This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/ab83dc-c0e7-4ec3-af72-81917dffdcd7/1/lJxYVzr-KS-fYsC57OKvflP8A4c.roa File: lJxYVzr-KS-fYsC57OKvflP8A4c.roa (raw, json) Hash identifier: 4pvbPMsGzdgVlC585Dyoz1kyokZkz2DdP27jl7Yydb4= Subject key identifier: 94:9C:58:57:3A:FE:29:2F:9F:62:C0:B9:EC:E2:AF:7E:53:FC:03:87 Certificate issuer: /CN=1c766b058c096753a34ad625d53275cd2dba5b33 Certificate serial: 019B7FF1EACDD709909DC541DBFC00E601EC Authority key identifier: 1C:76:6B:05:8C:09:67:53:A3:4A:D6:25:D5:32:75:CD:2D:BA:5B:33 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HHZrBYwJZ1OjStYl1TJ1zS26WzM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/ab83dc-c0e7-4ec3-af72-81917dffdcd7/1/lJxYVzr-KS-fYsC57OKvflP8A4c.roa Signing time: Fri 02 Jan 2026 18:21:59 +0000 ROA not before: Fri 02 Jan 2026 18:21:59 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 210288 IP address blocks: 185.171.53.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/05/ab83dc-c0e7-4ec3-af72-81917dffdcd7/1/HHZrBYwJZ1OjStYl1TJ1zS26WzM.crl rsync://rpki.ripe.net/repository/DEFAULT/05/ab83dc-c0e7-4ec3-af72-81917dffdcd7/1/HHZrBYwJZ1OjStYl1TJ1zS26WzM.mft rsync://rpki.ripe.net/repository/DEFAULT/HHZrBYwJZ1OjStYl1TJ1zS26WzM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:f1:ea:cd:d7:09:90:9d:c5:41:db:fc:00:e6:01:ec Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1c766b058c096753a34ad625d53275cd2dba5b33 Validity Not Before: Jan 2 18:21:59 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=949c58573afe292f9f62c0b9ece2af7e53fc0387 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:e7:cd:e2:87:63:0e:9a:6e:12:ed:10:2d:ff: 4e:7c:95:24:64:bf:eb:09:8f:4e:7e:9d:09:76:d3: 39:06:64:87:32:94:67:e0:a7:b7:99:0a:99:4a:4d: fd:4e:cb:26:b9:86:37:fa:a4:f2:e4:1a:49:49:93: a9:f1:89:11:1a:5d:31:19:1b:57:09:58:f9:ae:21: ec:a7:c9:d0:fd:d9:7f:ce:8d:4c:7a:a2:bd:3e:2e: 30:c0:45:07:5e:42:04:3f:0b:c2:77:f8:ba:27:f7: 94:89:ff:d6:2d:50:ab:25:49:6f:fb:5c:a1:eb:9d: 49:14:83:a0:96:2e:08:f1:1d:8a:74:ef:16:97:76: f8:78:6a:6d:01:53:a9:f3:71:a3:2a:bf:60:7f:71: 39:fa:83:89:0b:8c:7b:7a:fa:e8:c4:8a:2d:b3:14: c7:3f:01:93:bb:67:5b:57:93:98:d2:19:50:29:ec: bd:b0:b8:04:fc:b3:e5:e1:57:ec:c8:23:ea:9a:4b: a6:0f:fc:3f:3c:81:7c:b7:bb:6b:52:ae:b1:f1:01: 74:30:d7:21:d0:d7:89:38:86:9e:d5:21:3d:30:2b: db:f9:48:58:61:38:3e:eb:b5:f4:dc:0d:84:aa:12: cb:be:94:31:49:cf:7c:72:36:b3:f1:d9:5f:38:10: cd:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 94:9C:58:57:3A:FE:29:2F:9F:62:C0:B9:EC:E2:AF:7E:53:FC:03:87 X509v3 Authority Key Identifier: keyid:1C:76:6B:05:8C:09:67:53:A3:4A:D6:25:D5:32:75:CD:2D:BA:5B:33 