This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/3e3548-fdb5-4ded-ba59-091c2d303fe8/1/lhRrxFX2ddbsLjVa14L7LqCeSk0.roa File: lhRrxFX2ddbsLjVa14L7LqCeSk0.roa (raw, json) Hash identifier: VWU2mBVhm/guPrYibtgL6oEOWFxdxHR0S2Eb5+SbI98= Subject key identifier: 96:14:6B:C4:55:F6:75:D6:EC:2E:35:5A:D7:82:FB:2E:A0:9E:4A:4D Certificate issuer: /CN=427ce5719caa681adbd493a8d9a38a675d6bd639 Certificate serial: 019B7C7F14A65DC753EB7FCAF3760C5D2670 Authority key identifier: 42:7C:E5:71:9C:AA:68:1A:DB:D4:93:A8:D9:A3:8A:67:5D:6B:D6:39 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QnzlcZyqaBrb1JOo2aOKZ11r1jk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/3e3548-fdb5-4ded-ba59-091c2d303fe8/1/lhRrxFX2ddbsLjVa14L7LqCeSk0.roa Signing time: Fri 02 Jan 2026 02:17:41 +0000 ROA not before: Fri 02 Jan 2026 02:17:41 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 47420 IP address blocks: 176.52.185.0/24 maxlen: 24 2a02:f181:3000::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ed/3e3548-fdb5-4ded-ba59-091c2d303fe8/1/QnzlcZyqaBrb1JOo2aOKZ11r1jk.crl rsync://rpki.ripe.net/repository/DEFAULT/ed/3e3548-fdb5-4ded-ba59-091c2d303fe8/1/QnzlcZyqaBrb1JOo2aOKZ11r1jk.mft rsync://rpki.ripe.net/repository/DEFAULT/QnzlcZyqaBrb1JOo2aOKZ11r1jk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 20:00:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:7f:14:a6:5d:c7:53:eb:7f:ca:f3:76:0c:5d:26:70 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=427ce5719caa681adbd493a8d9a38a675d6bd639 Validity Not Before: Jan 2 02:17:41 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=96146bc455f675d6ec2e355ad782fb2ea09e4a4d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:55:5e:1c:52:08:ab:77:f1:87:30:25:61:cf: 06:74:75:78:4b:d2:86:92:2c:41:59:ae:68:14:c9: 73:7f:f2:74:89:a7:56:29:ac:45:9a:a8:4f:ba:cf: 7f:36:94:53:35:3e:01:4c:76:05:0a:7b:1f:7c:09: 2d:41:6c:fb:1a:b4:c8:03:b2:14:ac:91:e4:17:12: 2a:35:e0:12:cf:3b:ed:13:d6:c7:c4:64:8a:b1:48: 71:0d:b7:ac:65:98:53:59:11:09:21:e2:42:9b:f3: 7a:32:a3:f2:8b:0e:3e:2d:f4:a8:90:57:e9:74:10: 80:36:95:c0:53:37:cc:2b:86:db:9c:ee:ac:86:25: e1:5d:01:2a:7e:55:f1:a4:0a:d2:a1:36:89:61:40: 28:85:25:32:aa:c7:32:c5:79:87:4a:dd:db:f9:97: 17:f7:cd:ee:70:54:33:31:b5:c1:0b:53:04:e7:84: aa:da:1b:69:61:70:12:4f:38:33:42:4f:19:8d:0d: 8d:53:a9:e3:95:82:45:7a:40:ea:5f:da:3a:9c:e4: 74:22:50:69:e7:4e:1c:8c:30:49:9c:9b:74:f0:d6: 23:7b:c6:a5:08:93:9d:9c:6f:cd:d1:90:64:24:eb: cf:f9:65:93:b2:c8:1b:d4:a6:fc:f0:64:e0:bf:04: 87:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 96:14:6B:C4:55:F6:75:D6:EC:2E:35:5A:D7:82:FB:2E:A0:9E:4A:4D X509v3 Authority Key Identifier: keyid:42:7C:E5:71:9C:AA:68:1A:DB:D4:93:A8:D9:A3:8A:67:5D:6B:D6:39 