This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/8a31f3-7acf-47b4-b97b-fa31e2dc6abb/1/L7FFVZjn00bwAbkg_Lv5HyPXbUw.roa File: L7FFVZjn00bwAbkg_Lv5HyPXbUw.roa (raw, json) Hash identifier: DToSgYumdmGKe2TLhpTAx0H6yxJQdXcD2z0JX5cGoUQ= Subject key identifier: 2F:B1:45:55:98:E7:D3:46:F0:01:B9:20:FC:BB:F9:1F:23:D7:6D:4C Certificate issuer: /CN=2ad2fe6466d07094a4256da2cc847083c5006b1a Certificate serial: 019B7C80CFFAF40479AB085826705D0E81F3 Authority key identifier: 2A:D2:FE:64:66:D0:70:94:A4:25:6D:A2:CC:84:70:83:C5:00:6B:1A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KtL-ZGbQcJSkJW2izIRwg8UAaxo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/8a31f3-7acf-47b4-b97b-fa31e2dc6abb/1/L7FFVZjn00bwAbkg_Lv5HyPXbUw.roa Signing time: Fri 02 Jan 2026 02:19:35 +0000 ROA not before: Fri 02 Jan 2026 02:19:35 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 49720 IP address blocks: 91.236.224.0/24 maxlen: 24 91.236.225.0/24 maxlen: 24 91.236.226.0/24 maxlen: 24 91.236.227.0/24 maxlen: 24 185.168.128.0/22 maxlen: 22 185.168.128.0/24 maxlen: 24 185.168.129.0/24 maxlen: 24 185.168.130.0/23 maxlen: 23 185.250.20.0/22 maxlen: 22 185.250.20.0/24 maxlen: 24 185.250.21.0/24 maxlen: 24 185.250.22.0/24 maxlen: 24 185.250.23.0/24 maxlen: 24 193.107.136.0/24 maxlen: 24 193.107.138.0/24 maxlen: 24 195.182.194.0/24 maxlen: 24 195.182.195.0/24 maxlen: 24 2a0a:700::/32 maxlen: 32 2a0a:701::/32 maxlen: 32 2a0a:702::/32 maxlen: 32 2a0a:703::/32 maxlen: 32 2a0a:704::/32 maxlen: 32 2a0a:705::/32 maxlen: 32 2a0a:706::/32 maxlen: 32 2a0a:707::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/8a31f3-7acf-47b4-b97b-fa31e2dc6abb/1/KtL-ZGbQcJSkJW2izIRwg8UAaxo.crl rsync://rpki.ripe.net/repository/DEFAULT/58/8a31f3-7acf-47b4-b97b-fa31e2dc6abb/1/KtL-ZGbQcJSkJW2izIRwg8UAaxo.mft rsync://rpki.ripe.net/repository/DEFAULT/KtL-ZGbQcJSkJW2izIRwg8UAaxo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 01:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:80:cf:fa:f4:04:79:ab:08:58:26:70:5d:0e:81:f3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2ad2fe6466d07094a4256da2cc847083c5006b1a Validity Not Before: Jan 2 02:19:35 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=2fb1455598e7d346f001b920fcbbf91f23d76d4c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:c3:7a:93:c8:9c:b1:b0:b5:84:2e:1a:20:d2: 26:de:98:ba:e1:60:50:77:1a:55:fb:90:64:4b:1a: 61:e1:25:0a:8b:42:b9:83:d1:d0:f0:43:82:a9:95: 0a:ca:62:7a:ae:91:58:7d:83:63:0c:b2:c1:78:b2: 92:3a:c0:09:4b:3c:34:a0:c2:b8:c1:3a:50:1b:a3: f1:a6:85:98:98:5b:8a:dd:93:f4:c4:3b:04:59:2c: 5e:86:fa:d8:a5:f5:2f:55:ba:81:2b:d2:86:44:fc: af:64:17:42:a8:73:85:81:da:eb:97:7b:28:d8:56: 0c:f3:41:8a:c2:12:ab:75:72:51:3f:55:8e:39:76: cf:34:26:dd:ba:16:53:8f:d5:fa:83:33:7e:b6:58: 9f:aa:50:db:78:1c:ef:fb:d6:ba:d3:5a:c7:67:40: 18:62:0d:34:f8:a7:a3:f8:68:f4:f8:78:f0:3d:9f: 98:c2:08:38:db:e5:b1:31:00:84:77:29:60:98:b8: e9:d7:c1:4c:4a:e0:3a:42:66:43:db:06:51:3a:c8: 9a:03:00:82:79:5f:c8:22:8a:d6:d4:4d:0e:7c:63: b2:cc:e4:1d:ae:1c:f2:09:73:aa:d2:48:04:19:53: 3a:ba:e6:54:a6:14:3b:ad:b3:4e:28:67:95:1a:fa: 38:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2F:B1:45:55:98:E7:D3:46:F0:01:B9:20:FC:BB:F9:1F:23:D7:6D:4C