This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/67f707-0006-469d-b311-cdd4d8f8d0d9/1/0LM2VTkMAj4vZU1AVSZWwf7QoUg.roa File: 0LM2VTkMAj4vZU1AVSZWwf7QoUg.roa (raw, json) Hash identifier: OeE58CarJmrARbT9+AtVI8a/6DD0VM2J/zL6Ietj1so= Subject key identifier: D0:B3:36:55:39:0C:02:3E:2F:65:4D:40:55:26:56:C1:FE:D0:A1:48 Certificate issuer: /CN=bd4ad21a0a69dc041c4e1770eb18ba43b6db29ce Certificate serial: 019B7BA4D4441482B7898C095DF6DB00DEC1 Authority key identifier: BD:4A:D2:1A:0A:69:DC:04:1C:4E:17:70:EB:18:BA:43:B6:DB:29:CE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vUrSGgpp3AQcThdw6xi6Q7bbKc4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/67f707-0006-469d-b311-cdd4d8f8d0d9/1/0LM2VTkMAj4vZU1AVSZWwf7QoUg.roa Signing time: Thu 01 Jan 2026 22:19:18 +0000 ROA not before: Thu 01 Jan 2026 22:19:18 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 209283 IP address blocks: 78.140.252.0/24 maxlen: 24 185.255.76.0/22 maxlen: 22 2a06:4800::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a4/67f707-0006-469d-b311-cdd4d8f8d0d9/1/vUrSGgpp3AQcThdw6xi6Q7bbKc4.crl rsync://rpki.ripe.net/repository/DEFAULT/a4/67f707-0006-469d-b311-cdd4d8f8d0d9/1/vUrSGgpp3AQcThdw6xi6Q7bbKc4.mft rsync://rpki.ripe.net/repository/DEFAULT/vUrSGgpp3AQcThdw6xi6Q7bbKc4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 13:01:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a4:d4:44:14:82:b7:89:8c:09:5d:f6:db:00:de:c1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=bd4ad21a0a69dc041c4e1770eb18ba43b6db29ce Validity Not Before: Jan 1 22:19:18 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d0b33655390c023e2f654d40552656c1fed0a148 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:20:f7:a7:ee:f4:ee:83:b2:f8:8a:bd:1f:58: a7:12:8f:d6:13:e5:4c:65:a2:45:3d:20:a1:9a:a8: 4f:bc:15:06:de:3a:38:3d:16:d0:f9:6a:e2:42:6c: 9d:3e:6b:79:42:f0:ab:69:a7:1f:50:88:7d:3d:b5: 61:5d:2b:4a:37:7e:25:18:af:a9:1a:70:e2:7d:cb: 75:d2:ad:d1:64:51:00:48:b7:1c:e6:ad:09:80:16: be:59:8d:ac:0b:54:d3:f3:3d:35:85:7a:9d:51:3b: e7:f7:53:7d:a1:4f:79:e3:80:1a:42:6f:e1:de:63: aa:a4:1f:78:90:14:c5:0f:1b:10:b8:20:a8:56:78: 06:40:a5:2b:17:12:8a:47:bb:b0:9f:1d:fa:cc:dc: e3:d5:3f:77:c7:83:7b:0b:81:91:cf:f9:74:a9:25: 90:ad:2b:29:04:d4:02:21:1f:00:83:45:2e:ae:4c: e6:bd:64:65:65:08:f0:7e:19:42:99:7e:ce:1f:e9: c1:0e:a8:a7:cd:1a:29:e3:26:b9:2a:8c:60:09:ac: c3:3b:0f:89:af:10:46:2d:79:75:a8:b1:a0:e7:d9: ca:fc:73:61:ac:f9:8b:f1:00:e9:12:b9:1b:1a:a8: c0:86:df:bb:45:bb:fd:ac:20:5e:6a:57:5c:a3:2a: 03:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D0:B3:36:55:39:0C:02:3E:2F:65:4D:40:55:26:56:C1:FE:D0:A1:48 X509v3 Authority Key Identifier: