This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/e076dc-10d8-44cc-8aa5-5a94ad133118/1/lHeFeB5XmUgMTZd-xp7pg5O2hRk.roa File: lHeFeB5XmUgMTZd-xp7pg5O2hRk.roa (raw, json) Hash identifier: yDjRb/PwiyZiL5zE1UM9tbqgd31//MiOL1EvDdOA92U= Subject key identifier: 94:77:85:78:1E:57:99:48:0C:4D:97:7E:C6:9E:E9:83:93:B6:85:19 Certificate issuer: /CN=821f6e9ff1fbbf21f6413a137e7367dd8a8c035c Certificate serial: 019B7B36B636065770BAB6E2AF529D76CE48 Authority key identifier: 82:1F:6E:9F:F1:FB:BF:21:F6:41:3A:13:7E:73:67:DD:8A:8C:03:5C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gh9un_H7vyH2QToTfnNn3YqMA1w.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/e076dc-10d8-44cc-8aa5-5a94ad133118/1/lHeFeB5XmUgMTZd-xp7pg5O2hRk.roa Signing time: Thu 01 Jan 2026 20:19:01 +0000 ROA not before: Thu 01 Jan 2026 20:19:01 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 212686 IP address blocks: 185.206.8.0/24 maxlen: 24 185.206.9.0/24 maxlen: 24 185.206.10.0/24 maxlen: 24 185.206.11.0/24 maxlen: 24 2a12:ff80::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f3/e076dc-10d8-44cc-8aa5-5a94ad133118/1/gh9un_H7vyH2QToTfnNn3YqMA1w.crl rsync://rpki.ripe.net/repository/DEFAULT/f3/e076dc-10d8-44cc-8aa5-5a94ad133118/1/gh9un_H7vyH2QToTfnNn3YqMA1w.mft rsync://rpki.ripe.net/repository/DEFAULT/gh9un_H7vyH2QToTfnNn3YqMA1w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:36:b6:36:06:57:70:ba:b6:e2:af:52:9d:76:ce:48 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=821f6e9ff1fbbf21f6413a137e7367dd8a8c035c Validity Not Before: Jan 1 20:19:01 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=947785781e5799480c4d977ec69ee98393b68519 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:f5:4c:cb:14:b2:26:39:4c:4f:70:d0:63:f1: 35:1f:41:f5:7f:64:60:23:fc:6b:fa:91:da:f2:42: f3:cf:31:07:07:23:57:3b:76:73:df:b1:5a:a7:ce: e3:cc:ac:b4:48:ad:f3:e5:40:2d:c1:b1:f5:67:08: 57:95:c5:8b:ba:c4:e6:3d:7f:99:22:0e:da:f9:0b: 24:6d:60:85:8e:ef:89:69:1b:b9:72:b8:e8:2f:29: 23:26:80:e8:cb:ee:67:1c:da:0a:b8:a2:3b:f8:1d: e6:d0:8d:a0:70:af:d0:0b:22:71:c9:1b:56:6a:1d: 38:b4:d2:0a:66:08:61:21:a0:04:84:a7:16:d9:9a: 66:16:0f:9f:e4:e3:89:44:37:f1:a1:f6:6d:df:c6: c2:7e:e5:03:9f:ee:6f:9f:23:a4:2a:34:d3:6c:17: 37:43:e0:3a:75:39:a8:06:96:81:56:34:54:8b:7c: ad:0c:20:bb:f6:29:9e:d7:52:4a:52:7f:cf:09:cb: c8:38:72:62:9a:56:54:af:61:35:29:f8:61:be:9e: 59:27:be:47:93:a4:8f:05:b9:86:92:02:0d:42:7f: 7f:33:c8:de:26:19:c8:57:ba:c6:4e:bc:7e:d7:73: 6f:a6:00:f3:15:15:2a:32:5c:e4:c2:f9:95:9a:db: 21:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 94:77:85:78:1E:57:99:48:0C:4D:97:7E:C6:9E:E9:83:93:B6:85:19 X509v3 Authority Key Identifier: keyid:82:1F:6E:9F:F1:FB:BF:21:F6:41:3A:13:7E:73:67:DD:8A:8C:03:5C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gh9un_H7vyH2QToTfnNn3YqMA1w.