This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/lTuwy0CV892PuCB-pFiGJP53Jfc.roa File: lTuwy0CV892PuCB-pFiGJP53Jfc.roa (raw, json) Hash identifier: 18dJLCtPjiOUThLo90h3UI2WpttIaLE5TSwG1m7paLM= Subject key identifier: 95:3B:B0:CB:40:95:F3:DD:8F:B8:20:7E:A4:58:86:24:FE:77:25:F7 Certificate issuer: /CN=6d20ddd398dac8f62cc12526325f1821fb724f75 Certificate serial: 019B08A0BA2C84E8208914843DE913A1E3EB Authority key identifier: 6D:20:DD:D3:98:DA:C8:F6:2C:C1:25:26:32:5F:18:21:FB:72:4F:75 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/lTuwy0CV892PuCB-pFiGJP53Jfc.roa Signing time: Wed 10 Dec 2025 14:18:29 +0000 ROA not before: Wed 10 Dec 2025 14:18:29 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 200019 IP address blocks: 5.181.0.0/23 maxlen: 24 45.150.110.0/24 maxlen: 24 91.199.133.0/24 maxlen: 24 91.229.239.0/24 maxlen: 24 146.19.213.0/24 maxlen: 24 159.253.120.0/24 maxlen: 24 194.110.247.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/bSDd05jayPYswSUmMl8YIftyT3U.crl rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/bSDd05jayPYswSUmMl8YIftyT3U.mft rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 17 Dec 2025 05:00:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:08:a0:ba:2c:84:e8:20:89:14:84:3d:e9:13:a1:e3:eb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6d20ddd398dac8f62cc12526325f1821fb724f75 Validity Not Before: Dec 10 14:18:29 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=953bb0cb4095f3dd8fb8207ea4588624fe7725f7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:59:1c:b4:24:03:ab:a8:99:4e:a2:0a:b2:77: f2:4c:6c:b4:e1:f7:8b:c4:9d:77:54:4b:2e:bc:19: bd:eb:cd:d4:b1:33:ab:f1:2c:36:d3:49:d3:25:21: 41:72:f7:fc:26:da:76:a7:79:2b:77:74:40:b5:1d: 35:d7:4e:ab:3c:c0:4e:72:6f:cd:22:cf:87:8f:9e: 5b:97:b3:65:5e:97:d6:82:5c:a3:69:0d:6b:f3:dd: ae:48:f8:08:b8:e8:ac:ed:30:d8:9f:b8:c7:8e:d4: 69:82:98:be:ea:e6:24:84:9a:f4:b9:73:a5:84:09: 56:cc:8b:67:97:6d:d1:52:bf:fc:5b:e8:2d:47:b5: d3:da:87:2e:ab:a6:7c:74:43:db:b0:d6:76:da:d9: b1:fe:74:40:a1:6e:4f:bf:a0:63:79:12:8b:b1:13: 4a:ec:bd:9c:eb:88:34:84:82:58:ff:82:da:1c:fe: 46:4e:eb:fe:f1:17:19:fa:d8:8a:09:fe:14:b6:9a: 26:1d:f9:13:87:56:9e:b5:f8:2b:5c:b2:6c:28:b9: 5b:c7:1d:a5:3f:47:b5:1d:55:e1:a7:77:6e:cc:d5: 11:03:2e:0a:e6:83:36:4e:94:b7:17:43:50:c4:a1: 8a:28:ff:17:99:6e:45:f2:a1:86:65:7d:1f:37:21: cd:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 95:3B:B0:CB:40:95:F3:DD:8F:B8:20:7E:A4:58:86:24:FE:77:25:F7 X509v3 Authority Key Identifier: keyid:6D:20:DD:D3:98:DA:C8:F6:2C:C1:25:26:32:5F:18:21:FB:72:4F:75 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/lTuwy0CV892PuCB-pFiGJP53Jfc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/bSDd05jayPYswSUmMl8YIftyT3U.