This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/76112c-f17e-4dc1-ba52-6544a2b99817/1/lkMBU0ulWCYX9Qd2oDU0Fa5nUCQ.roa File: lkMBU0ulWCYX9Qd2oDU0Fa5nUCQ.roa (raw, json) Hash identifier: 5I+gArCAUlirrf6+Qe9WxJcuIzvziEquXwY3XUiYld0= Subject key identifier: 96:43:01:53:4B:A5:58:26:17:F5:07:76:A0:35:34:15:AE:67:50:24 Certificate issuer: /CN=a30ddaa7494d69ba1cacb457ef91b6dcd22e8dd9 Certificate serial: 019B7B368F4E998150129F8F57C14F727AD3 Authority key identifier: A3:0D:DA:A7:49:4D:69:BA:1C:AC:B4:57:EF:91:B6:DC:D2:2E:8D:D9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ow3ap0lNabocrLRX75G23NIujdk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/76112c-f17e-4dc1-ba52-6544a2b99817/1/lkMBU0ulWCYX9Qd2oDU0Fa5nUCQ.roa Signing time: Thu 01 Jan 2026 20:18:51 +0000 ROA not before: Thu 01 Jan 2026 20:18:51 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 29484 IP address blocks: 134.147.0.0/16 maxlen: 16 185.73.20.0/22 maxlen: 22 185.73.20.0/23 maxlen: 23 185.73.22.0/24 maxlen: 24 185.73.22.0/25 maxlen: 25 185.73.22.128/25 maxlen: 25 185.73.23.0/24 maxlen: 24 2a05:3e00::/29 maxlen: 29 2a05:3e00::/30 maxlen: 30 2a05:3e04::/32 maxlen: 32 2a05:3e05::/32 maxlen: 32 2a05:3e06::/31 maxlen: 31 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/76112c-f17e-4dc1-ba52-6544a2b99817/1/ow3ap0lNabocrLRX75G23NIujdk.crl rsync://rpki.ripe.net/repository/DEFAULT/b1/76112c-f17e-4dc1-ba52-6544a2b99817/1/ow3ap0lNabocrLRX75G23NIujdk.mft rsync://rpki.ripe.net/repository/DEFAULT/ow3ap0lNabocrLRX75G23NIujdk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:36:8f:4e:99:81:50:12:9f:8f:57:c1:4f:72:7a:d3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a30ddaa7494d69ba1cacb457ef91b6dcd22e8dd9 Validity Not Before: Jan 1 20:18:51 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=964301534ba5582617f50776a0353415ae675024 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:94:98:55:cf:94:ee:86:07:7a:88:48:be:a4:9e: 7f:bd:80:b0:e1:94:fa:a0:21:1a:7b:76:8a:bb:24: 6c:32:fb:6a:10:27:41:8c:6e:45:44:1c:7e:4e:e8: 06:d3:cb:2e:8c:bf:8a:f4:7e:d1:e3:da:14:3c:76: 94:1d:5e:2a:6a:7a:4e:f3:4d:64:d8:d1:8e:88:cc: d9:a3:cc:b6:f6:20:01:1a:c9:f7:a1:33:84:46:57: 90:46:44:ba:27:61:da:9d:e0:1d:85:71:46:a4:2f: 32:be:ea:fb:f0:ec:30:ad:bf:82:5b:87:ce:02:0c: 43:d2:76:67:ec:5c:29:1a:4f:81:ea:62:c8:3d:e1: 4c:c0:62:b9:ee:12:ae:7a:f1:e3:86:e5:f6:42:a0: 56:23:cd:b0:92:45:5c:1f:d4:47:88:24:70:e6:ac: 55:0f:4c:46:2a:13:63:5e:52:89:b1:23:b3:45:72: 8a:65:d2:69:48:41:ed:4a:10:fa:c1:94:20:4a:92: f1:13:80:4e:fe:08:70:2f:40:9d:ed:07:41:d8:af: a4:1c:a1:c2:f6:62:90:42:a7:36:be:98:ac:d7:f3: 69:d3:3d:ee:27:e4:c3:66:e9:de:01:71:74:e7:1c: b9:1c:33:b4:b1:ca:f5:2f:cd:cb:cb:11:13:e9:e7: fa:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 96:43:01:53:4B:A5:58:26:17:F5:07:76:A0:35:34:15:AE:67:50:24 X509v3 Authority Key Identifier: