This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/c75a39-afca-4fbd-ab99-c339ccaf3a1e/1/L5QyDq4nzLcpQLfWU1prA656nOQ.roa File: L5QyDq4nzLcpQLfWU1prA656nOQ.roa (raw, json) Hash identifier: hEvHaOQM6citq23iRIkG5Vhd08rav1O71/Vw2lS4G94= Subject key identifier: 2F:94:32:0E:AE:27:CC:B7:29:40:B7:D6:53:5A:6B:03:AE:7A:9C:E4 Certificate issuer: /CN=0424c1165818a432f797c8ddf4b5307b1e5aef74 Certificate serial: 019B7FF1CC85FBFDFDB035A509057B173E0D Authority key identifier: 04:24:C1:16:58:18:A4:32:F7:97:C8:DD:F4:B5:30:7B:1E:5A:EF:74 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BCTBFlgYpDL3l8jd9LUwex5a73Q.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/c75a39-afca-4fbd-ab99-c339ccaf3a1e/1/L5QyDq4nzLcpQLfWU1prA656nOQ.roa Signing time: Fri 02 Jan 2026 18:21:51 +0000 ROA not before: Fri 02 Jan 2026 18:21:51 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 39104 IP address blocks: 158.255.64.0/21 maxlen: 21 185.8.28.0/22 maxlen: 22 185.189.156.0/22 maxlen: 22 185.234.80.0/22 maxlen: 22 195.60.188.0/23 maxlen: 23 195.110.12.0/23 maxlen: 23 2a03:c580::/32 maxlen: 32 2a0d:700::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/c75a39-afca-4fbd-ab99-c339ccaf3a1e/1/BCTBFlgYpDL3l8jd9LUwex5a73Q.crl rsync://rpki.ripe.net/repository/DEFAULT/8d/c75a39-afca-4fbd-ab99-c339ccaf3a1e/1/BCTBFlgYpDL3l8jd9LUwex5a73Q.mft rsync://rpki.ripe.net/repository/DEFAULT/BCTBFlgYpDL3l8jd9LUwex5a73Q.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:00:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:f1:cc:85:fb:fd:fd:b0:35:a5:09:05:7b:17:3e:0d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0424c1165818a432f797c8ddf4b5307b1e5aef74 Validity Not Before: Jan 2 18:21:51 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=2f94320eae27ccb72940b7d6535a6b03ae7a9ce4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:e5:37:a7:96:e1:27:e9:b4:2a:ff:26:60:47: f1:5b:e3:7e:4f:11:94:db:07:80:97:5f:13:f7:50: 72:5e:80:a9:2c:da:1d:15:cc:97:62:7d:59:8e:be: 77:51:8d:a7:23:6a:48:99:70:91:21:31:0a:9b:9c: 9e:96:3b:00:26:93:c6:b9:c6:3d:f8:e2:1b:28:00: ef:3b:dd:d0:15:40:64:32:cc:9d:50:ad:ee:8f:7b: e8:56:9a:98:91:c1:e1:6d:db:d5:8f:3b:bb:ed:ae: 31:c2:ec:26:8c:e2:ed:1a:df:f9:35:55:aa:5a:ba: a0:6c:ce:e2:07:1b:41:78:71:89:bd:3a:31:1c:34: b8:fc:43:57:6b:ef:4b:1e:08:62:82:2b:46:c2:3d: d3:50:f4:65:db:f7:4e:ed:f1:26:7f:ec:f5:b0:aa: 9b:ec:af:0f:9c:80:6d:87:fa:87:0d:da:60:de:bd: ec:dd:dd:7a:8e:3f:1a:72:01:9e:54:9c:6d:7d:90: 9f:74:f2:ee:db:72:e4:bc:85:97:9e:e0:c2:ed:8b: 3b:d2:b8:c5:a0:2f:06:3b:82:29:a6:48:e3:ed:41: 37:ad:4e:63:ab:66:5a:b4:22:fe:37:4e:f2:3c:14: fe:15:3a:9a:7d:dd:75:36:1c:c1:87:2a:63:3d:38: 9b:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2F:94:32:0E:AE:27:CC:B7:29:40:B7:D6:53:5A:6B:03:AE:7A:9C:E4 X509v3 Authority Key Identifier: keyid:04:24:C1:16:58:18:A4:32:F7:97:C8:DD:F4:B5:30:7B:1E:5A:EF:74 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BCTBFlgYpDL3l8jd9LUwex5a73Q.