This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/lSTZ-HWR71uxq4lRjE91oyLi-cA.roa File: lSTZ-HWR71uxq4lRjE91oyLi-cA.roa (raw, json) Hash identifier: dhpBJHx7O7xB8/d9cmpmCQwooKeZvbRC4YxjmHz+Qr8= Subject key identifier: 95:24:D9:F8:75:91:EF:5B:B1:AB:89:51:8C:4F:75:A3:22:E2:F9:C0 Certificate issuer: /CN=cfcead390625edba1408108df57cea47160d70e5 Certificate serial: 019B7C8032972D066813549F47A406D5599D Authority key identifier: CF:CE:AD:39:06:25:ED:BA:14:08:10:8D:F5:7C:EA:47:16:0D:70:E5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z86tOQYl7boUCBCN9XzqRxYNcOU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/lSTZ-HWR71uxq4lRjE91oyLi-cA.roa Signing time: Fri 02 Jan 2026 02:18:54 +0000 ROA not before: Fri 02 Jan 2026 02:18:54 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 215276 IP address blocks: 2a0f:7803:fad0::/44 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/z86tOQYl7boUCBCN9XzqRxYNcOU.crl rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/z86tOQYl7boUCBCN9XzqRxYNcOU.mft rsync://rpki.ripe.net/repository/DEFAULT/z86tOQYl7boUCBCN9XzqRxYNcOU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 14:00:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:80:32:97:2d:06:68:13:54:9f:47:a4:06:d5:59:9d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cfcead390625edba1408108df57cea47160d70e5 Validity Not Before: Jan 2 02:18:54 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=9524d9f87591ef5bb1ab89518c4f75a322e2f9c0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8f:f1:e6:c7:5d:3e:fd:40:09:36:b2:80:d8:f6: 36:74:cd:2c:ab:ae:c4:7a:87:f3:fc:09:0b:60:b0: 46:0d:bd:09:6e:fd:07:22:6b:b0:71:ee:a0:43:87: 68:bc:9f:fb:59:0d:21:27:31:1c:1c:15:3c:b6:a0: 12:07:79:4a:00:ca:66:62:45:be:34:00:f0:68:fb: 7d:3e:78:e4:32:1e:c5:a8:a1:af:0b:e0:9a:f7:e7: 55:75:96:cd:72:b4:bd:65:b5:ec:84:48:f4:54:04: 80:88:c3:ac:21:83:fb:ae:24:c3:78:82:cb:70:50: 92:55:2d:8b:a5:22:12:2a:27:d3:28:4a:02:58:fa: 6e:9c:d0:d9:80:e6:ca:90:b9:fa:25:1f:a4:b7:c1: d2:b2:15:ab:ae:45:99:d9:97:78:2a:86:67:d1:5a: dc:b8:55:d6:bf:a2:d2:e4:f5:0f:83:6a:a5:52:f4: 07:5d:87:e3:0e:53:1e:f9:f7:fb:e6:58:1b:79:02: 22:d8:f6:7e:af:24:36:36:9e:bb:75:f5:ca:fa:2c: 7f:7a:2c:21:44:da:0a:39:f3:7a:67:75:5a:4e:2f: 9d:06:b7:f6:ad:0d:a2:7f:68:01:c3:29:ad:7f:04: 52:0e:b7:43:ce:3e:1d:d0:ee:c2:e5:78:d5:de:fe: f0:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 95:24:D9:F8:75:91:EF:5B:B1:AB:89:51:8C:4F:75:A3:22:E2:F9:C0 X509v3 Authority Key Identifier: keyid:CF:CE:AD:39:06:25:ED:BA:14:08:10:8D:F5:7C:EA:47:16:0D:70:E5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z86tOQYl7boUCBCN9XzqRxYNcOU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/lSTZ-HWR71uxq4lRjE91oyLi-cA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/z86tOQYl7boUCBCN9XzqRxYNcOU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0f:7803:fad0::/44 