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QnzlcZyqaBrb1JOo2aOKZ11r1jk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/3e3548-fdb5-4ded-ba59-091c2d303fe8/1/lhRrxFX2ddbsLjVa14L7LqCeSk0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/3e3548-fdb5-4ded-ba59-091c2d303fe8/1/QnzlcZyqaBrb1JOo2aOKZ11r1jk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 176.52.185.0/24 IPv6: 2a02:f181:3000::/48 Signature Algorithm: sha256WithRSAEncryption 58:87:de:59:8d:ee:4a:61:17:9d:9a:e1:8a:5d:f6:d8:1c:e6: 05:7f:b0:3c:20:22:07:df:75:b6:1d:4b:0e:4b:9a:46:50:9d: c2:d3:27:06:90:28:e3:1f:f3:3d:6c:69:13:f3:42:05:e7:a4: 60:66:a3:9c:99:66:02:94:7b:63:8b:e0:02:ca:32:1c:02:be: b9:40:88:d1:cf:c9:bf:d1:6b:ff:98:f9:21:70:50:ad:0a:fa: 7c:48:d5:e8:cb:b0:23:a7:c3:fc:77:5e:a1:d9:70:3f:52:5f: 56:5b:c9:a7:50:b0:72:fb:e9:4b:7f:7f:8a:3b:5e:6c:ee:77: 86:60:d0:21:b6:9c:3c:8a:d6:16:3f:29:0e:b4:50:1d:64:e4: 50:f1:f7:c7:f4:72:e6:c7:8b:1f:b3:56:5e:9f:60:23:62:ff: 6a:9f:72:99:af:37:1d:cb:de:4f:21:8d:b4:7d:50:99:be:3a: 27:99:bb:5c:cc:b3:a3:ae:44:b5:a7:54:eb:d0:f4:14:91:04: e7:69:12:9b:70:12:0e:5d:94:cc:f2:f9:df:c0:aa:40:a5:19: cd:2c:b1:e8:5b:dd:67:08:25:25:40:e8:30:34:89:a0:be:85: d6:82:56:06:ba:ce:a5:c4:36:3d:64:b9:41:8b:e4:ba:eb:46: 1c:e6:99:c0 -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgISAZt8fxSmXcdT63/K83YMXSZwMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQyN2NlNTcxOWNhYTY4MWFkYmQ0OTNhOGQ5YTM4YTY3NWQ2 YmQ2MzkwHhcNMjYwMTAyMDIxNzQxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5NjE0NmJjNDU1ZjY3NWQ2ZWMyZTM1NWFkNzgyZmIyZWEwOWU0YTRkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo1VeHFIIq3fxhzAlYc8GdHV4S9KG kixBWa5oFMlzf/J0iadWKaxFmqhPus9/NpRTNT4BTHYFCnsffAktQWz7GrTIA7IU rJHkFxIqNeASzzvtE9bHxGSKsUhxDbesZZhTWREJIeJCm/N6MqPyiw4+LfSokFfp dBCANpXAUzfMK4bbnO6shiXhXQEqflXxpArSoTaJYUAohSUyqscyxXmHSt3b+ZcX 983ucFQzMbXBC1ME54Sq2htpYXASTzgzQk8ZjQ2NU6njlYJFekDqX9o6nOR0IlBp 504cjDBJnJt08NYje8alCJOdnG/N0ZBkJOvP+WWTssgb1Kb88GTgvwSHcwIDAQAB o4ICGjCCAhYwHQYDVR0OBBYEFJYUa8RV9nXW7C41WteC+y6gnkpNMB8GA1UdIwQY MBaAFEJ85XGcqmga29STqNmjimdda9Y5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUW56bGNaeXFhQnJiMUpPbzJhT0taMTFyMWprLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC8zZTM1NDgtZmRiNS00ZGVkLWJhNTkt MDkxYzJkMzAzZmU4LzEvbGhScnhGWDJkZGJzTGpWYTE0TDdMcUNlU2swLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lZC8zZTM1NDgtZmRiNS00ZGVkLWJhNTktMDkxYzJkMzAzZmU4 LzEvUW56bGNaeXFhQnJiMUpPbzJhT0taMTFyMWprLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAsDS5MA8E AgACMAkDBwAqAvGBMAAwDQYJKoZIhvcNAQELBQADggEBAFiH3lmN7kphF52a4Ypd 9tgc5gV/sDwgIgffdbYdSw5LmkZQncLTJwaQKOMf8z1saRPzQgXnpGBmo5yZZgKU e2OL4ALKMhwCvrlAiNHPyb/Ra/+Y+SFwUK0K+nxI1ejLsCOnw/x3XqHZcD9SX1Zb yadQsHL76Ut/f4o7Xmzud4Zg0CG2nDyK1hY/KQ60UB1k5FDx98f0cubHix+zVl6f YCNi/2qfcpmvNx3L3k8hjbR9UJm+OieZu1zMs6OuRLWnVOvQ9BSRBOdpEptwEg5d lMzy+d/AqkClGc0ssehb3WcIJSVA6DA0iaC+hdaCVga6zqXENj1kuUGL5LrrRhzm mcA= -----END CERTIFICATE-----Generated at Sat Jan 3 01:33:21 2026 by rpki-client