This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/cf4ab4-e914-40e1-82df-14dc7ec0495d/1/lc9W2wBKoYqSI9KEszj4k6MVn6o.roa File: lc9W2wBKoYqSI9KEszj4k6MVn6o.roa (raw, json) Hash identifier: saKepJ0hHzAxA4OvfTff87GabrL2VL5zc0ZTtwa7RP4= Subject key identifier: 95:CF:56:DB:00:4A:A1:8A:92:23:D2:84:B3:38:F8:93:A3:15:9F:AA Certificate issuer: /CN=fcd7a721eda459ebdf98e029f87c90a980e81d94 Certificate serial: 019B7EA68BAF412830288343DEC9018E1705 Authority key identifier: FC:D7:A7:21:ED:A4:59:EB:DF:98:E0:29:F8:7C:90:A9:80:E8:1D:94 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_NenIe2kWevfmOAp-HyQqYDoHZQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/cf4ab4-e914-40e1-82df-14dc7ec0495d/1/lc9W2wBKoYqSI9KEszj4k6MVn6o.roa Signing time: Fri 02 Jan 2026 12:20:02 +0000 ROA not before: Fri 02 Jan 2026 12:20:02 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 396982 IP address blocks: 46.235.152.0/21 maxlen: 21 185.180.48.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/95/cf4ab4-e914-40e1-82df-14dc7ec0495d/1/_NenIe2kWevfmOAp-HyQqYDoHZQ.crl rsync://rpki.ripe.net/repository/DEFAULT/95/cf4ab4-e914-40e1-82df-14dc7ec0495d/1/_NenIe2kWevfmOAp-HyQqYDoHZQ.mft rsync://rpki.ripe.net/repository/DEFAULT/_NenIe2kWevfmOAp-HyQqYDoHZQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 09 Jan 2026 21:01:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a6:8b:af:41:28:30:28:83:43:de:c9:01:8e:17:05 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=fcd7a721eda459ebdf98e029f87c90a980e81d94 Validity Not Before: Jan 2 12:20:02 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=95cf56db004aa18a9223d284b338f893a3159faa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:6a:99:16:2c:3a:78:b8:61:4d:21:93:c4:27: 8e:6f:a7:b9:ae:36:ce:f9:59:7e:36:e2:33:99:7d: b5:04:e3:df:cd:74:61:09:23:fe:75:71:c6:54:24: 92:bd:9a:aa:2b:17:ef:48:af:ae:fb:eb:60:31:b2: 6a:2f:68:45:bb:34:15:1a:7a:ff:03:c9:c6:04:a1: 55:70:94:61:4d:fa:32:60:d1:ed:63:17:f6:d2:46: 0d:7b:35:c5:06:39:e2:66:28:a4:ed:76:5c:14:bc: 04:31:44:37:df:f2:91:82:59:4f:67:57:ec:57:86: e5:f5:05:9f:b3:ba:f9:87:5e:be:23:99:fb:04:05: ae:df:f8:61:e0:c1:6b:9c:8d:2d:bb:62:84:a5:28: 3f:cf:2c:ae:fb:58:f2:78:27:fa:80:df:0f:dd:92: dc:65:50:7f:36:11:6d:98:99:12:06:25:c8:43:b4: 16:f1:94:f0:87:b3:70:b2:67:2e:cf:e7:4d:97:1a: 06:de:b2:82:5c:02:a5:4a:89:b1:5e:12:e8:43:42: 91:ef:b5:1e:e0:f5:be:68:be:e2:6b:23:be:12:5a: 8d:db:9c:c6:50:da:96:2e:5c:a1:61:8a:98:5a:d9: 6c:43:7d:a7:c9:51:f2:95:76:d2:24:58:59:46:de: 97:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 95:CF:56:DB:00:4A:A1:8A:92:23:D2:84:B3:38:F8:93:A3:15:9F:AA X509v3 Authority Key Identifier: keyid:FC:D7:A7:21:ED:A4:59:EB:DF:98:E0:29:F8:7C:90:A9:80:E8:1D:94 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_NenIe2kWevfmOAp-HyQqYDoHZQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/cf4ab4-e914-40e1-82df-14dc7ec0495d/1/lc9W2wBKoYqSI9KEszj4k6MVn6o.