This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/487c15-6f6f-407f-949f-a8e4e71bee51/1/LR4OEFuXJFG601CBDAdGi2eJuDA.roa File: LR4OEFuXJFG601CBDAdGi2eJuDA.roa (raw, json) Hash identifier: NMogK1dWSLWZg8KRXWYMDcVAVexU5Hc8nklyuTVzNTg= Subject key identifier: 2D:1E:0E:10:5B:97:24:51:BA:D3:50:81:0C:07:46:8B:67:89:B8:30 Certificate issuer: /CN=42c4c90ed16aa20e49178420bfc84a883c12ac68 Certificate serial: 019B76EB77E7A7AE6312D622FD555E8442BC Authority key identifier: 42:C4:C9:0E:D1:6A:A2:0E:49:17:84:20:BF:C8:4A:88:3C:12:AC:68 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QsTJDtFqog5JF4Qgv8hKiDwSrGg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/487c15-6f6f-407f-949f-a8e4e71bee51/1/LR4OEFuXJFG601CBDAdGi2eJuDA.roa Signing time: Thu 01 Jan 2026 00:18:21 +0000 ROA not before: Thu 01 Jan 2026 00:18:21 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 202254 IP address blocks: 185.206.71.0/24 maxlen: 24 194.146.156.0/24 maxlen: 24 194.146.157.0/24 maxlen: 24 194.146.158.0/24 maxlen: 24 194.146.159.0/24 maxlen: 24 212.108.128.0/19 maxlen: 24 212.108.128.0/24 maxlen: 24 212.108.129.0/24 maxlen: 24 212.108.130.0/24 maxlen: 24 212.108.131.0/24 maxlen: 24 212.108.132.0/24 maxlen: 24 212.108.133.0/24 maxlen: 24 212.108.134.0/24 maxlen: 24 212.108.135.0/24 maxlen: 24 212.108.136.0/24 maxlen: 24 212.108.137.0/24 maxlen: 24 212.108.138.0/24 maxlen: 24 212.108.139.0/24 maxlen: 24 212.108.140.0/24 maxlen: 24 212.108.141.0/24 maxlen: 24 212.108.142.0/24 maxlen: 24 212.108.143.0/24 maxlen: 24 212.108.144.0/24 maxlen: 24 212.108.145.0/24 maxlen: 24 212.108.146.0/24 maxlen: 24 212.108.147.0/24 maxlen: 24 212.108.148.0/24 maxlen: 24 212.108.149.0/24 maxlen: 24 212.108.150.0/24 maxlen: 24 212.108.151.0/24 maxlen: 24 212.108.152.0/24 maxlen: 24 212.108.153.0/24 maxlen: 24 212.108.154.0/24 maxlen: 24 212.108.155.0/24 maxlen: 24 212.108.156.0/24 maxlen: 24 212.108.157.0/24 maxlen: 24 212.108.158.0/24 maxlen: 24 212.108.159.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ce/487c15-6f6f-407f-949f-a8e4e71bee51/1/QsTJDtFqog5JF4Qgv8hKiDwSrGg.crl rsync://rpki.ripe.net/repository/DEFAULT/ce/487c15-6f6f-407f-949f-a8e4e71bee51/1/QsTJDtFqog5JF4Qgv8hKiDwSrGg.mft rsync://rpki.ripe.net/repository/DEFAULT/QsTJDtFqog5JF4Qgv8hKiDwSrGg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 14:20:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:76:eb:77:e7:a7:ae:63:12:d6:22:fd:55:5e:84:42:bc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=42c4c90ed16aa20e49178420bfc84a883c12ac68 Validity Not Before: Jan 1 00:18:21 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=2d1e0e105b972451bad350810c07468b6789b830 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:13:95:70:f9:d4:7b:6b:04:14:8c:e7:52:a0: de:6b:0a:d1:1b:b0:61:f1:da:cb:64:21:44:05:42: 25:36:84:60:51:38:08:a2:44:15:90:40:c9:41:86: 6d:fb:df:d2:13:cb:52:ed:b0:43:5a:0c:6a:e9:1a: b8:df:fe:c4:4b:7a:c7:76:10:60:fe:5e:f8:95:9f: a1:77:55:0e:cd:94:56:46:58:61:25:98:5d:a1:c5: f3:32:81:f3:46:4b:ed:23:9f:53:21:34:fb:8d:52: 8c:94:43:fe:36:f5:a6:09:eb:80:d7:a3:66:cf:8d: d7:12:1a:48:e6:06:c1:cf:ad:7b:75:2d:ab:45:2f: a7:dc:cb:02:ed:15:11:1e:03:e6:1b:bf:6d:7f:f3: f6:e7:ac:42:86:c2:5c:4f:55:ef:14:e1:1f:e0:07: 0c:44:45:44:18:2f:22:04:07:08:80:b3:5d:4e:cb: 41:27:d5:8d:2e:ee:e0:13:9e:fc:8e:98:a4:97:c6: ce:22:c7:c1:1f:f0:64:38:cc:b6:c4:05:fe:73:69: