This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/b1475d-fcc2-48bb-ae01-c2ba24653f7b/1/lWJFLWzbEFcrz6v7MBMAal1UC0Q.roa File: lWJFLWzbEFcrz6v7MBMAal1UC0Q.roa (raw, json) Hash identifier: 8TaQuYzpOnIciU3bPXjs+EPWsUmEnwjkG4COBm5InQ4= Subject key identifier: 95:62:45:2D:6C:DB:10:57:2B:CF:AB:FB:30:13:00:6A:5D:54:0B:44 Certificate issuer: /CN=2037512e5355e815acf064603f8ae3f5528a5e3b Certificate serial: 019B7D5BDFF15EA3D3136DD073A74C903DCD Authority key identifier: 20:37:51:2E:53:55:E8:15:AC:F0:64:60:3F:8A:E3:F5:52:8A:5E:3B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IDdRLlNV6BWs8GRgP4rj9VKKXjs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/b1475d-fcc2-48bb-ae01-c2ba24653f7b/1/lWJFLWzbEFcrz6v7MBMAal1UC0Q.roa Signing time: Fri 02 Jan 2026 06:18:51 +0000 ROA not before: Fri 02 Jan 2026 06:18:51 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 60404 IP address blocks: 5.2.64.0/20 maxlen: 20 5.2.67.0/24 maxlen: 24 5.2.70.0/24 maxlen: 24 5.255.96.0/19 maxlen: 19 88.214.28.0/24 maxlen: 24 88.214.29.0/24 maxlen: 24 88.214.30.0/24 maxlen: 24 88.214.31.0/24 maxlen: 24 103.251.164.0/22 maxlen: 22 103.251.164.0/24 maxlen: 24 103.251.165.0/24 maxlen: 24 103.251.166.0/24 maxlen: 24 103.251.167.0/24 maxlen: 24 150.129.8.0/22 maxlen: 22 150.129.8.0/24 maxlen: 24 150.129.9.0/24 maxlen: 24 150.129.10.0/24 maxlen: 24 185.31.172.0/22 maxlen: 22 192.76.150.0/24 maxlen: 24 192.76.153.0/24 maxlen: 24 192.76.160.0/24 maxlen: 24 192.76.163.0/24 maxlen: 24 2a01:6340::/29 maxlen: 29 2a04:52c0::/32 maxlen: 32 2a04:52c0:1::/48 maxlen: 64 2a04:52c0:138::/48 maxlen: 64 2a04:52c0:139::/48 maxlen: 64 2a04:52c0:140::/48 maxlen: 64 2a04:52c0:141::/48 maxlen: 64 2a04:52c0:142::/48 maxlen: 64 2a04:52c0:1000::/48 maxlen: 64 2a04:52c0:5001::/48 maxlen: 64 2a04:52c0:6000::/36 maxlen: 64 2a04:52c0:7000::/36 maxlen: 64 2a0f:6bc0::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/46/b1475d-fcc2-48bb-ae01-c2ba24653f7b/1/IDdRLlNV6BWs8GRgP4rj9VKKXjs.crl rsync://rpki.ripe.net/repository/DEFAULT/46/b1475d-fcc2-48bb-ae01-c2ba24653f7b/1/IDdRLlNV6BWs8GRgP4rj9VKKXjs.mft rsync://rpki.ripe.net/repository/DEFAULT/IDdRLlNV6BWs8GRgP4rj9VKKXjs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 