This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/lGkHGhpYOdTznT_yaE3ovjGf5mQ.roa File: lGkHGhpYOdTznT_yaE3ovjGf5mQ.roa (raw, json) Hash identifier: 4SHYfC7Bcu60W7bkjANyd/nQPdjStJcUQUz5MyP0/xM= Subject key identifier: 94:69:07:1A:1A:58:39:D4:F3:9D:3F:F2:68:4D:E8:BE:31:9F:E6:64 Certificate issuer: /CN=1a7f036e2592391fb45a3dd33caf0b07956973cf Certificate serial: 019B7EA709214162E249330EE4B749A6EBAC Authority key identifier: 1A:7F:03:6E:25:92:39:1F:B4:5A:3D:D3:3C:AF:0B:07:95:69:73:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/lGkHGhpYOdTznT_yaE3ovjGf5mQ.roa Signing time: Fri 02 Jan 2026 12:20:34 +0000 ROA not before: Fri 02 Jan 2026 12:20:34 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 209043 IP address blocks: 45.156.145.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.crl rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.mft rsync://rpki.ripe.net/repository/DEFAULT/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 05 Jan 2026 23:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a7:09:21:41:62:e2:49:33:0e:e4:b7:49:a6:eb:ac Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1a7f036e2592391fb45a3dd33caf0b07956973cf Validity Not Before: Jan 2 12:20:34 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=9469071a1a5839d4f39d3ff2684de8be319fe664 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8d:60:d9:3c:cb:72:aa:9b:66:3a:9d:d6:e0:ed: c1:ca:93:5a:5d:37:f3:4e:c8:f6:4c:c4:a5:ff:a1: ff:6b:29:64:98:32:f4:7d:60:db:5f:87:cd:02:2a: cc:fc:40:14:3e:49:06:46:67:ce:77:a8:ba:ed:0d: 8d:bb:7b:11:21:cd:95:86:c5:39:bd:58:30:c2:98: f0:c5:85:e2:b1:4d:f3:53:f9:2b:43:8d:f7:9d:fb: c5:69:e6:12:03:1a:52:8c:dc:04:05:ce:cb:e0:4e: a2:48:c9:38:82:6b:90:a6:11:7a:85:46:94:43:3b: 2d:00:4a:dd:ee:f8:ea:9d:6c:70:5a:5b:0a:95:8d: 73:cf:0f:41:5b:00:d1:89:6c:dc:b7:48:40:2f:fd: 02:5a:87:2a:02:b1:5b:9a:1a:21:41:73:f7:59:93: 3a:91:9c:00:5d:7a:43:13:b9:41:1a:a5:67:af:c9: 8d:57:b6:a5:49:89:50:c5:e4:22:2d:11:03:5b:82: 9c:77:7d:8d:9b:2a:3b:c9:db:6d:b2:28:f0:1a:6e: 36:7f:70:ae:67:77:be:97:fb:10:75:d2:6c:6d:59: f4:94:83:29:02:20:49:83:f4:88:5a:f6:a9:01:fe: 38:c7:b1:69:75:6d:ce:57:45:d5:bc:3d:46:b6:09: 85:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 94:69:07:1A:1A:58:39:D4:F3:9D:3F:F2:68:4D:E8:BE:31:9F:E6:64 X509v3 Authority Key Identifier: keyid:1A:7F:03:6E:25:92:39:1F:B4:5A:3D:D3:3C:AF:0B:07:95:69:73:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/lGkHGhpYOdTznT_yaE3ovjGf5mQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.156.145.0/24 Signature Algorithm: sha256WithRSAEncryption 2c:18:62:76:27:ff:1a:39:17:15:f4:8b:aa:39:1c:e8:af:5b: a1:c3:80:c9:6a:56:81:63:47:8e:b2:4d:cf:fd:93:90:b5:55: ba:2f:75:06:37:ee:48:1b:d5:4f:ee:a7:ba:75:86:3a:16:f8: 3b:3a:e3:eb:c0:82:67:3f:32:da:9f:74:bb:b3:eb:f7:4e:c4: 00:24:dd:72:e2:5e:f8:bf:ed:db:7c:e1:b2:44:0b:4b:05:6f: fc:91:ad:c2:fb:b0:68:27:5f:24:e2:80:06:47:17:76:51:1c: 44:1f:05:e1:a3:fa:32:99:30:a6:09:8f:e2:d6:0f:85:e1:4e: 42:a5:4a:b6:7c:fd:02:dd:84:4f:a1:b4:48:c3:bb:34:fc:de: e0:c9:33:ee:c9:13:fa:91:6c:06:c4:23:a9:4a:b2:9f:f5:10: dc:19:56:fe:23:1e:68:d2:75:ad:34:de:f0:f6:6d:02:48:d2: bc:b7:2a:8e:59:d1:8a:d7:39:ac:60:c8:a9:a9:28:31:a4:a1: e6:c5:21:62:d9:e6:c6:2d:a1:65:51:6b:fc:64:c6:5a:53:16: 7a:45:99:6d:ca:89:57:5f:af:6f:4e:53:9a:81:46:68:85:0f: 6e:1b:e5:13:87:94:c3:3e:ca:ae:2b:f2:6a:d2:50:5c:9c:87: 2a:f9:4b:dd -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt+pwkhQWLiSTMO5LdJpuusMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFhN2YwMzZlMjU5MjM5MWZiNDVhM2RkMzNjYWYwYjA3OTU2 OTczY2YwHhcNMjYwMTAyMTIyMDM0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5NDY5MDcxYTFhNTgzOWQ0ZjM5ZDNmZjI2ODRkZThiZTMxOWZlNjY0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjWDZPMtyqptmOp3W4O3BypNaXTfz Tsj2TMSl/6H/aylkmDL0fWDbX4fNAirM/EAUPkkGRmfOd6i67Q2Nu3sRIc2VhsU5 vVgwwpjwxYXisU3zU/krQ433nfvFaeYSAxpSjNwEBc7L4E6iSMk4gmuQphF6hUaU QzstAErd7vjqnWxwWlsKlY1zzw9BWwDRiWzct0hAL/0CWocqArFbmhohQXP3WZM6 kZwAXXpDE7lBGqVnr8mNV7alSYlQxeQiLREDW4Kcd32Nmyo7ydttsijwGm42f3Cu Z3e+l/sQddJsbVn0lIMpAiBJg/SIWvapAf44x7FpdW3OV0XVvD1GtgmFrwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFJRpBxoaWDnU850/8mhN6L4xn+ZkMB8GA1UdIwQY MBaAFBp/A24lkjkftFo90zyvCweVaXPPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvR244RGJpV1NPUi0wV2ozVFBLOExCNVZwYzg4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC8yNGJlMWEtMTZkYS00ODFjLThiY2It MzQwZDYyNWM2ZGJhLzEvbEdrSEdocFlPZFR6blRfeWFFM292akdmNW1RLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lZC8yNGJlMWEtMTZkYS00ODFjLThiY2ItMzQwZDYyNWM2ZGJh LzEvR244RGJpV1NPUi0wV2ozVFBLOExCNVZwYzg4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZyRMA0G CSqGSIb3DQEBCwUAA4IBAQAsGGJ2J/8aORcV9IuqORzor1uhw4DJalaBY0eOsk3P /ZOQtVW6L3UGN+5IG9VP7qe6dYY6Fvg7OuPrwIJnPzLan3S7s+v3TsQAJN1y4l74 v+3bfOGyRAtLBW/8ka3C+7BoJ18k4oAGRxd2URxEHwXho/oymTCmCY/i1g+F4U5C pUq2fP0C3YRPobRIw7s0/N7gyTPuyRP6kWwGxCOpSrKf9RDcGVb+Ix5o0nWtNN7w 9m0CSNK8tyqOWdGK1zmsYMipqSgxpKHmxSFi2ebGLaFlUWv8ZMZaUxZ6RZltyolX X69vTlOagUZohQ9uG+UTh5TDPsquK/Jq0lBcnIcq+Uvd -----END CERTIFICATE-----Generated at Mon Jan 5 05:01:06 2026 by rpki-client