This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/39b08d-eb01-43b0-b56c-273884b53c6e/1/lmh0HdtE8EG1HtIEfqG-CpL5lWE.roa File: lmh0HdtE8EG1HtIEfqG-CpL5lWE.roa (raw, json) Hash identifier: iQDEvRLmeD/noBsclLg6BEdBH6bYdpCJwODCMRFPWi8= Subject key identifier: 96:68:74:1D:DB:44:F0:41:B5:1E:D2:04:7E:A1:BE:0A:92:F9:95:61 Certificate issuer: /CN=c334a35abfa82d549e490704d68bbe658005d63c Certificate serial: 019B791079FAEE4E1E3695B08D43015E4657 Authority key identifier: C3:34:A3:5A:BF:A8:2D:54:9E:49:07:04:D6:8B:BE:65:80:05:D6:3C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wzSjWr-oLVSeSQcE1ou-ZYAF1jw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/39b08d-eb01-43b0-b56c-273884b53c6e/1/lmh0HdtE8EG1HtIEfqG-CpL5lWE.roa Signing time: Thu 01 Jan 2026 10:18:01 +0000 ROA not before: Thu 01 Jan 2026 10:18:01 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 44980 IP address blocks: 2001:1a08:666::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/94/39b08d-eb01-43b0-b56c-273884b53c6e/1/wzSjWr-oLVSeSQcE1ou-ZYAF1jw.crl rsync://rpki.ripe.net/repository/DEFAULT/94/39b08d-eb01-43b0-b56c-273884b53c6e/1/wzSjWr-oLVSeSQcE1ou-ZYAF1jw.mft rsync://rpki.ripe.net/repository/DEFAULT/wzSjWr-oLVSeSQcE1ou-ZYAF1jw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 02 Feb 2026 21:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:10:79:fa:ee:4e:1e:36:95:b0:8d:43:01:5e:46:57 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c334a35abfa82d549e490704d68bbe658005d63c Validity Not Before: Jan 1 10:18:01 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=9668741ddb44f041b51ed2047ea1be0a92f99561 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:a1:c3:ab:f4:5b:0a:1b:dc:24:64:08:df:e6: 88:96:ab:40:fe:df:27:c8:77:02:b3:36:7a:91:f7: 47:c4:f0:97:1f:0b:bd:52:c5:12:e2:a8:75:36:6e: 7a:68:e5:d8:74:c8:6e:18:df:6d:a7:66:8b:dc:12: 70:e4:04:14:de:b5:44:ae:1b:0f:63:28:cc:c8:9f: 85:c6:9f:c9:ff:ff:1b:f0:5f:bc:df:05:11:28:4f: 7a:07:3c:3e:90:5e:ce:a8:35:d8:95:2c:b2:f7:df: e5:4c:a7:d6:a6:b9:de:83:5d:89:2a:14:1a:5f:71: 5c:81:f1:d1:95:3d:10:af:c2:cb:f3:c3:a0:2b:55: e0:4f:d0:ab:5f:6b:10:dc:cb:6a:e8:af:a6:0a:68: 1d:8f:52:90:b3:a5:0b:0a:7b:d1:79:0d:52:78:de: 18:06:00:51:95:d6:bb:41:b3:9c:6e:88:9d:e3:3f: 61:12:9b:8b:5e:73:5a:e8:bd:a6:38:b1:e7:4e:37: 51:0d:5b:94:5b:ea:4e:9d:b8:61:88:1d:e4:52:1b: 0d:19:77:56:ac:51:6b:e5:2d:49:7a:3a:ca:73:86: 4f:e1:84:97:a5:89:14:6b:e6:18:ea:cb:10:20:6b: 58:b9:b5:d1:b4:a0:25:a5:9d:45:2c:db:f1:ae:f2: e1:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 96:68:74:1D:DB:44:F0:41:B5:1E:D2:04:7E:A1:BE:0A:92:F9:95:61 X509v3 Authority Key Identifier: