This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/1aff10-dd29-439f-8d23-bc9a5f6605fc/1/lgIUW8G50NhfEaMYgvBurmVi0fo.roa File: lgIUW8G50NhfEaMYgvBurmVi0fo.roa (raw, json) Hash identifier: 8Sm4Fx2OSuy7zWVA+5U4vNXiPTfelyxgWJbPkH4L0bU= Subject key identifier: 96:02:14:5B:C1:B9:D0:D8:5F:11:A3:18:82:F0:6E:AE:65:62:D1:FA Certificate issuer: /CN=7373c1ff55403d4792346493f769f8d033bef02c Certificate serial: 019B77C6D6DA6A904EFA812A3C9BFD26C0ED Authority key identifier: 73:73:C1:FF:55:40:3D:47:92:34:64:93:F7:69:F8:D0:33:BE:F0:2C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c3PB_1VAPUeSNGST92n40DO-8Cw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/1aff10-dd29-439f-8d23-bc9a5f6605fc/1/lgIUW8G50NhfEaMYgvBurmVi0fo.roa Signing time: Thu 01 Jan 2026 04:17:58 +0000 ROA not before: Thu 01 Jan 2026 04:17:58 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 25098 IP address blocks: 193.201.70.0/23 maxlen: 23 213.230.192.0/18 maxlen: 32 2a01:70::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/48/1aff10-dd29-439f-8d23-bc9a5f6605fc/1/c3PB_1VAPUeSNGST92n40DO-8Cw.crl rsync://rpki.ripe.net/repository/DEFAULT/48/1aff10-dd29-439f-8d23-bc9a5f6605fc/1/c3PB_1VAPUeSNGST92n40DO-8Cw.mft rsync://rpki.ripe.net/repository/DEFAULT/c3PB_1VAPUeSNGST92n40DO-8Cw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 09 Jan 2026 00:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c6:d6:da:6a:90:4e:fa:81:2a:3c:9b:fd:26:c0:ed Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7373c1ff55403d4792346493f769f8d033bef02c Validity Not Before: Jan 1 04:17:58 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=9602145bc1b9d0d85f11a31882f06eae6562d1fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:fd:4f:cb:bb:20:3f:ac:67:a7:56:a1:e8:90: 16:52:b6:90:ae:e5:62:e6:a8:5a:65:1a:55:03:e6: c0:3d:d1:9e:a4:ee:bf:45:03:b5:e8:a8:a2:a0:d6: 53:a1:b8:29:ff:64:b7:3e:12:bd:d1:b1:16:e5:86: 2a:d7:43:ec:b3:07:d2:3e:4a:23:9b:44:66:63:fd: 5c:df:81:7b:3f:1e:d9:0e:92:e4:ec:00:1f:c1:05: 2a:71:cb:44:37:28:be:1a:65:77:90:53:4d:e0:66: b2:03:6c:e5:99:35:fb:e4:99:25:d5:e7:f6:23:40: 5b:85:d2:fe:7f:15:94:7a:d0:0d:28:8c:a1:82:11: ae:e4:90:dc:e0:ea:f0:a8:7b:eb:d1:5c:db:85:cc: d5:e7:09:81:3d:0a:eb:d8:b8:db:83:f4:c1:b4:b6: d5:71:7e:38:bc:b7:82:19:86:bf:e0:65:57:66:ed: 0a:f6:a8:ca:a6:5d:2e:69:88:9a:22:2f:06:e6:7b: a7:06:b7:41:db:bd:5f:39:55:7d:18:e2:d1:25:32: c3:5c:86:16:79:2f:ac:11:7b:a2:9e:d4:c0:b5:2e: 05:97:88:6d:08:52:d7:61:8d:25:ef:59:32:f9:60: 11:c6:2c:39:a5:fb:15:e2:7f:e4:27:35:06:f7:61: c0:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 96:02:14:5B:C1:B9:D0:D8:5F:11:A3:18:82:F0:6E:AE:65:62:D1:FA X509v3 Authority Key Identifier: keyid:73:73:C1:FF:55:40:3D:47:92:34:64:93:F7:69:F8:D0:33:BE:F0:2C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3PB_1VAPUeSNGST92n40DO-8Cw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/1aff10-dd29-439f-8d23-bc9a5f6605fc/1/lgIUW8G50NhfEaMYgvBurmVi0fo.