This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/3e7654-5124-4a6e-9497-9a9ed1ef2e8d/1/LafhCKHDpi4rcNrf71MXyOI1EHM.roa File: LafhCKHDpi4rcNrf71MXyOI1EHM.roa (raw, json) Hash identifier: XF4o9y6gObGTfi54AgBNdRl6bHiMBUPHjzeQ+a3180Y= Subject key identifier: 2D:A7:E1:08:A1:C3:A6:2E:2B:70:DA:DF:EF:53:17:C8:E2:35:10:73 Certificate issuer: /CN=21f10e34421baff174d60678f32fa5e35cdf957e Certificate serial: 019B7A5AB4AB7B8BD2CB1420D037C654B51D Authority key identifier: 21:F1:0E:34:42:1B:AF:F1:74:D6:06:78:F3:2F:A5:E3:5C:DF:95:7E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IfEONEIbr_F01gZ48y-l41zflX4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/3e7654-5124-4a6e-9497-9a9ed1ef2e8d/1/LafhCKHDpi4rcNrf71MXyOI1EHM.roa Signing time: Thu 01 Jan 2026 16:18:43 +0000 ROA not before: Thu 01 Jan 2026 16:18:43 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 48814 IP address blocks: 45.94.148.0/24 maxlen: 24 45.94.149.0/24 maxlen: 24 45.94.151.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/3e7654-5124-4a6e-9497-9a9ed1ef2e8d/1/IfEONEIbr_F01gZ48y-l41zflX4.crl rsync://rpki.ripe.net/repository/DEFAULT/3a/3e7654-5124-4a6e-9497-9a9ed1ef2e8d/1/IfEONEIbr_F01gZ48y-l41zflX4.mft rsync://rpki.ripe.net/repository/DEFAULT/IfEONEIbr_F01gZ48y-l41zflX4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 29 Jan 2026 18:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5a:b4:ab:7b:8b:d2:cb:14:20:d0:37:c6:54:b5:1d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=21f10e34421baff174d60678f32fa5e35cdf957e Validity Not Before: Jan 1 16:18:43 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=2da7e108a1c3a62e2b70dadfef5317c8e2351073 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:e6:67:a6:7b:7e:5f:86:ad:b5:ea:eb:c7:3f: 2c:58:f0:99:21:76:8d:29:15:e0:bc:23:a1:4b:2c: 54:5c:52:ef:f0:4b:bd:bb:ab:c6:95:5b:73:38:a5: ba:5b:01:09:a8:d3:e8:55:71:4e:fb:5c:ce:5a:69: 4c:6c:6f:00:b9:9a:de:d9:17:e5:06:f1:e7:04:c8: 11:9b:d8:28:1d:b3:2a:ca:75:1c:48:3b:4e:54:9f: fa:cf:2c:65:07:da:91:34:1e:43:37:08:ae:59:c1: 83:ab:99:18:e3:42:a6:40:e0:69:aa:23:02:7f:e7: aa:48:1d:be:20:a4:9d:2a:22:96:5b:74:61:e8:72: 9d:ed:85:39:42:1d:b3:8d:d5:f0:8c:8f:a6:d4:3b: 15:4f:4b:c0:e7:72:7c:dd:ae:7c:7f:ec:f8:29:99: 23:62:af:cb:3b:05:64:8c:03:88:b4:5e:b5:74:f4: 24:d0:b8:32:46:c2:44:86:84:bd:44:17:a9:8f:99: 71:4d:dd:85:3d:97:e5:5e:aa:e4:95:b2:0f:31:39: 28:86:6a:a1:1f:39:22:24:de:a0:6d:7e:ea:19:06: b2:69:9f:6e:4c:ac:98:d2:b4:90:51:d1:c7:d7:4f: 67:4f:d0:97:1c:4f:ed:22:88:2a:cc:b5:f0:db:ea: 89:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2D:A7:E1:08:A1:C3:A6:2E:2B:70:DA:DF:EF:53:17:C8:E2:35:10:73 X509v3 Authority Key Identifier: