This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/Lm2Fdw-4HY59cWTBR1AYmOLC0Mk.roa File: Lm2Fdw-4HY59cWTBR1AYmOLC0Mk.roa (raw, json) Hash identifier: SNGqheW6LsNlSg4kHxkvmFfi6Fzh2bEiE379f5CYZNA= Subject key identifier: 2E:6D:85:77:0F:B8:1D:8E:7D:71:64:C1:47:50:18:98:E2:C2:D0:C9 Certificate issuer: /CN=b3a5d99863db2e49b44f6c324eb04388fc7515d2 Certificate serial: 019B7EA6B17276E45A6B622C0276A053AC28 Authority key identifier: B3:A5:D9:98:63:DB:2E:49:B4:4F:6C:32:4E:B0:43:88:FC:75:15:D2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/Lm2Fdw-4HY59cWTBR1AYmOLC0Mk.roa Signing time: Fri 02 Jan 2026 12:20:12 +0000 ROA not before: Fri 02 Jan 2026 12:20:12 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 12430 IP address blocks: 2a01:800::/32 maxlen: 32 2a01:801::/32 maxlen: 32 2a01:807::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.crl rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.mft rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 09:01:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a6:b1:72:76:e4:5a:6b:62:2c:02:76:a0:53:ac:28 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b3a5d99863db2e49b44f6c324eb04388fc7515d2 Validity Not Before: Jan 2 12:20:12 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=2e6d85770fb81d8e7d7164c147501898e2c2d0c9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:36:f5:0e:cd:a8:20:0e:d5:a1:53:9f:37:fa: fb:ab:b2:e2:56:7e:de:e8:fd:78:7d:06:1f:b6:b5: e9:98:ae:91:14:e2:d7:72:77:45:f8:1f:fc:d8:3d: f0:59:68:32:9c:19:77:68:91:f3:e6:3f:0f:58:f6: 0b:9f:ef:2e:9c:1d:e1:1a:a2:4e:45:c2:a0:a7:6d: ca:c5:3e:3c:33:f4:bf:de:9b:ae:d0:2c:08:e0:56: 97:f9:c3:13:aa:2b:9c:2a:7b:61:50:7a:a5:a5:e8: 80:3c:f4:43:51:90:a8:5e:09:ab:ad:51:24:67:c0: f5:29:40:28:e3:2d:0c:6a:18:5d:cd:35:69:9f:06: 1c:01:9a:58:aa:26:37:08:8f:6f:30:98:f2:1a:27: 53:58:d7:fb:cc:b8:45:e9:07:f5:98:47:3b:2d:e1: 9d:27:3e:c4:9f:2b:cd:54:42:35:d4:a0:a3:3a:45: 2c:25:36:63:88:e4:88:18:f6:70:02:69:f5:a6:54: 53:51:73:37:eb:12:c1:29:91:7a:73:35:df:01:0c: c5:eb:29:37:80:19:af:c3:bd:53:2c:19:53:39:0a: ff:6a:e8:f3:06:b8:4b:a9:00:68:79:ed:b6:98:bc: 6f:6c:57:8d:4c:8d:1b:50:cc:b0:7d:1d:d1:0b:27: 56:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2E:6D:85:77:0F:B8:1D:8E:7D:71:64:C1:47:50:18:98:E2:C2:D0:C9 X509v3 Authority Key Identifier: keyid:B3:A5:D9:98:63:DB:2E:49:B4:4F:6C:32:4E:B0:43:88:FC:75:15:D2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/Lm2Fdw-4HY59cWTBR1AYmOLC0Mk.