This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/68b1d3-c938-423e-90dd-21098a61357e/1/lzXkzHb5e6mg4oE0vsIegFdcHEs.roa File: lzXkzHb5e6mg4oE0vsIegFdcHEs.roa (raw, json) Hash identifier: AAwn2QJRCuwjLBg290zcDtj4v0hSm4DxXCwXXNuyeR0= Subject key identifier: 97:35:E4:CC:76:F9:7B:A9:A0:E2:81:34:BE:C2:1E:80:57:5C:1C:4B Certificate issuer: /CN=388cccd78bf16533f33185443ea82dcdad920410 Certificate serial: 019B797E9DDF816E74042ACDFD91C3E4F68D Authority key identifier: 38:8C:CC:D7:8B:F1:65:33:F3:31:85:44:3E:A8:2D:CD:AD:92:04:10 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OIzM14vxZTPzMYVEPqgtza2SBBA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/68b1d3-c938-423e-90dd-21098a61357e/1/lzXkzHb5e6mg4oE0vsIegFdcHEs.roa Signing time: Thu 01 Jan 2026 12:18:19 +0000 ROA not before: Thu 01 Jan 2026 12:18:19 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 51681 IP address blocks: 178.239.208.0/20 maxlen: 20 185.105.16.0/24 maxlen: 24 185.105.17.0/24 maxlen: 24 185.105.18.0/24 maxlen: 24 185.105.19.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/85/68b1d3-c938-423e-90dd-21098a61357e/1/OIzM14vxZTPzMYVEPqgtza2SBBA.crl rsync://rpki.ripe.net/repository/DEFAULT/85/68b1d3-c938-423e-90dd-21098a61357e/1/OIzM14vxZTPzMYVEPqgtza2SBBA.mft rsync://rpki.ripe.net/repository/DEFAULT/OIzM14vxZTPzMYVEPqgtza2SBBA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7e:9d:df:81:6e:74:04:2a:cd:fd:91:c3:e4:f6:8d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=388cccd78bf16533f33185443ea82dcdad920410 Validity Not Before: Jan 1 12:18:19 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=9735e4cc76f97ba9a0e28134bec21e80575c1c4b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:20:4d:32:c0:0d:0a:c8:bf:a7:9d:46:1a:a9: fa:63:47:f3:90:a6:66:2a:55:f8:cb:b7:89:2c:67: c0:d1:b3:53:7e:fb:cd:58:86:f4:79:b1:e2:90:ce: aa:89:9e:11:22:95:89:6f:b9:42:84:0b:5b:39:f7: 9f:3d:17:d2:fa:f3:b5:16:f3:25:c1:cf:c0:33:cb: e1:2c:cc:e9:ed:cf:d9:15:0f:d7:cf:62:60:a9:b7: 45:1a:c5:18:28:e2:15:1c:2c:34:fc:bf:de:4c:08: 42:19:48:df:31:76:47:df:17:b9:6f:3e:1f:5b:bb: fa:71:a5:d6:ff:85:c4:80:ee:c4:ca:5f:44:bf:30: 71:b1:7b:ab:13:7a:39:a4:dd:b4:32:60:a6:7f:69: bc:27:e1:d9:47:71:c6:02:83:db:01:70:ac:33:78: ae:9a:f2:ae:5f:fe:ad:17:97:32:f6:c1:d9:ee:b0: 84:cd:a3:26:8a:f2:1c:5f:2f:83:7b:c6:73:f4:fe: 8e:59:4a:e5:32:dd:1b:b7:b9:80:4c:15:60:25:ca: 9e:0d:7f:87:d2:cd:46:d7:90:6e:1d:c7:98:0e:28: a7:d3:f5:e4:3f:f4:2e:fd:ff:7d:76:6b:6a:79:fc: 5a:1b:50:13:99:7e:cd:e5:0d:41:63:78:c5:1c:3b: 28:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 97:35:E4:CC:76:F9:7B:A9:A0:E2:81:34:BE:C2:1E:80:57:5C:1C:4B X509v3 Authority Key Identifier: keyid:38:8C:CC:D7:8B:F1:65:33:F3:31:85:44:3E:A8:2D:CD:AD:92:04:10 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OIzM14vxZTPzMYVEPqgtza2SBBA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/68b1d3-c938-423e-90dd-21098a61357e/1/lzXkzHb5e6mg4oE0vsIegFdcHEs.