This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/lQ3OWX0myb8uFOtmBUqCeb2oHhA.roa File: lQ3OWX0myb8uFOtmBUqCeb2oHhA.roa (raw, json) Hash identifier: bhpFnL+TI2NRedv8XMlX+BIC3gSuHb2XvhJF/GSwAJE= Subject key identifier: 95:0D:CE:59:7D:26:C9:BF:2E:14:EB:66:05:4A:82:79:BD:A8:1E:10 Certificate issuer: /CN=ef57c2d9d93ac7cf9b2f17caa7859b6985b39b9d Certificate serial: 019B7C1313F825CEAC663C4C736A1F968C27 Authority key identifier: EF:57:C2:D9:D9:3A:C7:CF:9B:2F:17:CA:A7:85:9B:69:85:B3:9B:9D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/71fC2dk6x8-bLxfKp4WbaYWzm50.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/lQ3OWX0myb8uFOtmBUqCeb2oHhA.roa Signing time: Fri 02 Jan 2026 00:19:43 +0000 ROA not before: Fri 02 Jan 2026 00:19:43 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 44559 IP address blocks: 89.185.86.0/24 maxlen: 24 89.185.87.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/71fC2dk6x8-bLxfKp4WbaYWzm50.crl rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/71fC2dk6x8-bLxfKp4WbaYWzm50.mft rsync://rpki.ripe.net/repository/DEFAULT/71fC2dk6x8-bLxfKp4WbaYWzm50.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 15:01:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:13:13:f8:25:ce:ac:66:3c:4c:73:6a:1f:96:8c:27 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ef57c2d9d93ac7cf9b2f17caa7859b6985b39b9d Validity Not Before: Jan 2 00:19:43 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=950dce597d26c9bf2e14eb66054a8279bda81e10 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:d0:49:c5:b9:0d:ec:02:a9:15:7f:a0:57:36: 7b:06:44:03:a5:84:99:c7:85:56:26:ff:de:2b:e3: ea:20:39:7d:98:29:45:fd:25:f7:bc:df:55:b5:74: 01:08:f8:f9:cc:53:18:af:8b:17:3f:7c:8c:7f:26: 3f:0b:2e:71:79:b3:e2:f8:41:5a:80:78:0a:c3:d1: 45:65:40:01:5f:d3:ef:51:9f:cb:0b:d2:9d:c3:5a: c1:47:31:2b:fa:9d:6f:26:23:6a:e9:75:6d:b8:7a: d7:c5:38:7e:21:70:24:11:7b:21:2f:6c:e2:c5:0e: 88:52:b7:76:60:18:a9:0f:6b:5c:23:fd:5b:83:02: 0e:c3:e1:90:b0:96:f7:0e:54:2c:57:ae:db:85:80: 76:53:b3:fd:58:3d:e4:84:ac:dc:d4:45:43:81:a3: a3:d8:28:2a:2b:6f:82:5e:75:77:c9:15:88:98:20: 1e:46:df:de:81:d2:05:89:ac:33:e5:84:84:8c:60: 3e:2e:9e:b9:5c:dd:51:a7:c2:f9:3f:e5:0c:02:53: a1:34:4b:04:f8:96:e1:62:8d:d2:3d:ee:c3:1b:2f: 6f:f0:0c:5b:1e:67:ea:80:a2:a0:7f:4f:87:f9:52: 10:48:e1:de:ee:e4:14:ef:55:72:0e:0f:d0:f9:58: cd:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 95:0D:CE:59:7D:26:C9:BF:2E:14:EB:66:05:4A:82:79:BD:A8:1E:10 X509v3 Authority Key Identifier: keyid:EF:57:C2:D9:D9:3A:C7:CF:9B:2F:17:CA:A7:85:9B:69:85:B3:9B:9D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/71fC2dk6x8-bLxfKp4WbaYWzm50.