This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/cd081e-89c2-4309-9490-0a89c6996fef/1/lBcSFM8OK1uzZB50zlLDxjTK2xU.roa File: lBcSFM8OK1uzZB50zlLDxjTK2xU.roa (raw, json) Hash identifier: 8pSOr2u3lgeMMUD0PcPdrmLPvUU4Aqiq7ol79EVGlVg= Subject key identifier: 94:17:12:14:CF:0E:2B:5B:B3:64:1E:74:CE:52:C3:C6:34:CA:DB:15 Certificate issuer: /CN=bbfbee4a968df0fac4751b4f49027fa095c65277 Certificate serial: 019B77C689FE644CFCB515F955A67AC0C8FC Authority key identifier: BB:FB:EE:4A:96:8D:F0:FA:C4:75:1B:4F:49:02:7F:A0:95:C6:52:77 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u_vuSpaN8PrEdRtPSQJ_oJXGUnc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/cd081e-89c2-4309-9490-0a89c6996fef/1/lBcSFM8OK1uzZB50zlLDxjTK2xU.roa Signing time: Thu 01 Jan 2026 04:17:38 +0000 ROA not before: Thu 01 Jan 2026 04:17:38 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 49879 IP address blocks: 185.21.204.0/22 maxlen: 22 185.21.204.0/24 maxlen: 24 185.21.205.0/24 maxlen: 24 185.21.206.0/24 maxlen: 24 185.21.207.0/24 maxlen: 24 217.116.192.0/21 maxlen: 21 217.116.192.0/24 maxlen: 24 217.116.193.0/24 maxlen: 24 217.116.194.0/24 maxlen: 24 217.116.195.0/24 maxlen: 24 217.116.196.0/24 maxlen: 24 217.116.197.0/24 maxlen: 24 217.116.198.0/24 maxlen: 24 217.116.199.0/24 maxlen: 24 217.116.200.0/21 maxlen: 21 217.116.200.0/24 maxlen: 24 217.116.201.0/24 maxlen: 24 217.116.202.0/24 maxlen: 24 217.116.203.0/24 maxlen: 24 217.116.204.0/24 maxlen: 24 217.116.205.0/24 maxlen: 24 217.116.206.0/24 maxlen: 24 217.116.207.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e6/cd081e-89c2-4309-9490-0a89c6996fef/1/u_vuSpaN8PrEdRtPSQJ_oJXGUnc.crl rsync://rpki.ripe.net/repository/DEFAULT/e6/cd081e-89c2-4309-9490-0a89c6996fef/1/u_vuSpaN8PrEdRtPSQJ_oJXGUnc.mft rsync://rpki.ripe.net/repository/DEFAULT/u_vuSpaN8PrEdRtPSQJ_oJXGUnc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 15:35:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c6:89:fe:64:4c:fc:b5:15:f9:55:a6:7a:c0:c8:fc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=bbfbee4a968df0fac4751b4f49027fa095c65277 Validity Not Before: Jan 1 04:17:38 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=94171214cf0e2b5bb3641e74ce52c3c634cadb15 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:81:91:37:65:13:61:5d:90:08:3e:f6:4b:1d: a6:01:1d:75:ac:8c:e8:94:f3:ab:0e:20:83:cd:4f: b8:70:8d:0f:c3:a6:c3:7b:93:fc:d2:53:0c:2e:1d: 13:ca:8c:26:35:49:83:9b:1f:16:14:ee:74:54:ff: 6a:21:98:80:6d:b4:65:5d:5b:95:ca:83:9b:23:d0: 78:ae:bf:2b:81:a2:21:5e:50:e7:20:8d:3c:f1:f9: 87:57:ea:03:c3:b5:b0:2c:7e:20:4b:50:37:bc:a6: bf:f0:34:ec:4a:81:8a:e5:15:18:9c:31:94:ff:01: 57:a1:54:5f:46:84:77:b5:e2:d6:a7:e5:2a:27:52: 94:8e:1f:3a:bf:fd:cc:b8:2c:59:75:55:80:29:a1: 5b:1e:23:31:ee:e5:54:9d:a2:1c:8e:07:f5:7f:8f: bf:28:ef:f8:e9:a6:17:0b:f9:a1:3f:89:43:cf:fb: 43:ab:48:2d:b6:24:e5:19:d4:77:2a:91:ef:bc:ce: 6c:76:40:6d:e9:65:26:b8:a7:61:d1:2f:70:88:d9: b3:9a:b4:f0:55:95:9c:60:3b:c2:aa:25:d0:58:78: 47:ec:ea:0d:d0:a0:a9:d1:3a:8d:02:ed:3f:f3:4b: f5:61:70:32:5b:db:15:ef:fe:b3:04:50:83:4b:7b: ed:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 