This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/f66b6b-cdde-40cb-a182-c5229863aeba/1/kLGeIFwIepUgbnOKoqHRUYefBPQ.roa File: kLGeIFwIepUgbnOKoqHRUYefBPQ.roa (raw, json) Hash identifier: F4tTQgdXduDuBtHDnLeKsOpcxeDgSOzzu6aJ7AclprY= Subject key identifier: 90:B1:9E:20:5C:08:7A:95:20:6E:73:8A:A2:A1:D1:51:87:9F:04:F4 Certificate issuer: /CN=bb2b48f64358011c7842d3cec5cb2d47068b836d Certificate serial: 019B7E37639F29E8340EC506D6971BD4A9D3 Authority key identifier: BB:2B:48:F6:43:58:01:1C:78:42:D3:CE:C5:CB:2D:47:06:8B:83:6D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uytI9kNYARx4QtPOxcstRwaLg20.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/f66b6b-cdde-40cb-a182-c5229863aeba/1/kLGeIFwIepUgbnOKoqHRUYefBPQ.roa Signing time: Fri 02 Jan 2026 10:18:37 +0000 ROA not before: Fri 02 Jan 2026 10:18:37 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 12824 IP address blocks: 46.41.128.0/18 maxlen: 24 46.242.128.0/17 maxlen: 24 62.129.192.0/18 maxlen: 24 79.96.0.0/16 maxlen: 24 89.161.128.0/17 maxlen: 24 188.128.128.0/17 maxlen: 24 212.85.96.0/19 maxlen: 24 2a02:25a8::/29 maxlen: 56 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/eb/f66b6b-cdde-40cb-a182-c5229863aeba/1/uytI9kNYARx4QtPOxcstRwaLg20.crl rsync://rpki.ripe.net/repository/DEFAULT/eb/f66b6b-cdde-40cb-a182-c5229863aeba/1/uytI9kNYARx4QtPOxcstRwaLg20.mft rsync://rpki.ripe.net/repository/DEFAULT/uytI9kNYARx4QtPOxcstRwaLg20.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:37:63:9f:29:e8:34:0e:c5:06:d6:97:1b:d4:a9:d3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=bb2b48f64358011c7842d3cec5cb2d47068b836d Validity Not Before: Jan 2 10:18:37 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=90b19e205c087a95206e738aa2a1d151879f04f4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:dc:bd:4c:46:24:56:fd:0f:22:27:c8:43:97: 06:64:68:c5:50:2c:fd:e6:fe:35:cc:89:20:82:6e: 6e:fa:55:41:ae:24:ed:9a:a9:00:5f:79:d9:f9:ee: 8b:83:18:4f:09:92:06:58:60:e4:85:fc:65:f0:8f: 98:44:b6:65:52:76:0e:8c:e8:70:29:25:c2:f0:b5: f9:36:fb:b1:3d:96:0d:b4:c4:33:32:54:ca:5a:76: c2:54:f6:5e:96:fb:5a:c1:64:ae:42:c5:75:6f:bc: 4b:b5:54:61:ff:65:4e:81:14:1c:a8:ea:58:47:4c: b6:95:f8:59:c0:8f:53:ef:0f:c6:35:e2:d3:f4:d3: 6d:e3:2f:b9:86:c9:c5:e2:3a:88:36:1b:3d:d7:bf: d2:ab:35:a2:10:70:25:da:ac:9a:91:d1:84:27:93: 5a:56:b6:5c:be:39:9e:d4:71:6b:cb:b1:a5:35:40: f5:60:46:1b:7f:54:a7:20:ac:17:6b:81:92:10:3e: 3b:b4:bc:4f:58:8b:56:23:df:63:80:48:9a:04:21: 5f:98:5c:a5:8b:99:cb:77:d0:d1:80:29:cc:f2:eb: 4e:13:c4:0d:0c:cc:61:ca:27:90:cd:10:11:6d:b6: 01:32:bd:8a:1f:8d:b8:75:22:91:32:b6:f6:8f:3d: 52:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:B1:9E:20:5C:08:7A:95:20:6E:73:8A:A2:A1:D1:51:87:9F:04:F4 X509v3 Authority Key Identifier: keyid:BB:2B:48:F6:43:58:01:1C:78:42:D3:CE:C5:CB:2D:47:06:8B:83:6D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uytI9kNYARx4QtPOxcstRwaLg20.