21:00:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5b:df:f1:5e:a3:d3:13:6d:d0:73:a7:4c:90:3d:cd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2037512e5355e815acf064603f8ae3f5528a5e3b Validity Not Before: Jan 2 06:18:51 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=9562452d6cdb10572bcfabfb3013006a5d540b44 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:90:37:c3:67:3b:55:9e:65:ff:76:b6:9c:77: a2:af:db:42:1d:61:cc:f3:35:b7:80:85:05:04:8a: 42:6a:0b:af:a4:73:8b:c8:63:1c:2c:d2:42:1e:d3: d1:f9:d3:7a:6d:9a:51:20:a5:a5:91:14:01:f2:ac: 49:b3:3c:6f:0f:06:d9:1b:14:7c:44:18:4e:7e:65: 72:fc:d3:84:c1:54:fe:51:42:d3:b7:f6:40:e9:5d: 65:63:f0:48:8a:d3:6b:77:5e:1c:7d:fd:31:d8:e2: 52:94:58:af:fa:dd:88:22:5f:25:73:da:8e:a9:2c: 40:95:00:58:44:d4:2d:39:1c:d1:fe:8d:ae:09:14: f3:33:0a:91:cc:70:d9:90:39:be:09:ab:b3:fb:b1: 2b:dc:d8:da:cf:02:a3:85:63:05:55:70:f5:19:a1: 76:5a:64:67:80:0e:a4:ed:9c:d1:64:9d:5c:5f:33: 40:96:c1:3e:a9:3e:ab:99:95:72:98:ed:0d:1a:8a: cf:79:6b:ef:ff:85:18:a3:e4:7e:6a:cd:43:2c:1f: 69:c5:66:a2:ab:e1:28:1d:55:ce:79:b8:16:6f:2a: ce:03:15:3c:14:f6:7d:75:c9:ea:41:54:43:10:9b: ad:5f:a1:38:d1:30:0d:98:87:45:ae:b2:14:94:ee: 02:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 95:62:45:2D:6C:DB:10:57:2B:CF:AB:FB:30:13:00:6A:5D:54:0B:44 X509v3 Authority Key Identifier: keyid:20:37:51:2E:53:55:E8:15:AC:F0:64:60:3F:8A:E3:F5:52:8A:5E:3B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IDdRLlNV6BWs8GRgP4rj9VKKXjs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/b1475d-fcc2-48bb-ae01-c2ba24653f7b/1/lWJFLWzbEFcrz6v7MBMAal1UC0Q.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/46/b1475d-fcc2-48bb-ae01-c2ba24653f7b/1/IDdRLlNV6BWs8GRgP4rj9VKKXjs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.2.64.0/20 5.255.96.0/19 88.214.28.0/22 103.251.164.0/22 150.129.8.0/22 185.31.172.0/22 192.76.150.0/24 192.76.153.0/24 192.76.160.0/24 192.76.163.0/24 IPv6: 2a01:6340::/29 2a04:52c0::/32 2a0f:6bc0::/29 Signature Algorithm: sha256WithRSAEncryption a7:cc:bd:fc:7f:e5:0b:1b:c7:51:ea:a0:fa:5d:cd:d1:0a:31: c6:7e:69:6f:1e:bd:d5:18:49:fb:f5:4a:a7:b7:bf:af:d3:0a: c5:2e:5e:34:4a:25:b8:6e:9a:f1:db:53:8c:ec:7f:9f:91:4e: 5c:5d:95:4b:64:1d:de:10:a3:a2:b4:42:ac:98:75:be:a1:e4: a1:15:28:ff:c0:bf:c2:45:fc:ca:8c:ca:6d:f5:84:66:d3:2a: af:d2:d7:a8:a3:f7:e5:48:60:49:ec:db:88:a5:94:62:61:6d: 