X509v3 Authority Key Identifier: keyid:2A:D2:FE:64:66:D0:70:94:A4:25:6D:A2:CC:84:70:83:C5:00:6B:1A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KtL-ZGbQcJSkJW2izIRwg8UAaxo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/8a31f3-7acf-47b4-b97b-fa31e2dc6abb/1/L7FFVZjn00bwAbkg_Lv5HyPXbUw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/58/8a31f3-7acf-47b4-b97b-fa31e2dc6abb/1/KtL-ZGbQcJSkJW2izIRwg8UAaxo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.236.224.0/22 185.168.128.0/22 185.250.20.0/22 193.107.136.0/24 193.107.138.0/24 195.182.194.0/23 IPv6: 2a0a:700::/29 Signature Algorithm: sha256WithRSAEncryption 4d:8f:d8:1d:ed:65:84:58:ce:88:7d:96:b3:09:7f:e8:48:d7: 48:fd:b3:71:fe:ea:b3:c7:11:92:1e:cf:5a:75:d1:41:59:e8: 0d:7a:d7:09:05:a5:4a:89:ee:6c:53:66:25:07:d5:c4:6f:20: 1c:fb:69:a7:05:da:f7:f3:3b:e3:87:25:e5:b1:e7:fb:22:30: 6a:f0:03:41:65:31:46:15:f3:34:75:a1:19:8b:4a:cd:62:25: 28:4b:a0:5a:60:04:18:34:3d:60:a0:c6:bc:b1:81:0b:ed:8b: 1d:24:c6:89:50:00:6c:6f:d2:27:18:b3:41:c9:fc:1b:ff:ad: bd:8b:fa:a1:b5:b2:f9:83:ff:53:f5:9e:06:4c:1b:c4:55:47: 03:44:22:50:db:48:5f:9e:77:5e:b5:39:4b:a2:ed:53:96:20: 12:a5:09:23:f8:bf:aa:7f:a2:78:94:53:d0:bd:b4:54:b0:81: 57:0c:7b:19:ba:c2:f5:70:7c:ab:d2:97:41:64:d4:38:1a:cd: 64:ba:95:8d:d6:9c:4b:8f:1b:95:b0:47:14:f6:63:29:fd:c2: b5:dd:47:8b:67:a5:6f:b6:52:39:1f:44:05:79:f7:8d:cf:db: ea:b8:ad:f2:8e:e1:c0:7c:23:13:16:46:4a:b3:44:11:79:f3: 19:df:b5:6e -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgISAZt8gM/69AR5qwhYJnBdDoHzMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhZDJmZTY0NjZkMDcwOTRhNDI1NmRhMmNjODQ3MDgzYzUw MDZiMWEwHhcNMjYwMTAyMDIxOTM1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyZmIxNDU1NTk4ZTdkMzQ2ZjAwMWI5MjBmY2JiZjkxZjIzZDc2ZDRjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt8N6k8icsbC1hC4aINIm3pi64WBQ dxpV+5BkSxph4SUKi0K5g9HQ8EOCqZUKymJ6rpFYfYNjDLLBeLKSOsAJSzw0oMK4 wTpQG6PxpoWYmFuK3ZP0xDsEWSxehvrYpfUvVbqBK9KGRPyvZBdCqHOFgdrrl3so 2FYM80GKwhKrdXJRP1WOOXbPNCbduhZTj9X6gzN+tlifqlDbeBzv+9a601rHZ0AY Yg00+Kej+Gj0+HjwPZ+Ywgg42+WxMQCEdylgmLjp18FMSuA6QmZD2wZROsiaAwCC eV/IIorW1E0OfGOyzOQdrhzyCXOq0kgEGVM6uuZUphQ7rbNOKGeVGvo42wIDAQAB o4ICNjCCAjIwHQYDVR0OBBYEFC+xRVWY59NG8AG5IPy7+R8j121MMB8GA1UdIwQY MBaAFCrS/mRm0HCUpCVtosyEcIPFAGsaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS3RMLVpHYlFjSlNrSlcyaXpJUndnOFVBYXhvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC84YTMxZjMtN2FjZi00N2I0LWI5N2It ZmEzMWUyZGM2YWJiLzEvTDdGRlZaam4wMGJ3QWJrZ19MdjVIeVBYYlV3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81OC84YTMxZjMtN2FjZi00N2I0LWI5N2ItZmEzMWUyZGM2YWJi LzEvS3RMLVpHYlFjSlNrSlcyaXpJUndnOFVBYXhvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQCW+zgAwQC uaiAAwQCufoUAwQAwWuIAwQAwWuKAwQBw7bCMA0EAgACMAcDBQMqCgcAMA0GCSqG SIb3DQEBCwUAA4IBAQBNj9gd7WWEWM6IfZazCX/oSNdI/bNx/uqzxxGSHs9addFB WegNetcJBaVKie5sU2YlB9XEbyAc+2mnBdr38zvjhyXlsef7IjBq8ANBZTFGFfM0 daEZi0rNYiUoS6BaYAQYND1goMa8sYEL7YsdJMaJUABsb9InGLNByfwb/629i/qh tbL5g/9T9Z4GTBvEVUcDRCJQ20hfnndetTlLou1TliASpQkj+L+qf6J4lFPQvbRU sIFXDHsZusL1cHyr0pdBZNQ4Gs1kupWN1pxLjxuVsEcU9mMp/cK13UeLZ6VvtlI5 H0QFefeNz9vquK3yjuHAfCMTFkZKs0QRefMZ37Vu -----END CERTIFICATE-----Generated at Mon Jan 26 09:22:46 2026 by rpki-client