This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/74fa13-2cb3-427a-a45a-8f3470d82057/1/LdBK7JFsDJkTaZFCYYK8jiQeAeg.roa File: LdBK7JFsDJkTaZFCYYK8jiQeAeg.roa (raw, json) Hash identifier: AjeOBi4MLP9t2d0vy8s/YJen3RbpqNTE+imr7FXwBNY= Subject key identifier: 2D:D0:4A:EC:91:6C:0C:99:13:69:91:42:61:82:BC:8E:24:1E:01:E8 Certificate issuer: /CN=30714e8119b3134dcc060fe5900a7cd868fc5973 Certificate serial: 019B7E38AB5CA4154DE24235954B4BD078AC Authority key identifier: 30:71:4E:81:19:B3:13:4D:CC:06:0F:E5:90:0A:7C:D8:68:FC:59:73 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MHFOgRmzE03MBg_lkAp82Gj8WXM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/74fa13-2cb3-427a-a45a-8f3470d82057/1/LdBK7JFsDJkTaZFCYYK8jiQeAeg.roa Signing time: Fri 02 Jan 2026 10:20:01 +0000 ROA not before: Fri 02 Jan 2026 10:20:01 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 214588 IP address blocks: 194.99.72.0/24 maxlen: 24 2a14:7340::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ff/74fa13-2cb3-427a-a45a-8f3470d82057/1/MHFOgRmzE03MBg_lkAp82Gj8WXM.crl rsync://rpki.ripe.net/repository/DEFAULT/ff/74fa13-2cb3-427a-a45a-8f3470d82057/1/MHFOgRmzE03MBg_lkAp82Gj8WXM.mft rsync://rpki.ripe.net/repository/DEFAULT/MHFOgRmzE03MBg_lkAp82Gj8WXM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 09:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:38:ab:5c:a4:15:4d:e2:42:35:95:4b:4b:d0:78:ac Signature Algorithm: sha256WithRSAEncryption Issuer: CN=30714e8119b3134dcc060fe5900a7cd868fc5973 Validity Not Before: Jan 2 10:20:01 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=2dd04aec916c0c99136991426182bc8e241e01e8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:20:f5:9c:37:57:ec:12:4d:41:02:a9:33:bb: 7b:c1:69:c9:c9:69:e6:d4:b1:7e:79:98:3b:6d:ae: de:0c:b3:64:bf:28:78:c7:8f:f8:97:42:9c:75:6b: 03:ca:af:2a:08:3d:69:e2:82:cc:32:f7:11:39:12: bc:46:32:de:fd:87:6b:30:92:d2:3d:57:36:0f:30: 0a:a3:50:18:e6:b0:7b:e1:94:e5:f7:a1:c5:9c:b2: 89:24:d2:e8:1c:bd:82:f4:a4:43:4f:64:5d:83:a4: 22:d6:2d:97:42:8f:97:91:42:98:3e:29:fb:37:0e: 73:d8:a0:4f:98:54:53:74:50:f1:b6:6b:cb:79:f1: 9c:55:a4:b4:ea:44:fd:23:7c:69:dd:99:96:23:e2: dd:16:16:60:7e:70:b9:b4:c1:9a:d8:d1:ec:7d:d9: b5:43:bc:65:bd:10:d6:70:f0:8e:41:6c:43:75:9a: 6b:10:85:bd:d9:9e:ea:47:d8:b6:0b:83:99:5b:88: 7a:c8:04:95:c2:76:e1:66:2c:8e:7e:1c:51:ff:97: f9:2a:0e:5d:2e:d2:01:21:59:22:db:6c:f5:5b:76: db:67:5c:2e:6a:a9:62:97:13:58:0f:da:49:f7:fb: bd:6e:f2:fd:d9:8a:e2:56:4e:b8:fd:06:6e:0f:2b: c2:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2D:D0:4A:EC:91:6C:0C:99:13:69:91:42:61:82:BC:8E:24:1E:01:E8 X509v3 Authority Key Identifier: keyid:30:71:4E:81:19:B3:13:4D:CC:06:0F:E5:90:0A:7C:D8:68:FC:59:73 