This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/5ad73b-db17-4322-ade5-b9a9d8ae9421/1/LrHV0w3M6j_K-JqUnN8G1dXCvtE.roa File: LrHV0w3M6j_K-JqUnN8G1dXCvtE.roa (raw, json) Hash identifier: Cv94An137RKGzp/Xq5QPjrl4rBtVxPtFDPjnMK69R9E= Subject key identifier: 2E:B1:D5:D3:0D:CC:EA:3F:CA:F8:9A:94:9C:DF:06:D5:D5:C2:BE:D1 Certificate issuer: /CN=9b759ec9ff54de03a7ff3a65edbb2e0758e6878c Certificate serial: 019B7C12805076A6F3AB7910792C6CE6D2D1 Authority key identifier: 9B:75:9E:C9:FF:54:DE:03:A7:FF:3A:65:ED:BB:2E:07:58:E6:87:8C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m3Weyf9U3gOn_zpl7bsuB1jmh4w.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/5ad73b-db17-4322-ade5-b9a9d8ae9421/1/LrHV0w3M6j_K-JqUnN8G1dXCvtE.roa Signing time: Fri 02 Jan 2026 00:19:05 +0000 ROA not before: Fri 02 Jan 2026 00:19:05 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 212727 IP address blocks: 164.153.132.0/24 maxlen: 24 164.153.133.0/24 maxlen: 24 164.153.134.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/49/5ad73b-db17-4322-ade5-b9a9d8ae9421/1/m3Weyf9U3gOn_zpl7bsuB1jmh4w.crl rsync://rpki.ripe.net/repository/DEFAULT/49/5ad73b-db17-4322-ade5-b9a9d8ae9421/1/m3Weyf9U3gOn_zpl7bsuB1jmh4w.mft rsync://rpki.ripe.net/repository/DEFAULT/m3Weyf9U3gOn_zpl7bsuB1jmh4w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 09:01:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:12:80:50:76:a6:f3:ab:79:10:79:2c:6c:e6:d2:d1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9b759ec9ff54de03a7ff3a65edbb2e0758e6878c Validity Not Before: Jan 2 00:19:05 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=2eb1d5d30dccea3fcaf89a949cdf06d5d5c2bed1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:0b:4d:5d:5c:7c:ae:b0:98:d2:e0:70:16:bd: aa:6c:20:40:ae:0f:06:88:2e:df:bf:20:77:e4:88: bc:d9:f1:c6:86:f0:f3:1e:e6:fb:72:90:b0:37:be: ea:a0:a5:a1:5e:6f:98:b9:55:5a:0f:74:f6:88:ca: a1:26:6f:91:40:85:3e:41:7a:59:84:f3:ea:6d:1b: 24:3f:b7:12:6c:13:d6:06:b2:a6:63:f0:97:97:f4: b8:2f:f5:42:a3:6b:d2:71:93:6d:af:ef:68:02:eb: 3f:6b:42:cb:85:b1:83:8f:17:a2:26:5b:24:c1:e3: ff:d0:7a:08:7e:92:2d:3b:01:93:b1:8b:b1:ab:95: 08:c1:d0:e5:c2:ff:f2:a8:e1:c1:89:49:16:fd:e6: 6a:1e:78:3f:22:ff:6c:75:e8:53:04:c5:bc:04:6a: ec:eb:60:21:a5:73:b8:01:50:73:19:02:48:27:b7: 5a:08:b5:ca:fa:b0:f1:e2:a4:a2:ad:98:dd:e9:1a: b2:0a:84:1b:80:e2:61:e2:3c:e2:96:d9:e2:8d:b8: 30:38:64:68:05:24:a8:b0:96:10:77:7d:be:bb:33: e7:0a:24:ae:ac:ae:4d:49:42:4c:bf:58:cb:17:85: e4:26:cc:98:08:f3:eb:ea:06:59:2a:f0:6d:b5:78: 01:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2E:B1:D5:D3:0D:CC:EA:3F:CA:F8:9A:94:9C:DF:06:D5:D5:C2:BE:D1 X509v3 Authority Key Identifier: keyid:9B:75:9E:C9:FF:54:DE:03:A7:FF:3A:65:ED:BB:2E:07:58:E6:87:8C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m3Weyf9U3gOn_zpl7bsuB1jmh4w.