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/lQ3OWX0myb8uFOtmBUqCeb2oHhA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/71fC2dk6x8-bLxfKp4WbaYWzm50.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 89.185.86.0/23 Signature Algorithm: sha256WithRSAEncryption a6:fc:f2:55:57:c2:af:28:b2:7d:7f:ac:19:86:34:64:f3:17: c3:7c:89:9c:77:7d:9b:75:6a:9b:58:92:54:9b:b3:17:44:f7: a8:d7:b5:6e:6f:57:03:e3:77:f1:b7:b9:44:63:63:da:a7:07: 14:66:36:98:28:9a:af:60:0b:54:e8:37:ca:f8:d6:8b:a4:a4: 24:7b:5b:0f:e3:87:96:ba:66:34:97:5d:1b:be:cf:e9:f8:ed: a2:e7:c7:d5:69:42:46:b5:0a:d3:90:d7:d3:42:e0:9e:31:1d: 15:4c:15:fd:77:b2:00:7a:b8:9a:42:73:85:3b:fb:7c:7d:1b: d3:49:18:22:a3:6a:c0:e5:09:16:d7:4c:58:c6:50:88:a9:eb: a5:43:56:f6:95:00:ce:ff:5c:83:b8:49:c1:bc:6c:44:92:5c: 8b:ca:11:59:19:0f:9d:98:fe:56:da:26:72:4a:b9:9a:e0:fa: 56:b0:b4:27:2c:0d:06:6b:3e:fe:8b:a0:b8:c7:56:5f:51:fa: ca:37:04:80:da:a5:ce:a7:fe:4c:b2:b0:32:46:1a:63:99:d1: c3:c3:70:3c:83:ee:ec:0f:bd:0e:84:02:76:b6:13:0c:10:c1: 50:f4:4f:cf:2f:42:17:2f:96:01:2d:62:fe:d8:f0:bc:e2:32: 9a:b6:29:d2 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt8ExP4Jc6sZjxMc2oflownMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGVmNTdjMmQ5ZDkzYWM3Y2Y5YjJmMTdjYWE3ODU5YjY5ODVi MzliOWQwHhcNMjYwMTAyMDAxOTQzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5NTBkY2U1OTdkMjZjOWJmMmUxNGViNjYwNTRhODI3OWJkYTgxZTEwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0NBJxbkN7AKpFX+gVzZ7BkQDpYSZ x4VWJv/eK+PqIDl9mClF/SX3vN9VtXQBCPj5zFMYr4sXP3yMfyY/Cy5xebPi+EFa gHgKw9FFZUABX9PvUZ/LC9Kdw1rBRzEr+p1vJiNq6XVtuHrXxTh+IXAkEXshL2zi xQ6IUrd2YBipD2tcI/1bgwIOw+GQsJb3DlQsV67bhYB2U7P9WD3khKzc1EVDgaOj 2CgqK2+CXnV3yRWImCAeRt/egdIFiawz5YSEjGA+Lp65XN1Rp8L5P+UMAlOhNEsE +JbhYo3SPe7DGy9v8AxbHmfqgKKgf0+H+VIQSOHe7uQU71VyDg/Q+VjNtQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFJUNzll9Jsm/LhTrZgVKgnm9qB4QMB8GA1UdIwQY MBaAFO9XwtnZOsfPmy8XyqeFm2mFs5udMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNzFmQzJkazZ4OC1iTHhmS3A0V2JhWVd6bTUwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8xZTA0YjgtMTAzMS00M2Y5LTk2Njct OGU2Zjg3OGRiNWY0LzEvbFEzT1dYMG15Yjh1Rk90bUJVcUNlYjJvSGhBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMC8xZTA0YjgtMTAzMS00M2Y5LTk2NjctOGU2Zjg3OGRiNWY0 LzEvNzFmQzJkazZ4OC1iTHhmS3A0V2JhWVd6bTUwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBWblWMA0G CSqGSIb3DQEBCwUAA4IBAQCm/PJVV8KvKLJ9f6wZhjRk8xfDfImcd32bdWqbWJJU m7MXRPeo17Vub1cD43fxt7lEY2PapwcUZjaYKJqvYAtU6DfK+NaLpKQke1sP44eW umY0l10bvs/p+O2i58fVaUJGtQrTkNfTQuCeMR0VTBX9d7IAeriaQnOFO/t8fRvT SRgio2rA5QkW10xYxlCIqeulQ1b2lQDO/1yDuEnBvGxEklyLyhFZGQ+dmP5W2iZy Srma4PpWsLQnLA0Gaz7+i6C4x1ZfUfrKNwSA2qXOp/5MsrAyRhpjmdHDw3A8g+7s D70OhAJ2thMMEMFQ9E/PL0IXL5YBLWL+2PC84jKatinS -----END CERTIFICATE-----Generated at Tue Jan 20 01:22:04 2026 by rpki-client