This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/LtPnBk6NSxo0XNLt66J042Sgc0I.roa File: LtPnBk6NSxo0XNLt66J042Sgc0I.roa (raw, json) Hash identifier: Ss/KW/qryEzrYA7hPSNoI8jm1o8wvpp7Ys+hj0l/oCk= Subject key identifier: 2E:D3:E7:06:4E:8D:4B:1A:34:5C:D2:ED:EB:A2:74:E3:64:A0:73:42 Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10 Certificate serial: 019B7F84DDEE8BE8D4A97A30DB836ACE2E50 Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/LtPnBk6NSxo0XNLt66J042Sgc0I.roa Signing time: Fri 02 Jan 2026 16:22:52 +0000 ROA not before: Fri 02 Jan 2026 16:22:52 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 22516 IP address blocks: 88.209.203.0/24 maxlen: 24 88.209.230.0/24 maxlen: 24 88.209.255.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.mft rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 15:01:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:84:dd:ee:8b:e8:d4:a9:7a:30:db:83:6a:ce:2e:50 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10 Validity Not Before: Jan 2 16:22:52 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=2ed3e7064e8d4b1a345cd2edeba274e364a07342 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:f0:d7:73:8b:93:a5:06:fb:ee:46:79:51:a4: 7b:66:99:0b:24:4f:fb:61:5d:89:cd:20:c1:2b:91: e4:b9:c4:db:68:aa:6c:1b:11:c9:e8:14:18:a3:fd: 51:a8:51:f7:df:4e:ad:01:9d:16:4a:df:f2:e6:b0: e5:50:f6:67:48:1d:b5:70:69:05:3f:a3:86:b5:56: b1:24:59:0b:53:7c:19:09:17:3b:fb:16:bc:60:d1: c3:b5:ba:85:68:6e:ae:9a:5c:66:f4:73:0d:3c:01: 6b:e9:49:e9:b0:f3:6f:80:a6:f8:92:54:1d:6b:e4: 27:bd:84:55:45:8a:d6:92:04:ff:80:30:e3:51:0b: ff:b0:cd:28:5a:1a:19:38:60:d5:a8:7c:a8:ac:d4: 53:e8:59:f9:7e:34:56:bb:58:78:65:0e:c4:59:3b: fc:e1:85:7b:5e:71:bb:88:db:d2:e2:22:03:6d:35: 23:5a:b9:81:0b:92:2a:5a:7f:61:87:a1:93:1c:f0: a4:d9:a5:a5:dc:f0:70:4a:53:05:21:8c:16:36:43: 88:fb:b7:f4:33:90:20:54:d3:d6:55:91:50:ca:76: e3:b2:18:9b:43:e5:14:91:ea:dc:90:c1:eb:96:fb: b8:d1:57:81:e4:0b:90:99:46:0a:d5:4f:d4:17:10: 1f:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2E:D3:E7:06:4E:8D:4B:1A:34:5C:D2:ED:EB:A2:74:E3:64:A0:73:42 X509v3 Authority Key Identifier: keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/LtPnBk6NSxo0XNLt66J042Sgc0I.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 88.209.203.0/24 88.209.230.0/24 88.209.255.0/24 Signature Algorithm: sha256WithRSAEncryption b2:a8:c1:7c:3e:7c:9c:d4:96:84:b4:95:d5:f2:e4:5d:5f:c3: 7b:89:86:d9:8b:3a:a7:92:d8:e5:c0:90:97:f1:cf:e5:3f:84: c1:9f:d9:61:f3:fe:24:9f:6d:f4:f7:df:d7:e9:9f:ca:ee:8f: 46:8c:e6:16:a7:4c:dd:9f:64:71:bd:1c:bc:a4:53:36:5a:69: 1d:93:17:cb:9d:06:50:10:0a:98:d1:2e:4d:df:a7:8b:cb:18: 96:81:6b:83:65:a4:2c:3a:31:df:f3:1e:82:61:1f:9a:fb:9a: 83:11:aa:46:17:2c:f5:c4:a8:86:51:b1:41:40:89:87:a1:ef: 18:f3:61:79:6a:70:fb:7e:c8:2c:21:38:ea:df:c8:cc:10:6b: a6:78:d5:c3:1f:49:a6:32:bc:d3:31:76:d1:72:48:eb:2f:a8: f9:5d:b7:6b:d9:e4:72:8a:d5:26:cb:05:18:6a:d3:62:90:f1: 72:48:c6:e7:16:15:9c:f2:45:b7:54:ea:39:cc:95:b4:92:84: b8:d0:a5:be:b3:8b:24:e3:98:ed:b8:e9:b0:09:c5:cc:29:81: cd:95:55:40:19:6f:68:62:ed:90:cd:03:3c:82:43:22:6a:10: 62:59:e9:17:c6:81:8c:0b:f5:e8:37:00:31:8e:7b:14:24:b4: f4:b4:bb:8c -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt/hN3ui+jUqXow24Nqzi5QMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx MWRhMTAwHhcNMjYwMTAyMTYyMjUyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyZWQzZTcwNjRlOGQ0YjFhMzQ1Y2QyZWRlYmEyNzRlMzY0YTA3MzQyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp/DXc4uTpQb77kZ5UaR7ZpkLJE/7 YV2JzSDBK5HkucTbaKpsGxHJ6BQYo/1RqFH3306tAZ0WSt/y5rDlUPZnSB21cGkF P6OGtVaxJFkLU3wZCRc7+xa8YNHDtbqFaG6umlxm9HMNPAFr6UnpsPNvgKb4klQd a+QnvYRVRYrWkgT/gDDjUQv/sM0oWhoZOGDVqHyorNRT6Fn5fjRWu1h4ZQ7EWTv8 4YV7XnG7iNvS4iIDbTUjWrmBC5IqWn9hh6GTHPCk2aWl3PBwSlMFIYwWNkOI+7f0 M5AgVNPWVZFQynbjshibQ+UUkerckMHrlvu40VeB5AuQmUYK1U/UFxAfqQIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFC7T5wZOjUsaNFzS7euidONkoHNCMB8GA1UdIwQY MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt N2U0ZDZmNmY2ZTY2LzEvTHRQbkJrNk5TeG8wWE5MdDY2SjA0MlNnYzBJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2 LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWNHLAwQA WNHmAwQAWNH/MA0GCSqGSIb3DQEBCwUAA4IBAQCyqMF8Pnyc1JaEtJXV8uRdX8N7 iYbZizqnktjlwJCX8c/lP4TBn9lh8/4kn23099/X6Z/K7o9GjOYWp0zdn2RxvRy8 pFM2WmkdkxfLnQZQEAqY0S5N36eLyxiWgWuDZaQsOjHf8x6CYR+a+5qDEapGFyz1 xKiGUbFBQImHoe8Y82F5anD7fsgsITjq38jMEGumeNXDH0mmMrzTMXbRckjrL6j5 Xbdr2eRyitUmywUYatNikPFySMbnFhWc8kW3VOo5zJW0koS40KW+s4sk45jtuOmw CcXMKYHNlVVAGW9oYu2QzQM8gkMiahBiWekXxoGMC/XoNwAxjnsUJLT0tLuM -----END CERTIFICATE-----Generated at Mon Jan 19 20:00:59 2026 by rpki-client