This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/fe276f-946a-446b-8453-170eb1c9fec8/1/LjuU5djH0bj7AfY9nu23U4wSPOA.roa File: LjuU5djH0bj7AfY9nu23U4wSPOA.roa (raw, json) Hash identifier: EiQ98ilCXZaBWGDxlsn6lY55eGRwfatMfYh7/0PXujU= Subject key identifier: 2E:3B:94:E5:D8:C7:D1:B8:FB:01:F6:3D:9E:ED:B7:53:8C:12:3C:E0 Certificate issuer: /CN=b4a5be3307120e65e3c4165c9c8e748c1c12a7a2 Certificate serial: 019B7EA4ED185AFBCD6DBAAB3424ACF04B28 Authority key identifier: B4:A5:BE:33:07:12:0E:65:E3:C4:16:5C:9C:8E:74:8C:1C:12:A7:A2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tKW-MwcSDmXjxBZcnI50jBwSp6I.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/fe276f-946a-446b-8453-170eb1c9fec8/1/LjuU5djH0bj7AfY9nu23U4wSPOA.roa Signing time: Fri 02 Jan 2026 12:18:16 +0000 ROA not before: Fri 02 Jan 2026 12:18:16 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 49115 IP address blocks: 185.70.0.0/22 maxlen: 22 188.120.0.0/19 maxlen: 19 2a03:2760::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7d/fe276f-946a-446b-8453-170eb1c9fec8/1/tKW-MwcSDmXjxBZcnI50jBwSp6I.crl rsync://rpki.ripe.net/repository/DEFAULT/7d/fe276f-946a-446b-8453-170eb1c9fec8/1/tKW-MwcSDmXjxBZcnI50jBwSp6I.mft rsync://rpki.ripe.net/repository/DEFAULT/tKW-MwcSDmXjxBZcnI50jBwSp6I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 18:01:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a4:ed:18:5a:fb:cd:6d:ba:ab:34:24:ac:f0:4b:28 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b4a5be3307120e65e3c4165c9c8e748c1c12a7a2 Validity Not Before: Jan 2 12:18:16 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=2e3b94e5d8c7d1b8fb01f63d9eedb7538c123ce0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:1a:9d:b8:d0:71:c3:06:68:5e:52:f7:a3:e0: e4:a4:6d:e0:21:8e:ff:61:0f:60:05:f7:48:44:1a: 63:91:1f:b1:db:e1:0d:bf:48:20:37:b4:95:18:fa: 44:f1:0d:38:a8:f8:86:63:e8:9c:2f:50:01:e0:be: 4c:90:8d:78:43:83:e3:89:6e:d6:2d:1e:50:be:43: a6:7b:86:52:03:ab:2c:89:04:b5:71:93:35:99:8e: 2d:50:79:99:7b:98:d0:59:c3:b3:78:5f:19:7b:d5: ad:19:67:fa:2b:2f:30:46:d5:a2:8e:f2:03:d0:6a: 9c:54:cc:ac:b0:66:f0:20:88:46:f5:ed:f6:f3:48: 0f:d3:30:94:31:92:89:62:cf:2d:6d:58:ce:32:2d: c2:41:09:05:e1:7a:d4:07:19:4d:53:df:32:0e:e9: e3:94:98:c3:3a:c2:35:58:c3:b9:cc:cb:04:0d:f4: c7:05:b5:80:af:be:c3:d8:5d:b8:aa:e4:4c:c3:41: 62:55:94:3f:c5:cc:fa:68:b9:ed:8a:98:2c:60:fe: f1:41:c2:c6:b5:27:44:02:50:41:bc:0a:a5:36:da: e5:94:c6:89:3f:28:b8:2c:d7:98:83:73:8a:f0:44: 3a:5e:cf:d1:7a:d5:ab:33:ee:26:99:79:17:90:04: 1c:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2E:3B:94:E5:D8:C7:D1:B8:FB:01:F6:3D:9E:ED:B7:53:8C:12:3C:E0 X509v3 Authority Key Identifier: keyid:B4:A5:BE:33:07:12:0E:65:E3:C4:16:5C:9C:8E:74:8C:1C:12:A7:A2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tKW-MwcSDmXjxBZcnI50jBwSp6I.