This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/974749-4d7e-4450-9793-df854f47baf4/1/LefKdaCkJCuLWYomPbn7aYaCwt8.roa File: LefKdaCkJCuLWYomPbn7aYaCwt8.roa (raw, json) Hash identifier: dTxOv7XhsigiPPaBEnDTEGV1JBMdxI+S2HXrs+TPL+s= Subject key identifier: 2D:E7:CA:75:A0:A4:24:2B:8B:59:8A:26:3D:B9:FB:69:86:82:C2:DF Certificate issuer: /CN=b0fa0c7abc10796915e335ba19780e473e027969 Certificate serial: 019B791049CC065AD4BE944B354549ACDB13 Authority key identifier: B0:FA:0C:7A:BC:10:79:69:15:E3:35:BA:19:78:0E:47:3E:02:79:69 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sPoMerwQeWkV4zW6GXgORz4CeWk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/974749-4d7e-4450-9793-df854f47baf4/1/LefKdaCkJCuLWYomPbn7aYaCwt8.roa Signing time: Thu 01 Jan 2026 10:17:49 +0000 ROA not before: Thu 01 Jan 2026 10:17:49 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 9211 IP address blocks: 194.49.7.0/24 maxlen: 24 212.12.32.0/20 maxlen: 20 212.12.56.0/21 maxlen: 21 213.238.32.0/20 maxlen: 20 213.238.35.0/24 maxlen: 24 213.238.50.0/23 maxlen: 23 213.238.52.0/22 maxlen: 22 2a00:ea8::/32 maxlen: 32 2a00:eab::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/974749-4d7e-4450-9793-df854f47baf4/1/sPoMerwQeWkV4zW6GXgORz4CeWk.crl rsync://rpki.ripe.net/repository/DEFAULT/f0/974749-4d7e-4450-9793-df854f47baf4/1/sPoMerwQeWkV4zW6GXgORz4CeWk.mft rsync://rpki.ripe.net/repository/DEFAULT/sPoMerwQeWkV4zW6GXgORz4CeWk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 13:00:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:10:49:cc:06:5a:d4:be:94:4b:35:45:49:ac:db:13 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b0fa0c7abc10796915e335ba19780e473e027969 Validity Not Before: Jan 1 10:17:49 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=2de7ca75a0a4242b8b598a263db9fb698682c2df Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:6e:f6:e0:e5:43:6b:ca:c4:47:0e:07:17:03: bf:d2:93:ec:d4:03:ea:18:0d:9b:21:19:81:5c:86: a5:c0:74:75:c4:80:32:32:92:cf:da:1e:d9:bf:33: d4:b0:f3:0b:83:bc:2f:d0:04:15:db:dd:b0:a9:e7: d3:e7:91:56:24:98:b4:59:aa:92:a7:06:ea:b7:e1: 27:c2:f8:cf:44:df:c2:af:12:03:dc:9f:3d:7e:fe: 58:d7:8c:e9:d1:ed:8a:8c:f4:58:b2:25:14:40:eb: f6:88:a5:0b:2c:ca:6a:f2:18:af:a3:bf:33:6d:be: 27:60:1b:dd:d5:b4:a3:1b:13:fb:48:b9:d9:b1:3c: 1d:f2:d8:a9:22:03:20:fd:76:75:26:07:37:05:6f: 57:45:fb:79:03:88:18:49:a1:0d:35:65:3e:7f:28: d6:87:55:a3:dc:15:bb:37:05:01:84:cd:75:1f:90: 16:ca:b3:4b:3c:10:5d:4d:0b:bc:43:a0:cb:2e:7e: 58:f0:87:e4:9d:26:01:72:ec:43:3a:f3:eb:0a:5d: 48:76:02:b3:33:8a:30:95:d0:dd:61:2c:f6:a5:13: 34:45:b2:3a:e0:fb:91:08:43:a3:da:3d:bb:e6:17: d3:e2:b1:eb:ae:da:4f:b1:53:a9:9a:7f:d2:10:ad: 0a:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2D:E7:CA:75:A0:A4:24:2B:8B:59:8A:26:3D:B9:FB:69:86:82:C2:DF X509v3 Authority Key Identifier: keyid:B0:FA:0C:7A:BC:10:79:69:15:E3:35:BA:19:78:0E:47:3E:02:79:69 