Signature Algorithm: sha256WithRSAEncryption bb:ff:3e:cd:5b:7c:4f:a2:38:d5:72:46:c6:2b:f6:47:02:fd: 8e:55:c1:89:96:54:3d:d1:1c:15:05:89:32:13:eb:16:97:2a: 1c:37:f8:38:5c:7a:79:93:b4:5f:94:94:5f:52:e1:67:c8:77: 22:ab:0d:82:a8:aa:0a:1c:c7:4b:13:8c:48:3b:22:8c:d1:1e: f2:24:88:97:73:38:bf:8d:65:ad:ca:34:74:cd:13:f6:f9:db: 0b:ae:0c:00:b7:bc:3b:ee:e6:41:76:80:59:9e:78:e9:ff:3e: f8:9e:0f:d7:56:f1:51:7f:02:84:09:e4:dd:49:ea:c9:c5:92: 83:6a:21:3a:47:5e:6d:57:d3:86:02:cc:1b:4c:ab:c1:b4:3e: bf:a6:a5:b4:34:d3:79:19:4f:d1:b6:55:03:22:92:ae:04:77: e3:6a:52:21:db:28:fd:13:6f:18:7a:59:e6:2b:a2:56:08:f4: 37:c1:5d:99:e9:fa:f9:e6:7f:e2:ab:ce:3d:54:86:57:c9:97: 69:29:73:ef:aa:11:da:12:c6:d8:fb:d1:b6:ae:55:44:c6:80: 28:24:8d:e0:d9:e5:21:1c:5f:a3:eb:bd:3b:e8:99:21:5c:00: ca:5b:07:6d:3d:2f:eb:c8:36:b5:03:3f:bc:47:16:15:fe:ef: 46:e4:d7:a2 -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt8gDKXLQZoE1SfR6QG1VmdMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNmY2VhZDM5MDYyNWVkYmExNDA4MTA4ZGY1N2NlYTQ3MTYw ZDcwZTUwHhcNMjYwMTAyMDIxODU0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5NTI0ZDlmODc1OTFlZjViYjFhYjg5NTE4YzRmNzVhMzIyZTJmOWMwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj/Hmx10+/UAJNrKA2PY2dM0sq67E eofz/AkLYLBGDb0Jbv0HImuwce6gQ4dovJ/7WQ0hJzEcHBU8tqASB3lKAMpmYkW+ NADwaPt9PnjkMh7FqKGvC+Ca9+dVdZbNcrS9ZbXshEj0VASAiMOsIYP7riTDeILL cFCSVS2LpSISKifTKEoCWPpunNDZgObKkLn6JR+kt8HSshWrrkWZ2Zd4KoZn0Vrc uFXWv6LS5PUPg2qlUvQHXYfjDlMe+ff75lgbeQIi2PZ+ryQ2Np67dfXK+ix/eiwh RNoKOfN6Z3VaTi+dBrf2rQ2if2gBwymtfwRSDrdDzj4d0O7C5XjV3v7wgwIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFJUk2fh1ke9bsauJUYxPdaMi4vnAMB8GA1UdIwQY MBaAFM/OrTkGJe26FAgQjfV86kcWDXDlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvejg2dE9RWWw3Ym9VQ0JDTjlYenFSeFlOY09VLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9jNDY0N2EtNjA0Mi00ZmU4LWEyNzYt ZjViNmE3MThmNGI1LzEvbFNUWi1IV1I3MXV4cTRsUmpFOTFveUxpLWNBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kNS9jNDY0N2EtNjA0Mi00ZmU4LWEyNzYtZjViNmE3MThmNGI1 LzEvejg2dE9RWWw3Ym9VQ0JDTjlYenFSeFlOY09VLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg94A/rQ MA0GCSqGSIb3DQEBCwUAA4IBAQC7/z7NW3xPojjVckbGK/ZHAv2OVcGJllQ90RwV BYkyE+sWlyocN/g4XHp5k7RflJRfUuFnyHciqw2CqKoKHMdLE4xIOyKM0R7yJIiX czi/jWWtyjR0zRP2+dsLrgwAt7w77uZBdoBZnnjp/z74ng/XVvFRfwKECeTdSerJ xZKDaiE6R15tV9OGAswbTKvBtD6/pqW0NNN5GU/RtlUDIpKuBHfjalIh2yj9E28Y elnmK6JWCPQ3wV2Z6fr55n/iq849VIZXyZdpKXPvqhHaEsbY+9G2rlVExoAoJI3g 2eUhHF+j67076JkhXADKWwdtPS/ryDa1Az+8RxYV/u9G5Nei -----END CERTIFICATE-----Generated at Wed Jan 21 16:57:12 2026 by rpki-client