This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/b8ed2d-3545-4599-97e5-1523803fadaf/1/lzhqb44lkym18st-KJO0iNCAZlQ.roa File: lzhqb44lkym18st-KJO0iNCAZlQ.roa (raw, json) Hash identifier: 2LZndqqTJT7DvJeBs5WXaUqdjr9j/DQSipQScJfwcnA= Subject key identifier: 97:38:6A:6F:8E:25:93:29:B5:F2:CB:7E:28:93:B4:88:D0:80:66:54 Certificate issuer: /CN=a18164d9961a16d2eff773f5027821e9d2bd3740 Certificate serial: 019B78A365DF849093102B20BA09197B523B Authority key identifier: A1:81:64:D9:96:1A:16:D2:EF:F7:73:F5:02:78:21:E9:D2:BD:37:40 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oYFk2ZYaFtLv93P1Angh6dK9N0A.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/b8ed2d-3545-4599-97e5-1523803fadaf/1/lzhqb44lkym18st-KJO0iNCAZlQ.roa Signing time: Thu 01 Jan 2026 08:18:52 +0000 ROA not before: Thu 01 Jan 2026 08:18:52 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 8899 IP address blocks: 5.45.0.0/21 maxlen: 21 5.100.128.0/20 maxlen: 20 37.157.40.0/21 maxlen: 21 46.165.128.0/18 maxlen: 18 77.244.96.0/20 maxlen: 20 80.74.48.0/20 maxlen: 20 80.74.48.0/22 maxlen: 22 80.74.52.0/22 maxlen: 22 89.21.96.0/19 maxlen: 19 109.75.208.0/20 maxlen: 20 128.0.96.0/21 maxlen: 21 128.0.100.0/22 maxlen: 22 131.117.144.0/20 maxlen: 20 156.67.128.0/20 maxlen: 20 156.67.132.0/22 maxlen: 22 156.67.140.0/22 maxlen: 22 178.76.128.0/18 maxlen: 18 185.7.208.0/22 maxlen: 22 185.18.128.0/22 maxlen: 22 185.74.180.0/22 maxlen: 22 188.210.0.0/18 maxlen: 18 188.210.60.0/22 maxlen: 22 212.43.64.0/19 maxlen: 19 212.43.80.0/21 maxlen: 21 2a01:5c0::/32 maxlen: 32 2a02:6d40::/32 maxlen: 32 2a03:4920::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/eb/b8ed2d-3545-4599-97e5-1523803fadaf/1/oYFk2ZYaFtLv93P1Angh6dK9N0A.crl rsync://rpki.ripe.net/repository/DEFAULT/eb/b8ed2d-3545-4599-97e5-1523803fadaf/1/oYFk2ZYaFtLv93P1Angh6dK9N0A.mft rsync://rpki.ripe.net/repository/DEFAULT/oYFk2ZYaFtLv93P1Angh6dK9N0A.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 13:01:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a3:65:df:84:90:93:10:2b:20:ba:09:19:7b:52:3b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a18164d9961a16d2eff773f5027821e9d2bd3740 Validity Not Before: Jan 1 08:18:52 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=97386a6f8e259329b5f2cb7e2893b488d0806654 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:05:46:5e:f5:f3:c9:5e:77:cb:74:31:9f:1b: 27:1e:c4:93:aa:ba:2f:90:52:45:1f:32:45:ae:76: 09:bb:6c:e7:b1:8e:5f:60:93:7c:58:34:83:f1:25: e2:86:66:27:98:1c:bb:f3:62:4d:fe:37:e0:26:3c: 79:72:56:c7:3c:6a:e6:16:56:aa:99:d4:9f:20:57: 5a:9f:be:28:16:98:65:8d:4a:a9:87:c6:59:c5:e7: 3e:ac:ef:21:aa:f4:c4:51:2f:21:e8:02:7a:a2:be: 23:3c:a6:17:12:69:dc:1d:91:d3:e8:c4:db:93:3e: 73:c3:4e:ce:5e:dd:82:7d:7f:4d:81:ae:01:4e:d8: f2:d6:75:05:6a:39:f8:19:c2:67:65:a6:38:46:33: c1:9c:28:74:f8:bd:22:41:35:3f:af:38:83:30:f0: 1e:04:01:63:7c:36:0f:4a:ab:d9:ad:43:69:f2:34: 16:de:60:28:3d:0a:c4:07:8c:b3:3c:22:70:1a:ad: da:40:f3:0b:c2:59:15:87:90:27:8b:53:d4:c9:96: 6d:5e:77:a1:7b:98:5e:c2:cb:e1:c2:c8:2d:0c:a1: a1:e3:f0:d3:68:72:6a:a7:c1:71:8d:70:97:de:86: a4:4c:ac:91:23:1f:63:a1:67:5f:c4:02:52:89:70: 2f:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 97:38:6A:6F:8E:25:93:29:B5:F2:CB:7E:28:93:B4:88:D0:80:66:54 X509v3 Authority Key Identifier: keyid:A1:81:64:D9:96:1A:16:D2:EF:F7:73:F5:02:78:21:E9:D2:BD:37:40 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oYFk2ZYaFtLv93P1Angh6dK9N0A.