This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/lcT96ZzrgNrjwAQX6YLJUQASpVs.roa File: lcT96ZzrgNrjwAQX6YLJUQASpVs.roa (raw, json) Hash identifier: +FyKaAXENUvPnj9qcKJs6oAPI3YhDnrLqCeTNqT1FEk= Subject key identifier: 95:C4:FD:E9:9C:EB:80:DA:E3:C0:04:17:E9:82:C9:51:00:12:A5:5B Certificate issuer: /CN=363f09508fdf256448219b284bb09b23b2b51396 Certificate serial: 019B7834BB830DD1AB574ED0481FEA9E507F Authority key identifier: 36:3F:09:50:8F:DF:25:64:48:21:9B:28:4B:B0:9B:23:B2:B5:13:96 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/lcT96ZzrgNrjwAQX6YLJUQASpVs.roa Signing time: Thu 01 Jan 2026 06:18:00 +0000 ROA not before: Thu 01 Jan 2026 06:18:00 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 30058 IP address blocks: 2.59.21.0/24 maxlen: 24 2.59.22.0/24 maxlen: 24 86.54.28.0/24 maxlen: 24 86.54.29.0/24 maxlen: 24 2a01:e940::/48 maxlen: 48 2a01:e943::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.crl rsync://rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.mft rsync://rpki.ripe.net/repository/DEFAULT/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 02 Jan 2026 06:19:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:34:bb:83:0d:d1:ab:57:4e:d0:48:1f:ea:9e:50:7f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=363f09508fdf256448219b284bb09b23b2b51396 Validity Not Before: Jan 1 06:18:00 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=95c4fde99ceb80dae3c00417e982c9510012a55b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:7b:b0:3c:0e:06:df:c1:b2:86:ef:7b:e4:22: b7:0b:f8:36:04:1c:c9:80:19:4b:7f:ec:88:9b:4a: 5d:cf:87:f6:7f:f7:21:7c:23:3f:67:60:8c:6d:b6: bb:b6:65:6b:c8:b6:5c:c4:3c:8b:17:63:c7:d1:a7: 7d:a0:8f:74:11:39:f4:52:b8:f8:57:9a:55:cc:5a: 7e:34:80:05:88:5d:af:7d:f6:06:51:d8:fd:86:b5: c0:5c:fd:db:e4:40:e7:c5:12:6c:f1:21:29:7c:e8: c1:54:6f:2c:ee:a4:42:70:59:f4:3e:e3:6f:77:f6: 9b:e0:e5:30:6a:06:04:ed:7c:3a:b0:59:50:4c:99: a0:37:c1:8b:f7:30:95:56:aa:4d:95:86:8a:f3:76: 5b:14:ca:b1:98:3d:8e:93:bd:a3:d4:65:10:c5:00: f8:f9:2c:4b:9b:6e:e7:98:42:de:98:ae:fc:6a:8b: 07:9c:b9:da:ec:e1:41:3d:44:6a:2a:20:c8:60:1d: 49:1b:c9:f9:40:ab:f8:36:a4:9c:42:a6:33:7f:a0: fe:66:c0:20:3e:21:71:9e:60:5b:61:8a:da:6b:da: 96:8b:d0:bc:27:71:7f:16:dd:1b:ca:f5:5e:27:09: 15:7f:6f:c1:4d:59:6b:93:2a:5c:14:b1:7b:22:63: af:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 95:C4:FD:E9:9C:EB:80:DA:E3:C0:04:17:E9:82:C9:51:00:12:A5:5B X509v3 Authority Key Identifier: keyid:36:3F:09:50:8F:DF:25:64:48:21:9B:28:4B:B0:9B:23:B2:B5:13:96 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/lcT96ZzrgNrjwAQX6YLJUQASpVs.