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a01:800::/31 2a01:807::/32 Signature Algorithm: sha256WithRSAEncryption 12:de:06:49:ca:d0:9f:f5:df:39:29:b6:67:90:0f:a2:44:21: 63:ce:25:89:67:d5:08:9f:be:ba:19:bb:12:01:b4:68:4e:76: 40:c0:64:31:80:41:ee:5b:f5:6b:33:c7:20:ab:09:61:c3:e8: 72:d1:a4:21:09:10:48:00:a7:c8:ae:9e:bb:e9:69:e9:74:19: 17:a1:c2:61:7b:17:59:b3:7d:78:d3:f6:97:dd:9a:b4:cf:cf: 81:25:42:0a:28:ba:df:8b:65:d1:8f:6d:e8:c9:c3:b1:89:c6: 21:11:f0:1b:46:b2:44:7e:02:57:8c:20:dc:7f:a2:e6:e5:82: 7c:05:d9:67:3f:ca:8b:1a:ac:4a:5e:28:5c:4e:e2:69:37:00: a0:62:c0:85:04:64:c2:f2:a1:68:e7:2f:9b:50:91:92:f0:e4: 3f:bc:4f:39:0e:6a:d2:14:18:5b:2e:07:90:f9:40:81:fb:be: 6b:cc:9f:45:74:f0:f0:a7:88:a3:33:d2:2f:a5:c9:5e:40:40: 07:4d:52:70:c3:62:4b:c3:7a:0f:b9:63:1f:a1:10:dd:f6:07: 8c:75:74:05:a0:73:e0:0f:ae:55:e1:94:b6:c0:5f:5e:4b:1d: e4:2c:8f:84:66:a2:6d:7a:62:e9:fb:74:4d:cd:fe:dc:4e:e4: d1:b4:8f:f0 -----BEGIN CERTIFICATE----- MIIFBTCCA+2gAwIBAgISAZt+prFyduRaa2IsAnagU6woMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIzYTVkOTk4NjNkYjJlNDliNDRmNmMzMjRlYjA0Mzg4ZmM3 NTE1ZDIwHhcNMjYwMTAyMTIyMDEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyZTZkODU3NzBmYjgxZDhlN2Q3MTY0YzE0NzUwMTg5OGUyYzJkMGM5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsjb1Ds2oIA7VoVOfN/r7q7LiVn7e 6P14fQYftrXpmK6RFOLXcndF+B/82D3wWWgynBl3aJHz5j8PWPYLn+8unB3hGqJO RcKgp23KxT48M/S/3puu0CwI4FaX+cMTqiucKnthUHqlpeiAPPRDUZCoXgmrrVEk Z8D1KUAo4y0MahhdzTVpnwYcAZpYqiY3CI9vMJjyGidTWNf7zLhF6Qf1mEc7LeGd Jz7EnyvNVEI11KCjOkUsJTZjiOSIGPZwAmn1plRTUXM36xLBKZF6czXfAQzF6yk3 gBmvw71TLBlTOQr/aujzBrhLqQBoee22mLxvbFeNTI0bUMywfR3RCydWzwIDAQAB o4ICETCCAg0wHQYDVR0OBBYEFC5thXcPuB2OfXFkwUdQGJjiwtDJMB8GA1UdIwQY MBaAFLOl2Zhj2y5JtE9sMk6wQ4j8dRXSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvczZYWm1HUGJMa20wVDJ3eVRyQkRpUHgxRmRJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8yOWU5YmMtYjE5MC00MDllLTg2YjAt ZWVjNWQ1MGVmYTk0LzEvTG0yRmR3LTRIWTU5Y1dUQlIxQVltT0xDME1rLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yOC8yOWU5YmMtYjE5MC00MDllLTg2YjAtZWVjNWQ1MGVmYTk0 LzEvczZYWm1HUGJMa20wVDJ3eVRyQkRpUHgxRmRJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUBKgEIAAMF ACoBCAcwDQYJKoZIhvcNAQELBQADggEBABLeBknK0J/13zkptmeQD6JEIWPOJYln 1QifvroZuxIBtGhOdkDAZDGAQe5b9WszxyCrCWHD6HLRpCEJEEgAp8iunrvpael0 GRehwmF7F1mzfXjT9pfdmrTPz4ElQgoout+LZdGPbejJw7GJxiER8BtGskR+AleM INx/oublgnwF2Wc/yosarEpeKFxO4mk3AKBiwIUEZMLyoWjnL5tQkZLw5D+8TzkO atIUGFsuB5D5QIH7vmvMn0V08PCniKMz0i+lyV5AQAdNUnDDYkvDeg+5Yx+hEN32 B4x1dAWgc+APrlXhlLbAX15LHeQsj4Rmom16Yun7dE3N/txO5NG0j/A= -----END CERTIFICATE-----Generated at Sun Jan 25 19:18:08 2026 by rpki-client