This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/7c1c29-ca02-490b-aa84-e1a8a6f1d59a/1/lw6CByl2eIoJzy6-P0WeW49KgOI.roa File: lw6CByl2eIoJzy6-P0WeW49KgOI.roa (raw, json) Hash identifier: 6N3/YHs+5PxRInfdIs1YdoKER3Usv1BE1gz4UpUcn9I= Subject key identifier: 97:0E:82:07:29:76:78:8A:09:CF:2E:BE:3F:45:9E:5B:8F:4A:80:E2 Certificate issuer: /CN=dccb2d5fb253852f1823c65434e8f276d04e4e0c Certificate serial: 019B7C7FD52ADC49F4DD2BF1A02241667B8C Authority key identifier: DC:CB:2D:5F:B2:53:85:2F:18:23:C6:54:34:E8:F2:76:D0:4E:4E:0C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3MstX7JThS8YI8ZUNOjydtBOTgw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/7c1c29-ca02-490b-aa84-e1a8a6f1d59a/1/lw6CByl2eIoJzy6-P0WeW49KgOI.roa Signing time: Fri 02 Jan 2026 02:18:31 +0000 ROA not before: Fri 02 Jan 2026 02:18:31 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 35592 IP address blocks: 46.29.184.0/21 maxlen: 24 87.236.192.0/21 maxlen: 24 89.187.128.0/19 maxlen: 24 91.245.16.0/21 maxlen: 24 185.162.4.0/22 maxlen: 24 2a01:5f0::/29 maxlen: 64 2a01:5f0::/32 maxlen: 64 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/7c1c29-ca02-490b-aa84-e1a8a6f1d59a/1/3MstX7JThS8YI8ZUNOjydtBOTgw.crl rsync://rpki.ripe.net/repository/DEFAULT/21/7c1c29-ca02-490b-aa84-e1a8a6f1d59a/1/3MstX7JThS8YI8ZUNOjydtBOTgw.mft rsync://rpki.ripe.net/repository/DEFAULT/3MstX7JThS8YI8ZUNOjydtBOTgw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 11:00:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:7f:d5:2a:dc:49:f4:dd:2b:f1:a0:22:41:66:7b:8c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dccb2d5fb253852f1823c65434e8f276d04e4e0c Validity Not Before: Jan 2 02:18:31 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=970e82072976788a09cf2ebe3f459e5b8f4a80e2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:ac:c0:9c:7b:0e:75:a2:b6:60:ea:52:63:53: b0:ba:65:19:0c:13:1e:52:75:c7:18:fd:ba:c4:8f: 42:23:04:3c:25:e0:ac:02:fa:ed:1a:31:90:1f:2c: 12:43:df:3c:b2:55:bf:cf:52:0f:3a:f3:47:07:07: 90:60:6b:c3:b4:34:6b:c5:ca:ef:f1:2f:e5:8c:e5: 56:4b:25:b9:e7:3c:77:3e:bb:1f:c5:4b:34:a0:fb: 3b:df:b9:62:f9:b0:e6:30:b6:31:f0:bb:92:86:42: 5d:09:eb:f6:2c:5a:75:20:1e:f8:b8:df:50:7d:a9: db:55:6a:88:11:7a:4a:d5:39:05:fc:1a:f7:55:0f: 16:ac:2a:66:fd:64:7b:75:00:43:81:46:82:72:4c: a1:27:ef:47:e6:96:95:8e:b1:b7:67:ba:84:80:88: 33:9a:fd:fe:b6:99:95:26:f4:64:0e:fd:a2:f3:2a: 00:0d:cc:b4:13:51:60:dc:a0:dc:c8:e5:05:f3:1e: 1e:14:a7:e9:30:ee:1e:b3:c5:f7:94:f0:c6:d1:53: 7e:d5:49:0f:b5:84:3d:5d:e7:b1:fe:98:5b:c8:ad: e4:56:5c:8f:b5:97:e3:53:eb:43:d5:dd:d5:69:b3: 8c:d5:5c:16:b0:38:9f:1e:2a:01:ae:67:2f:81:00: cc:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 97:0E:82:07:29:76:78:8A:09:CF:2E:BE:3F:45:9E:5B:8F:4A:80:E2 X509v3 Authority Key Identifier: