This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/35dfcb-d92d-48fe-9dad-854381686c7b/1/lco6WDUn71zluEHfq5idlQ5WFJ0.roa File: lco6WDUn71zluEHfq5idlQ5WFJ0.roa (raw, json) Hash identifier: S/GDmIIfLVIAhrpUagqamSs5aG9BVe2FNjExEfd2lVA= Subject key identifier: 95:CA:3A:58:35:27:EF:5C:E5:B8:41:DF:AB:98:9D:95:0E:56:14:9D Certificate issuer: /CN=1e514098a5a9736cda4303e0495e94652390aa91 Certificate serial: 019B78A32CF970363DB3EE0861AB401041A3 Authority key identifier: 1E:51:40:98:A5:A9:73:6C:DA:43:03:E0:49:5E:94:65:23:90:AA:91 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HlFAmKWpc2zaQwPgSV6UZSOQqpE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/35dfcb-d92d-48fe-9dad-854381686c7b/1/lco6WDUn71zluEHfq5idlQ5WFJ0.roa Signing time: Thu 01 Jan 2026 08:18:38 +0000 ROA not before: Thu 01 Jan 2026 08:18:38 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 208959 IP address blocks: 45.86.221.0/24 maxlen: 24 46.232.210.0/23 maxlen: 23 185.207.164.0/22 maxlen: 22 185.207.164.0/24 maxlen: 24 185.207.165.0/24 maxlen: 24 185.207.166.0/23 maxlen: 23 185.207.166.0/24 maxlen: 24 185.207.167.0/24 maxlen: 24 216.163.184.0/22 maxlen: 24 2a11:b00::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/35dfcb-d92d-48fe-9dad-854381686c7b/1/HlFAmKWpc2zaQwPgSV6UZSOQqpE.crl rsync://rpki.ripe.net/repository/DEFAULT/d3/35dfcb-d92d-48fe-9dad-854381686c7b/1/HlFAmKWpc2zaQwPgSV6UZSOQqpE.mft rsync://rpki.ripe.net/repository/DEFAULT/HlFAmKWpc2zaQwPgSV6UZSOQqpE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 05:01:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a3:2c:f9:70:36:3d:b3:ee:08:61:ab:40:10:41:a3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1e514098a5a9736cda4303e0495e94652390aa91 Validity Not Before: Jan 1 08:18:38 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=95ca3a583527ef5ce5b841dfab989d950e56149d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:df:41:63:44:e3:36:65:f6:c0:72:cd:ed:c1: b9:2f:21:ce:ff:66:44:aa:f6:c2:4b:1a:4f:03:30: dc:03:91:47:80:20:db:3c:01:8c:bc:c3:57:2a:1d: ab:9c:98:1e:a4:da:a0:cd:6c:da:ec:be:6e:8c:0e: 35:79:24:1f:f1:d2:93:f9:6e:aa:31:ba:d7:d9:c9: 29:32:23:92:d0:0c:50:80:73:ab:f2:8a:63:0c:f3: ad:bb:4a:c7:3f:66:5a:4e:a1:dc:b0:32:72:74:68: c0:12:4c:51:ea:ed:62:69:8f:f0:c6:c4:c8:e0:9b: 6d:21:4c:c5:90:39:c6:52:b1:d1:15:a9:65:5e:46: ef:bd:3a:6e:90:b0:f4:6d:7f:06:29:30:31:e2:b2: 56:12:23:17:b5:25:44:8f:0c:7b:1c:f7:6b:33:39: 8e:f3:a6:80:99:49:28:76:c7:c8:49:e1:d0:12:4e: f4:c0:91:8e:ef:a2:9e:76:db:33:04:8d:dd:66:67: c4:fd:ab:bc:ac:bc:12:5c:75:90:cb:1c:b8:8c:9c: b4:ca:6c:69:c7:66:30:d0:0f:f1:e3:84:97:cc:1c: 30:bf:6e:8d:d0:57:66:c4:5b:f0:4d:c0:4a:1d:ce: 7d:f2:a5:97:a5:1e:6e:b3:b7:a5:dd:7e:a2:d0:50: fc:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 95:CA:3A:58:35:27:EF:5C:E5:B8:41:DF:AB:98:9D:95:0E:56:14:9D X509v3 Authority Key Identifier: keyid:1E:51:40:98:A5:A9:73:6C:DA:43:03:E0:49:5E:94:65:23:90:AA:91 