This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/LZo6tdp_WVAj9gc3pDO25d2CLMQ.roa File: LZo6tdp_WVAj9gc3pDO25d2CLMQ.roa (raw, json) Hash identifier: ohhazATVhdZ7zVrazlCEXd2rb7YmbLIlpTPnku6xvz8= Subject key identifier: 2D:9A:3A:B5:DA:7F:59:50:23:F6:07:37:A4:33:B6:E5:DD:82:2C:C4 Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da Certificate serial: 019B7E37BE76A44B609C8EAE8AF53C347F4F Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/LZo6tdp_WVAj9gc3pDO25d2CLMQ.roa Signing time: Fri 02 Jan 2026 10:19:01 +0000 ROA not before: Fri 02 Jan 2026 10:19:01 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 135391 IP address blocks: 158.173.216.0/24 maxlen: 24 158.173.221.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.mft rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 08 Jan 2026 11:32:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:37:be:76:a4:4b:60:9c:8e:ae:8a:f5:3c:34:7f:4f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da Validity Not Before: Jan 2 10:19:01 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=2d9a3ab5da7f595023f60737a433b6e5dd822cc4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:a8:1b:ae:f7:6c:f3:5f:24:93:e9:f9:18:22: 74:7a:96:b5:04:d3:f0:91:c4:f9:4b:c8:3d:15:b9: e5:f1:73:35:ff:80:2a:68:41:2e:59:33:f7:5a:00: 41:02:3d:21:ea:43:ff:25:0c:e7:4c:10:56:d4:d4: c9:e7:45:bf:e4:5d:cf:c0:44:21:bf:ad:1f:0d:ae: 78:1a:32:18:c9:cf:b4:fa:b3:a2:18:44:7d:d2:f5: 3c:54:81:a0:06:bd:41:6e:88:43:03:17:88:e3:27: 76:1c:cb:fe:f9:5a:23:1f:9a:ac:24:39:fd:e5:9e: 0c:73:2c:d9:0b:67:d7:f5:ed:52:1d:1a:1a:cc:8f: 24:13:2d:f8:c2:b0:55:a5:df:a6:8f:76:f3:65:29: 0d:cf:79:2b:33:a1:94:f7:1a:5a:53:d6:f4:96:45: 34:94:8e:1b:2d:bb:52:be:df:77:2a:bb:bf:da:e4: 3a:59:b3:36:e4:29:aa:81:a0:d1:a9:b1:1e:b4:a8: 2c:32:5a:82:c3:56:be:13:0b:4c:7f:15:b9:f5:1a: 20:c2:82:d4:90:07:0f:e8:c6:3b:73:3a:70:cb:3e: a0:d4:4f:23:b1:aa:7e:ad:ad:2e:9f:96:10:a3:46: b6:f2:94:ed:39:3d:36:55:c5:66:58:ae:60:e5:e4: 97:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2D:9A:3A:B5:DA:7F:59:50:23:F6:07:37:A4:33:B6:E5:DD:82:2C:C4 X509v3 Authority Key Identifier: keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/LZo6tdp_WVAj9gc3pDO25d2CLMQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 158.173.216.0/24 158.173.221.0/24 Signature Algorithm: sha256WithRSAEncryption 4d:78:06:3e:c9:be:0b:6d:5e:86:57:5e:3b:53:4c:ec:46:b8: 80:13:be:8e:b7:43:4e:61:ed:eb:bd:84:ca:c4:29:d4:97:95: 35:35:9d:b8:ee:19:73:9e:e7:35:2e:f0:2e:8d:7a:7f:77:ca: 0a:a4:ed:46:cc:3e:18:d2:75:55:5c:06:00:a4:0d:33:ce:3b: d2:a5:36:47:83:13:50:5d:1d:f6:80:c6:88:16:b7:fb:9c:34: 67:d3:26:6d:a2:11:0c:29:7f:d1:81:6d:59:2a:52:c0:30:71: e5:11:a2:1c:61:fc:a0:d8:18:91:c4:fa:c6:25:25:20:fb:70: 3c:cd:01:a0:2a:74:13:6f:4a:1b:72:2d:77:df:36:3c:08:91: c0:87:d2:1e:03:13:ec:d3:b7:e8:b5:95:e9:c9:6f:db:8c:97: 47:f9:f1:b6:91:71:2b:f2:a7:1a:93:15:64:83:68:5e:33:cc: f0:b1:20:53:46:1a:64:7b:a2:8f:80:00:11:80:11:23:3b:0a: bb:9d:90:f9:c3:76:0e:ca:bf:85:c5:25:29:5e:c6:9b:77:3e: a8:7c:3f:35:70:e4:47:ca:73:c9:ac:4a:8e:0a:d7:9d:83:9d: 4b:b3:bc:85:c3:f7:b8:55:f4:3c:d4:aa:32:c6:29:40:2e:98: 76:66:0a:3c -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt+N752pEtgnI6uivU8NH9PMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5 NTkyZGEwHhcNMjYwMTAyMTAxOTAxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyZDlhM2FiNWRhN2Y1OTUwMjNmNjA3MzdhNDMzYjZlNWRkODIyY2M0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2agbrvds818kk+n5GCJ0epa1BNPw kcT5S8g9Fbnl8XM1/4AqaEEuWTP3WgBBAj0h6kP/JQznTBBW1NTJ50W/5F3PwEQh v60fDa54GjIYyc+0+rOiGER90vU8VIGgBr1BbohDAxeI4yd2HMv++VojH5qsJDn9 5Z4McyzZC2fX9e1SHRoazI8kEy34wrBVpd+mj3bzZSkNz3krM6GU9xpaU9b0lkU0 lI4bLbtSvt93Kru/2uQ6WbM25CmqgaDRqbEetKgsMlqCw1a+EwtMfxW59RogwoLU kAcP6MY7czpwyz6g1E8jsap+ra0un5YQo0a28pTtOT02VcVmWK5g5eSX0QIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFC2aOrXaf1lQI/YHN6QztuXdgizEMB8GA1UdIwQY MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt ZjVmYjcxYjlhNTFmLzEvTFpvNnRkcF9XVkFqOWdjM3BETzI1ZDJDTE1RLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAnq3YAwQA nq3dMA0GCSqGSIb3DQEBCwUAA4IBAQBNeAY+yb4LbV6GV147U0zsRriAE76Ot0NO Ye3rvYTKxCnUl5U1NZ247hlznuc1LvAujXp/d8oKpO1GzD4Y0nVVXAYApA0zzjvS pTZHgxNQXR32gMaIFrf7nDRn0yZtohEMKX/RgW1ZKlLAMHHlEaIcYfyg2BiRxPrG JSUg+3A8zQGgKnQTb0obci133zY8CJHAh9IeAxPs07fotZXpyW/bjJdH+fG2kXEr 8qcakxVkg2heM8zwsSBTRhpke6KPgAARgBEjOwq7nZD5w3YOyr+FxSUpXsabdz6o fD81cORHynPJrEqOCtedg51Ls7yFw/e4VfQ81KoyxilALph2Zgo8 -----END CERTIFICATE-----Generated at Wed Jan 7 14:41:04 2026 by rpki-client