keyid:21:F1:0E:34:42:1B:AF:F1:74:D6:06:78:F3:2F:A5:E3:5C:DF:95:7E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IfEONEIbr_F01gZ48y-l41zflX4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/3e7654-5124-4a6e-9497-9a9ed1ef2e8d/1/LafhCKHDpi4rcNrf71MXyOI1EHM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/3e7654-5124-4a6e-9497-9a9ed1ef2e8d/1/IfEONEIbr_F01gZ48y-l41zflX4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.94.148.0/23 45.94.151.0/24 Signature Algorithm: sha256WithRSAEncryption 39:17:07:ee:2f:46:43:45:a4:e6:69:fb:ae:b5:ee:0f:a2:b6: af:b0:3b:06:81:0d:6a:fb:63:9f:d2:a4:17:06:1d:93:2d:e6: 67:03:b3:ff:6d:a9:0d:19:24:43:00:df:77:52:3a:59:03:3a: db:29:a5:33:97:14:c4:f7:50:98:78:8b:ef:f0:09:8f:f0:a1: f7:07:11:43:4c:af:94:69:a5:ce:85:95:95:74:3b:cc:86:97: 98:bf:21:d8:11:c1:f7:9c:0d:4b:32:e5:67:2c:b1:03:78:8e: 20:24:79:fb:3a:a8:0a:90:0b:85:20:e1:56:b7:8a:cf:47:f6: 48:9f:da:a0:58:38:9a:ae:f3:33:0c:cd:58:56:f9:8d:f1:97: fa:e6:36:fb:09:19:f6:88:cc:34:0a:10:2b:20:d9:e6:4c:cb: 5c:30:05:45:1d:2f:03:4a:d8:67:95:4c:02:75:2c:9b:d0:2e: 12:e2:97:1f:4d:fa:34:26:1f:6b:0d:6e:64:d1:ae:84:d3:ff: 51:00:2a:bb:a6:73:66:a7:dc:87:59:26:fa:76:fc:06:28:7f: 5f:b0:74:49:e9:c4:bc:88:3b:5b:c6:15:67:1e:2a:d6:f7:3b: 95:03:b7:6b:d9:cc:a1:99:40:60:f8:f1:3f:2d:0f:ff:4d:0a: dd:23:50:10 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt6WrSre4vSyxQg0DfGVLUdMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIxZjEwZTM0NDIxYmFmZjE3NGQ2MDY3OGYzMmZhNWUzNWNk Zjk1N2UwHhcNMjYwMTAxMTYxODQzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyZGE3ZTEwOGExYzNhNjJlMmI3MGRhZGZlZjUzMTdjOGUyMzUxMDczMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyuZnpnt+X4atterrxz8sWPCZIXaN KRXgvCOhSyxUXFLv8Eu9u6vGlVtzOKW6WwEJqNPoVXFO+1zOWmlMbG8AuZre2Rfl BvHnBMgRm9goHbMqynUcSDtOVJ/6zyxlB9qRNB5DNwiuWcGDq5kY40KmQOBpqiMC f+eqSB2+IKSdKiKWW3Rh6HKd7YU5Qh2zjdXwjI+m1DsVT0vA53J83a58f+z4KZkj Yq/LOwVkjAOItF61dPQk0LgyRsJEhoS9RBepj5lxTd2FPZflXqrklbIPMTkohmqh HzkiJN6gbX7qGQayaZ9uTKyY0rSQUdHH109nT9CXHE/tIogqzLXw2+qJswIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFC2n4Qihw6YuK3Da3+9TF8jiNRBzMB8GA1UdIwQY MBaAFCHxDjRCG6/xdNYGePMvpeNc35V+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSWZFT05FSWJyX0YwMWdaNDh5LWw0MXpmbFg0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS8zZTc2NTQtNTEyNC00YTZlLTk0OTct OWE5ZWQxZWYyZThkLzEvTGFmaENLSERwaTRyY05yZjcxTVh5T0kxRUhNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYS8zZTc2NTQtNTEyNC00YTZlLTk0OTctOWE5ZWQxZWYyZThk LzEvSWZFT05FSWJyX0YwMWdaNDh5LWw0MXpmbFg0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLV6UAwQA LV6XMA0GCSqGSIb3DQEBCwUAA4IBAQA5FwfuL0ZDRaTmafuute4PoravsDsGgQ1q +2Of0qQXBh2TLeZnA7P/bakNGSRDAN93UjpZAzrbKaUzlxTE91CYeIvv8AmP8KH3 BxFDTK+UaaXOhZWVdDvMhpeYvyHYEcH3nA1LMuVnLLEDeI4gJHn7OqgKkAuFIOFW t4rPR/ZIn9qgWDiarvMzDM1YVvmN8Zf65jb7CRn2iMw0ChArINnmTMtcMAVFHS8D SthnlUwCdSyb0C4S4pcfTfo0Jh9rDW5k0a6E0/9RACq7pnNmp9yHWSb6dvwGKH9f sHRJ6cS8iDtbxhVnHirW9zuVA7dr2cyhmUBg+PE/LQ//TQrdI1AQ -----END CERTIFICATE-----Generated at Thu Jan 29 03:09:53 2026 by rpki-client