This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/LbcqzTrP6pN5RaWqobZ5edok6_8.roa File: LbcqzTrP6pN5RaWqobZ5edok6_8.roa (raw, json) Hash identifier: TyKWAUUMkoM0zqCM5smbJcUZbeF52Bs4IW5OsUnO8B8= Subject key identifier: 2D:B7:2A:CD:3A:CF:EA:93:79:45:A5:AA:A1:B6:79:79:DA:24:EB:FF Certificate issuer: /CN=57c670c8db32dd748df797c5c93013d8c91fa839 Certificate serial: 019B7C8082B554D674CF88F6966095F2D394 Authority key identifier: 57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/LbcqzTrP6pN5RaWqobZ5edok6_8.roa Signing time: Fri 02 Jan 2026 02:19:15 +0000 ROA not before: Fri 02 Jan 2026 02:19:15 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 139803 IP address blocks: 2a00:e460::/29 maxlen: 48 2a0b:d900::/29 maxlen: 48 2a0c:65c0::/29 maxlen: 48 2a0c:6980::/29 maxlen: 48 2a13:97c0::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.crl rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.mft rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 00:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:80:82:b5:54:d6:74:cf:88:f6:96:60:95:f2:d3:94 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=57c670c8db32dd748df797c5c93013d8c91fa839 Validity Not Before: Jan 2 02:19:15 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=2db72acd3acfea937945a5aaa1b67979da24ebff Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:e1:d7:3c:25:d5:0e:6c:64:bf:f4:1b:a6:48: 54:e5:94:69:fb:9e:31:aa:a9:a5:88:1c:8d:3e:ef: 5c:09:41:fd:58:d7:f4:aa:f0:bd:47:38:7e:7f:81: 8e:53:ab:81:0d:a8:39:6d:6d:7f:14:b7:35:f6:2b: f1:e1:f6:48:b8:b3:77:fc:0d:ed:f4:d3:26:24:a2: 81:03:9a:17:77:f6:41:07:c4:54:18:0f:f6:31:af: 91:b3:cd:fa:83:a2:63:8b:a3:04:f7:75:7f:74:96: 70:5c:0c:bc:e0:2c:c3:fd:a7:61:31:90:33:5e:8d: 88:45:41:4a:d5:c4:48:57:00:86:9b:42:5b:be:18: 49:7f:57:c0:d0:b5:69:84:b3:2e:ea:b5:30:42:c9: 2a:3d:a4:81:bb:27:eb:c5:04:52:2f:82:56:bd:61: 42:74:3d:98:96:ec:82:88:b1:7d:1b:69:fd:07:b9: e2:9a:ad:74:d9:52:4c:a8:93:2e:d8:8d:fc:c7:e5: f2:73:86:45:9f:02:91:75:52:8d:26:4a:62:fd:ff: cb:48:1c:e0:69:4b:12:46:03:08:cd:73:84:87:61: 6c:75:a1:f2:6b:ce:7c:8f:2f:52:73:41:a7:7f:7e: c4:51:4e:f8:b6:69:10:41:89:cb:d1:04:2f:ce:af: 67:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2D:B7:2A:CD:3A:CF:EA:93:79:45:A5:AA:A1:B6:79:79:DA:24:EB:FF X509v3 Authority Key Identifier: keyid:57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/LbcqzTrP6pN5RaWqobZ5edok6_8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a00:e460::/29 2a0b:d900::/29 