This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/LoYqb50w0fBtfcHsb6vmg_Jp5HM.roa File: LoYqb50w0fBtfcHsb6vmg_Jp5HM.roa (raw, json) Hash identifier: 5JEsLkJAmr1UNeD7WuJILvN07Z2E4VXvHyU2P3noRJQ= Subject key identifier: 2E:86:2A:6F:9D:30:D1:F0:6D:7D:C1:EC:6F:AB:E6:83:F2:69:E4:73 Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10 Certificate serial: 019B7F84DDBDFB5AD327257C327B4C863937 Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/LoYqb50w0fBtfcHsb6vmg_Jp5HM.roa Signing time: Fri 02 Jan 2026 16:22:52 +0000 ROA not before: Fri 02 Jan 2026 16:22:52 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 21840 IP address blocks: 88.209.195.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.mft rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 15:01:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:84:dd:bd:fb:5a:d3:27:25:7c:32:7b:4c:86:39:37 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10 Validity Not Before: Jan 2 16:22:52 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=2e862a6f9d30d1f06d7dc1ec6fabe683f269e473 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:84:1c:41:01:ef:fd:8a:1c:d5:5e:a7:a2:3d: ed:cc:ba:67:81:e4:1f:0e:fb:a1:30:a7:48:ff:bf: 67:5e:6b:47:ce:c9:f9:b9:88:ed:3c:12:fa:3f:4c: 3a:b0:bf:a6:c1:03:a8:9b:71:56:fe:14:f0:eb:ef: ec:c1:8a:58:8c:49:86:85:c3:0d:95:20:f3:15:1f: 59:da:c9:0d:d0:95:21:4f:d9:11:c8:8d:6b:90:09: ac:39:d3:b0:a2:b6:4a:9c:f5:d8:c5:49:ce:ee:6d: 8e:85:ed:2d:93:cb:25:a5:a9:08:de:bd:8c:0a:d1: e0:e2:6a:61:a6:ca:19:06:16:74:ad:ac:f1:50:4e: 42:fe:fe:9a:aa:20:b8:e4:c1:cd:e1:7e:da:28:1d: 52:10:64:be:de:43:bf:63:d9:0c:5b:d9:0f:36:68: 13:1c:c6:ad:70:49:b4:d0:ba:b7:9a:a4:e4:e1:5f: 96:8a:67:e5:68:45:44:2e:bb:26:67:c0:79:49:a0: 25:0d:91:1a:91:4d:4d:9f:c8:dc:38:66:8b:4b:43: 64:31:30:a3:1e:dd:b7:dc:71:3d:9e:e2:1c:c8:98: 8f:a5:d1:e8:e1:0d:93:4c:cc:d8:53:1b:07:52:35: 05:08:dc:27:9a:ae:6c:ee:96:1c:08:2a:f9:e6:73: 0f:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2E:86:2A:6F:9D:30:D1:F0:6D:7D:C1:EC:6F:AB:E6:83:F2:69:E4:73 X509v3 Authority Key Identifier: keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/LoYqb50w0fBtfcHsb6vmg_Jp5HM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 88.209.195.0/24 Signature Algorithm: sha256WithRSAEncryption 83:79:a8:80:f3:8b:89:84:d3:0e:e0:16:f5:5b:1e:43:d7:6f: 21:0d:cf:05:94:22:00:23:b6:18:2e:a2:6f:bd:83:7e:3e:8b: 9b:d8:1a:6b:6c:62:4a:b8:37:2b:6c:ff:e7:b4:b8:e8:ee:74: d2:49:19:42:c2:67:60:c2:fd:ed:72:b3:67:e3:b9:0c:b1:0b: c8:86:d0:df:51:94:f2:df:e2:44:bf:52:d5:6b:88:4f:c2:eb: c0:83:a5:52:37:57:fa:45:0f:6f:6b:d2:78:30:0d:78:ca:21: 79:be:77:63:1c:15:56:b7:9c:e9:ef:70:16:63:8e:c6:cc:ed: 9e:1c:33:0a:cd:ea:c2:2f:69:52:89:77:70:08:28:92:31:98: e8:2c:71:6c:37:dc:a9:e6:22:8a:90:c8:9d:7b:85:d3:e0:cb: 3e:da:b5:48:f0:b2:67:4f:39:37:8d:c9:df:a5:1a:05:a8:49: 62:91:59:d0:41:6b:21:22:f4:57:d0:52:68:dd:95:03:82:86: 6d:08:58:93:33:d7:5e:37:ba:7d:f5:86:92:f9:9b:1d:f4:67: f0:07:92:7b:b0:dc:d2:76:07:3c:60:94:9a:b3:21:dd:18:30: 9a:8b:9e:84:3a:e0:c7:48:7b:b9:50:5e:fa:eb:8c:57:a4:0b: 11:13:62:2f -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt/hN29+1rTJyV8MntMhjk3MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx MWRhMTAwHhcNMjYwMTAyMTYyMjUyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyZTg2MmE2ZjlkMzBkMWYwNmQ3ZGMxZWM2ZmFiZTY4M2YyNjllNDczMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA34QcQQHv/Yoc1V6noj3tzLpngeQf DvuhMKdI/79nXmtHzsn5uYjtPBL6P0w6sL+mwQOom3FW/hTw6+/swYpYjEmGhcMN lSDzFR9Z2skN0JUhT9kRyI1rkAmsOdOworZKnPXYxUnO7m2Ohe0tk8slpakI3r2M CtHg4mphpsoZBhZ0razxUE5C/v6aqiC45MHN4X7aKB1SEGS+3kO/Y9kMW9kPNmgT HMatcEm00Lq3mqTk4V+WimflaEVELrsmZ8B5SaAlDZEakU1Nn8jcOGaLS0NkMTCj Ht233HE9nuIcyJiPpdHo4Q2TTMzYUxsHUjUFCNwnmq5s7pYcCCr55nMP3wIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFC6GKm+dMNHwbX3B7G+r5oPyaeRzMB8GA1UdIwQY MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt N2U0ZDZmNmY2ZTY2LzEvTG9ZcWI1MHcwZkJ0ZmNIc2I2dm1nX0pwNUhNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2 LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWNHDMA0G CSqGSIb3DQEBCwUAA4IBAQCDeaiA84uJhNMO4Bb1Wx5D128hDc8FlCIAI7YYLqJv vYN+Poub2BprbGJKuDcrbP/ntLjo7nTSSRlCwmdgwv3tcrNn47kMsQvIhtDfUZTy 3+JEv1LVa4hPwuvAg6VSN1f6RQ9va9J4MA14yiF5vndjHBVWt5zp73AWY47GzO2e HDMKzerCL2lSiXdwCCiSMZjoLHFsN9yp5iKKkMide4XT4Ms+2rVI8LJnTzk3jcnf pRoFqElikVnQQWshIvRX0FJo3ZUDgoZtCFiTM9deN7p99YaS+Zsd9GfwB5J7sNzS dgc8YJSasyHdGDCai56EOuDHSHu5UF7664xXpAsRE2Iv -----END CERTIFICATE-----Generated at Mon Jan 19 20:00:52 2026 by rpki-client