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sPoMerwQeWkV4zW6GXgORz4CeWk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/974749-4d7e-4450-9793-df854f47baf4/1/LefKdaCkJCuLWYomPbn7aYaCwt8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/974749-4d7e-4450-9793-df854f47baf4/1/sPoMerwQeWkV4zW6GXgORz4CeWk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 194.49.7.0/24 212.12.32.0/20 212.12.56.0/21 213.238.32.0/20 213.238.50.0-213.238.55.255 IPv6: 2a00:ea8::/32 2a00:eab::/32 Signature Algorithm: sha256WithRSAEncryption 7f:82:0b:7d:da:af:0f:ef:83:7c:b1:83:4d:42:02:40:2b:6d: 76:e0:31:a4:d8:e4:a6:eb:e3:99:49:81:c9:d5:1a:28:86:6e: 41:96:7a:43:25:97:8b:82:56:72:59:69:c3:3e:b2:8a:04:60: a7:b7:25:5e:13:21:4d:7f:69:6d:02:af:43:f5:af:d4:32:d4: 16:ae:27:ab:fc:70:90:85:4c:c2:45:d5:cb:2e:09:ee:96:8e: b8:c1:3d:83:fd:26:8e:f3:6d:a2:33:03:2f:4c:04:1e:da:2b: 17:0c:f4:24:14:08:9f:e6:b7:05:b6:e7:4d:b2:7f:d5:b2:aa: 49:97:90:cd:7a:26:15:40:3b:ce:0b:fb:d7:ef:5c:76:be:28: 4d:9d:ab:ab:50:68:f2:3d:c8:9c:ae:42:8c:f9:24:94:f4:c9: 7e:d3:39:fe:cc:78:5b:07:55:0f:7d:05:9f:3e:29:dc:e2:05: d4:eb:ee:bf:43:c6:ef:69:34:63:e5:80:5f:a3:83:71:e8:f9: 2f:54:e3:a3:20:47:af:ba:73:97:20:c1:40:95:7b:51:6f:38: 7a:51:10:12:6d:60:00:5d:fe:d7:11:0d:ab:fe:cd:54:fc:c8: 19:ce:e1:e5:d9:99:14:0f:71:48:cd:f4:4d:9c:c4:ad:ae:b4: b5:c4:8d:c9 -----BEGIN CERTIFICATE----- MIIFMzCCBBugAwIBAgISAZt5EEnMBlrUvpRLNUVJrNsTMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIwZmEwYzdhYmMxMDc5NjkxNWUzMzViYTE5NzgwZTQ3M2Uw Mjc5NjkwHhcNMjYwMTAxMTAxNzQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyZGU3Y2E3NWEwYTQyNDJiOGI1OThhMjYzZGI5ZmI2OTg2ODJjMmRmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzm724OVDa8rERw4HFwO/0pPs1APq GA2bIRmBXIalwHR1xIAyMpLP2h7ZvzPUsPMLg7wv0AQV292wqefT55FWJJi0WaqS pwbqt+EnwvjPRN/CrxID3J89fv5Y14zp0e2KjPRYsiUUQOv2iKULLMpq8hivo78z bb4nYBvd1bSjGxP7SLnZsTwd8tipIgMg/XZ1Jgc3BW9XRft5A4gYSaENNWU+fyjW h1Wj3BW7NwUBhM11H5AWyrNLPBBdTQu8Q6DLLn5Y8IfknSYBcuxDOvPrCl1IdgKz M4owldDdYSz2pRM0RbI64PuRCEOj2j275hfT4rHrrtpPsVOpmn/SEK0KUwIDAQAB o4ICPzCCAjswHQYDVR0OBBYEFC3nynWgpCQri1mKJj25+2mGgsLfMB8GA1UdIwQY MBaAFLD6DHq8EHlpFeM1uhl4Dkc+AnlpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvc1BvTWVyd1FlV2tWNHpXNkdYZ09SejRDZVdrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC85NzQ3NDktNGQ3ZS00NDUwLTk3OTMt ZGY4NTRmNDdiYWY0LzEvTGVmS2RhQ2tKQ3VMV1lvbVBibjdhWWFDd3Q4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mMC85NzQ3NDktNGQ3ZS00NDUwLTk3OTMtZGY4NTRmNDdiYWY0 LzEvc1BvTWVyd1FlV2tWNHpXNkdYZ09SejRDZVdrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDAsBAIAATAmAwQAwjEHAwQE 1AwgAwQD1Aw4AwQE1e4gMAwDBAHV7jIDBAPV7jAwFAQCAAIwDgMFACoADqgDBQAq AA6rMA0GCSqGSIb3DQEBCwUAA4IBAQB/ggt92q8P74N8sYNNQgJAK2124DGk2OSm 6+OZSYHJ1Roohm5BlnpDJZeLglZyWWnDPrKKBGCntyVeEyFNf2ltAq9D9a/UMtQW rier/HCQhUzCRdXLLgnulo64wT2D/SaO822iMwMvTAQe2isXDPQkFAif5rcFtudN sn/VsqpJl5DNeiYVQDvOC/vX71x2vihNnaurUGjyPcicrkKM+SSU9Ml+0zn+zHhb B1UPfQWfPinc4gXU6+6/Q8bvaTRj5YBfo4Nx6PkvVOOjIEevunOXIMFAlXtRbzh6 URASbWAAXf7XEQ2r/s1U/MgZzuHl2ZkUD3FIzfRNnMStrrS1xI3J -----END CERTIFICATE-----Generated at Mon Jan 26 22:31:58 2026 by rpki-client