e5:3e:ed:e5:a4:9e:4c:df:01:37:24:88:44:9e:7d: 10:40:72:2e:7d:77:da:e2:de:50:82:fe:f7:bf:68: 07:6d:8a:cd:6b:29:b0:d7:88:82:f9:f3:bc:65:5f: 91:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2D:1E:0E:10:5B:97:24:51:BA:D3:50:81:0C:07:46:8B:67:89:B8:30 X509v3 Authority Key Identifier: keyid:42:C4:C9:0E:D1:6A:A2:0E:49:17:84:20:BF:C8:4A:88:3C:12:AC:68 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QsTJDtFqog5JF4Qgv8hKiDwSrGg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/487c15-6f6f-407f-949f-a8e4e71bee51/1/LR4OEFuXJFG601CBDAdGi2eJuDA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/487c15-6f6f-407f-949f-a8e4e71bee51/1/QsTJDtFqog5JF4Qgv8hKiDwSrGg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.206.71.0/24 194.146.156.0/22 212.108.128.0/19 Signature Algorithm: sha256WithRSAEncryption 50:0a:07:76:93:1a:14:f4:5b:f9:0f:c5:b3:01:89:23:68:34: d3:6f:4a:ed:80:f8:b4:cf:9c:f1:2c:e9:b1:27:49:81:4b:e5: ae:57:f2:98:6f:39:e2:05:27:3c:a1:0a:57:a5:26:8e:37:49: 66:44:a1:b0:3c:40:17:3f:84:6b:d6:e9:9e:f8:d3:c2:8c:94: 3a:a9:e4:8e:7d:4d:62:71:3e:c6:8f:f2:f6:56:f1:9c:49:7e: 91:12:13:ad:56:7f:6d:74:e8:8a:87:8e:9f:71:05:cc:35:3b: 3c:b5:38:1c:27:bc:06:e3:61:ec:b3:26:05:86:dd:32:78:4d: 6b:81:fc:0a:8d:41:a1:9e:25:a3:89:9b:8b:7f:23:08:3b:a2: 16:55:fb:72:84:3d:ca:ec:8e:cc:56:88:32:ec:1e:e5:67:11: 83:08:5e:7b:92:50:01:67:c0:e7:c8:bf:ed:b2:67:a1:fa:9a: 21:b6:e6:a6:7f:5d:28:3a:e0:26:88:61:0f:76:14:bc:d0:a8: f4:0c:f1:24:99:4d:9f:b5:13:9a:60:e2:77:a0:23:41:38:73: 04:b4:dc:11:ea:86:8a:69:fe:ee:59:7a:44:f8:61:ac:fc:f6: c2:a9:5f:38:db:32:40:5f:1a:61:6a:2d:e8:5e:fb:be:db:20: e2:9a:b3:ba -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt263fnp65jEtYi/VVehEK8MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQyYzRjOTBlZDE2YWEyMGU0OTE3ODQyMGJmYzg0YTg4M2Mx MmFjNjgwHhcNMjYwMTAxMDAxODIxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyZDFlMGUxMDViOTcyNDUxYmFkMzUwODEwYzA3NDY4YjY3ODliODMwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqROVcPnUe2sEFIznUqDeawrRG7Bh 8drLZCFEBUIlNoRgUTgIokQVkEDJQYZt+9/SE8tS7bBDWgxq6Rq43/7ES3rHdhBg /l74lZ+hd1UOzZRWRlhhJZhdocXzMoHzRkvtI59TITT7jVKMlEP+NvWmCeuA16Nm z43XEhpI5gbBz617dS2rRS+n3MsC7RURHgPmG79tf/P256xChsJcT1XvFOEf4AcM REVEGC8iBAcIgLNdTstBJ9WNLu7gE578jpikl8bOIsfBH/BkOMy2xAX+c2nlPu3l pJ5M3wE3JIhEnn0QQHIufXfa4t5Qgv73v2gHbYrNaymw14iC+fO8ZV+R5QIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFC0eDhBblyRRutNQgQwHRotnibgwMB8GA1UdIwQY MBaAFELEyQ7RaqIOSReEIL/ISog8EqxoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUXNUSkR0RnFvZzVKRjRRZ3Y4aEtpRHdTckdnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS80ODdjMTUtNmY2Zi00MDdmLTk0OWYt YThlNGU3MWJlZTUxLzEvTFI0T0VGdVhKRkc2MDFDQkRBZEdpMmVKdURBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jZS80ODdjMTUtNmY2Zi00MDdmLTk0OWYtYThlNGU3MWJlZTUx LzEvUXNUSkR0RnFvZzVKRjRRZ3Y4aEtpRHdTckdnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAuc5HAwQC wpKcAwQF1GyAMA0GCSqGSIb3DQEBCwUAA4IBAQBQCgd2kxoU9Fv5D8WzAYkjaDTT b0rtgPi0z5zxLOmxJ0mBS+WuV/KYbzniBSc8oQpXpSaON0lmRKGwPEAXP4Rr1ume +NPCjJQ6qeSOfU1icT7Gj/L2VvGcSX6REhOtVn9tdOiKh46fcQXMNTs8tTgcJ7wG 42HssyYFht0yeE1rgfwKjUGhniWjiZuLfyMIO6IWVftyhD3K7I7MVogy7B7lZxGD CF57klABZ8DnyL/tsmeh+pohtuamf10oOuAmiGEPdhS80Kj0DPEkmU2ftROaYOJ3 oCNBOHMEtNwR6oaKaf7uWXpE+GGs/PbCqV842zJAXxphai3oXvu+2yDimrO6 -----END CERTIFICATE-----Generated at Wed Jan 21 16:08:23 2026 by rpki-client