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/85/68b1d3-c938-423e-90dd-21098a61357e/1/OIzM14vxZTPzMYVEPqgtza2SBBA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 178.239.208.0/20 185.105.16.0/22 Signature Algorithm: sha256WithRSAEncryption 4c:d3:8a:b4:ef:f6:ef:84:22:21:71:5e:30:b2:46:34:28:c7: dc:53:74:61:e7:49:36:4e:c4:b3:56:f6:06:d0:83:eb:30:5b: 81:8c:71:68:50:86:ac:2f:3a:23:aa:51:74:ec:7f:f9:1e:ce: e7:46:f9:73:8c:7a:c8:4e:b6:f1:c1:58:43:08:1c:b8:69:86: 6e:e9:cb:f1:d9:59:db:d5:1b:37:44:95:bf:be:18:db:12:30: 0b:ff:49:77:80:0c:c7:b1:38:02:30:1e:9d:ed:dd:1a:48:1e: 3e:54:a6:a4:14:1d:30:89:38:aa:18:5b:d8:84:eb:4e:24:de: 89:8d:33:c1:e5:45:e7:b3:83:59:6f:8c:b8:b4:ff:6b:38:67: 8b:4a:59:bd:59:3c:71:ec:41:9b:04:a1:9c:95:f5:d9:2d:1a: a4:b1:99:d7:26:cb:2b:e1:53:37:cb:63:6a:df:4e:a0:b9:52: 18:4b:73:a2:43:a5:5f:b9:9d:ec:64:65:d2:2d:49:4e:02:00: d1:ec:d8:1b:a1:0e:d7:9a:9b:17:dc:a7:57:0d:5c:59:fb:73: c3:f5:f6:ad:0d:ef:65:ca:66:f4:44:4a:f9:44:7e:c1:7c:f0: f0:ea:d8:e6:cd:02:03:db:88:47:8a:5c:c3:b2:95:10:03:d2: 56:ae:c9:f5 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt5fp3fgW50BCrN/ZHD5PaNMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM4OGNjY2Q3OGJmMTY1MzNmMzMxODU0NDNlYTgyZGNkYWQ5 MjA0MTAwHhcNMjYwMTAxMTIxODE5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5NzM1ZTRjYzc2Zjk3YmE5YTBlMjgxMzRiZWMyMWU4MDU3NWMxYzRiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArSBNMsANCsi/p51GGqn6Y0fzkKZm KlX4y7eJLGfA0bNTfvvNWIb0ebHikM6qiZ4RIpWJb7lChAtbOfefPRfS+vO1FvMl wc/AM8vhLMzp7c/ZFQ/Xz2JgqbdFGsUYKOIVHCw0/L/eTAhCGUjfMXZH3xe5bz4f W7v6caXW/4XEgO7Eyl9EvzBxsXurE3o5pN20MmCmf2m8J+HZR3HGAoPbAXCsM3iu mvKuX/6tF5cy9sHZ7rCEzaMmivIcXy+De8Zz9P6OWUrlMt0bt7mATBVgJcqeDX+H 0s1G15BuHceYDiin0/XkP/Qu/f99dmtqefxaG1ATmX7N5Q1BY3jFHDso0QIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFJc15Mx2+XupoOKBNL7CHoBXXBxLMB8GA1UdIwQY MBaAFDiMzNeL8WUz8zGFRD6oLc2tkgQQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT0l6TTE0dnhaVFB6TVlWRVBxZ3R6YTJTQkJBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS82OGIxZDMtYzkzOC00MjNlLTkwZGQt MjEwOThhNjEzNTdlLzEvbHpYa3pIYjVlNm1nNG9FMHZzSWVnRmRjSEVzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84NS82OGIxZDMtYzkzOC00MjNlLTkwZGQtMjEwOThhNjEzNTdl LzEvT0l6TTE0dnhaVFB6TVlWRVBxZ3R6YTJTQkJBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEsu/QAwQC uWkQMA0GCSqGSIb3DQEBCwUAA4IBAQBM04q07/bvhCIhcV4wskY0KMfcU3Rh50k2 TsSzVvYG0IPrMFuBjHFoUIasLzojqlF07H/5Hs7nRvlzjHrITrbxwVhDCBy4aYZu 6cvx2Vnb1Rs3RJW/vhjbEjAL/0l3gAzHsTgCMB6d7d0aSB4+VKakFB0wiTiqGFvY hOtOJN6JjTPB5UXns4NZb4y4tP9rOGeLSlm9WTxx7EGbBKGclfXZLRqksZnXJssr 4VM3y2Nq306guVIYS3OiQ6VfuZ3sZGXSLUlOAgDR7NgboQ7XmpsX3KdXDVxZ+3PD 9fatDe9lymb0REr5RH7BfPDw6tjmzQID24hHilzDspUQA9JWrsn1 -----END CERTIFICATE-----Generated at Tue Feb 10 01:07:23 2026 by rpki-client