This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/30eaee-1ad7-4e73-a4dc-8ae51f62d218/1/lAqIj2UybXhOPBtGQcLNXWIjono.roa File: lAqIj2UybXhOPBtGQcLNXWIjono.roa (raw, json) Hash identifier: UVYOgTudlzpIM7zdesRsrm334w88DrZr8YDCmf2V4Cs= Subject key identifier: 94:0A:88:8F:65:32:6D:78:4E:3C:1B:46:41:C2:CD:5D:62:23:A2:7A Certificate issuer: /CN=75b345562d5718b6c4b206b1ae304fc68436adb2 Certificate serial: 019B791035C0EADEDFDA4013B22A33247354 Authority key identifier: 75:B3:45:56:2D:57:18:B6:C4:B2:06:B1:AE:30:4F:C6:84:36:AD:B2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dbNFVi1XGLbEsgaxrjBPxoQ2rbI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/30eaee-1ad7-4e73-a4dc-8ae51f62d218/1/lAqIj2UybXhOPBtGQcLNXWIjono.roa Signing time: Thu 01 Jan 2026 10:17:43 +0000 ROA not before: Thu 01 Jan 2026 10:17:43 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 28795 IP address blocks: 144.127.0.0/16 maxlen: 16 144.127.3.0/24 maxlen: 24 144.127.6.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/30eaee-1ad7-4e73-a4dc-8ae51f62d218/1/dbNFVi1XGLbEsgaxrjBPxoQ2rbI.crl rsync://rpki.ripe.net/repository/DEFAULT/7a/30eaee-1ad7-4e73-a4dc-8ae51f62d218/1/dbNFVi1XGLbEsgaxrjBPxoQ2rbI.mft rsync://rpki.ripe.net/repository/DEFAULT/dbNFVi1XGLbEsgaxrjBPxoQ2rbI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 13:01:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:10:35:c0:ea:de:df:da:40:13:b2:2a:33:24:73:54 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75b345562d5718b6c4b206b1ae304fc68436adb2 Validity Not Before: Jan 1 10:17:43 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=940a888f65326d784e3c1b4641c2cd5d6223a27a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:b8:cc:7a:17:bf:63:74:30:0f:27:c3:a4:33: bc:28:40:4b:fd:be:f8:e7:19:05:9c:67:be:8f:54: 6c:1e:5d:ac:5b:ef:cf:2e:62:f4:2c:7c:3a:9c:54: b1:7b:d1:65:be:93:0b:5e:19:f3:76:e5:fa:4e:9c: e9:61:82:78:34:e5:34:41:52:97:d3:c1:ec:16:f6: 1c:b7:a5:6e:a5:46:f0:df:e3:06:25:42:41:3b:da: c2:85:a5:38:7a:51:ba:66:0f:b6:b6:ac:e2:69:f2: 17:c5:70:92:b4:c6:30:6d:cd:87:a7:b5:f1:d8:22: 7c:13:f0:4b:bc:6b:07:56:24:cf:4a:43:a0:f8:7a: 7e:a6:b9:73:90:84:85:e1:d4:44:e1:96:2e:37:03: d7:30:36:b1:2c:f4:45:ec:f1:12:91:ff:fb:23:51: ea:fc:5a:39:da:20:d8:6f:c6:ee:fa:c9:92:18:9a: 90:27:78:36:ae:74:28:95:c6:9d:e2:b1:bc:b4:25: e0:b4:f0:93:e1:51:cf:4e:a5:66:bd:ea:54:b2:f1: 95:da:be:2f:2b:7b:84:1d:cd:18:2c:0a:e2:eb:2d: 19:3e:36:a4:67:62:da:16:be:f6:a9:6a:db:79:ef: 5d:fa:0a:f4:90:81:ba:31:4d:fd:13:79:86:d2:12: 1a:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 94:0A:88:8F:65:32:6D:78:4E:3C:1B:46:41:C2:CD:5D:62:23:A2:7A X509v3 Authority Key Identifier: keyid:75:B3:45:56:2D:57:18:B6:C4:B2:06:B1:AE:30:4F:C6:84:36:AD:B2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dbNFVi1XGLbEsgaxrjBPxoQ2rbI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/30eaee-1ad7-4e73-a4dc-8ae51f62d218/1/lAqIj2UybXhOPBtGQcLNXWIjono.