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/b8ed2d-3545-4599-97e5-1523803fadaf/1/lzhqb44lkym18st-KJO0iNCAZlQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/b8ed2d-3545-4599-97e5-1523803fadaf/1/oYFk2ZYaFtLv93P1Angh6dK9N0A.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.45.0.0/21 5.100.128.0/20 37.157.40.0/21 46.165.128.0/18 77.244.96.0/20 80.74.48.0/20 89.21.96.0/19 109.75.208.0/20 128.0.96.0/21 131.117.144.0/20 156.67.128.0/20 178.76.128.0/18 185.7.208.0/22 185.18.128.0/22 185.74.180.0/22 188.210.0.0/18 212.43.64.0/19 IPv6: 2a01:5c0::/32 2a02:6d40::/32 2a03:4920::/32 Signature Algorithm: sha256WithRSAEncryption 7f:6c:fd:22:df:a3:b3:79:b3:64:22:7f:79:f7:2a:6f:ff:69: 5a:1d:3c:30:0e:df:40:c9:01:bb:ab:5f:42:95:bd:82:19:e5: 6b:63:49:f8:a6:d7:8c:d6:0e:80:87:7c:f4:ba:42:17:d4:12: 8c:73:9f:c0:cc:f6:35:0d:41:e5:2a:70:f5:f1:41:dc:94:b4: b0:3f:86:cf:af:01:17:f9:0f:91:e6:0f:8e:a9:a3:ec:cb:d9: bf:45:12:09:02:19:f8:90:ed:14:c7:b2:85:66:32:bc:2b:0a: 06:a2:f5:9f:18:d4:bf:74:56:cc:c1:15:07:c9:dd:c2:42:c1: a4:63:90:ea:90:b3:ac:0b:20:4a:b6:75:be:a2:dc:b5:4b:fe: b8:39:13:63:85:5a:96:d4:41:73:6a:ef:51:68:ec:e3:36:7e: 14:14:e1:9f:c9:c4:ee:98:b4:8b:ff:eb:71:9c:2a:8a:05:33: 86:5b:54:96:2d:b3:b3:97:9f:dd:31:15:a2:8f:dd:88:f6:00: e3:14:e8:91:b7:a6:19:24:08:ce:36:29:e9:d5:e3:2a:6f:8d: ff:fd:73:18:2a:2b:d2:d4:cc:b5:11:47:e6:d2:d6:f2:47:f0: 21:f1:12:e6:2c:1f:12:87:93:30:81:d7:70:50:d0:fd:dc:cb: 14:83:11:a8 -----BEGIN CERTIFICATE----- MIIFfTCCBGWgAwIBAgISAZt4o2XfhJCTECsgugkZe1I7MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGExODE2NGQ5OTYxYTE2ZDJlZmY3NzNmNTAyNzgyMWU5ZDJi ZDM3NDAwHhcNMjYwMTAxMDgxODUyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5NzM4NmE2ZjhlMjU5MzI5YjVmMmNiN2UyODkzYjQ4OGQwODA2NjU0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAygVGXvXzyV53y3QxnxsnHsSTqrov kFJFHzJFrnYJu2znsY5fYJN8WDSD8SXihmYnmBy782JN/jfgJjx5clbHPGrmFlaq mdSfIFdan74oFphljUqph8ZZxec+rO8hqvTEUS8h6AJ6or4jPKYXEmncHZHT6MTb kz5zw07OXt2CfX9Nga4BTtjy1nUFajn4GcJnZaY4RjPBnCh0+L0iQTU/rziDMPAe BAFjfDYPSqvZrUNp8jQW3mAoPQrEB4yzPCJwGq3aQPMLwlkVh5Ani1PUyZZtXneh e5hewsvhwsgtDKGh4/DTaHJqp8FxjXCX3oakTKyRIx9joWdfxAJSiXAvbwIDAQAB o4ICiTCCAoUwHQYDVR0OBBYEFJc4am+OJZMptfLLfiiTtIjQgGZUMB8GA1UdIwQY MBaAFKGBZNmWGhbS7/dz9QJ4IenSvTdAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb1lGazJaWWFGdEx2OTNQMUFuZ2g2ZEs5TjBBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9iOGVkMmQtMzU0NS00NTk5LTk3ZTUt MTUyMzgwM2ZhZGFmLzEvbHpocWI0NGxreW0xOHN0LUtKTzBpTkNBWmxRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lYi9iOGVkMmQtMzU0NS00NTk5LTk3ZTUtMTUyMzgwM2ZhZGFm LzEvb1lGazJaWWFGdEx2OTNQMUFuZ2g2ZEs5TjBBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIGeBggrBgEFBQcBBwEB/wSBjjCBizBsBAIAATBmAwQDBS0A AwQEBWSAAwQDJZ0oAwQGLqWAAwQETfRgAwQEUEowAwQFWRVgAwQEbUvQAwQDgABg AwQEg3WQAwQEnEOAAwQGskyAAwQCuQfQAwQCuRKAAwQCuUq0AwQGvNIAAwQF1CtA MBsEAgACMBUDBQAqAQXAAwUAKgJtQAMFACoDSSAwDQYJKoZIhvcNAQELBQADggEB AH9s/SLfo7N5s2Qif3n3Km//aVodPDAO30DJAburX0KVvYIZ5WtjSfim14zWDoCH fPS6QhfUEoxzn8DM9jUNQeUqcPXxQdyUtLA/hs+vARf5D5HmD46po+zL2b9FEgkC GfiQ7RTHsoVmMrwrCgai9Z8Y1L90VszBFQfJ3cJCwaRjkOqQs6wLIEq2db6i3LVL /rg5E2OFWpbUQXNq71Fo7OM2fhQU4Z/JxO6YtIv/63GcKooFM4ZbVJYts7OXn90x FaKP3Yj2AOMU6JG3phkkCM42KenV4ypvjf/9cxgqK9LUzLURR+bS1vJH8CHxEuYs HxKHkzCB13BQ0P3cyxSDEag= -----END CERTIFICATE-----Generated at Mon Feb 9 23:57:09 2026 by rpki-client