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HHZrBYwJZ1OjStYl1TJ1zS26WzM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/ab83dc-c0e7-4ec3-af72-81917dffdcd7/1/lJxYVzr-KS-fYsC57OKvflP8A4c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/05/ab83dc-c0e7-4ec3-af72-81917dffdcd7/1/HHZrBYwJZ1OjStYl1TJ1zS26WzM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.171.53.0/24 Signature Algorithm: sha256WithRSAEncryption 81:30:d4:b0:b3:50:6f:f3:09:a3:26:25:b0:78:c6:73:29:b3: ca:fe:f0:87:4a:7e:ea:43:6b:c1:da:bc:a1:0f:ce:87:72:71: ee:fa:85:79:8a:43:03:54:2b:50:e6:3a:09:ef:6b:72:4b:43: eb:4d:a5:66:20:70:d6:8e:3f:de:2b:5a:c2:a0:b6:94:e6:82: 13:f5:7f:4c:7f:64:7e:ea:a0:5a:27:7a:7b:2e:5d:cf:d7:ba: c6:cd:a8:51:64:36:e6:68:1f:b7:f9:8b:08:6d:4b:32:47:14: 47:ef:97:1a:69:29:a7:34:89:80:c2:30:d2:e9:9d:f4:91:9d: f1:33:67:17:62:57:c6:1d:be:32:40:12:15:43:dc:98:35:c6: 09:88:ab:7b:e8:17:8c:11:87:d0:0c:e5:0e:89:51:78:47:b3: 63:fd:0d:5c:cd:fa:c2:6e:36:4c:d4:d4:af:25:6d:1a:0e:2b: 17:bf:43:06:92:d4:9c:a1:32:28:17:c0:01:aa:b3:7f:76:ef: dc:62:59:d8:77:5e:1a:41:57:db:92:d2:35:3a:ce:aa:52:80: 66:c5:6f:0a:60:78:9b:75:17:36:56:68:cc:8f:be:0e:55:2c: a4:85:ef:a0:ea:21:99:bc:ec:59:fd:20:c7:ce:ea:21:f5:f5: 64:7f:6b:29 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt/8erN1wmQncVB2/wA5gHsMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFjNzY2YjA1OGMwOTY3NTNhMzRhZDYyNWQ1MzI3NWNkMmRi YTViMzMwHhcNMjYwMTAyMTgyMTU5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5NDljNTg1NzNhZmUyOTJmOWY2MmMwYjllY2UyYWY3ZTUzZmMwMzg3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxOfN4odjDppuEu0QLf9OfJUkZL/r CY9Ofp0JdtM5BmSHMpRn4Ke3mQqZSk39TssmuYY3+qTy5BpJSZOp8YkRGl0xGRtX CVj5riHsp8nQ/dl/zo1MeqK9Pi4wwEUHXkIEPwvCd/i6J/eUif/WLVCrJUlv+1yh 651JFIOgli4I8R2KdO8Wl3b4eGptAVOp83GjKr9gf3E5+oOJC4x7evroxIotsxTH PwGTu2dbV5OY0hlQKey9sLgE/LPl4VfsyCPqmkumD/w/PIF8t7trUq6x8QF0MNch 0NeJOIae1SE9MCvb+UhYYTg+67X03A2EqhLLvpQxSc98cjaz8dlfOBDNsQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFJScWFc6/ikvn2LAuezir35T/AOHMB8GA1UdIwQY MBaAFBx2awWMCWdTo0rWJdUydc0tulszMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSEhackJZd0paMU9qU3RZbDFUSjF6UzI2V3pNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9hYjgzZGMtYzBlNy00ZWMzLWFmNzIt ODE5MTdkZmZkY2Q3LzEvbEp4WVZ6ci1LUy1mWXNDNTdPS3ZmbFA4QTRjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wNS9hYjgzZGMtYzBlNy00ZWMzLWFmNzItODE5MTdkZmZkY2Q3 LzEvSEhackJZd0paMU9qU3RZbDFUSjF6UzI2V3pNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuas1MA0G CSqGSIb3DQEBCwUAA4IBAQCBMNSws1Bv8wmjJiWweMZzKbPK/vCHSn7qQ2vB2ryh D86HcnHu+oV5ikMDVCtQ5joJ72tyS0PrTaVmIHDWjj/eK1rCoLaU5oIT9X9Mf2R+ 6qBaJ3p7Ll3P17rGzahRZDbmaB+3+YsIbUsyRxRH75caaSmnNImAwjDS6Z30kZ3x M2cXYlfGHb4yQBIVQ9yYNcYJiKt76BeMEYfQDOUOiVF4R7Nj/Q1czfrCbjZM1NSv JW0aDisXv0MGktScoTIoF8ABqrN/du/cYlnYd14aQVfbktI1Os6qUoBmxW8KYHib dRc2VmjMj74OVSykhe+g6iGZvOxZ/SDHzuoh9fVkf2sp -----END CERTIFICATE-----Generated at Mon Jan 26 08:39:54 2026 by rpki-client