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/95/cf4ab4-e914-40e1-82df-14dc7ec0495d/1/_NenIe2kWevfmOAp-HyQqYDoHZQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 46.235.152.0/21 185.180.48.0/22 Signature Algorithm: sha256WithRSAEncryption 7a:f3:7a:35:de:6e:c2:68:02:45:58:43:16:7e:7a:be:10:93: e1:35:0b:df:b3:be:57:1b:2c:f8:bb:74:39:dd:e3:8a:af:a6: 6c:8a:dc:18:1e:3a:76:87:5b:52:59:f0:a4:54:6c:bc:f4:32: 04:c7:da:2a:7e:4f:be:f6:54:c0:23:e1:3b:24:63:27:c8:d9: 21:63:39:24:40:67:4d:07:8a:db:40:5d:57:34:fb:72:69:0b: 55:63:3d:95:25:b0:4d:8d:c4:e5:cb:90:65:3c:5a:a6:64:37: 87:d7:3f:a1:99:d5:46:bd:04:04:b1:6b:01:0e:10:ea:35:05: 92:da:f9:92:ff:01:d7:a9:55:bd:0b:dd:fc:0d:ed:d9:73:ae: 3c:ed:ae:5a:07:5c:dc:fa:bf:3d:42:92:6f:95:10:aa:04:93: 13:e1:d8:f2:3e:ec:18:e2:3c:f2:ce:c6:4f:4e:48:3f:bf:a4: d3:19:5f:27:bf:85:39:fb:b1:56:cc:e1:02:4c:4b:49:6c:94: 98:69:be:50:ff:7c:9f:5a:00:0d:21:55:3d:b2:bc:b4:e4:62: e2:e5:fc:9d:35:56:89:42:45:e7:a3:68:25:fa:2e:bd:ba:33: 6c:1b:ee:3d:81:8e:84:39:6c:9d:e9:6d:4b:54:1c:7b:0d:72: ed:e8:bf:ba -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt+pouvQSgwKIND3skBjhcFMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGZjZDdhNzIxZWRhNDU5ZWJkZjk4ZTAyOWY4N2M5MGE5ODBl ODFkOTQwHhcNMjYwMTAyMTIyMDAyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5NWNmNTZkYjAwNGFhMThhOTIyM2QyODRiMzM4Zjg5M2EzMTU5ZmFhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq2qZFiw6eLhhTSGTxCeOb6e5rjbO +Vl+NuIzmX21BOPfzXRhCSP+dXHGVCSSvZqqKxfvSK+u++tgMbJqL2hFuzQVGnr/ A8nGBKFVcJRhTfoyYNHtYxf20kYNezXFBjniZiik7XZcFLwEMUQ33/KRgllPZ1fs V4bl9QWfs7r5h16+I5n7BAWu3/hh4MFrnI0tu2KEpSg/zyyu+1jyeCf6gN8P3ZLc ZVB/NhFtmJkSBiXIQ7QW8ZTwh7Nwsmcuz+dNlxoG3rKCXAKlSomxXhLoQ0KR77Ue 4PW+aL7iayO+ElqN25zGUNqWLlyhYYqYWtlsQ32nyVHylXbSJFhZRt6XSQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFJXPVtsASqGKkiPShLM4+JOjFZ+qMB8GA1UdIwQY MBaAFPzXpyHtpFnr35jgKfh8kKmA6B2UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvX05lbkllMmtXZXZmbU9BcC1IeVFxWURvSFpRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS9jZjRhYjQtZTkxNC00MGUxLTgyZGYt MTRkYzdlYzA0OTVkLzEvbGM5VzJ3QktvWXFTSTlLRXN6ajRrNk1WbjZvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85NS9jZjRhYjQtZTkxNC00MGUxLTgyZGYtMTRkYzdlYzA0OTVk LzEvX05lbkllMmtXZXZmbU9BcC1IeVFxWURvSFpRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDLuuYAwQC ubQwMA0GCSqGSIb3DQEBCwUAA4IBAQB683o13m7CaAJFWEMWfnq+EJPhNQvfs75X Gyz4u3Q53eOKr6ZsitwYHjp2h1tSWfCkVGy89DIEx9oqfk++9lTAI+E7JGMnyNkh YzkkQGdNB4rbQF1XNPtyaQtVYz2VJbBNjcTly5BlPFqmZDeH1z+hmdVGvQQEsWsB DhDqNQWS2vmS/wHXqVW9C938De3Zc6487a5aB1zc+r89QpJvlRCqBJMT4djyPuwY 4jzyzsZPTkg/v6TTGV8nv4U5+7FWzOECTEtJbJSYab5Q/3yfWgANIVU9sry05GLi 5fydNVaJQkXno2gl+i69ujNsG+49gY6EOWyd6W1LVBx7DXLt6L+6 -----END CERTIFICATE-----Generated at Fri Jan 9 06:25:36 2026 by rpki-client