This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/e65ada-4d4a-404d-8700-c2256804e922/1/LDms8nxe60K6COjjp_csNfhmghs.roa File: LDms8nxe60K6COjjp_csNfhmghs.roa (raw, json) Hash identifier: Q5tvWtDVNBkz/BRp4dl8220S6HSORZZf3f/jyOpji8U= Subject key identifier: 2C:39:AC:F2:7C:5E:EB:42:BA:08:E8:E3:A7:F7:2C:35:F8:66:82:1B Certificate issuer: /CN=3ecd53c66424c3f369ca88ee7af76adb25e18451 Certificate serial: 019B7D5C753C3F486591C499907D0C8D0960 Authority key identifier: 3E:CD:53:C6:64:24:C3:F3:69:CA:88:EE:7A:F7:6A:DB:25:E1:84:51 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ps1TxmQkw_Npyojuevdq2yXhhFE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/e65ada-4d4a-404d-8700-c2256804e922/1/LDms8nxe60K6COjjp_csNfhmghs.roa Signing time: Fri 02 Jan 2026 06:19:29 +0000 ROA not before: Fri 02 Jan 2026 06:19:29 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 59437 IP address blocks: 87.120.208.0/21 maxlen: 24 87.121.28.0/22 maxlen: 24 94.156.254.0/23 maxlen: 24 176.56.192.0/19 maxlen: 24 176.56.192.0/21 maxlen: 24 176.56.200.0/21 maxlen: 24 176.56.204.0/23 maxlen: 24 176.56.206.0/23 maxlen: 23 176.56.208.0/23 maxlen: 23 185.159.86.0/24 maxlen: 24 185.251.18.0/24 maxlen: 24 195.211.49.0/24 maxlen: 24 2a0b:d40::/29 maxlen: 40 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/e65ada-4d4a-404d-8700-c2256804e922/1/Ps1TxmQkw_Npyojuevdq2yXhhFE.crl rsync://rpki.ripe.net/repository/DEFAULT/09/e65ada-4d4a-404d-8700-c2256804e922/1/Ps1TxmQkw_Npyojuevdq2yXhhFE.mft rsync://rpki.ripe.net/repository/DEFAULT/Ps1TxmQkw_Npyojuevdq2yXhhFE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5c:75:3c:3f:48:65:91:c4:99:90:7d:0c:8d:09:60 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ecd53c66424c3f369ca88ee7af76adb25e18451 Validity Not Before: Jan 2 06:19:29 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=2c39acf27c5eeb42ba08e8e3a7f72c35f866821b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:eb:a6:07:b4:50:07:43:62:69:0d:08:97:66: ce:a1:b7:1b:e2:14:bd:91:7f:c5:6c:73:bf:34:5d: 07:8b:60:12:fe:3f:24:c9:65:1c:9c:65:32:89:55: c2:ef:f0:8a:c4:71:a1:e5:26:0f:28:55:f1:bb:b0: 1c:f1:71:aa:00:38:da:aa:54:51:6f:82:f8:ea:9a: da:7b:2e:54:71:6f:ac:ac:02:cb:c1:28:eb:2e:c4: 70:b2:05:cf:c3:6f:04:4a:88:a2:e8:30:fc:e5:96: bb:c9:2c:30:a8:8e:93:e4:d0:06:55:8a:67:fd:65: 3f:6f:d4:c3:22:51:9e:4f:93:ec:d6:8a:42:b8:a5: 34:1e:a9:5a:82:22:98:fa:2d:de:3d:01:1c:a3:62: 38:e2:6f:aa:5a:6f:98:2e:a4:91:bd:e4:32:bd:92: 6f:b3:52:b4:e7:f8:ab:bf:55:7d:81:ea:b6:1d:7e: 85:52:b0:d4:da:91:63:7f:c1:61:68:05:e5:38:22: 6f:4b:0c:5d:ba:aa:42:55:38:29:50:c8:9c:e2:5c: 12:dd:53:fb:18:00:50:d0:ea:63:5e:35:08:82:ab: c5:1b:2a:b5:57:85:1e:48:c0:65:0c:62:9f:c7:0f: 12:68:78:e4:13:c0:6d:f2:d0:b7:15:00:9b:b4:30: a5:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2C:39:AC:F2:7C:5E:EB:42:BA:08:E8:E3:A7:F7:2C:35:F8:66:82:1B X509v3 Authority Key Identifier: keyid:3E:CD:53:C6:64:24:C3:F3:69:CA:88:EE:7A:F7:6A:DB:25:E1:84:51 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ps1TxmQkw_Npyojuevdq2yXhhFE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/e65ada-4d4a-404d-8700-c2256804e922/1/LDms8nxe60K6COjjp_csNfhmghs.