keyid:DC:CB:2D:5F:B2:53:85:2F:18:23:C6:54:34:E8:F2:76:D0:4E:4E:0C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3MstX7JThS8YI8ZUNOjydtBOTgw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/7c1c29-ca02-490b-aa84-e1a8a6f1d59a/1/lw6CByl2eIoJzy6-P0WeW49KgOI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/21/7c1c29-ca02-490b-aa84-e1a8a6f1d59a/1/3MstX7JThS8YI8ZUNOjydtBOTgw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 46.29.184.0/21 87.236.192.0/21 89.187.128.0/19 91.245.16.0/21 185.162.4.0/22 IPv6: 2a01:5f0::/29 Signature Algorithm: sha256WithRSAEncryption 4e:e2:a2:51:27:7c:53:31:0e:26:95:d7:1a:ff:90:1f:4c:cf: e0:6e:33:85:8b:33:65:58:10:bc:58:4b:f8:82:72:67:01:6d: 58:72:dd:8d:bd:97:7d:16:77:53:4b:e6:29:02:e7:5d:e1:9c: 95:5d:80:0c:a8:b6:11:20:f0:90:55:c5:8a:ef:cb:d8:c7:7b: 46:33:7c:11:20:41:76:b7:a2:5c:8a:a1:2f:5a:99:ea:08:ea: 68:68:69:df:3d:a7:64:b4:90:a1:0e:b7:f8:9b:1f:c7:a2:d1: 15:ed:df:98:f5:09:8f:6d:7b:d5:c9:a3:91:fb:0e:9c:20:6e: 34:3a:95:4f:5f:a1:d4:8e:97:62:0e:59:0c:70:e8:cf:d8:cd: 8b:e8:b4:7b:2b:5a:1c:b1:84:0a:6d:e4:38:17:ca:b6:ea:9b: 34:73:c0:a6:cc:82:54:eb:20:b6:c7:71:3f:46:88:49:16:ce: a8:83:ab:9e:20:71:dd:98:0a:dd:c3:1a:60:df:ae:50:ea:67: 96:92:a7:40:f9:9d:ee:3c:3a:0e:9e:ee:9e:b0:e4:7e:30:d5: 27:f0:d8:98:d7:64:b3:09:9f:b0:59:87:a5:a2:8a:3d:53:a9: 37:52:0a:f8:5d:74:09:7c:4b:34:9b:81:71:0c:76:0f:db:19: 46:9c:b5:5b -----BEGIN CERTIFICATE----- MIIFJDCCBAygAwIBAgISAZt8f9Uq3En03SvxoCJBZnuMMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRjY2IyZDVmYjI1Mzg1MmYxODIzYzY1NDM0ZThmMjc2ZDA0 ZTRlMGMwHhcNMjYwMTAyMDIxODMxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5NzBlODIwNzI5NzY3ODhhMDljZjJlYmUzZjQ1OWU1YjhmNGE4MGUyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxazAnHsOdaK2YOpSY1OwumUZDBMe UnXHGP26xI9CIwQ8JeCsAvrtGjGQHywSQ988slW/z1IPOvNHBweQYGvDtDRrxcrv 8S/ljOVWSyW55zx3PrsfxUs0oPs737li+bDmMLYx8LuShkJdCev2LFp1IB74uN9Q fanbVWqIEXpK1TkF/Br3VQ8WrCpm/WR7dQBDgUaCckyhJ+9H5paVjrG3Z7qEgIgz mv3+tpmVJvRkDv2i8yoADcy0E1Fg3KDcyOUF8x4eFKfpMO4es8X3lPDG0VN+1UkP tYQ9Xeex/phbyK3kVlyPtZfjU+tD1d3VabOM1VwWsDifHioBrmcvgQDMAQIDAQAB o4ICMDCCAiwwHQYDVR0OBBYEFJcOggcpdniKCc8uvj9FnluPSoDiMB8GA1UdIwQY MBaAFNzLLV+yU4UvGCPGVDTo8nbQTk4MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM01zdFg3SlRoUzhZSThaVU5PanlkdEJPVGd3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS83YzFjMjktY2EwMi00OTBiLWFhODQt ZTFhOGE2ZjFkNTlhLzEvbHc2Q0J5bDJlSW9Kenk2LVAwV2VXNDlLZ09JLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMS83YzFjMjktY2EwMi00OTBiLWFhODQtZTFhOGE2ZjFkNTlh LzEvM01zdFg3SlRoUzhZSThaVU5PanlkdEJPVGd3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDLh24AwQD V+zAAwQFWbuAAwQDW/UQAwQCuaIEMA0EAgACMAcDBQMqAQXwMA0GCSqGSIb3DQEB CwUAA4IBAQBO4qJRJ3xTMQ4mldca/5AfTM/gbjOFizNlWBC8WEv4gnJnAW1Yct2N vZd9FndTS+YpAudd4ZyVXYAMqLYRIPCQVcWK78vYx3tGM3wRIEF2t6JciqEvWpnq COpoaGnfPadktJChDrf4mx/HotEV7d+Y9QmPbXvVyaOR+w6cIG40OpVPX6HUjpdi DlkMcOjP2M2L6LR7K1ocsYQKbeQ4F8q26ps0c8CmzIJU6yC2x3E/RohJFs6og6ue IHHdmArdwxpg365Q6meWkqdA+Z3uPDoOnu6esOR+MNUn8NiY12SzCZ+wWYelooo9 U6k3Ugr4XXQJfEs0m4FxDHYP2xlGnLVb -----END CERTIFICATE-----Generated at Mon Jan 26 17:44:18 2026 by rpki-client