This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/lZ9LOX543LHGpJ_jcbUE2QZLDRQ.roa File: lZ9LOX543LHGpJ_jcbUE2QZLDRQ.roa (raw, json) Hash identifier: C6E0AGvkW+gsmOLiKI0tShiHnFHrhWGmCkTTHSSM+jI= Subject key identifier: 95:9F:4B:39:7E:78:DC:B1:C6:A4:9F:E3:71:B5:04:D9:06:4B:0D:14 Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf Certificate serial: 019BC2610FD71E969F2CBF5B755529996C0E Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/lZ9LOX543LHGpJ_jcbUE2QZLDRQ.roa Signing time: Thu 15 Jan 2026 15:58:19 +0000 ROA not before: Thu 15 Jan 2026 15:58:19 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 216392 IP address blocks: 45.81.152.0/23 maxlen: 24 45.144.230.0/24 maxlen: 24 2a0b:da80::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.mft rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 16 Jan 2026 15:31:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:c2:61:0f:d7:1e:96:9f:2c:bf:5b:75:55:29:99:6c:0e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf Validity Not Before: Jan 15 15:58:19 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=959f4b397e78dcb1c6a49fe371b504d9064b0d14 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:aa:ea:86:b3:76:7b:ab:4d:07:d4:9a:0e:e9: 06:5f:13:8a:ce:2e:2f:9e:af:47:fd:da:40:6d:e1: 41:c7:1d:5b:82:dc:be:d6:05:59:a0:da:d0:49:d4: db:b4:2c:8a:d0:33:04:ac:a6:68:3a:40:d0:dd:9e: c6:3e:d6:37:16:8f:7d:ac:72:d0:fc:1b:70:a0:79: f0:0d:ab:5e:0e:2e:e0:9c:c6:fc:87:ac:12:3c:c8: 0f:73:32:b0:2d:c0:02:54:24:35:db:67:0b:76:23: 89:7e:b5:dd:04:3a:3e:28:15:ba:2b:9f:95:96:91: aa:bf:74:b7:49:6f:72:98:e3:80:0a:f8:2e:07:70: ed:18:ab:23:0d:2f:8a:e9:9b:76:77:7d:f0:a6:f2: cf:03:c0:30:ee:fc:e4:44:50:eb:8c:30:57:fa:89: 55:34:d7:2f:08:7d:d4:cc:7a:6b:1e:be:ce:15:25: 15:3b:0f:5c:27:9b:25:1e:b0:b5:2c:fc:60:ee:44: 76:b4:69:e0:65:7a:0f:c6:1f:a9:9f:5e:62:c7:f1: 8a:99:36:87:13:30:ee:7f:4e:f5:26:64:aa:45:f0: af:db:17:6a:5b:41:81:38:56:ae:a0:b3:01:ad:f5: 19:a4:71:f7:88:39:69:a0:94:34:78:f2:a1:5d:0e: 49:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 95:9F:4B:39:7E:78:DC:B1:C6:A4:9F:E3:71:B5:04:D9:06:4B:0D:14 X509v3 Authority Key Identifier: keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/lZ9LOX543LHGpJ_jcbUE2QZLDRQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.81.152.0/23 45.144.230.0/24 IPv6: 2a0b:da80::/32 Signature Algorithm: sha256WithRSAEncryption 40:f2:e5:83:ef:03:ca:96:3a:04:f0:70:f5:53:d6:27:20:e7: c8:91:7f:a9:a6:fb:1f:b0:46:94:2c:5e:43:e5:2f:4c:08:75: 40:b0:24:96:3a:5b:34:b0:f8:61:5b:f7:f1:21:52:a9:f1:da: c5:71:ce:58:a9:69:6f:04:22:9d:3b:18:28:80:21:70:3e:af: df:db:96:6c:f4:3e:8f:9f:33:40:2e:57:b7:a8:e4:cf:7b:23: 14:29:71:c2:29:32:7a:e4:06:45:a7:1f:af:44:65:d4:10:67: 9f:96:65:2f:0d:4e:54:d4:38:bd:f5:f2:d5:82:bb:ae:d1:8e: 6f:fb:dd:f9:2f:4f:2e:06:06:c5:98:89:7d:5a:94:94:29:be: de:00:e7:c7:05:0a:bc:99:5b:83:11:ba:39:96:e8:fa:2d:d9: 48:39:67:37:b9:9d:da:03:0f:3a:7b:c2:44:de:5d:6a:ff:bf: f3:4d:ad:fa:f8:ed:ff:ff:0d:25:22:01:ad:c2:36:a0:66:76: c2:08:19:c8:73:6c:39:78:76:95:49:0d:9e:3f:be:6e:d9:08: 47:b3:7d:7b:ac:e3:db:a3:d4:20:b2:65:d4:93:b5:92:24:cf: a3:83:ca:e2:b8:1c:92:69:2e:60:12:2a:d5:7c:f8:9a:ac:94: b3:4f:99:4d -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZvCYQ/XHpafLL9bdVUpmWwOMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx MTRjYWYwHhcNMjYwMTE1MTU1ODE5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5NTlmNGIzOTdlNzhkY2IxYzZhNDlmZTM3MWI1MDRkOTA2NGIwZDE0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqarqhrN2e6tNB9SaDukGXxOKzi4v nq9H/dpAbeFBxx1bgty+1gVZoNrQSdTbtCyK0DMErKZoOkDQ3Z7GPtY3Fo99rHLQ /BtwoHnwDateDi7gnMb8h6wSPMgPczKwLcACVCQ122cLdiOJfrXdBDo+KBW6K5+V lpGqv3S3SW9ymOOACvguB3DtGKsjDS+K6Zt2d33wpvLPA8Aw7vzkRFDrjDBX+olV NNcvCH3UzHprHr7OFSUVOw9cJ5slHrC1LPxg7kR2tGngZXoPxh+pn15ix/GKmTaH EzDuf071JmSqRfCv2xdqW0GBOFauoLMBrfUZpHH3iDlpoJQ0ePKhXQ5JPQIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFJWfSzl+eNyxxqSf43G1BNkGSw0UMB8GA1UdIwQY MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt YjQzNDJiYTkxYWJjLzEvbFo5TE9YNTQzTEhHcEpfamNiVUUyUVpMRFJRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBLVGYAwQA LZDmMA0EAgACMAcDBQAqC9qAMA0GCSqGSIb3DQEBCwUAA4IBAQBA8uWD7wPKljoE 8HD1U9YnIOfIkX+ppvsfsEaULF5D5S9MCHVAsCSWOls0sPhhW/fxIVKp8drFcc5Y qWlvBCKdOxgogCFwPq/f25Zs9D6PnzNALle3qOTPeyMUKXHCKTJ65AZFpx+vRGXU EGeflmUvDU5U1Di99fLVgruu0Y5v+935L08uBgbFmIl9WpSUKb7eAOfHBQq8mVuD Ebo5luj6LdlIOWc3uZ3aAw86e8JE3l1q/7/zTa36+O3//w0lIgGtwjagZnbCCBnI c2w5eHaVSQ2eP75u2QhHs317rOPbo9QgsmXUk7WSJM+jg8riuBySaS5gEirVfPia rJSzT5lN -----END CERTIFICATE-----Generated at Thu Jan 15 21:13:28 2026 by rpki-client