee:e6: b1:fc:8d:32:45:94:31:e0:ac:4c:c0:88:e4:e6:5f: 29:9d:df:89:ef:2b:64:75:e6:d0:96:ad:2e:c0:d2: d1:e8:20:b5:1c:92:06:2e:8f:71:b3:a8:9d:02:ae: 93:76:7e:45:3b:e6:6f:c6:48:4a:bc:ba:f5:1e:32: fd:29:87:80:8b:20:13:18:33:e8:5b:69:b9:72:d5: ff:9e:d7:fa:d9:7e:81:18:b5:c1:af:87:98:72:ff: f8:cb:85:b4:fe:e9:16:c7:04:37:79:34:b0:34:91: 91:e5:19:1c:e3:75:4c:65:0c:5f:b9:da:69:a4:96: 15:12:95:3a:ed:eb:1a:88:e3:3d:ba:da:80:39:b1: 6c:90:2b:45:97:10:56:ed:87:40:da:5c:e3:e9:4d: c0:9f:d6:ab:fd:65:b6:ee:37:a0:80:f4:50:5f:c1: d6:77:8f:6a:84:e1:10:7d:ec:2e:a2:66:e7:ec:f5: 7f:05:be:0c:98:3d:99:0d:d4:75:9a:68:4d:76:69: 55:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 94:77:DE:16:61:07:9E:BD:D6:67:7E:36:CF:65:49:6F:0D:E9:49:24 X509v3 Authority Key Identifier: keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/lHfeFmEHnr3WZ342z2VJbw3pSSQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 2.56.112.0/23 5.183.128.0/24 45.132.48.0/24 45.157.136.0/24 62.68.83.0/24 62.68.86.0/23 62.204.36.0/24 62.204.57.0/24 62.233.35.0/24 62.233.45.0/24 62.233.49.0/24 62.233.56.0/24 62.233.60.0/24 80.68.145.0/24 80.68.158.0/24 80.91.209.0-80.91.210.255 91.213.117.0/24 91.226.247.0/24 91.242.225.0/24 91.242.236.0/24 93.177.104.0/23 93.177.107.0/24 94.143.226.0/24 94.158.191.0/24 130.193.79.0/24 130.255.169.0/24 146.19.108.0/24 146.19.137.0/24 146.19.148.0/24 146.19.150.0/24 146.19.152.0/24 146.19.185.0/24 146.19.187.0/24 146.19.190.0/24 146.19.194.0/24 176.56.38.0/24 185.122.206.0/24 185.155.101.0/24 185.198.153.0/24 185.218.1.0/24 185.232.47.0/24 193.3.22.0/24 193.141.53.0/24 193.239.209.0/24 194.26.221.0/24 194.32.243.0/24 195.64.106.0/24 195.64.109.0/24 195.64.112.0/24 195.64.114.0/24 195.64.117.0/24 195.93.249.0/24 195.96.136.0/24 195.96.148.0/24 195.96.157.0/24 212.18.96.0/24 212.52.5.0/24 217.114.32.0/24 217.119.130.0/24 Signature Algorithm: sha256WithRSAEncryption 40:83:2e:ee:c0:50:95:37:4f:23:31:b0:fb:06:5a:46:38:80: c5:34:cd:96:8b:6b:11:aa:9e:32:59:61:64:3a:ba:e6:79:1f: 13:a8:8f:aa:9c:b2:e0:d5:6c:e6:17:71:61:fe:47:cb:fa:f0: 79:d5:a9:24:12:9a:97:e1:59:e7:f9:d0:4a:72:0a:52:65:6c: 27:e9:eb:8b:da:44:ec:a7:de:89:29:98:1c:f3:18:e5:4d:f8: b8:fa:a4:50:af:07:cf:b6:ac:4e:31:38:1d:64:b0:69:13:07: bf:3a:c6:5e:9b:cc:dc:71:5a:33:3d:bb:d6:a6:5e:f2:a6:d6: 