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/fe276f-946a-446b-8453-170eb1c9fec8/1/LjuU5djH0bj7AfY9nu23U4wSPOA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/fe276f-946a-446b-8453-170eb1c9fec8/1/tKW-MwcSDmXjxBZcnI50jBwSp6I.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.70.0.0/22 188.120.0.0/19 IPv6: 2a03:2760::/32 Signature Algorithm: sha256WithRSAEncryption a4:ea:98:40:be:af:6d:72:66:bc:41:c3:ae:4f:cf:f9:11:69: ae:88:5c:1b:0a:ff:74:09:00:6c:1e:3d:29:2c:13:cc:a7:f7: 69:11:74:d7:3d:ee:a8:d3:45:66:9d:8f:b1:cc:d4:c5:8b:48: 8e:31:36:a8:7d:f9:f4:95:7c:7d:25:3f:2f:49:9c:63:57:7d: ed:21:09:99:cb:c6:e9:5d:7f:a5:28:d5:42:96:ff:3b:02:e8: 00:75:5f:41:ed:45:30:0c:30:6f:d2:13:02:cb:d1:49:09:7e: a4:53:58:f8:03:b3:df:9e:41:cf:aa:cf:d6:1e:99:ba:ba:2a: 9e:c2:2e:32:b2:88:b3:2b:e0:1e:72:05:5f:d4:84:32:44:3c: fb:a1:ff:78:84:b0:85:37:fc:46:01:72:aa:f7:75:70:7b:ed: 65:03:e2:b1:cf:11:e0:dc:72:57:87:18:51:4f:b2:18:91:8e: 10:3a:d1:c2:ee:28:15:54:0c:76:65:99:37:3e:0b:df:2f:17: 51:1b:bd:47:af:57:29:fa:7b:7d:2d:f5:e8:98:9e:97:55:be: f0:ca:ad:38:83:f8:e0:47:cf:2c:58:5c:c9:8f:72:76:ea:da: 1b:00:63:86:34:30:90:3e:c8:5c:0d:79:da:b9:f7:eb:34:81: 99:01:96:6b -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt+pO0YWvvNbbqrNCSs8EsoMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI0YTViZTMzMDcxMjBlNjVlM2M0MTY1YzljOGU3NDhjMWMx MmE3YTIwHhcNMjYwMTAyMTIxODE2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyZTNiOTRlNWQ4YzdkMWI4ZmIwMWY2M2Q5ZWVkYjc1MzhjMTIzY2UwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArBqduNBxwwZoXlL3o+DkpG3gIY7/ YQ9gBfdIRBpjkR+x2+ENv0ggN7SVGPpE8Q04qPiGY+icL1AB4L5MkI14Q4PjiW7W LR5QvkOme4ZSA6ssiQS1cZM1mY4tUHmZe5jQWcOzeF8Ze9WtGWf6Ky8wRtWijvID 0GqcVMyssGbwIIhG9e3280gP0zCUMZKJYs8tbVjOMi3CQQkF4XrUBxlNU98yDunj lJjDOsI1WMO5zMsEDfTHBbWAr77D2F24quRMw0FiVZQ/xcz6aLntipgsYP7xQcLG tSdEAlBBvAqlNtrllMaJPyi4LNeYg3OK8EQ6Xs/RetWrM+4mmXkXkAQcGwIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFC47lOXYx9G4+wH2PZ7tt1OMEjzgMB8GA1UdIwQY MBaAFLSlvjMHEg5l48QWXJyOdIwcEqeiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdEtXLU13Y1NEbVhqeEJaY25JNTBqQndTcDZJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9mZTI3NmYtOTQ2YS00NDZiLTg0NTMt MTcwZWIxYzlmZWM4LzEvTGp1VTVkakgwYmo3QWZZOW51MjNVNHdTUE9BLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83ZC9mZTI3NmYtOTQ2YS00NDZiLTg0NTMtMTcwZWIxYzlmZWM4 LzEvdEtXLU13Y1NEbVhqeEJaY25JNTBqQndTcDZJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuUYAAwQF vHgAMA0EAgACMAcDBQAqAydgMA0GCSqGSIb3DQEBCwUAA4IBAQCk6phAvq9tcma8 QcOuT8/5EWmuiFwbCv90CQBsHj0pLBPMp/dpEXTXPe6o00VmnY+xzNTFi0iOMTao ffn0lXx9JT8vSZxjV33tIQmZy8bpXX+lKNVClv87AugAdV9B7UUwDDBv0hMCy9FJ CX6kU1j4A7PfnkHPqs/WHpm6uiqewi4ysoizK+AecgVf1IQyRDz7of94hLCFN/xG AXKq93Vwe+1lA+KxzxHg3HJXhxhRT7IYkY4QOtHC7igVVAx2ZZk3PgvfLxdRG71H r1cp+nt9LfXomJ6XVb7wyq04g/jgR88sWFzJj3J26tobAGOGNDCQPshcDXnauffr NIGZAZZr -----END CERTIFICATE-----Generated at Tue Feb 10 04:26:31 2026 by rpki-client