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/48/1aff10-dd29-439f-8d23-bc9a5f6605fc/1/c3PB_1VAPUeSNGST92n40DO-8Cw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 193.201.70.0/23 213.230.192.0/18 IPv6: 2a01:70::/32 Signature Algorithm: sha256WithRSAEncryption 60:73:45:b9:cf:05:6c:c7:3e:bb:31:64:2b:47:a2:b0:ea:e8: 39:8b:43:14:51:c7:48:d0:96:e2:43:bf:27:bf:e0:eb:dc:de: e5:63:4d:97:74:bb:48:05:aa:91:de:cc:b1:9b:6a:59:b3:6e: 6d:33:a0:5c:ad:5e:1a:2e:55:54:d3:47:d6:d0:79:da:8d:b1: b1:1e:7a:88:b7:04:af:64:c6:bd:7d:db:f0:bb:ee:97:c8:83: 15:ff:45:6d:68:4f:68:0d:10:64:b3:03:5c:83:f3:fd:70:f0: f0:dd:0d:3f:c3:6c:2a:1a:0a:db:02:15:fb:ea:e5:d9:df:47: 82:21:19:cf:79:05:cf:37:95:1b:cb:a9:34:03:a2:9b:f3:7c: d9:f6:e7:60:ed:21:38:15:f2:df:b9:8a:6f:2b:31:6b:87:70: 28:6b:4e:99:9d:20:71:ad:20:de:30:4a:07:89:f0:85:21:0b: e3:1d:62:47:08:e9:53:be:ef:e9:54:a8:fe:b3:9f:36:bd:2e: 42:0f:ff:60:cc:71:09:5e:bb:3f:d0:1b:7c:7b:9c:d7:7e:b7: e8:31:bd:fc:39:5c:86:18:99:72:da:07:37:19:a4:95:54:7e: 70:94:a9:35:e0:89:e8:26:6a:6f:a0:8a:a2:18:2c:cf:d4:28: 5b:2d:c4:dc -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt3xtbaapBO+oEqPJv9JsDtMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDczNzNjMWZmNTU0MDNkNDc5MjM0NjQ5M2Y3NjlmOGQwMzNi ZWYwMmMwHhcNMjYwMTAxMDQxNzU4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5NjAyMTQ1YmMxYjlkMGQ4NWYxMWEzMTg4MmYwNmVhZTY1NjJkMWZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo/1Py7sgP6xnp1ah6JAWUraQruVi 5qhaZRpVA+bAPdGepO6/RQO16KiioNZTobgp/2S3PhK90bEW5YYq10PsswfSPkoj m0RmY/1c34F7Px7ZDpLk7AAfwQUqcctENyi+GmV3kFNN4GayA2zlmTX75Jkl1ef2 I0BbhdL+fxWUetANKIyhghGu5JDc4OrwqHvr0VzbhczV5wmBPQrr2Ljbg/TBtLbV cX44vLeCGYa/4GVXZu0K9qjKpl0uaYiaIi8G5nunBrdB271fOVV9GOLRJTLDXIYW eS+sEXuintTAtS4Fl4htCFLXYY0l71ky+WARxiw5pfsV4n/kJzUG92HALQIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFJYCFFvBudDYXxGjGILwbq5lYtH6MB8GA1UdIwQY MBaAFHNzwf9VQD1HkjRkk/dp+NAzvvAsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYzNQQl8xVkFQVWVTTkdTVDkybjQwRE8tOEN3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC8xYWZmMTAtZGQyOS00MzlmLThkMjMt YmM5YTVmNjYwNWZjLzEvbGdJVVc4RzUwTmhmRWFNWWd2QnVybVZpMGZvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80OC8xYWZmMTAtZGQyOS00MzlmLThkMjMtYmM5YTVmNjYwNWZj LzEvYzNQQl8xVkFQVWVTTkdTVDkybjQwRE8tOEN3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBwclGAwQG 1ebAMA0EAgACMAcDBQAqAQBwMA0GCSqGSIb3DQEBCwUAA4IBAQBgc0W5zwVsxz67 MWQrR6Kw6ug5i0MUUcdI0JbiQ78nv+Dr3N7lY02XdLtIBaqR3syxm2pZs25tM6Bc rV4aLlVU00fW0HnajbGxHnqItwSvZMa9fdvwu+6XyIMV/0VtaE9oDRBkswNcg/P9 cPDw3Q0/w2wqGgrbAhX76uXZ30eCIRnPeQXPN5Uby6k0A6Kb83zZ9udg7SE4FfLf uYpvKzFrh3Aoa06ZnSBxrSDeMEoHifCFIQvjHWJHCOlTvu/pVKj+s582vS5CD/9g zHEJXrs/0Bt8e5zXfrfoMb38OVyGGJly2gc3GaSVVH5wlKk14InoJmpvoIqiGCzP 1ChbLcTc -----END CERTIFICATE-----Generated at Thu Jan 8 09:14:13 2026 by rpki-client