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.181.0.0/23 45.150.110.0/24 91.199.133.0/24 91.229.239.0/24 146.19.213.0/24 159.253.120.0/24 194.110.247.0/24 Signature Algorithm: sha256WithRSAEncryption 59:15:2d:f4:f4:8f:6f:6e:3e:b5:cf:92:2e:ed:bc:ff:ac:67: bf:56:0c:4e:06:c6:af:31:96:3d:3f:25:32:e6:c0:56:2c:0d: bc:62:a9:c8:0a:fb:9c:ea:5c:8a:24:e4:9a:45:25:47:99:ec: af:8b:42:5b:17:db:d6:4d:4a:94:60:e3:80:ce:2b:c3:ee:09: 73:52:19:83:7b:0f:f5:56:bf:dc:40:e9:10:52:3b:be:26:67: 95:0d:43:a0:e3:11:f0:0d:95:a8:5a:34:53:ba:42:ec:91:8a: 95:62:be:59:48:56:24:5a:ab:e1:d5:cf:ee:98:bf:6f:6f:79: 1f:de:63:85:a2:70:84:83:2c:0d:a3:11:51:77:43:d5:90:ab: 09:53:eb:93:a4:0a:d2:f5:df:dc:b6:6c:ca:db:bc:46:ee:e4: ae:60:45:3a:ac:ab:63:29:5d:71:49:ca:de:53:18:8f:3c:a1: c1:f9:a5:e9:ef:0a:57:0c:bf:12:25:6a:4f:c0:83:78:ed:49: 88:50:39:b5:31:26:66:ca:e7:b0:a1:23:99:23:06:5c:1b:ca: 6b:a9:e0:2e:e8:04:6d:b1:a0:55:4f:23:88:4e:e4:32:e0:b1: b4:21:df:59:9a:f6:7a:25:60:db:47:2f:3d:55:e5:df:2b:f3: ed:3d:f5:45 -----BEGIN CERTIFICATE----- MIIFITCCBAmgAwIBAgISAZsIoLoshOggiRSEPekToePrMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZkMjBkZGQzOThkYWM4ZjYyY2MxMjUyNjMyNWYxODIxZmI3 MjRmNzUwHhcNMjUxMjEwMTQxODI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5NTNiYjBjYjQwOTVmM2RkOGZiODIwN2VhNDU4ODYyNGZlNzcyNWY3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAplkctCQDq6iZTqIKsnfyTGy04feL xJ13VEsuvBm9683UsTOr8Sw200nTJSFBcvf8Jtp2p3krd3RAtR01106rPMBOcm/N Is+Hj55bl7NlXpfWglyjaQ1r892uSPgIuOis7TDYn7jHjtRpgpi+6uYkhJr0uXOl hAlWzItnl23RUr/8W+gtR7XT2ocuq6Z8dEPbsNZ22tmx/nRAoW5Pv6BjeRKLsRNK 7L2c64g0hIJY/4LaHP5GTuv+8RcZ+tiKCf4UtpomHfkTh1aetfgrXLJsKLlbxx2l P0e1HVXhp3duzNURAy4K5oM2TpS3F0NQxKGKKP8XmW5F8qGGZX0fNyHNrwIDAQAB o4ICLTCCAikwHQYDVR0OBBYEFJU7sMtAlfPdj7ggfqRYhiT+dyX3MB8GA1UdIwQY MBaAFG0g3dOY2sj2LMElJjJfGCH7ck91MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYlNEZDA1amF5UFlzd1NVbU1sOFlJZnR5VDNVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9hMWE4OGYtMWRmZi00ZWZmLTgyNmIt MzZkZTY1NzIzMmJlLzEvbFR1d3kwQ1Y4OTJQdUNCLXBGaUdKUDUzSmZjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMS9hMWE4OGYtMWRmZi00ZWZmLTgyNmItMzZkZTY1NzIzMmJl LzEvYlNEZDA1amF5UFlzd1NVbU1sOFlJZnR5VDNVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBBbUAAwQA LZZuAwQAW8eFAwQAW+XvAwQAkhPVAwQAn/14AwQAwm73MA0GCSqGSIb3DQEBCwUA A4IBAQBZFS309I9vbj61z5Iu7bz/rGe/VgxOBsavMZY9PyUy5sBWLA28YqnICvuc 6lyKJOSaRSVHmeyvi0JbF9vWTUqUYOOAzivD7glzUhmDew/1Vr/cQOkQUju+JmeV DUOg4xHwDZWoWjRTukLskYqVYr5ZSFYkWqvh1c/umL9vb3kf3mOFonCEgywNoxFR d0PVkKsJU+uTpArS9d/ctmzK27xG7uSuYEU6rKtjKV1xScreUxiPPKHB+aXp7wpX DL8SJWpPwIN47UmIUDm1MSZmyuewoSOZIwZcG8prqeAu6ARtsaBVTyOITuQy4LG0 Id9ZmvZ6JWDbRy89VeXfK/PtPfVF -----END CERTIFICATE-----Generated at Tue Dec 16 13:55:41 2025 by rpki-client