94:17:12:14:CF:0E:2B:5B:B3:64:1E:74:CE:52:C3:C6:34:CA:DB:15 X509v3 Authority Key Identifier: keyid:BB:FB:EE:4A:96:8D:F0:FA:C4:75:1B:4F:49:02:7F:A0:95:C6:52:77 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u_vuSpaN8PrEdRtPSQJ_oJXGUnc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/cd081e-89c2-4309-9490-0a89c6996fef/1/lBcSFM8OK1uzZB50zlLDxjTK2xU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/cd081e-89c2-4309-9490-0a89c6996fef/1/u_vuSpaN8PrEdRtPSQJ_oJXGUnc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.21.204.0/22 217.116.192.0/20 Signature Algorithm: sha256WithRSAEncryption 49:fc:5f:fb:99:5d:4d:90:dc:8c:ce:90:4a:b5:30:56:8f:f7: 3c:93:0e:48:a1:8f:66:87:25:69:af:4d:af:69:8f:84:19:03: f2:36:21:4a:2f:1b:cb:4f:4e:06:d7:8b:83:00:93:1b:4c:94: 7d:b0:8c:35:51:57:93:08:be:70:87:77:b1:8b:1d:68:01:b8: 55:4b:d0:d6:bd:c3:de:ac:bd:2f:cf:81:ec:7d:89:34:dd:2e: 31:5f:ac:87:d8:ce:a1:7f:30:04:97:68:da:5e:6c:d9:83:ad: 8f:89:98:0f:3d:8d:b5:6a:2d:87:7f:f2:a4:bf:7b:32:4f:aa: 75:f5:0c:65:e6:12:bf:ac:ae:01:44:9f:b7:b3:f3:6c:29:12: 34:06:3d:8c:3e:b7:8a:7d:e2:3e:55:c2:f3:70:69:7e:95:a6: 09:dc:1d:d9:93:c2:07:bc:0d:12:84:b1:35:ea:6c:bb:36:41: 70:dc:19:18:f3:c4:eb:77:56:78:42:00:22:c1:1a:f0:df:1f: 1c:e5:4f:41:5e:9f:a3:7e:18:10:71:49:68:8c:5d:d9:1e:28: 7c:4a:aa:d2:26:c2:06:76:cf:c3:43:5c:6b:f2:1b:d6:7d:f8: 8a:0e:a0:48:7d:5d:64:bd:0c:7c:c3:33:bf:d5:22:1c:16:7b: 56:30:30:41 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt3xon+ZEz8tRX5VaZ6wMj8MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGJiZmJlZTRhOTY4ZGYwZmFjNDc1MWI0ZjQ5MDI3ZmEwOTVj NjUyNzcwHhcNMjYwMTAxMDQxNzM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5NDE3MTIxNGNmMGUyYjViYjM2NDFlNzRjZTUyYzNjNjM0Y2FkYjE1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoIGRN2UTYV2QCD72Sx2mAR11rIzo lPOrDiCDzU+4cI0Pw6bDe5P80lMMLh0TyowmNUmDmx8WFO50VP9qIZiAbbRlXVuV yoObI9B4rr8rgaIhXlDnII088fmHV+oDw7WwLH4gS1A3vKa/8DTsSoGK5RUYnDGU /wFXoVRfRoR3teLWp+UqJ1KUjh86v/3MuCxZdVWAKaFbHiMx7uVUnaIcjgf1f4+/ KO/46aYXC/mhP4lDz/tDq0gttiTlGdR3KpHvvM5sdkBt6WUmuKdh0S9wiNmzmrTw VZWcYDvCqiXQWHhH7OoN0KCp0TqNAu0/80v1YXAyW9sV7/6zBFCDS3vtcwIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFJQXEhTPDitbs2QedM5Sw8Y0ytsVMB8GA1UdIwQY MBaAFLv77kqWjfD6xHUbT0kCf6CVxlJ3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdV92dVNwYU44UHJFZFJ0UFNRSl9vSlhHVW5jLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9jZDA4MWUtODljMi00MzA5LTk0OTAt MGE4OWM2OTk2ZmVmLzEvbEJjU0ZNOE9LMXV6WkI1MHpsTER4alRLMnhVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lNi9jZDA4MWUtODljMi00MzA5LTk0OTAtMGE4OWM2OTk2ZmVm LzEvdV92dVNwYU44UHJFZFJ0UFNRSl9vSlhHVW5jLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuRXMAwQE 2XTAMA0GCSqGSIb3DQEBCwUAA4IBAQBJ/F/7mV1NkNyMzpBKtTBWj/c8kw5IoY9m hyVpr02vaY+EGQPyNiFKLxvLT04G14uDAJMbTJR9sIw1UVeTCL5wh3exix1oAbhV S9DWvcPerL0vz4HsfYk03S4xX6yH2M6hfzAEl2jaXmzZg62PiZgPPY21ai2Hf/Kk v3syT6p19Qxl5hK/rK4BRJ+3s/NsKRI0Bj2MPreKfeI+VcLzcGl+laYJ3B3Zk8IH vA0ShLE16my7NkFw3BkY88Trd1Z4QgAiwRrw3x8c5U9BXp+jfhgQcUlojF3ZHih8 SqrSJsIGds/DQ1xr8hvWffiKDqBIfV1kvQx8wzO/1SIcFntWMDBB -----END CERTIFICATE-----Generated at Mon Jan 26 22:32:40 2026 by rpki-client