This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/9f5f13-8f97-4210-acae-6ca3e9d3e78d/1/ljWbO3xgpVVnVuPfMgl7G3F39B8.roa File: ljWbO3xgpVVnVuPfMgl7G3F39B8.roa (raw, json) Hash identifier: Bdl5BL0jpRyEhLx4reL1/D3qaLttRyXVouVa2c42GeU= Subject key identifier: 96:35:9B:3B:7C:60:A5:55:67:56:E3:DF:32:09:7B:1B:71:77:F4:1F Certificate issuer: /CN=8c282ff3ec7cb81b78e628a73517648d6229cab7 Certificate serial: 019B7F84FF78E757A866A4E802CC12CBE47D Authority key identifier: 8C:28:2F:F3:EC:7C:B8:1B:78:E6:28:A7:35:17:64:8D:62:29:CA:B7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jCgv8-x8uBt45iinNRdkjWIpyrc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/9f5f13-8f97-4210-acae-6ca3e9d3e78d/1/ljWbO3xgpVVnVuPfMgl7G3F39B8.roa Signing time: Fri 02 Jan 2026 16:23:01 +0000 ROA not before: Fri 02 Jan 2026 16:23:01 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 31477 IP address blocks: 185.180.96.0/22 maxlen: 24 195.137.169.0/24 maxlen: 24 2a0b:6d80::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fb/9f5f13-8f97-4210-acae-6ca3e9d3e78d/1/jCgv8-x8uBt45iinNRdkjWIpyrc.crl rsync://rpki.ripe.net/repository/DEFAULT/fb/9f5f13-8f97-4210-acae-6ca3e9d3e78d/1/jCgv8-x8uBt45iinNRdkjWIpyrc.mft rsync://rpki.ripe.net/repository/DEFAULT/jCgv8-x8uBt45iinNRdkjWIpyrc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 05 Feb 2026 00:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:84:ff:78:e7:57:a8:66:a4:e8:02:cc:12:cb:e4:7d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8c282ff3ec7cb81b78e628a73517648d6229cab7 Validity Not Before: Jan 2 16:23:01 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=96359b3b7c60a5556756e3df32097b1b7177f41f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:2e:cb:32:5a:ae:8a:4a:21:82:49:d5:1b:70: b7:f3:ba:35:01:7b:97:c2:72:f4:18:09:18:8c:b1: a2:74:64:35:a2:84:ca:a3:39:79:95:ad:89:b7:20: a2:24:eb:26:0f:16:aa:2c:55:3f:2e:da:42:83:0a: be:36:13:79:58:25:98:37:74:f8:49:82:fc:13:b0: d2:33:81:6f:8a:03:67:f8:d4:90:d5:09:79:ae:e3: 7c:85:fa:c7:76:68:ae:c3:ee:9e:40:2c:5c:d7:77: 82:15:1d:ec:e6:d8:ac:57:cb:34:74:d6:8f:ed:b3: 8f:7a:87:b7:89:ac:ca:a0:49:cb:92:f5:2a:e4:27: 71:e2:42:d6:eb:d2:ec:b2:e8:91:b0:fe:dc:c3:5d: 16:26:31:a1:55:3d:5e:d7:12:ba:19:7e:1c:db:8c: 92:41:1e:bb:9c:b4:56:23:c3:ea:d8:36:95:b0:7c: b3:03:c7:b5:e9:66:30:96:35:ba:2b:b9:cb:97:97: 92:95:0e:f1:a9:f5:e4:67:e7:6c:18:64:a5:0b:a9: d6:c4:57:7d:0b:27:e5:63:2e:aa:a7:3d:76:f4:ee: 89:9d:df:e7:1b:f6:b0:a7:1e:51:29:85:f4:30:6e: 52:ee:0f:f1:94:c9:41:da:78:ed:7c:37:3d:42:6f: 7f:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 96:35:9B:3B:7C:60:A5:55:67:56:E3:DF:32:09:7B:1B:71:77:F4:1F X509v3 Authority Key Identifier: keyid:8C:28:2F:F3:EC:7C:B8:1B:78:E6:28:A7:35:17:64:8D:62:29:CA:B7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jCgv8-x8uBt45iinNRdkjWIpyrc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/9f5f13-8f97-4210-acae-6ca3e9d3e78d/1/ljWbO3xgpVVnVuPfMgl7G3F39B8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/9f5f13-8f97-4210-acae-6ca3e9d3e78d/1/jCgv8-x8uBt45iinNRdkjWIpyrc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.180.96.0/22 195.137.169.0/24 IPv6: 2a0b:6d80::/29 Signature Algorithm: sha256WithRSAEncryption ca:e0:34:6a:10:ae:94:73:8b:b8:2c:8e:54:36:5b:2d:b1:b3: a5:0f:11:8a:41:f4:3a:ae:1e:ab:b1:ca:65:ba:ce:6d:39:a1: 2b:56:fb:5c:a3:4a:d0:3d:27:65:5e:a9:26:a5:a0:79:48:f6: 40:f0:97:a9:8e:67:80:88:da:bb:28:54:3b:3f:d8:c7:0b:34: 43:e8:eb:ac:ed:81:57:82:ce:ab:57:39:39:6a:cb:4d:5d:64: 60:0f:0a:08:17:02:bc:7a:30:b5:87:fe:28:da:6e:4e:2a:d3: 8c:32:37:b8:79:55:9b:dc:cc:88:5c:f1:7c:c5:e7:6f:57:fb: 44:97:45:51:19:c0:09:9e:81:b7:d4:b7:cf:21:1d:8c:07:f4: 96:c9:44:27:e5:57:6d:03:19:ea:1f:ac:5a:80:71:d4:bc:64: 20:e0:9d:5b:b1:7a:de:fa:1f:b7:98:fd:4f:0e:07:6f:68:c8: 07:43:40:b0:75:78:6a:da:af:83:e3:d6:d1:eb:8e:c2:6f:ab: 61:9c:96:7f:59:e6:27:4d:9a:b2:c7:c6:cb:2a:ca:a1:c2:2b: 89:b9:75:99:06:c3:c4:e7:24:65:0b:15:5d:28:4a:20:ed:0d: 10:7a:c9:bf:7b:9c:a7:31:c6:25:99:a2:0f:aa:07:5c:31:09: 9b:8a:78:25 -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt/hP9451eoZqToAswSy+R9MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDhjMjgyZmYzZWM3Y2I4MWI3OGU2MjhhNzM1MTc2NDhkNjIy OWNhYjcwHhcNMjYwMTAyMTYyMzAxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5NjM1OWIzYjdjNjBhNTU1Njc1NmUzZGYzMjA5N2IxYjcxNzdmNDFmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyC7LMlquikohgknVG3C387o1AXuX wnL0GAkYjLGidGQ1ooTKozl5la2JtyCiJOsmDxaqLFU/LtpCgwq+NhN5WCWYN3T4 SYL8E7DSM4FvigNn+NSQ1Ql5ruN8hfrHdmiuw+6eQCxc13eCFR3s5tisV8s0dNaP 7bOPeoe3iazKoEnLkvUq5Cdx4kLW69LssuiRsP7cw10WJjGhVT1e1xK6GX4c24yS QR67nLRWI8Pq2DaVsHyzA8e16WYwljW6K7nLl5eSlQ7xqfXkZ+dsGGSlC6nWxFd9 CyflYy6qpz129O6Jnd/nG/awpx5RKYX0MG5S7g/xlMlB2njtfDc9Qm9/6wIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFJY1mzt8YKVVZ1bj3zIJextxd/QfMB8GA1UdIwQY MBaAFIwoL/PsfLgbeOYopzUXZI1iKcq3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvakNndjgteDh1QnQ0NWlpbk5SZGtqV0lweXJjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi85ZjVmMTMtOGY5Ny00MjEwLWFjYWUt NmNhM2U5ZDNlNzhkLzEvbGpXYk8zeGdwVlZuVnVQZk1nbDdHM0YzOUI4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mYi85ZjVmMTMtOGY5Ny00MjEwLWFjYWUtNmNhM2U5ZDNlNzhk LzEvakNndjgteDh1QnQ0NWlpbk5SZGtqV0lweXJjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCubRgAwQA w4mpMA0EAgACMAcDBQMqC22AMA0GCSqGSIb3DQEBCwUAA4IBAQDK4DRqEK6Uc4u4 LI5UNlstsbOlDxGKQfQ6rh6rscplus5tOaErVvtco0rQPSdlXqkmpaB5SPZA8Jep jmeAiNq7KFQ7P9jHCzRD6Ous7YFXgs6rVzk5astNXWRgDwoIFwK8ejC1h/4o2m5O KtOMMje4eVWb3MyIXPF8xedvV/tEl0VRGcAJnoG31LfPIR2MB/SWyUQn5VdtAxnq H6xagHHUvGQg4J1bsXre+h+3mP1PDgdvaMgHQ0CwdXhq2q+D49bR647Cb6thnJZ/ WeYnTZqyx8bLKsqhwiuJuXWZBsPE5yRlCxVdKEog7Q0Qesm/e5ynMcYlmaIPqgdc MQmbingl -----END CERTIFICATE-----Generated at Wed Feb 4 09:33:27 2026 by rpki-client