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/5ad73b-db17-4322-ade5-b9a9d8ae9421/1/LrHV0w3M6j_K-JqUnN8G1dXCvtE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/49/5ad73b-db17-4322-ade5-b9a9d8ae9421/1/m3Weyf9U3gOn_zpl7bsuB1jmh4w.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 164.153.132.0-164.153.134.255 Signature Algorithm: sha256WithRSAEncryption a1:b3:56:7f:72:b0:f0:2a:ab:db:84:3a:9b:f6:89:ae:dc:e0: 83:8d:15:c6:96:50:c3:bf:32:fa:95:fd:87:e7:15:1a:b2:32: c7:22:e8:25:f3:b4:dd:7a:8a:53:33:2b:bc:24:16:e6:f3:16: 8e:19:9c:96:76:62:4c:06:7a:e8:20:82:c4:d3:08:ac:61:35: c5:bb:4d:c3:3c:ad:7d:f2:17:8d:f7:3d:89:06:be:6d:1a:e0: cd:4c:00:a8:6c:94:87:a4:95:49:4d:3a:c7:24:b6:7a:96:40: 5b:1d:29:46:86:bb:3c:af:70:53:2a:f6:e4:de:48:d7:c0:18: 46:37:37:c1:28:53:4e:6a:7d:95:5b:f6:8a:e9:32:12:e8:0b: a9:b7:1d:55:af:b5:01:65:21:81:63:40:f0:ec:47:4e:8e:32: f9:8f:1c:dc:39:b8:d4:90:ad:9b:b4:ae:2d:84:fb:5d:e6:07: db:3d:c9:71:69:b2:a1:2f:44:cc:8f:a3:79:18:f2:a4:f7:18: a3:54:13:42:6f:75:b7:36:c5:86:32:a6:cc:1e:4c:a9:a8:1c: ea:93:ef:81:d5:1f:39:e1:59:ab:48:f6:90:ff:e2:91:f1:a1: 32:89:ba:60:4b:71:93:8f:a8:e1:fc:e0:b7:c3:a4:b7:8e:1b: aa:45:1a:21 -----BEGIN CERTIFICATE----- MIIFBTCCA+2gAwIBAgISAZt8EoBQdqbzq3kQeSxs5tLRMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDliNzU5ZWM5ZmY1NGRlMDNhN2ZmM2E2NWVkYmIyZTA3NThl Njg3OGMwHhcNMjYwMTAyMDAxOTA1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyZWIxZDVkMzBkY2NlYTNmY2FmODlhOTQ5Y2RmMDZkNWQ1YzJiZWQxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArgtNXVx8rrCY0uBwFr2qbCBArg8G iC7fvyB35Ii82fHGhvDzHub7cpCwN77qoKWhXm+YuVVaD3T2iMqhJm+RQIU+QXpZ hPPqbRskP7cSbBPWBrKmY/CXl/S4L/VCo2vScZNtr+9oAus/a0LLhbGDjxeiJlsk weP/0HoIfpItOwGTsYuxq5UIwdDlwv/yqOHBiUkW/eZqHng/Iv9sdehTBMW8BGrs 62AhpXO4AVBzGQJIJ7daCLXK+rDx4qSirZjd6RqyCoQbgOJh4jziltnijbgwOGRo BSSosJYQd32+uzPnCiSurK5NSUJMv1jLF4XkJsyYCPPr6gZZKvBttXgBnQIDAQAB o4ICETCCAg0wHQYDVR0OBBYEFC6x1dMNzOo/yvialJzfBtXVwr7RMB8GA1UdIwQY MBaAFJt1nsn/VN4Dp/86Ze27LgdY5oeMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbTNXZXlmOVUzZ09uX3pwbDdic3VCMWptaDR3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS81YWQ3M2ItZGIxNy00MzIyLWFkZTUt YjlhOWQ4YWU5NDIxLzEvTHJIVjB3M002al9LLUpxVW5OOEcxZFhDdnRFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80OS81YWQ3M2ItZGIxNy00MzIyLWFkZTUtYjlhOWQ4YWU5NDIx LzEvbTNXZXlmOVUzZ09uX3pwbDdic3VCMWptaDR3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAKkmYQD BACkmYYwDQYJKoZIhvcNAQELBQADggEBAKGzVn9ysPAqq9uEOpv2ia7c4IONFcaW UMO/MvqV/YfnFRqyMsci6CXztN16ilMzK7wkFubzFo4ZnJZ2YkwGeugggsTTCKxh NcW7TcM8rX3yF433PYkGvm0a4M1MAKhslIeklUlNOscktnqWQFsdKUaGuzyvcFMq 9uTeSNfAGEY3N8EoU05qfZVb9orpMhLoC6m3HVWvtQFlIYFjQPDsR06OMvmPHNw5 uNSQrZu0ri2E+13mB9s9yXFpsqEvRMyPo3kY8qT3GKNUE0Jvdbc2xYYypsweTKmo HOqT74HVHznhWatI9pD/4pHxoTKJumBLcZOPqOH84LfDpLeOG6pFGiE= -----END CERTIFICATE-----Generated at Fri Jan 2 14:22:15 2026 by rpki-client