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/e076dc-10d8-44cc-8aa5-5a94ad133118/1/lHeFeB5XmUgMTZd-xp7pg5O2hRk.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/e076dc-10d8-44cc-8aa5-5a94ad133118/1/gh9un_H7vyH2QToTfnNn3YqMA1w.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.206.8.0/22 IPv6: 2a12:ff80::/48 Signature Algorithm: sha256WithRSAEncryption 11:7b:73:05:1a:b3:95:23:e7:b5:07:96:ef:86:68:33:14:fa: 96:ae:2d:d0:45:34:4b:95:5a:7e:61:65:9c:df:93:23:82:35: dc:f0:b5:10:40:c9:52:77:91:14:22:c1:0f:e3:25:47:30:d7: 97:f6:32:be:9d:9c:4f:2f:d0:a7:89:5e:9e:57:d4:52:ad:da: 7f:96:03:cd:b2:51:7a:37:ff:bc:67:8a:92:30:95:21:ef:1c: 88:8f:6a:bd:62:5f:4b:6c:cb:1e:62:ce:8e:ac:3b:42:54:d3: 6b:68:78:2d:ce:62:48:c0:78:9f:0a:25:80:f4:fe:e4:7e:f4: 36:1d:25:8e:29:30:69:20:7e:15:af:0d:b0:e8:90:a6:fb:6a: be:c2:2a:bd:33:05:e6:e7:e6:46:8d:ae:27:9b:13:6c:11:6e: 5e:08:84:9e:66:06:63:bd:d2:ca:92:b2:45:3b:90:ac:d8:42: 89:05:9f:09:b1:33:89:f5:54:57:06:32:5a:ba:d8:ae:ac:43: 6f:f8:eb:db:88:c7:53:f6:6a:56:3d:a6:5e:c7:74:ec:cc:e9: b3:d6:0f:13:41:8f:b2:5e:57:ab:02:a6:2e:e7:b8:34:7c:d3: 9d:34:54:5e:53:d0:c7:aa:e4:f9:39:40:82:f6:6f:96:f2:1b: 7d:9c:a9:26 -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgISAZt7NrY2Bldwurbir1Kdds5IMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDgyMWY2ZTlmZjFmYmJmMjFmNjQxM2ExMzdlNzM2N2RkOGE4 YzAzNWMwHhcNMjYwMTAxMjAxOTAxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5NDc3ODU3ODFlNTc5OTQ4MGM0ZDk3N2VjNjllZTk4MzkzYjY4NTE5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsPVMyxSyJjlMT3DQY/E1H0H1f2Rg I/xr+pHa8kLzzzEHByNXO3Zz37Fap87jzKy0SK3z5UAtwbH1ZwhXlcWLusTmPX+Z Ig7a+QskbWCFju+JaRu5crjoLykjJoDoy+5nHNoKuKI7+B3m0I2gcK/QCyJxyRtW ah04tNIKZghhIaAEhKcW2ZpmFg+f5OOJRDfxofZt38bCfuUDn+5vnyOkKjTTbBc3 Q+A6dTmoBpaBVjRUi3ytDCC79ime11JKUn/PCcvIOHJimlZUr2E1Kfhhvp5ZJ75H k6SPBbmGkgINQn9/M8jeJhnIV7rGTrx+13NvpgDzFRUqMlzkwvmVmtshVwIDAQAB o4ICGjCCAhYwHQYDVR0OBBYEFJR3hXgeV5lIDE2Xfsae6YOTtoUZMB8GA1UdIwQY MBaAFIIfbp/x+78h9kE6E35zZ92KjANcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZ2g5dW5fSDd2eUgyUVRvVGZuTm4zWXFNQTF3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy9lMDc2ZGMtMTBkOC00NGNjLThhYTUt NWE5NGFkMTMzMTE4LzEvbEhlRmVCNVhtVWdNVFpkLXhwN3BnNU8yaFJrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mMy9lMDc2ZGMtMTBkOC00NGNjLThhYTUtNWE5NGFkMTMzMTE4 LzEvZ2g5dW5fSDd2eUgyUVRvVGZuTm4zWXFNQTF3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCuc4IMA8E AgACMAkDBwAqEv+AAAAwDQYJKoZIhvcNAQELBQADggEBABF7cwUas5Uj57UHlu+G aDMU+pauLdBFNEuVWn5hZZzfkyOCNdzwtRBAyVJ3kRQiwQ/jJUcw15f2Mr6dnE8v 0KeJXp5X1FKt2n+WA82yUXo3/7xnipIwlSHvHIiPar1iX0tsyx5izo6sO0JU02to eC3OYkjAeJ8KJYD0/uR+9DYdJY4pMGkgfhWvDbDokKb7ar7CKr0zBebn5kaNrieb E2wRbl4IhJ5mBmO90sqSskU7kKzYQokFnwmxM4n1VFcGMlq62K6sQ2/469uIx1P2 alY9pl7HdOzM6bPWDxNBj7JeV6sCpi7nuDR80500VF5T0Meq5Pk5QIL2b5byG32c qSY= -----END CERTIFICATE-----Generated at Mon Feb 9 22:15:54 2026 by rpki-client