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 2.59.21.0-2.59.22.255 86.54.28.0/23 IPv6: 2a01:e940::/48 2a01:e943::/48 Signature Algorithm: sha256WithRSAEncryption a8:58:c5:0f:33:ec:55:fb:c2:66:0b:52:ce:3d:ee:17:7e:cf: 27:d0:99:70:8a:e6:ff:db:ee:0d:5b:e6:4f:f1:92:78:9a:99: 13:6b:38:6a:34:af:4e:5e:7a:f2:2e:61:70:41:10:a2:ca:a1: 56:75:7e:14:f8:b5:17:09:6e:59:f2:21:7a:e8:c4:c9:06:07: ad:eb:d2:5b:af:ca:20:01:23:ed:4a:ae:a4:ad:b9:88:38:d1: 19:f7:2c:93:3b:58:e6:ee:5a:3c:e7:af:3d:9a:fa:76:26:32: 0e:64:93:22:38:6e:ba:97:2c:ac:be:51:19:2f:8f:62:0e:b7: 3d:d4:65:af:93:5e:c8:af:cf:d3:44:34:96:cf:51:5a:74:df: f4:cc:ac:70:8d:c5:d7:d5:e4:f4:de:17:34:94:9a:9e:cc:63: 9c:00:88:16:74:34:51:ed:5d:85:aa:6e:81:d2:2e:be:4c:74: 40:1e:e7:4d:d0:64:d0:c3:ab:57:79:61:25:4b:16:cf:5f:c9: e9:85:14:e2:3d:2a:41:c3:20:70:0e:21:f3:9d:3d:4a:d8:a6: 4a:19:3b:a1:d1:56:7c:1f:0a:94:4c:23:49:68:c4:dc:e6:41: f4:e9:05:c4:2d:a1:e0:7a:21:ef:e1:8f:74:3b:ee:28:e1:96: e7:87:b0:eb -----BEGIN CERTIFICATE----- MIIFJTCCBA2gAwIBAgISAZt4NLuDDdGrV07QSB/qnlB/MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM2M2YwOTUwOGZkZjI1NjQ0ODIxOWIyODRiYjA5YjIzYjJi NTEzOTYwHhcNMjYwMTAxMDYxODAwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5NWM0ZmRlOTljZWI4MGRhZTNjMDA0MTdlOTgyYzk1MTAwMTJhNTViMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1HuwPA4G38Gyhu975CK3C/g2BBzJ gBlLf+yIm0pdz4f2f/chfCM/Z2CMbba7tmVryLZcxDyLF2PH0ad9oI90ETn0Urj4 V5pVzFp+NIAFiF2vffYGUdj9hrXAXP3b5EDnxRJs8SEpfOjBVG8s7qRCcFn0PuNv d/ab4OUwagYE7Xw6sFlQTJmgN8GL9zCVVqpNlYaK83ZbFMqxmD2Ok72j1GUQxQD4 +SxLm27nmELemK78aosHnLna7OFBPURqKiDIYB1JG8n5QKv4NqScQqYzf6D+ZsAg PiFxnmBbYYraa9qWi9C8J3F/Ft0byvVeJwkVf2/BTVlrkypcFLF7ImOvdwIDAQAB o4ICMTCCAi0wHQYDVR0OBBYEFJXE/emc64Da48AEF+mCyVEAEqVbMB8GA1UdIwQY MBaAFDY/CVCP3yVkSCGbKEuwmyOytROWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTmo4SlVJX2ZKV1JJSVpzb1M3Q2JJN0sxRTVZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9hZDA1ZjItYWIzOS00MTMyLTg0OTIt ZmQ4MTQ0NTVhODY4LzEvbGNUOTZaenJnTnJqd0FRWDZZTEpVUUFTcFZzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Zi9hZDA1ZjItYWIzOS00MTMyLTg0OTItZmQ4MTQ0NTVhODY4 LzEvTmo4SlVJX2ZKV1JJSVpzb1M3Q2JJN0sxRTVZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAaBAIAATAUMAwDBAACOxUD BAACOxYDBAFWNhwwGAQCAAIwEgMHACoB6UAAAAMHACoB6UMAADANBgkqhkiG9w0B AQsFAAOCAQEAqFjFDzPsVfvCZgtSzj3uF37PJ9CZcIrm/9vuDVvmT/GSeJqZE2s4 ajSvTl568i5hcEEQosqhVnV+FPi1FwluWfIheujEyQYHrevSW6/KIAEj7UqupK25 iDjRGfcskztY5u5aPOevPZr6diYyDmSTIjhuupcsrL5RGS+PYg63PdRlr5NeyK/P 00Q0ls9RWnTf9MyscI3F19Xk9N4XNJSansxjnACIFnQ0Ue1dhapugdIuvkx0QB7n TdBk0MOrV3lhJUsWz1/J6YUU4j0qQcMgcA4h8509StimShk7odFWfB8KlEwjSWjE 3OZB9OkFxC2h4Hoh7+GPdDvuKOGW54ew6w== -----END CERTIFICATE-----Generated at Thu Jan 1 10:27:28 2026 by rpki-client