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/09/e65ada-4d4a-404d-8700-c2256804e922/1/Ps1TxmQkw_Npyojuevdq2yXhhFE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 87.120.208.0/21 87.121.28.0/22 94.156.254.0/23 176.56.192.0/19 185.159.86.0/24 185.251.18.0/24 195.211.49.0/24 IPv6: 2a0b:d40::/29 Signature Algorithm: sha256WithRSAEncryption 63:35:bb:37:d2:12:58:00:8a:58:bd:a5:7a:63:d0:13:53:5a: 6a:7b:8b:03:a7:bb:d2:21:e2:4c:f4:2d:f4:40:b6:c2:66:f2: eb:33:b3:c8:af:86:d3:ff:fb:2f:d0:73:3b:b1:fc:ba:af:90: bd:8f:00:47:11:5b:86:ae:60:a1:ac:17:cf:c9:65:35:f8:d7: dc:63:9e:21:ea:87:56:5f:12:f5:40:c6:3e:96:96:8f:b0:bd: 8f:ef:34:3c:48:22:fa:47:e6:44:b1:e9:13:98:3c:7b:55:e8: af:74:77:67:08:8f:88:95:1a:19:90:55:cd:49:f5:1e:b3:73: 48:a8:e6:6f:aa:5d:00:d3:9b:f3:f2:ed:88:57:e0:8e:14:3b: 89:25:a8:61:e3:35:23:18:ac:90:79:2e:dd:0f:bf:d3:02:ba: 48:22:87:3c:11:05:82:66:25:96:ea:2d:50:02:47:4a:50:89: 8d:8d:4d:6e:c2:43:3b:7f:ac:f3:d2:63:2f:9a:44:ac:53:c4: 8c:10:c0:57:01:5a:ad:82:52:17:38:88:51:41:82:07:c6:ea: 76:dd:5b:83:9f:8c:e6:2d:c1:89:79:c6:a5:fc:d7:f0:7e:4d: 1a:0c:65:4e:e7:30:7a:c8:8b:10:65:8b:cc:6c:e3:c4:9d:e4: ca:17:3b:4c -----BEGIN CERTIFICATE----- MIIFMDCCBBigAwIBAgISAZt9XHU8P0hlkcSZkH0MjQlgMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNlY2Q1M2M2NjQyNGMzZjM2OWNhODhlZTdhZjc2YWRiMjVl MTg0NTEwHhcNMjYwMTAyMDYxOTI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyYzM5YWNmMjdjNWVlYjQyYmEwOGU4ZTNhN2Y3MmMzNWY4NjY4MjFiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuOumB7RQB0NiaQ0Il2bOobcb4hS9 kX/FbHO/NF0Hi2AS/j8kyWUcnGUyiVXC7/CKxHGh5SYPKFXxu7Ac8XGqADjaqlRR b4L46praey5UcW+srALLwSjrLsRwsgXPw28ESoii6DD85Za7ySwwqI6T5NAGVYpn /WU/b9TDIlGeT5Ps1opCuKU0HqlagiKY+i3ePQEco2I44m+qWm+YLqSRveQyvZJv s1K05/irv1V9geq2HX6FUrDU2pFjf8FhaAXlOCJvSwxduqpCVTgpUMic4lwS3VP7 GABQ0OpjXjUIgqvFGyq1V4UeSMBlDGKfxw8SaHjkE8Bt8tC3FQCbtDCl6wIDAQAB o4ICPDCCAjgwHQYDVR0OBBYEFCw5rPJ8XutCugjo46f3LDX4ZoIbMB8GA1UdIwQY MBaAFD7NU8ZkJMPzacqI7nr3atsl4YRRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUHMxVHhtUWt3X05weW9qdWV2ZHEyeVhoaEZFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9lNjVhZGEtNGQ0YS00MDRkLTg3MDAt YzIyNTY4MDRlOTIyLzEvTERtczhueGU2MEs2Q09qanBfY3NOZmhtZ2hzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wOS9lNjVhZGEtNGQ0YS00MDRkLTg3MDAtYzIyNTY4MDRlOTIy LzEvUHMxVHhtUWt3X05weW9qdWV2ZHEyeVhoaEZFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQDV3jQAwQC V3kcAwQBXpz+AwQFsDjAAwQAuZ9WAwQAufsSAwQAw9MxMA0EAgACMAcDBQMqCw1A MA0GCSqGSIb3DQEBCwUAA4IBAQBjNbs30hJYAIpYvaV6Y9ATU1pqe4sDp7vSIeJM 9C30QLbCZvLrM7PIr4bT//sv0HM7sfy6r5C9jwBHEVuGrmChrBfPyWU1+NfcY54h 6odWXxL1QMY+lpaPsL2P7zQ8SCL6R+ZEsekTmDx7VeivdHdnCI+IlRoZkFXNSfUe s3NIqOZvql0A05vz8u2IV+COFDuJJahh4zUjGKyQeS7dD7/TArpIIoc8EQWCZiWW 6i1QAkdKUImNjU1uwkM7f6zz0mMvmkSsU8SMEMBXAVqtglIXOIhRQYIHxup23VuD n4zmLcGJecal/Nfwfk0aDGVO5zB6yIsQZYvMbOPEneTKFztM -----END CERTIFICATE-----Generated at Sun Jan 25 17:20:00 2026 by rpki-client