17:c5:31:5c:3f:4a:ba:4a:63:d3:73:85:f8:f2:f1:5e:d2:83: fd:46:d6:9e:f7:e3:8e:91:72:da:7e:04:42:ae:1b:f4:93:8d: cb:4e:bc:58:50:72:8d:34:a2:ac:84:e4:f0:dd:a4:3f:b0:07: 1b:67:b2:dd:c9:50:c0:d5:94:19:ae:d4:71:0c:26:49:74:9d: 95:38:49:4a:d9:9d:cd:6c:e2:40:50:a6:6c:67:3c:49:ad:01: 9c:09:71:5a:64:91:06:35:f7:73:cb:06:0e:f2:4a:f0:ac:24: eb:74:c6:03:90:e3:de:e5:9c:03:a3:43:6a:bc:c5:aa:42:71: 67:eb:f9:21 -----BEGIN CERTIFICATE----- MIIGazCCBVOgAwIBAgISAZt7NgsFEZ63+a7pmRXhxzk7MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw N2VlNTYwHhcNMjYwMTAxMjAxODE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5NDc3ZGUxNjYxMDc5ZWJkZDY2NzdlMzZjZjY1NDk2ZjBkZTk0OTI0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArGWdDnAaHdeiX0A6NOiX+sO1kVQu os7OiH/T5NGka0RReyqqWim65jdozFmK4noEOil4zCK52yVH7uax/I0yRZQx4KxM wIjk5l8pnd+J7ytkdebQlq0uwNLR6CC1HJIGLo9xs6idAq6Tdn5FO+ZvxkhKvLr1 HjL9KYeAiyATGDPoW2m5ctX/ntf62X6BGLXBr4eYcv/4y4W0/ukWxwQ3eTSwNJGR 5Rkc43VMZQxfudpppJYVEpU67esaiOM9utqAObFskCtFlxBW7YdA2lzj6U3An9ar /WW27jeggPRQX8HWd49qhOEQfewuombn7PV/Bb4MmD2ZDdR1mmhNdmlVkQIDAQAB o4IDdzCCA3MwHQYDVR0OBBYEFJR33hZhB5691md+Ns9lSW8N6UkkMB8GA1UdIwQY MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt OGJmYmRkNDVjYjYyLzEvbEhmZUZtRUhucjNXWjM0MnoyVkpidzNwU1NRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIIBiwYIKwYBBQUHAQcBAf8EggF6MIIBdjCCAXIEAgABMIIB agMEAQI4cAMEAAW3gAMEAC2EMAMEAC2diAMEAD5EUwMEAT5EVgMEAD7MJAMEAD7M OQMEAD7pIwMEAD7pLQMEAD7pMQMEAD7pOAMEAD7pPAMEAFBEkQMEAFBEnjAMAwQA UFvRAwQAUFvSAwQAW9V1AwQAW+L3AwQAW/LhAwQAW/LsAwQBXbFoAwQAXbFrAwQA Xo/iAwQAXp6/AwQAgsFPAwQAgv+pAwQAkhNsAwQAkhOJAwQAkhOUAwQAkhOWAwQA khOYAwQAkhO5AwQAkhO7AwQAkhO+AwQAkhPCAwQAsDgmAwQAuXrOAwQAuZtlAwQA ucaZAwQAudoBAwQAuegvAwQAwQMWAwQAwY01AwQAwe/RAwQAwhrdAwQAwiDzAwQA w0BqAwQAw0BtAwQAw0BwAwQAw0ByAwQAw0B1AwQAw135AwQAw2CIAwQAw2CUAwQA w2CdAwQA1BJgAwQA1DQFAwQA2XIgAwQA2XeCMA0GCSqGSIb3DQEBCwUAA4IBAQBA gy7uwFCVN08jMbD7BlpGOIDFNM2Wi2sRqp4yWWFkOrrmeR8TqI+qnLLg1WzmF3Fh /kfL+vB51akkEpqX4Vnn+dBKcgpSZWwn6euL2kTsp96JKZgc8xjlTfi4+qRQrwfP tqxOMTgdZLBpEwe/OsZem8zccVozPbvWpl7yptYXxTFcP0q6SmPTc4X48vFe0oP9 Rtae9+OOkXLafgRCrhv0k43LTrxYUHKNNKKshOTw3aQ/sAcbZ7LdyVDA1ZQZrtRx DCZJdJ2VOElK2Z3NbOJAUKZsZzxJrQGcCXFaZJEGNfdzywYO8krwrCTrdMYDkOPe 5ZwDo0NqvMWqQnFn6/kh -----END CERTIFICATE-----Generated at Thu Jan 15 13:17:29 2026 by rpki-client