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HlFAmKWpc2zaQwPgSV6UZSOQqpE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/35dfcb-d92d-48fe-9dad-854381686c7b/1/lco6WDUn71zluEHfq5idlQ5WFJ0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/35dfcb-d92d-48fe-9dad-854381686c7b/1/HlFAmKWpc2zaQwPgSV6UZSOQqpE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.86.221.0/24 46.232.210.0/23 185.207.164.0/22 216.163.184.0/22 IPv6: 2a11:b00::/29 Signature Algorithm: sha256WithRSAEncryption 8c:e2:13:e3:b8:59:14:e4:c3:b3:97:b8:ae:a5:f6:63:96:7d: 8a:9d:84:80:f0:de:b7:65:dd:1c:a6:67:ed:bc:cd:56:7c:63: bf:fc:3a:d6:e1:83:d2:0a:b5:b0:4c:3f:b3:e0:e7:25:0d:d4: 68:68:fd:73:f0:1c:7b:e4:b3:42:d7:a7:33:34:13:1a:1a:de: c9:4f:be:23:f2:aa:3f:89:92:7a:e0:2f:59:8b:fa:18:f5:a0: a5:8f:26:04:1f:7e:21:5e:cd:b5:f8:10:b2:3e:33:4a:f1:84: 97:df:d7:00:3a:25:5f:98:7f:67:92:d4:62:5c:c2:01:2f:1e: 28:11:ec:4a:b4:3e:7c:48:a7:f9:be:a6:64:0e:08:ce:42:f3: e0:71:63:b7:c5:7e:52:3a:d7:60:c1:d5:6d:b8:25:a8:25:12: 41:b0:81:a9:14:61:04:bb:41:96:43:9a:6b:5f:ae:3e:f2:84: 73:26:8c:0e:34:ba:6c:62:8f:06:2f:a7:3d:09:99:a3:a6:14: 16:77:4d:e6:d3:c1:3e:a4:3e:c1:45:e1:03:d6:35:5c:42:e6: 1e:cd:54:70:c9:97:60:06:f8:b4:7f:87:84:59:70:68:ac:0d: 50:46:94:37:1e:19:13:97:5c:3b:85:4e:e0:11:db:94:1c:f0: 94:84:d9:c9 -----BEGIN CERTIFICATE----- MIIFHjCCBAagAwIBAgISAZt4oyz5cDY9s+4IYatAEEGjMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFlNTE0MDk4YTVhOTczNmNkYTQzMDNlMDQ5NWU5NDY1MjM5 MGFhOTEwHhcNMjYwMTAxMDgxODM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5NWNhM2E1ODM1MjdlZjVjZTViODQxZGZhYjk4OWQ5NTBlNTYxNDlkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAst9BY0TjNmX2wHLN7cG5LyHO/2ZE qvbCSxpPAzDcA5FHgCDbPAGMvMNXKh2rnJgepNqgzWza7L5ujA41eSQf8dKT+W6q MbrX2ckpMiOS0AxQgHOr8opjDPOtu0rHP2ZaTqHcsDJydGjAEkxR6u1iaY/wxsTI 4JttIUzFkDnGUrHRFallXkbvvTpukLD0bX8GKTAx4rJWEiMXtSVEjwx7HPdrMzmO 86aAmUkodsfISeHQEk70wJGO76KedtszBI3dZmfE/au8rLwSXHWQyxy4jJy0ymxp x2Yw0A/x44SXzBwwv26N0FdmxFvwTcBKHc598qWXpR5us7el3X6i0FD87QIDAQAB o4ICKjCCAiYwHQYDVR0OBBYEFJXKOlg1J+9c5bhB36uYnZUOVhSdMB8GA1UdIwQY MBaAFB5RQJilqXNs2kMD4ElelGUjkKqRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSGxGQW1LV3BjMnphUXdQZ1NWNlVaU09RcXBFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy8zNWRmY2ItZDkyZC00OGZlLTlkYWQt ODU0MzgxNjg2YzdiLzEvbGNvNldEVW43MXpsdUVIZnE1aWRsUTVXRkowLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMy8zNWRmY2ItZDkyZC00OGZlLTlkYWQtODU0MzgxNjg2Yzdi LzEvSGxGQW1LV3BjMnphUXdQZ1NWNlVaU09RcXBFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQALVbdAwQB LujSAwQCuc+kAwQC2KO4MA0EAgACMAcDBQMqEQsAMA0GCSqGSIb3DQEBCwUAA4IB AQCM4hPjuFkU5MOzl7iupfZjln2KnYSA8N63Zd0cpmftvM1WfGO//DrW4YPSCrWw TD+z4OclDdRoaP1z8Bx75LNC16czNBMaGt7JT74j8qo/iZJ64C9Zi/oY9aCljyYE H34hXs21+BCyPjNK8YSX39cAOiVfmH9nktRiXMIBLx4oEexKtD58SKf5vqZkDgjO QvPgcWO3xX5SOtdgwdVtuCWoJRJBsIGpFGEEu0GWQ5prX64+8oRzJowONLpsYo8G L6c9CZmjphQWd03m08E+pD7BReED1jVcQuYezVRwyZdgBvi0f4eEWXBorA1QRpQ3 HhkTl1w7hU7gEduUHPCUhNnJ -----END CERTIFICATE-----Generated at Wed Jan 21 10:35:05 2026 by rpki-client