keyid:A3:0D:DA:A7:49:4D:69:BA:1C:AC:B4:57:EF:91:B6:DC:D2:2E:8D:D9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ow3ap0lNabocrLRX75G23NIujdk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/76112c-f17e-4dc1-ba52-6544a2b99817/1/lkMBU0ulWCYX9Qd2oDU0Fa5nUCQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/76112c-f17e-4dc1-ba52-6544a2b99817/1/ow3ap0lNabocrLRX75G23NIujdk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 134.147.0.0/16 185.73.20.0/22 IPv6: 2a05:3e00::/29 Signature Algorithm: sha256WithRSAEncryption 6b:70:2a:11:1f:a1:f9:56:e0:bc:75:d0:9b:29:0d:57:e4:3e: ec:b8:16:1c:e2:c0:e3:8e:31:83:54:9f:4f:7b:22:ef:49:aa: 8d:cc:6b:fc:60:6c:01:6d:d4:47:54:bc:65:24:71:43:d9:63: 10:6f:d6:49:6c:12:b2:cd:1a:78:00:32:5e:36:1a:a4:53:72: 6b:5c:58:08:4b:9c:5e:92:d2:4d:e8:13:a8:08:50:51:dc:90: 26:be:92:0b:0a:17:54:f8:d5:8a:68:78:22:af:30:99:d0:2c: 7b:84:81:00:43:84:63:4a:46:1b:b5:a2:3e:cf:88:dc:52:b5: 3e:9d:5a:dd:28:67:c2:e0:46:ab:54:d9:24:2d:79:16:17:93: 64:00:c4:59:45:52:80:60:07:37:2b:59:d0:d1:d4:e5:cc:c6: d6:89:76:c5:cf:be:43:fd:1e:f8:79:44:26:c0:ee:20:b2:29: 00:1c:f3:44:8c:ee:02:bd:39:f4:57:dd:e6:1f:48:c8:59:ef: 62:78:30:86:fd:22:eb:e9:72:79:25:18:a9:73:1e:4f:18:1a: f9:e0:42:ab:0a:5f:1c:73:77:27:0b:79:be:49:31:1e:da:80: a4:6e:97:71:a3:cd:a2:81:ba:89:45:55:c0:93:4a:a0:d7:cb: 74:59:68:7e -----BEGIN CERTIFICATE----- MIIFETCCA/mgAwIBAgISAZt7No9OmYFQEp+PV8FPcnrTMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEzMGRkYWE3NDk0ZDY5YmExY2FjYjQ1N2VmOTFiNmRjZDIy ZThkZDkwHhcNMjYwMTAxMjAxODUxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5NjQzMDE1MzRiYTU1ODI2MTdmNTA3NzZhMDM1MzQxNWFlNjc1MDI0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlJhVz5Tuhgd6iEi+pJ5/vYCw4ZT6 oCEae3aKuyRsMvtqECdBjG5FRBx+TugG08sujL+K9H7R49oUPHaUHV4qanpO801k 2NGOiMzZo8y29iABGsn3oTOERleQRkS6J2HaneAdhXFGpC8yvur78Owwrb+CW4fO AgxD0nZn7FwpGk+B6mLIPeFMwGK57hKuevHjhuX2QqBWI82wkkVcH9RHiCRw5qxV D0xGKhNjXlKJsSOzRXKKZdJpSEHtShD6wZQgSpLxE4BO/ghwL0Cd7QdB2K+kHKHC 9mKQQqc2vpis1/Np0z3uJ+TDZuneAXF05xy5HDO0scr1L83LyxET6ef6SwIDAQAB o4ICHTCCAhkwHQYDVR0OBBYEFJZDAVNLpVgmF/UHdqA1NBWuZ1AkMB8GA1UdIwQY MBaAFKMN2qdJTWm6HKy0V++RttzSLo3ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb3czYXAwbE5hYm9jckxSWDc1RzIzTkl1amRrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS83NjExMmMtZjE3ZS00ZGMxLWJhNTIt NjU0NGEyYjk5ODE3LzEvbGtNQlUwdWxXQ1lYOVFkMm9EVTBGYTVuVUNRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMS83NjExMmMtZjE3ZS00ZGMxLWJhNTItNjU0NGEyYjk5ODE3 LzEvb3czYXAwbE5hYm9jckxSWDc1RzIzTkl1amRrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjARBAIAATALAwMAhpMDBAK5 SRQwDQQCAAIwBwMFAyoFPgAwDQYJKoZIhvcNAQELBQADggEBAGtwKhEfoflW4Lx1 0JspDVfkPuy4FhziwOOOMYNUn097Iu9Jqo3Ma/xgbAFt1EdUvGUkcUPZYxBv1kls ErLNGngAMl42GqRTcmtcWAhLnF6S0k3oE6gIUFHckCa+kgsKF1T41YpoeCKvMJnQ LHuEgQBDhGNKRhu1oj7PiNxStT6dWt0oZ8LgRqtU2SQteRYXk2QAxFlFUoBgBzcr WdDR1OXMxtaJdsXPvkP9Hvh5RCbA7iCyKQAc80SM7gK9OfRX3eYfSMhZ72J4MIb9 IuvpcnklGKlzHk8YGvngQqsKXxxzdycLeb5JMR7agKRul3GjzaKBuolFVcCTSqDX y3RZaH4= -----END CERTIFICATE-----Generated at Mon Feb 9 22:29:45 2026 by rpki-client