keyid:C3:34:A3:5A:BF:A8:2D:54:9E:49:07:04:D6:8B:BE:65:80:05:D6:3C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wzSjWr-oLVSeSQcE1ou-ZYAF1jw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/39b08d-eb01-43b0-b56c-273884b53c6e/1/lmh0HdtE8EG1HtIEfqG-CpL5lWE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/94/39b08d-eb01-43b0-b56c-273884b53c6e/1/wzSjWr-oLVSeSQcE1ou-ZYAF1jw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:1a08:666::/48 Signature Algorithm: sha256WithRSAEncryption 5b:df:e5:41:79:c9:88:4e:3b:24:ab:fc:6a:f2:c2:50:1f:13: 5a:40:39:7f:bb:65:dd:bc:0a:b8:55:47:0d:0c:6a:5b:ca:58: 0b:d9:93:a5:18:ac:c7:4b:69:a5:de:17:c4:93:f7:ff:9d:c7: f6:62:fa:fe:26:64:95:b1:10:a0:43:a8:6e:65:fa:66:7d:e7: 06:f2:15:ae:7f:6c:cf:c0:68:4d:54:a6:15:0b:f4:f6:47:0e: 2e:2d:de:5d:48:9b:ae:5a:e5:8c:7e:48:da:ed:e0:21:e1:aa: 8c:64:f6:fb:00:84:1e:14:c7:76:c9:1c:82:66:c8:31:23:56: 1d:f4:59:80:c1:d7:e9:e2:92:13:de:39:ea:46:c1:de:b5:2e: e9:5f:12:3e:c1:b2:01:6c:2b:f6:e5:f0:5c:c7:ef:95:61:35: a3:2a:cb:6d:75:5c:3e:eb:c5:b2:2a:b0:77:a9:1d:66:fc:e9: de:f5:74:bf:5a:55:5d:7e:43:53:40:10:2f:0e:e9:c7:1c:ec: 7f:6d:e7:9f:0b:d8:3e:1e:e3:00:09:eb:d0:d6:d9:fe:ef:c1: ef:16:88:6e:0b:75:8c:97:92:89:79:0f:e3:77:d2:fc:7c:6e: 3c:73:bb:da:08:7b:6e:af:63:1d:11:64:a3:d4:60:13:50:01: e1:2f:76:72 -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt5EHn67k4eNpWwjUMBXkZXMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGMzMzRhMzVhYmZhODJkNTQ5ZTQ5MDcwNGQ2OGJiZTY1ODAw NWQ2M2MwHhcNMjYwMTAxMTAxODAxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5NjY4NzQxZGRiNDRmMDQxYjUxZWQyMDQ3ZWExYmUwYTkyZjk5NTYxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyqHDq/RbChvcJGQI3+aIlqtA/t8n yHcCszZ6kfdHxPCXHwu9UsUS4qh1Nm56aOXYdMhuGN9tp2aL3BJw5AQU3rVErhsP YyjMyJ+Fxp/J//8b8F+83wURKE96Bzw+kF7OqDXYlSyy99/lTKfWprneg12JKhQa X3FcgfHRlT0Qr8LL88OgK1XgT9CrX2sQ3Mtq6K+mCmgdj1KQs6ULCnvReQ1SeN4Y BgBRlda7QbOcboid4z9hEpuLXnNa6L2mOLHnTjdRDVuUW+pOnbhhiB3kUhsNGXdW rFFr5S1JejrKc4ZP4YSXpYkUa+YY6ssQIGtYubXRtKAlpZ1FLNvxrvLhuwIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFJZodB3bRPBBtR7SBH6hvgqS+ZVhMB8GA1UdIwQY MBaAFMM0o1q/qC1UnkkHBNaLvmWABdY8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvd3pTaldyLW9MVlNlU1FjRTFvdS1aWUFGMWp3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC8zOWIwOGQtZWIwMS00M2IwLWI1NmMt MjczODg0YjUzYzZlLzEvbG1oMEhkdEU4RUcxSHRJRWZxRy1DcEw1bFdFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85NC8zOWIwOGQtZWIwMS00M2IwLWI1NmMtMjczODg0YjUzYzZl LzEvd3pTaldyLW9MVlNlU1FjRTFvdS1aWUFGMWp3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEaCAZm MA0GCSqGSIb3DQEBCwUAA4IBAQBb3+VBecmITjskq/xq8sJQHxNaQDl/u2XdvAq4 VUcNDGpbylgL2ZOlGKzHS2ml3hfEk/f/ncf2Yvr+JmSVsRCgQ6huZfpmfecG8hWu f2zPwGhNVKYVC/T2Rw4uLd5dSJuuWuWMfkja7eAh4aqMZPb7AIQeFMd2yRyCZsgx I1Yd9FmAwdfp4pIT3jnqRsHetS7pXxI+wbIBbCv25fBcx++VYTWjKsttdVw+68Wy KrB3qR1m/One9XS/WlVdfkNTQBAvDunHHOx/beefC9g+HuMACevQ1tn+78HvFohu C3WMl5KJeQ/jd9L8fG48c7vaCHtur2MdEWSj1GATUAHhL3Zy -----END CERTIFICATE-----Generated at Mon Feb 2 08:09:15 2026 by rpki-client