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MHFOgRmzE03MBg_lkAp82Gj8WXM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/74fa13-2cb3-427a-a45a-8f3470d82057/1/LdBK7JFsDJkTaZFCYYK8jiQeAeg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/74fa13-2cb3-427a-a45a-8f3470d82057/1/MHFOgRmzE03MBg_lkAp82Gj8WXM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 194.99.72.0/24 IPv6: 2a14:7340::/29 Signature Algorithm: sha256WithRSAEncryption 4f:0f:37:8a:39:84:e4:6e:69:a8:a3:84:66:1a:2f:0f:92:40: 75:c9:91:bb:3f:f4:1d:ca:6c:0b:1b:65:17:e8:fc:41:c0:c0: 14:c8:51:48:28:15:0b:7d:18:78:f3:cf:e7:02:d7:b9:df:85: 6b:2f:84:6f:fa:20:cf:82:81:34:ef:09:c0:f5:cb:4a:a9:e3: 2c:a9:e3:ab:e9:43:90:26:e9:5d:fb:30:d3:e9:b1:22:f8:a0: ef:49:36:49:eb:62:5e:a4:b1:90:ba:bf:4f:b6:3f:ec:74:87: 7e:ae:b0:cf:c7:fa:3c:67:c4:96:b5:8c:58:30:97:58:d4:c4: 2d:bb:30:6c:69:5a:80:75:a6:67:5a:92:f6:48:f6:d1:a2:5e: 8d:86:6a:cb:5f:bd:3a:22:30:89:4d:fd:b3:cf:7b:d9:4c:ea: e2:32:8c:7e:c0:d4:3b:7d:30:03:93:1d:14:c3:57:30:d2:87: 06:cb:55:91:5d:9f:a2:c6:ae:36:85:fb:fc:f1:de:99:eb:2a: f1:df:81:e3:9c:94:2f:74:a6:94:95:fb:22:0d:94:a2:d1:90: d9:d1:58:a5:4c:ce:16:e3:cd:8c:29:1d:da:9a:d6:61:db:9a: 11:14:c5:53:22:e2:92:1b:70:c0:f2:1a:b4:4d:fc:a8:09:66: 8f:60:82:b8 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt+OKtcpBVN4kI1lUtL0HisMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDMwNzE0ZTgxMTliMzEzNGRjYzA2MGZlNTkwMGE3Y2Q4Njhm YzU5NzMwHhcNMjYwMTAyMTAyMDAxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyZGQwNGFlYzkxNmMwYzk5MTM2OTkxNDI2MTgyYmM4ZTI0MWUwMWU4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAniD1nDdX7BJNQQKpM7t7wWnJyWnm 1LF+eZg7ba7eDLNkvyh4x4/4l0KcdWsDyq8qCD1p4oLMMvcRORK8RjLe/YdrMJLS PVc2DzAKo1AY5rB74ZTl96HFnLKJJNLoHL2C9KRDT2Rdg6Qi1i2XQo+XkUKYPin7 Nw5z2KBPmFRTdFDxtmvLefGcVaS06kT9I3xp3ZmWI+LdFhZgfnC5tMGa2NHsfdm1 Q7xlvRDWcPCOQWxDdZprEIW92Z7qR9i2C4OZW4h6yASVwnbhZiyOfhxR/5f5Kg5d LtIBIVki22z1W3bbZ1wuaqlilxNYD9pJ9/u9bvL92YriVk64/QZuDyvCWQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFC3QSuyRbAyZE2mRQmGCvI4kHgHoMB8GA1UdIwQY MBaAFDBxToEZsxNNzAYP5ZAKfNho/FlzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTUhGT2dSbXpFMDNNQmdfbGtBcDgyR2o4V1hNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi83NGZhMTMtMmNiMy00MjdhLWE0NWEt OGYzNDcwZDgyMDU3LzEvTGRCSzdKRnNESmtUYVpGQ1lZSzhqaVFlQWVnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mZi83NGZhMTMtMmNiMy00MjdhLWE0NWEtOGYzNDcwZDgyMDU3 LzEvTUhGT2dSbXpFMDNNQmdfbGtBcDgyR2o4V1hNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwmNIMA0E AgACMAcDBQMqFHNAMA0GCSqGSIb3DQEBCwUAA4IBAQBPDzeKOYTkbmmoo4RmGi8P kkB1yZG7P/QdymwLG2UX6PxBwMAUyFFIKBULfRh488/nAte534VrL4Rv+iDPgoE0 7wnA9ctKqeMsqeOr6UOQJuld+zDT6bEi+KDvSTZJ62JepLGQur9Ptj/sdId+rrDP x/o8Z8SWtYxYMJdY1MQtuzBsaVqAdaZnWpL2SPbRol6NhmrLX706IjCJTf2zz3vZ TOriMox+wNQ7fTADkx0Uw1cw0ocGy1WRXZ+ixq42hfv88d6Z6yrx34HjnJQvdKaU lfsiDZSi0ZDZ0VilTM4W482MKR3amtZh25oRFMVTIuKSG3DA8hq0TfyoCWaPYIK4 -----END CERTIFICATE-----Generated at Wed Jan 21 16:14:48 2026 by rpki-client