This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/0866b0-fe6b-466f-bb86-2d9fca662e52/1/LbDAcjZRmfBvnYit-qN-3rlzTKY.roa File: LbDAcjZRmfBvnYit-qN-3rlzTKY.roa (raw, json) Hash identifier: +vYoAsDEQG/i2Ib8tFZBcU6HYqtLxdIh9g5RpOOfFc0= Subject key identifier: 2D:B0:C0:72:36:51:99:F0:6F:9D:88:AD:FA:A3:7E:DE:B9:73:4C:A6 Certificate issuer: /CN=d908722a7555dd1621dd6a62209fa8da52942999 Certificate serial: 019B78A2F8059560A7DB6F1EBA37820D122C Authority key identifier: D9:08:72:2A:75:55:DD:16:21:DD:6A:62:20:9F:A8:DA:52:94:29:99 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2QhyKnVV3RYh3WpiIJ-o2lKUKZk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/0866b0-fe6b-466f-bb86-2d9fca662e52/1/LbDAcjZRmfBvnYit-qN-3rlzTKY.roa Signing time: Thu 01 Jan 2026 08:18:24 +0000 ROA not before: Thu 01 Jan 2026 08:18:24 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 201299 IP address blocks: 185.109.161.0/24 maxlen: 24 2a10:5c0::/29 maxlen: 42 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6b/0866b0-fe6b-466f-bb86-2d9fca662e52/1/2QhyKnVV3RYh3WpiIJ-o2lKUKZk.crl rsync://rpki.ripe.net/repository/DEFAULT/6b/0866b0-fe6b-466f-bb86-2d9fca662e52/1/2QhyKnVV3RYh3WpiIJ-o2lKUKZk.mft rsync://rpki.ripe.net/repository/DEFAULT/2QhyKnVV3RYh3WpiIJ-o2lKUKZk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a2:f8:05:95:60:a7:db:6f:1e:ba:37:82:0d:12:2c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d908722a7555dd1621dd6a62209fa8da52942999 Validity Not Before: Jan 1 08:18:24 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=2db0c072365199f06f9d88adfaa37edeb9734ca6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:14:13:4e:87:e0:bd:4d:00:34:de:01:14:a8: 7d:d7:ba:a7:b9:1f:ac:58:1d:23:21:79:e2:51:7b: 61:ad:06:f6:78:38:00:c5:b7:e4:52:cc:fe:54:be: 10:ff:96:e6:90:e9:d4:30:4e:9b:42:c3:32:7e:d1: 46:c9:a6:fa:10:6e:13:49:72:92:8d:0e:f5:2a:53: 37:77:40:7c:09:f0:18:d0:d9:fb:c0:51:2f:2b:ef: 51:1c:7c:b7:94:9e:f1:c3:d4:0d:22:00:c8:52:f9: 21:e3:7b:e8:32:16:bd:79:91:9f:7d:5c:c8:1e:82: 38:8c:55:6c:93:ea:37:37:32:f6:70:65:70:61:16: 9c:e7:8a:2e:65:a4:8c:2f:44:7e:93:ba:0e:cb:d6: 04:fe:1b:b4:80:1a:6a:f9:e9:44:45:c8:92:77:01: be:90:57:f7:27:8c:9e:b4:64:a1:b2:aa:98:68:e0: 99:81:c0:2e:20:0b:5c:be:24:80:c5:d6:a3:65:8e: fd:49:98:08:74:3c:6e:23:97:5a:f9:54:db:7b:c5: 55:b2:ac:3c:c5:62:dd:62:d8:80:9a:85:91:5b:6f: 88:21:5c:69:d6:78:20:3e:98:6a:b5:34:43:f0:9d: 39:2e:9a:9d:e4:fd:b7:33:eb:46:20:5e:f7:44:ac: 38:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2D:B0:C0:72:36:51:99:F0:6F:9D:88:AD:FA:A3:7E:DE:B9:73:4C:A6 X509v3 Authority Key Identifier: keyid:D9:08:72:2A:75:55:DD:16:21:DD:6A:62:20:9F:A8:DA:52:94:29:99 