2a0c:65c0::/29 2a0c:6980::/29 2a13:97c0::/29 Signature Algorithm: sha256WithRSAEncryption 82:bf:38:37:e8:3c:4f:fd:7e:64:0f:12:a7:93:92:61:78:b3: 21:54:60:a7:1d:81:ff:4a:4f:11:01:7a:2e:60:4f:47:81:48: 40:98:9a:23:29:fc:18:5d:52:9c:9d:6c:57:5e:a6:fd:31:34: 4a:83:24:6d:75:3d:70:9a:74:ce:44:f7:ed:b6:9e:63:96:c8: 1f:74:c8:22:cd:47:c0:a7:b1:9f:e0:2d:3c:c0:b1:1a:7f:ed: 04:ce:06:97:d4:31:66:c7:20:6c:28:7f:c1:a5:0a:fd:fa:1d: dc:9d:f2:4f:34:71:ad:9a:67:43:60:1c:68:e2:5c:14:70:14: 04:64:20:27:c3:31:16:73:a4:4a:97:68:77:e4:8c:58:8c:22: 72:25:0e:4b:79:c5:5b:60:40:e3:f5:39:70:a1:54:55:75:80: a3:b6:cb:03:01:5f:fb:81:8d:d4:61:ba:07:8d:33:f6:92:00: e2:d0:aa:7e:e4:f0:d2:ea:ca:65:3d:dd:0c:32:80:ee:7a:16: 8c:10:fd:eb:6f:49:fd:f6:18:8c:62:41:45:dd:a9:82:90:cf: 9c:18:d7:c7:e8:6f:8e:12:f8:5e:ed:df:53:a9:18:35:20:99: c4:b1:2e:d4:bb:6c:53:64:26:3f:f4:4d:cf:ee:5c:e5:b5:d8: 6e:10:a8:6e -----BEGIN CERTIFICATE----- MIIFGjCCBAKgAwIBAgISAZt8gIK1VNZ0z4j2lmCV8tOUMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDU3YzY3MGM4ZGIzMmRkNzQ4ZGY3OTdjNWM5MzAxM2Q4Yzkx ZmE4MzkwHhcNMjYwMTAyMDIxOTE1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyZGI3MmFjZDNhY2ZlYTkzNzk0NWE1YWFhMWI2Nzk3OWRhMjRlYmZmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAteHXPCXVDmxkv/QbpkhU5ZRp+54x qqmliByNPu9cCUH9WNf0qvC9Rzh+f4GOU6uBDag5bW1/FLc19ivx4fZIuLN3/A3t 9NMmJKKBA5oXd/ZBB8RUGA/2Ma+Rs836g6Jji6ME93V/dJZwXAy84CzD/adhMZAz Xo2IRUFK1cRIVwCGm0JbvhhJf1fA0LVphLMu6rUwQskqPaSBuyfrxQRSL4JWvWFC dD2YluyCiLF9G2n9B7nimq102VJMqJMu2I38x+Xyc4ZFnwKRdVKNJkpi/f/LSBzg aUsSRgMIzXOEh2FsdaHya858jy9Sc0Gnf37EUU74tmkQQYnL0QQvzq9nFQIDAQAB o4ICJjCCAiIwHQYDVR0OBBYEFC23Ks06z+qTeUWlqqG2eXnaJOv/MB8GA1UdIwQY MBaAFFfGcMjbMt10jfeXxckwE9jJH6g5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQt MzA0OTVmNDAzNzg0LzEvTGJjcXpUclA2cE41UmFXcW9iWjVlZG9rNl84LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQtMzA0OTVmNDAzNzg0 LzEvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzApBAIAAjAjAwUDKgDkYAMF AyoL2QADBQMqDGXAAwUDKgxpgAMFAyoTl8AwDQYJKoZIhvcNAQELBQADggEBAIK/ ODfoPE/9fmQPEqeTkmF4syFUYKcdgf9KTxEBei5gT0eBSECYmiMp/BhdUpydbFde pv0xNEqDJG11PXCadM5E9+22nmOWyB90yCLNR8CnsZ/gLTzAsRp/7QTOBpfUMWbH IGwof8GlCv36Hdyd8k80ca2aZ0NgHGjiXBRwFARkICfDMRZzpEqXaHfkjFiMInIl Dkt5xVtgQOP1OXChVFV1gKO2ywMBX/uBjdRhugeNM/aSAOLQqn7k8NLqymU93Qwy gO56FowQ/etvSf32GIxiQUXdqYKQz5wY18fob44S+F7t31OpGDUgmcSxLtS7bFNk Jj/0Tc/uXOW12G4QqG4= -----END CERTIFICATE-----Generated at Wed Jan 21 08:05:13 2026 by rpki-client