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/c75a39-afca-4fbd-ab99-c339ccaf3a1e/1/L5QyDq4nzLcpQLfWU1prA656nOQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/c75a39-afca-4fbd-ab99-c339ccaf3a1e/1/BCTBFlgYpDL3l8jd9LUwex5a73Q.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 158.255.64.0/21 185.8.28.0/22 185.189.156.0/22 185.234.80.0/22 195.60.188.0/23 195.110.12.0/23 IPv6: 2a03:c580::/32 2a0d:700::/29 Signature Algorithm: sha256WithRSAEncryption 5b:6d:3c:b2:dc:96:87:c3:bb:e9:e6:5a:ad:b9:0e:65:d6:e1: 91:16:84:84:b2:e0:e7:17:c5:63:17:fb:2f:51:0e:3e:c8:2d: de:58:f1:1f:cf:e7:24:0d:e1:74:b7:be:7f:77:a6:c7:8c:a9: de:4f:77:52:05:b5:9a:c9:f1:b8:31:80:35:2c:33:e6:68:e0: 0e:ac:13:b4:3b:18:09:c2:76:d6:d9:41:c4:1b:3f:33:6c:61: 53:2e:bc:00:3f:7f:81:f7:a1:65:5a:17:d1:f2:26:91:f6:fe: d6:0c:b0:d8:63:d0:3c:15:b5:7f:4b:60:0d:ff:39:54:2a:1e: ee:88:35:2e:9d:7a:0e:23:f1:06:97:9e:73:04:83:c7:aa:d0: 2e:87:d1:8f:95:08:eb:d5:16:ab:74:39:6b:b1:72:61:9e:b7: 9c:07:2d:98:1f:b8:25:4b:a5:95:34:14:bd:c1:75:6a:85:ad: 8d:1a:57:29:0e:a5:bc:8d:15:45:44:cc:39:06:06:08:e7:ce: 67:af:51:17:14:13:95:c9:bf:49:57:18:06:7d:90:9a:1f:ac: 75:7f:cf:e4:cc:f7:ed:08:a6:4a:57:ad:54:2c:84:af:98:3d: bc:09:ff:0b:a6:11:e4:3e:5a:55:73:45:38:f3:e9:44:db:a2: 5e:b3:84:99 -----BEGIN CERTIFICATE----- MIIFMTCCBBmgAwIBAgISAZt/8cyF+/39sDWlCQV7Fz4NMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA0MjRjMTE2NTgxOGE0MzJmNzk3YzhkZGY0YjUzMDdiMWU1 YWVmNzQwHhcNMjYwMTAyMTgyMTUxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyZjk0MzIwZWFlMjdjY2I3Mjk0MGI3ZDY1MzVhNmIwM2FlN2E5Y2U0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnuU3p5bhJ+m0Kv8mYEfxW+N+TxGU 2weAl18T91ByXoCpLNodFcyXYn1Zjr53UY2nI2pImXCRITEKm5yeljsAJpPGucY9 +OIbKADvO93QFUBkMsydUK3uj3voVpqYkcHhbdvVjzu77a4xwuwmjOLtGt/5NVWq WrqgbM7iBxtBeHGJvToxHDS4/ENXa+9LHghigitGwj3TUPRl2/dO7fEmf+z1sKqb 7K8PnIBth/qHDdpg3r3s3d16jj8acgGeVJxtfZCfdPLu23LkvIWXnuDC7Ys70rjF oC8GO4Ippkjj7UE3rU5jq2ZatCL+N07yPBT+FTqafd11NhzBhypjPTibtQIDAQAB o4ICPTCCAjkwHQYDVR0OBBYEFC+UMg6uJ8y3KUC31lNaawOuepzkMB8GA1UdIwQY MBaAFAQkwRZYGKQy95fI3fS1MHseWu90MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQkNUQkZsZ1lwREwzbDhqZDlMVXdleDVhNzNRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9jNzVhMzktYWZjYS00ZmJkLWFiOTkt YzMzOWNjYWYzYTFlLzEvTDVReURxNG56TGNwUUxmV1UxcHJBNjU2bk9RLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84ZC9jNzVhMzktYWZjYS00ZmJkLWFiOTktYzMzOWNjYWYzYTFl LzEvQkNUQkZsZ1lwREwzbDhqZDlMVXdleDVhNzNRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAqBAIAATAkAwQDnv9AAwQC uQgcAwQCub2cAwQCuepQAwQBwzy8AwQBw24MMBQEAgACMA4DBQAqA8WAAwUDKg0H ADANBgkqhkiG9w0BAQsFAAOCAQEAW208styWh8O76eZarbkOZdbhkRaEhLLg5xfF Yxf7L1EOPsgt3ljxH8/nJA3hdLe+f3emx4yp3k93UgW1msnxuDGANSwz5mjgDqwT tDsYCcJ21tlBxBs/M2xhUy68AD9/gfehZVoX0fImkfb+1gyw2GPQPBW1f0tgDf85 VCoe7og1Lp16DiPxBpeecwSDx6rQLofRj5UI69UWq3Q5a7FyYZ63nActmB+4JUul lTQUvcF1aoWtjRpXKQ6lvI0VRUTMOQYGCOfOZ69RFxQTlcm/SVcYBn2Qmh+sdX/P 5Mz37QimSletVCyEr5g9vAn/C6YR5D5aVXNFOPPpRNuiXrOEmQ== -----END CERTIFICATE-----Generated at Tue Feb 10 01:13:10 2026 by rpki-client