keyid:BD:4A:D2:1A:0A:69:DC:04:1C:4E:17:70:EB:18:BA:43:B6:DB:29:CE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vUrSGgpp3AQcThdw6xi6Q7bbKc4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/67f707-0006-469d-b311-cdd4d8f8d0d9/1/0LM2VTkMAj4vZU1AVSZWwf7QoUg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/67f707-0006-469d-b311-cdd4d8f8d0d9/1/vUrSGgpp3AQcThdw6xi6Q7bbKc4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 78.140.252.0/24 185.255.76.0/22 IPv6: 2a06:4800::/32 Signature Algorithm: sha256WithRSAEncryption 69:c8:0d:09:76:99:c6:79:03:d1:49:a2:eb:f6:a0:9e:d5:a5: ab:0e:69:9b:2d:9c:e9:d5:98:c7:9f:35:d0:3a:11:83:d5:bb: dc:da:c9:1c:d2:c1:94:54:4d:c7:3d:3d:88:e6:17:b4:01:30: 3b:36:0c:19:48:fd:f2:8a:a2:4e:70:a4:ec:69:40:b4:b4:67: be:a1:a3:77:0f:a8:88:e5:91:5a:24:12:85:2c:08:2c:89:d8: 2f:38:06:d7:e6:15:af:3f:10:59:c3:8e:1b:97:c9:e8:93:65: 49:65:33:a4:75:33:91:b1:7f:1a:e1:07:8b:c8:15:65:ff:87: 80:b2:13:93:08:48:40:c9:42:af:82:7f:24:94:4e:39:53:91: ec:74:8b:33:a9:9a:df:c3:14:20:ed:30:8c:6a:05:18:ab:a0: 66:1d:cd:8c:97:05:7c:23:94:a8:ca:06:f1:a0:8a:ae:4a:e4: c0:51:2b:2e:3b:99:ab:ae:37:2d:ba:7c:61:06:73:17:db:a3: e0:48:1e:0e:bd:67:cd:18:63:c7:b3:04:c9:08:9a:08:75:b3: 7d:08:b1:82:73:07:43:31:4f:f9:c8:a1:03:94:7c:11:da:d7: fd:81:aa:79:76:ea:ae:60:95:11:c6:18:3d:18:8f:cb:46:43: 3b:b6:4a:5f -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt7pNREFIK3iYwJXfbbAN7BMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGJkNGFkMjFhMGE2OWRjMDQxYzRlMTc3MGViMThiYTQzYjZk YjI5Y2UwHhcNMjYwMTAxMjIxOTE4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkMGIzMzY1NTM5MGMwMjNlMmY2NTRkNDA1NTI2NTZjMWZlZDBhMTQ4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAryD3p+707oOy+Iq9H1inEo/WE+VM ZaJFPSChmqhPvBUG3jo4PRbQ+WriQmydPmt5QvCraacfUIh9PbVhXStKN34lGK+p GnDifct10q3RZFEASLcc5q0JgBa+WY2sC1TT8z01hXqdUTvn91N9oU9544AaQm/h 3mOqpB94kBTFDxsQuCCoVngGQKUrFxKKR7uwnx36zNzj1T93x4N7C4GRz/l0qSWQ rSspBNQCIR8Ag0UurkzmvWRlZQjwfhlCmX7OH+nBDqinzRop4ya5KoxgCazDOw+J rxBGLXl1qLGg59nK/HNhrPmL8QDpErkbGqjAht+7Rbv9rCBealdcoyoDswIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFNCzNlU5DAI+L2VNQFUmVsH+0KFIMB8GA1UdIwQY MBaAFL1K0hoKadwEHE4XcOsYukO22ynOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdlVyU0dncHAzQVFjVGhkdzZ4aTZRN2JiS2M0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC82N2Y3MDctMDAwNi00NjlkLWIzMTEt Y2RkNGQ4ZjhkMGQ5LzEvMExNMlZUa01BajR2WlUxQVZTWld3ZjdRb1VnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hNC82N2Y3MDctMDAwNi00NjlkLWIzMTEtY2RkNGQ4ZjhkMGQ5 LzEvdlVyU0dncHAzQVFjVGhkdzZ4aTZRN2JiS2M0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAToz8AwQC uf9MMA0EAgACMAcDBQAqBkgAMA0GCSqGSIb3DQEBCwUAA4IBAQBpyA0JdpnGeQPR SaLr9qCe1aWrDmmbLZzp1ZjHnzXQOhGD1bvc2skc0sGUVE3HPT2I5he0ATA7NgwZ SP3yiqJOcKTsaUC0tGe+oaN3D6iI5ZFaJBKFLAgsidgvOAbX5hWvPxBZw44bl8no k2VJZTOkdTORsX8a4QeLyBVl/4eAshOTCEhAyUKvgn8klE45U5HsdIszqZrfwxQg 7TCMagUYq6BmHc2MlwV8I5SoygbxoIquSuTAUSsuO5mrrjctunxhBnMX26PgSB4O vWfNGGPHswTJCJoIdbN9CLGCcwdDMU/5yKEDlHwR2tf9gap5duquYJURxhg9GI/L RkM7tkpf -----END CERTIFICATE-----Generated at Mon Feb 9 19:38:32 2026 by rpki-client