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2QhyKnVV3RYh3WpiIJ-o2lKUKZk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0866b0-fe6b-466f-bb86-2d9fca662e52/1/LbDAcjZRmfBvnYit-qN-3rlzTKY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0866b0-fe6b-466f-bb86-2d9fca662e52/1/2QhyKnVV3RYh3WpiIJ-o2lKUKZk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.109.161.0/24 IPv6: 2a10:5c0::/29 Signature Algorithm: sha256WithRSAEncryption c1:51:bb:35:29:b3:79:19:8d:1c:96:44:93:aa:f6:90:5e:5b: a1:3c:07:d0:b9:20:93:27:bd:12:a0:73:35:d5:a7:62:c4:70: 9e:3d:a5:bd:2c:6f:d9:0d:30:a1:3f:18:03:e1:b0:26:76:aa: 1d:d4:92:25:dc:8f:5c:5a:9d:bc:77:ad:04:0d:1c:f2:be:bb: 0f:41:e3:e6:97:48:32:f4:ed:56:71:85:92:63:ef:61:75:6e: af:58:82:e7:37:3f:09:12:bf:73:05:2a:fa:00:d7:3a:3a:93: f7:03:68:6a:6b:a7:21:92:8f:48:8e:5c:08:3e:0d:80:b0:8f: 73:86:f2:c5:71:fa:a3:bd:24:74:0f:e9:34:4b:da:cc:c0:49: df:3c:62:46:67:89:c1:7a:04:12:66:2c:40:c5:6f:8e:d5:58: fc:31:3c:10:c5:49:e2:cd:4f:0e:bf:d1:6e:fa:90:21:8a:d2: f6:6a:f4:c4:3a:3d:28:1a:a6:9d:0e:33:01:fc:61:07:a2:df: 54:91:19:be:73:cd:de:2d:89:6d:db:f2:12:93:d7:f0:67:61: b1:0f:71:a8:85:ed:ef:b7:ad:1f:6f:41:a5:45:79:0e:20:9c: 95:2d:94:ba:c8:83:b0:ae:90:8c:4f:bc:c4:df:d9:3c:65:58: 89:c0:57:13 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt4ovgFlWCn228eujeCDRIsMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ5MDg3MjJhNzU1NWRkMTYyMWRkNmE2MjIwOWZhOGRhNTI5 NDI5OTkwHhcNMjYwMTAxMDgxODI0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyZGIwYzA3MjM2NTE5OWYwNmY5ZDg4YWRmYWEzN2VkZWI5NzM0Y2E2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzBQTTofgvU0ANN4BFKh917qnuR+s WB0jIXniUXthrQb2eDgAxbfkUsz+VL4Q/5bmkOnUME6bQsMyftFGyab6EG4TSXKS jQ71KlM3d0B8CfAY0Nn7wFEvK+9RHHy3lJ7xw9QNIgDIUvkh43voMha9eZGffVzI HoI4jFVsk+o3NzL2cGVwYRac54ouZaSML0R+k7oOy9YE/hu0gBpq+elERciSdwG+ kFf3J4yetGShsqqYaOCZgcAuIAtcviSAxdajZY79SZgIdDxuI5da+VTbe8VVsqw8 xWLdYtiAmoWRW2+IIVxp1nggPphqtTRD8J05Lpqd5P23M+tGIF73RKw4UQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFC2wwHI2UZnwb52Irfqjft65c0ymMB8GA1UdIwQY MBaAFNkIcip1Vd0WId1qYiCfqNpSlCmZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMlFoeUtuVlYzUlloM1dwaUlKLW8ybEtVS1prLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8wODY2YjAtZmU2Yi00NjZmLWJiODYt MmQ5ZmNhNjYyZTUyLzEvTGJEQWNqWlJtZkJ2bllpdC1xTi0zcmx6VEtZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Yi8wODY2YjAtZmU2Yi00NjZmLWJiODYtMmQ5ZmNhNjYyZTUy LzEvMlFoeUtuVlYzUlloM1dwaUlKLW8ybEtVS1prLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuW2hMA0E AgACMAcDBQMqEAXAMA0GCSqGSIb3DQEBCwUAA4IBAQDBUbs1KbN5GY0clkSTqvaQ XluhPAfQuSCTJ70SoHM11adixHCePaW9LG/ZDTChPxgD4bAmdqod1JIl3I9cWp28 d60EDRzyvrsPQePml0gy9O1WcYWSY+9hdW6vWILnNz8JEr9zBSr6ANc6OpP3A2hq a6chko9IjlwIPg2AsI9zhvLFcfqjvSR0D+k0S9rMwEnfPGJGZ4nBegQSZixAxW+O 1Vj8MTwQxUnizU8Ov9Fu+pAhitL2avTEOj0oGqadDjMB/GEHot9UkRm+c83eLYlt 2/ISk9fwZ2GxD3Gohe3vt60fb0GlRXkOIJyVLZS6yIOwrpCMT7zE39k8ZViJwFcT -----END CERTIFICATE-----Generated at Mon Feb 9 22:16:08 2026 by rpki-client