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/f66b6b-cdde-40cb-a182-c5229863aeba/1/kLGeIFwIepUgbnOKoqHRUYefBPQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/f66b6b-cdde-40cb-a182-c5229863aeba/1/uytI9kNYARx4QtPOxcstRwaLg20.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 46.41.128.0/18 46.242.128.0/17 62.129.192.0/18 79.96.0.0/16 89.161.128.0/17 188.128.128.0/17 212.85.96.0/19 IPv6: 2a02:25a8::/29 Signature Algorithm: sha256WithRSAEncryption 4a:89:1e:20:c9:eb:1c:5a:22:4c:fb:34:e7:2c:e6:ea:a2:01: 20:05:23:27:64:8c:15:e5:44:a3:42:7c:f5:6a:34:73:1e:28: a0:4f:44:b4:ae:f1:cb:fa:42:17:f2:44:2b:c3:f5:34:12:f6: 1f:a3:89:54:92:ec:34:cc:1f:42:93:f1:b2:e1:04:5a:1c:53: 21:63:ed:ba:49:c6:8a:f9:af:c1:01:2f:e6:84:3d:24:b0:ef: 7f:ea:d5:aa:ea:85:7b:ff:14:a0:bf:71:cc:84:ee:6b:a0:fb: 11:24:41:a8:1d:ac:9b:c4:01:9e:6c:b2:d5:f2:04:31:c0:3b: fb:d8:b5:07:ed:10:a0:be:12:7c:67:b7:20:dc:ba:b9:3f:7b: 69:37:0c:87:26:aa:da:8e:1e:07:bc:05:68:11:f3:a4:1b:37: 7d:b8:15:ee:eb:bf:05:7e:b6:ce:66:fe:d7:64:0a:65:cf:c1: 70:c1:b0:d9:1a:25:44:41:54:7b:14:dc:22:b4:74:92:d6:8a: b1:e7:de:d6:73:2b:30:7b:b1:24:90:9e:d1:9d:d4:68:fa:0e: 74:53:53:1c:68:3c:e4:47:39:4c:7a:00:03:5b:48:da:b2:17: 6a:b0:59:6f:76:72:f2:dd:27:8d:7e:02:bc:65:dc:53:08:d0: a4:ce:b8:c5 -----BEGIN CERTIFICATE----- MIIFLzCCBBegAwIBAgISAZt+N2OfKeg0DsUG1pcb1KnTMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGJiMmI0OGY2NDM1ODAxMWM3ODQyZDNjZWM1Y2IyZDQ3MDY4 YjgzNmQwHhcNMjYwMTAyMTAxODM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5MGIxOWUyMDVjMDg3YTk1MjA2ZTczOGFhMmExZDE1MTg3OWYwNGY0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArty9TEYkVv0PIifIQ5cGZGjFUCz9 5v41zIkggm5u+lVBriTtmqkAX3nZ+e6LgxhPCZIGWGDkhfxl8I+YRLZlUnYOjOhw KSXC8LX5NvuxPZYNtMQzMlTKWnbCVPZelvtawWSuQsV1b7xLtVRh/2VOgRQcqOpY R0y2lfhZwI9T7w/GNeLT9NNt4y+5hsnF4jqINhs917/SqzWiEHAl2qyakdGEJ5Na VrZcvjme1HFry7GlNUD1YEYbf1SnIKwXa4GSED47tLxPWItWI99jgEiaBCFfmFyl i5nLd9DRgCnM8utOE8QNDMxhyieQzRARbbYBMr2KH424dSKRMrb2jz1ShwIDAQAB o4ICOzCCAjcwHQYDVR0OBBYEFJCxniBcCHqVIG5ziqKh0VGHnwT0MB8GA1UdIwQY MBaAFLsrSPZDWAEceELTzsXLLUcGi4NtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdXl0STlrTllBUng0UXRQT3hjc3RSd2FMZzIwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9mNjZiNmItY2RkZS00MGNiLWExODIt YzUyMjk4NjNhZWJhLzEva0xHZUlGd0llcFVnYm5PS29xSFJVWWVmQlBRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lYi9mNjZiNmItY2RkZS00MGNiLWExODItYzUyMjk4NjNhZWJh LzEvdXl0STlrTllBUng0UXRQT3hjc3RSd2FMZzIwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDAvBAIAATApAwQGLimAAwQH LvKAAwQGPoHAAwMAT2ADBAdZoYADBAe8gIADBAXUVWAwDQQCAAIwBwMFAyoCJagw DQYJKoZIhvcNAQELBQADggEBAEqJHiDJ6xxaIkz7NOcs5uqiASAFIydkjBXlRKNC fPVqNHMeKKBPRLSu8cv6QhfyRCvD9TQS9h+jiVSS7DTMH0KT8bLhBFocUyFj7bpJ xor5r8EBL+aEPSSw73/q1arqhXv/FKC/ccyE7mug+xEkQagdrJvEAZ5sstXyBDHA O/vYtQftEKC+EnxntyDcurk/e2k3DIcmqtqOHge8BWgR86QbN324Fe7rvwV+ts5m /tdkCmXPwXDBsNkaJURBVHsU3CK0dJLWirHn3tZzKzB7sSSQntGd1Gj6DnRTUxxo PORHOUx6AANbSNqyF2qwWW92cvLdJ41+Arxl3FMI0KTOuMU= -----END CERTIFICATE-----Generated at Mon Feb 9 20:09:43 2026 by rpki-client