This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/09af2b-64f7-4c1d-abd4-d07464b9b378/1/LcBroKBLXoM6xXO9zi3GvH6KmR8.roa File: LcBroKBLXoM6xXO9zi3GvH6KmR8.roa (raw, json) Hash identifier: fH5tm86jikYUxeNxCkC081pHnyjYlsjUYmP8CBL7xrk= Subject key identifier: 2D:C0:6B:A0:A0:4B:5E:83:3A:C5:73:BD:CE:2D:C6:BC:7E:8A:99:1F Certificate issuer: /CN=fc13f7fa237f89d011233bac7328c2219ba7d62c Certificate serial: 019B7F82656C23393220541DFAAAFECFD897 Authority key identifier: FC:13:F7:FA:23:7F:89:D0:11:23:3B:AC:73:28:C2:21:9B:A7:D6:2C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_BP3-iN_idARIzuscyjCIZun1iw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/09af2b-64f7-4c1d-abd4-d07464b9b378/1/LcBroKBLXoM6xXO9zi3GvH6KmR8.roa Signing time: Fri 02 Jan 2026 16:20:10 +0000 ROA not before: Fri 02 Jan 2026 16:20:10 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 5401 IP address blocks: 2001:1440:201::/48 maxlen: 48 2001:1440:202::/47 maxlen: 47 2001:1440:202::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0f/09af2b-64f7-4c1d-abd4-d07464b9b378/1/_BP3-iN_idARIzuscyjCIZun1iw.crl rsync://rpki.ripe.net/repository/DEFAULT/0f/09af2b-64f7-4c1d-abd4-d07464b9b378/1/_BP3-iN_idARIzuscyjCIZun1iw.mft rsync://rpki.ripe.net/repository/DEFAULT/_BP3-iN_idARIzuscyjCIZun1iw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:01:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:82:65:6c:23:39:32:20:54:1d:fa:aa:fe:cf:d8:97 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=fc13f7fa237f89d011233bac7328c2219ba7d62c Validity Not Before: Jan 2 16:20:10 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=2dc06ba0a04b5e833ac573bdce2dc6bc7e8a991f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ec:69:4f:43:7a:59:74:ba:1d:cb:97:54:fc:ee: 09:a1:96:77:59:5a:ab:4c:67:08:fe:6d:6c:ad:72: fd:28:9f:3d:42:b6:72:a5:f7:58:14:ec:2c:c3:84: ed:0c:a3:9f:b3:8a:2b:e3:f8:1d:af:f5:71:e4:e3: c8:5c:67:02:e2:e8:da:6e:80:4e:27:36:7d:66:2a: 2d:c9:6c:46:0a:50:ab:3e:66:75:db:7c:69:e4:69: 9c:33:d4:ec:da:73:cc:92:cd:3f:72:13:71:11:12: 0a:6f:01:71:e8:fb:01:3a:9a:58:e9:b8:48:ba:3e: 02:82:62:9f:2f:12:28:7b:76:8d:68:5d:01:96:44: f0:e2:2c:cc:4e:c1:93:55:fb:17:20:b6:21:07:26: 57:50:16:96:99:e5:32:37:ea:a5:f8:e7:11:db:be: 67:95:a1:18:fa:ca:3f:09:1b:2d:bd:22:92:a5:46: 5b:ad:4f:2d:58:8e:2c:ca:b9:84:7c:90:2f:e1:f1: 49:e6:b3:c5:ce:9b:49:28:ac:03:42:2f:70:7c:3f: a8:df:f8:4a:54:e8:c3:37:2d:48:7d:e8:c8:8e:4c: 3d:7c:e5:59:64:90:af:ce:8e:89:37:38:35:4b:59: 3c:bc:0f:e3:c1:fe:c1:6f:93:9c:9e:86:75:68:09: 6f:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2D:C0:6B:A0:A0:4B:5E:83:3A:C5:73:BD:CE:2D:C6:BC:7E:8A:99:1F X509v3 Authority Key Identifier: keyid:FC:13:F7:FA:23:7F:89:D0:11:23:3B:AC:73:28:C2:21:9B:A7:D6:2C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_BP3-iN_idARIzuscyjCIZun1iw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/09af2b-64f7-4c1d-abd4-d07464b9b378/1/LcBroKBLXoM6xXO9zi3GvH6KmR8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/09af2b-64f7-4c1d-abd4-d07464b9b378/1/_BP3-iN_idARIzuscyjCIZun1iw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:1440:201::-2001:1440:203:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 6c:db:d8:63:a9:4c:16:29:7b:6c:44:f6:21:ec:b9:f5:8a:27: c1:26:68:87:ee:34:68:3c:60:50:8d:cc:47:ee:14:ae:ad:91: ae:51:2c:13:46:b0:2a:77:a4:a9:24:92:d6:0b:b5:55:22:4c: 4c:6e:74:da:28:d6:34:5a:83:62:56:eb:64:54:b5:fd:45:a1: 81:e9:1b:a6:fd:7f:0b:3c:22:25:69:dd:bc:c9:86:b0:4d:be: 99:f2:af:f7:b3:9b:8c:5d:11:ee:de:36:1f:b6:32:56:cd:c5: 9a:1e:ea:41:6c:08:4a:b0:24:76:a4:5b:34:ec:5d:f6:bc:21: 09:2f:56:a4:8a:a3:ec:08:bb:86:c4:42:ba:53:e1:85:0d:2d: 68:de:b5:c9:48:c4:f3:7b:a6:6a:a2:7a:5b:f4:ac:e3:a8:c5: e7:1e:56:6a:da:98:5c:e3:02:3f:bd:58:49:3a:bd:6e:f7:ab: 8b:f0:52:a5:ec:17:e5:b9:f2:58:4c:ad:d8:22:3b:6d:72:f0: 42:dd:f7:35:f1:79:90:cd:02:f9:21:9c:41:cd:c2:3a:6e:d3: 58:a6:24:13:d9:6b:2e:d1:f4:b2:af:95:52:60:a7:61:0e:40: 82:13:e6:be:9b:1a:cf:06:cd:ea:da:fe:48:fd:d8:88:38:bb: 22:30:f5:73 -----BEGIN CERTIFICATE----- MIIFCzCCA/OgAwIBAgISAZt/gmVsIzkyIFQd+qr+z9iXMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGZjMTNmN2ZhMjM3Zjg5ZDAxMTIzM2JhYzczMjhjMjIxOWJh N2Q2MmMwHhcNMjYwMTAyMTYyMDEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyZGMwNmJhMGEwNGI1ZTgzM2FjNTczYmRjZTJkYzZiYzdlOGE5OTFmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7GlPQ3pZdLody5dU/O4JoZZ3WVqr TGcI/m1srXL9KJ89QrZypfdYFOwsw4TtDKOfs4or4/gdr/Vx5OPIXGcC4ujaboBO JzZ9ZiotyWxGClCrPmZ123xp5GmcM9Ts2nPMks0/chNxERIKbwFx6PsBOppY6bhI uj4CgmKfLxIoe3aNaF0BlkTw4izMTsGTVfsXILYhByZXUBaWmeUyN+ql+OcR275n laEY+so/CRstvSKSpUZbrU8tWI4syrmEfJAv4fFJ5rPFzptJKKwDQi9wfD+o3/hK VOjDNy1IfejIjkw9fOVZZJCvzo6JNzg1S1k8vA/jwf7Bb5OcnoZ1aAlvZwIDAQAB o4ICFzCCAhMwHQYDVR0OBBYEFC3Aa6CgS16DOsVzvc4txrx+ipkfMB8GA1UdIwQY MBaAFPwT9/ojf4nQESM7rHMowiGbp9YsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvX0JQMy1pTl9pZEFSSXp1c2N5akNJWnVuMWl3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8wOWFmMmItNjRmNy00YzFkLWFiZDQt ZDA3NDY0YjliMzc4LzEvTGNCcm9LQkxYb002eFhPOXppM0d2SDZLbVI4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wZi8wOWFmMmItNjRmNy00YzFkLWFiZDQtZDA3NDY0YjliMzc4 LzEvX0JQMy1pTl9pZEFSSXp1c2N5akNJWnVuMWl3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAAjAUMBIDBwAgARRA AgEDBwIgARRAAgAwDQYJKoZIhvcNAQELBQADggEBAGzb2GOpTBYpe2xE9iHsufWK J8EmaIfuNGg8YFCNzEfuFK6tka5RLBNGsCp3pKkkktYLtVUiTExudNoo1jRag2JW 62RUtf1FoYHpG6b9fws8IiVp3bzJhrBNvpnyr/ezm4xdEe7eNh+2MlbNxZoe6kFs CEqwJHakWzTsXfa8IQkvVqSKo+wIu4bEQrpT4YUNLWjetclIxPN7pmqielv0rOOo xeceVmramFzjAj+9WEk6vW73q4vwUqXsF+W58lhMrdgiO21y8ELd9zXxeZDNAvkh nEHNwjpu01imJBPZay7R9LKvlVJgp2EOQIIT5r6bGs8Gzera/kj92Ig4uyIw9XM= -----END CERTIFICATE-----Generated at Sun Jan 25 20:01:23 2026 by rpki-client