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/30eaee-1ad7-4e73-a4dc-8ae51f62d218/1/dbNFVi1XGLbEsgaxrjBPxoQ2rbI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 144.127.0.0/16 Signature Algorithm: sha256WithRSAEncryption 15:3e:08:4e:a4:29:ec:db:df:80:80:ea:dc:40:a2:65:59:82: 67:0e:ef:5a:55:40:f0:cb:a7:eb:34:4a:54:40:25:8a:9b:ed: 3e:22:4d:91:cf:f8:09:29:4e:db:a5:19:bf:be:5a:0f:ad:57: a9:fa:3b:e8:65:be:50:5e:cd:05:e5:e2:b0:64:49:cd:7f:63: 72:52:58:f6:da:d2:0a:62:85:88:3a:8e:5b:b6:95:18:bb:7e: e7:d1:7e:15:ac:bd:6d:81:4a:f6:1f:2b:75:0c:09:09:94:00: ee:9d:63:9b:ca:99:00:6d:a3:25:18:89:94:9a:03:dd:15:97: 6d:71:04:c7:de:e2:57:ed:a6:3b:90:33:4d:ef:54:ca:b3:85: 05:5b:2d:85:05:71:12:7f:f9:c8:fd:67:67:af:c2:3f:c5:14: 27:3b:6d:3e:e0:a4:1d:39:b3:56:d9:37:ff:a0:21:1b:6f:1a: 47:ab:cc:6a:5b:c3:00:2f:47:75:8b:87:05:bf:33:e6:0c:bf: b3:1e:34:d7:15:58:3a:b7:52:24:16:ea:2a:ba:69:ec:9d:b4: 56:6d:20:d4:31:2c:d5:7a:9d:91:26:76:ad:48:6d:23:38:0d: e5:44:64:e6:ae:89:3c:e8:4f:4b:c8:e3:50:f7:ef:0c:3e:a1: 58:b2:86:a9 -----BEGIN CERTIFICATE----- MIIE/DCCA+SgAwIBAgISAZt5EDXA6t7f2kATsiozJHNUMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc1YjM0NTU2MmQ1NzE4YjZjNGIyMDZiMWFlMzA0ZmM2ODQz NmFkYjIwHhcNMjYwMTAxMTAxNzQzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5NDBhODg4ZjY1MzI2ZDc4NGUzYzFiNDY0MWMyY2Q1ZDYyMjNhMjdhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsbjMehe/Y3QwDyfDpDO8KEBL/b74 5xkFnGe+j1RsHl2sW+/PLmL0LHw6nFSxe9FlvpMLXhnzduX6TpzpYYJ4NOU0QVKX 08HsFvYct6VupUbw3+MGJUJBO9rChaU4elG6Zg+2tqziafIXxXCStMYwbc2Hp7Xx 2CJ8E/BLvGsHViTPSkOg+Hp+prlzkISF4dRE4ZYuNwPXMDaxLPRF7PESkf/7I1Hq /Fo52iDYb8bu+smSGJqQJ3g2rnQolcad4rG8tCXgtPCT4VHPTqVmvepUsvGV2r4v K3uEHc0YLAri6y0ZPjakZ2LaFr72qWrbee9d+gr0kIG6MU39E3mG0hIaQwIDAQAB o4ICCDCCAgQwHQYDVR0OBBYEFJQKiI9lMm14TjwbRkHCzV1iI6J6MB8GA1UdIwQY MBaAFHWzRVYtVxi2xLIGsa4wT8aENq2yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZGJORlZpMVhHTGJFc2dheHJqQlB4b1EycmJJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS8zMGVhZWUtMWFkNy00ZTczLWE0ZGMt OGFlNTFmNjJkMjE4LzEvbEFxSWoyVXliWGhPUEJ0R1FjTE5YV0lqb25vLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83YS8zMGVhZWUtMWFkNy00ZTczLWE0ZGMtOGFlNTFmNjJkMjE4 LzEvZGJORlZpMVhHTGJFc2dheHJqQlB4b1EycmJJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAkH8wDQYJ KoZIhvcNAQELBQADggEBABU+CE6kKezb34CA6txAomVZgmcO71pVQPDLp+s0SlRA JYqb7T4iTZHP+AkpTtulGb++Wg+tV6n6O+hlvlBezQXl4rBkSc1/Y3JSWPba0gpi hYg6jlu2lRi7fufRfhWsvW2BSvYfK3UMCQmUAO6dY5vKmQBtoyUYiZSaA90Vl21x BMfe4lftpjuQM03vVMqzhQVbLYUFcRJ/+cj9Z2evwj/FFCc7bT7gpB05s1bZN/+g IRtvGkerzGpbwwAvR3WLhwW/M+YMv7MeNNcVWDq3UiQW6iq6aeydtFZtINQxLNV6 nZEmdq1IbSM4DeVEZOauiTzoT0vI41D37ww+oViyhqk= -----END CERTIFICATE-----Generated at Mon Jan 26 19:41:58 2026 by rpki-client