98:26:2b:2f:f0:65:b1:76:da:a7:95:d8:da:b4:c0:b2:a0:58: c5:5b:49:fd:07:f3:fe:33:22:ad:60:e0:24:7c:47:87:92:b3: e3:79:62:4d:1d:2b:3f:39:d9:da:f7:de:b4:08:c8:4c:55:a3: 53:bb:dc:10:ce:ca:c3:14:95:77:90:ab:da:5f:31:16:f3:62: 10:0f:1a:0c:3d:9f:15:bc:c0:63:03:e0:99:1a:20:95:f8:df: c2:76:c3:3d:47:77:2f:2e:ba:8b:df:6a:66:a5:c0:12:e1:6d: 6a:5e:34:d9:a2:fb:60:44:69:3a:27:22:15:f2:54:d1:69:68: d1:b4:f8:da:85:25:f9:94:c0:84:b9:52:8a:4f:17:66:a7:dd: 51:4c:f5:7a -----BEGIN CERTIFICATE----- MIIFUDCCBDigAwIBAgISAZt9W9/xXqPTE23Qc6dMkD3NMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIwMzc1MTJlNTM1NWU4MTVhY2YwNjQ2MDNmOGFlM2Y1NTI4 YTVlM2IwHhcNMjYwMTAyMDYxODUxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5NTYyNDUyZDZjZGIxMDU3MmJjZmFiZmIzMDEzMDA2YTVkNTQwYjQ0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAopA3w2c7VZ5l/3a2nHeir9tCHWHM 8zW3gIUFBIpCaguvpHOLyGMcLNJCHtPR+dN6bZpRIKWlkRQB8qxJszxvDwbZGxR8 RBhOfmVy/NOEwVT+UULTt/ZA6V1lY/BIitNrd14cff0x2OJSlFiv+t2IIl8lc9qO qSxAlQBYRNQtORzR/o2uCRTzMwqRzHDZkDm+Cauz+7Er3NjazwKjhWMFVXD1GaF2 WmRngA6k7ZzRZJ1cXzNAlsE+qT6rmZVymO0NGorPeWvv/4UYo+R+as1DLB9pxWai q+EoHVXOebgWbyrOAxU8FPZ9dcnqQVRDEJutX6E40TANmIdFrrIUlO4CJwIDAQAB o4ICXDCCAlgwHQYDVR0OBBYEFJViRS1s2xBXK8+r+zATAGpdVAtEMB8GA1UdIwQY MBaAFCA3US5TVegVrPBkYD+K4/VSil47MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSURkUkxsTlY2QldzOEdSZ1A0cmo5VktLWGpzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni9iMTQ3NWQtZmNjMi00OGJiLWFlMDEt YzJiYTI0NjUzZjdiLzEvbFdKRkxXemJFRmNyejZ2N01CTUFhbDFVQzBRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Ni9iMTQ3NWQtZmNjMi00OGJiLWFlMDEtYzJiYTI0NjUzZjdi LzEvSURkUkxsTlY2QldzOEdSZ1A0cmo5VktLWGpzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMHIGCCsGAQUFBwEHAQH/BGMwYTBCBAIAATA8AwQEBQJAAwQF Bf9gAwQCWNYcAwQCZ/ukAwQCloEIAwQCuR+sAwQAwEyWAwQAwEyZAwQAwEygAwQA wEyjMBsEAgACMBUDBQMqAWNAAwUAKgRSwAMFAyoPa8AwDQYJKoZIhvcNAQELBQAD ggEBAKfMvfx/5Qsbx1HqoPpdzdEKMcZ+aW8evdUYSfv1Sqe3v6/TCsUuXjRKJbhu mvHbU4zsf5+RTlxdlUtkHd4Qo6K0QqyYdb6h5KEVKP/Av8JF/MqMym31hGbTKq/S 16ij9+VIYEns24illGJhbZgmKy/wZbF22qeV2Nq0wLKgWMVbSf0H8/4zIq1g4CR8 R4eSs+N5Yk0dKz852dr33rQIyExVo1O73BDOysMUlXeQq9pfMRbzYhAPGgw9nxW8 wGMD4JkaIJX438J2wz1Hdy8uuovfamalwBLhbWpeNNmi+2BEaTonIhXyVNFpaNG0 +NqFJfmUwIS5UopPF2an3VFM9Xo= -----END CERTIFICATE-----Generated at Mon Jan 26 05:32:45 2026 by rpki-client