This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/8651c5-bd77-460d-83bf-5933a09f72d1/1/lRsRyKhA42mUZ8hS2rpLHm_3tDE.roa File: lRsRyKhA42mUZ8hS2rpLHm_3tDE.roa (raw, json) Hash identifier: 4WHzRlXZtSPth79yxsiKoFHqj8Ld8gxycNtzoxgNA00= Subject key identifier: 95:1B:11:C8:A8:40:E3:69:94:67:C8:52:DA:BA:4B:1E:6F:F7:B4:31 Certificate issuer: /CN=22877298dae5d5a3beabca16e92d1a141e948627 Certificate serial: 019B78A2C1A4B8137856E95F31E68F7133AB Authority key identifier: 22:87:72:98:DA:E5:D5:A3:BE:AB:CA:16:E9:2D:1A:14:1E:94:86:27 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IodymNrl1aO-q8oW6S0aFB6Uhic.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/8651c5-bd77-460d-83bf-5933a09f72d1/1/lRsRyKhA42mUZ8hS2rpLHm_3tDE.roa Signing time: Thu 01 Jan 2026 08:18:10 +0000 ROA not before: Thu 01 Jan 2026 08:18:10 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 136468 IP address blocks: 163.114.204.0/24 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6e/8651c5-bd77-460d-83bf-5933a09f72d1/1/IodymNrl1aO-q8oW6S0aFB6Uhic.crl rsync://rpki.ripe.net/repository/DEFAULT/6e/8651c5-bd77-460d-83bf-5933a09f72d1/1/IodymNrl1aO-q8oW6S0aFB6Uhic.mft rsync://rpki.ripe.net/repository/DEFAULT/IodymNrl1aO-q8oW6S0aFB6Uhic.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a2:c1:a4:b8:13:78:56:e9:5f:31:e6:8f:71:33:ab Signature Algorithm: sha256WithRSAEncryption Issuer: CN=22877298dae5d5a3beabca16e92d1a141e948627 Validity Not Before: Jan 1 08:18:10 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=951b11c8a840e3699467c852daba4b1e6ff7b431 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f4:f8:ee:4b:52:52:24:39:3a:b1:b0:fb:15:4a: b2:bf:0e:23:51:a3:6c:95:da:99:60:c6:14:3a:fd: b5:2e:b1:b6:92:38:22:aa:8b:92:3e:9d:57:66:ab: f3:14:bb:6c:7b:88:37:e3:50:c2:3b:93:e3:2a:15: c7:e9:51:a7:e4:72:49:05:58:84:eb:1f:5f:c3:97: 69:fa:e7:1d:75:7f:75:99:b0:72:8c:54:73:18:b8: de:32:f6:9e:14:55:1e:2e:88:99:bf:ab:16:30:dc: ee:97:42:d9:8a:7f:bc:21:14:4b:84:40:c6:5a:87: 26:77:e5:25:70:2c:f0:79:1f:25:08:ed:73:e3:ba: 01:97:43:76:02:97:cd:c2:e3:57:f8:80:24:d9:ed: c3:8a:59:62:8d:f7:8b:97:fd:9c:23:00:6e:18:d5: 11:12:44:24:93:66:a7:c8:02:23:47:b7:11:2a:d0: 3f:e7:ed:6c:ee:20:1b:86:90:63:dc:53:43:66:3b: 4b:d9:f9:f3:c8:01:ee:11:8f:48:15:28:59:85:15: 4c:1a:53:29:7d:bc:14:e6:ed:fb:fb:e0:6e:14:a1: e4:0d:c8:48:5a:a6:c6:a5:bf:94:11:94:c5:b5:52: 41:db:0a:db:14:29:bc:df:67:1c:21:13:05:5f:8f: 08:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 95:1B:11:C8:A8:40:E3:69:94:67:C8:52:DA:BA:4B:1E:6F:F7:B4:31 X509v3 Authority Key Identifier: keyid:22:87:72:98:DA:E5:D5:A3:BE:AB:CA:16:E9:2D:1A:14:1E:94:86:27 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IodymNrl1aO-q8oW6S0aFB6Uhic.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/8651c5-bd77-460d-83bf-5933a09f72d1/1/lRsRyKhA42mUZ8hS2rpLHm_3tDE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/8651c5-bd77-460d-83bf-5933a09f72d1/1/IodymNrl1aO-q8oW6S0aFB6Uhic.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 163.114.204.0/24 Signature Algorithm: sha256WithRSAEncryption 9e:7e:5f:05:cf:36:07:a3:2b:69:2f:95:58:31:a0:c0:b3:75: 24:d4:a2:67:47:c8:32:c7:c0:7b:ac:28:63:09:b3:70:cc:23: 94:58:27:a7:eb:2d:c7:fa:01:2b:a8:56:86:7e:51:57:88:77: 9a:72:4d:8e:04:e1:50:26:35:9f:ec:c5:54:f4:0a:1a:d2:93: e0:3f:b6:5a:08:41:68:3e:22:3e:a7:26:d1:88:f9:df:3b:03: 64:9a:11:bb:a3:6b:3b:12:44:ec:04:d7:95:9d:92:71:df:1e: 14:62:87:fe:55:c0:a2:bd:2e:42:e9:bb:91:92:2f:10:f3:f5: 1d:8a:d9:0d:71:cb:88:55:5e:8d:2a:e4:58:e8:1e:94:5b:4c: aa:c4:29:32:64:19:3c:cd:e0:8a:3a:a6:9d:1b:c9:93:f0:6d: 78:82:cd:5f:a0:07:a3:47:93:5e:da:5b:2a:99:9a:46:c8:18: 3d:4f:75:94:76:fa:fd:02:d8:7c:17:ae:d8:55:5c:97:b3:17: 06:b5:9d:30:c1:03:4e:bf:78:07:f2:b5:be:e7:cc:a3:a5:d5: 3d:53:07:a9:bc:28:8e:49:0f:3f:d9:f5:db:47:42:bf:f6:2e: e8:39:df:48:3b:86:cd:01:56:54:02:db:12:65:3f:e2:73:96: f6:93:35:f8 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt4osGkuBN4VulfMeaPcTOrMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIyODc3Mjk4ZGFlNWQ1YTNiZWFiY2ExNmU5MmQxYTE0MWU5 NDg2MjcwHhcNMjYwMTAxMDgxODEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5NTFiMTFjOGE4NDBlMzY5OTQ2N2M4NTJkYWJhNGIxZTZmZjdiNDMxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9PjuS1JSJDk6sbD7FUqyvw4jUaNs ldqZYMYUOv21LrG2kjgiqouSPp1XZqvzFLtse4g341DCO5PjKhXH6VGn5HJJBViE 6x9fw5dp+ucddX91mbByjFRzGLjeMvaeFFUeLoiZv6sWMNzul0LZin+8IRRLhEDG Wocmd+UlcCzweR8lCO1z47oBl0N2ApfNwuNX+IAk2e3DillijfeLl/2cIwBuGNUR EkQkk2anyAIjR7cRKtA/5+1s7iAbhpBj3FNDZjtL2fnzyAHuEY9IFShZhRVMGlMp fbwU5u37++BuFKHkDchIWqbGpb+UEZTFtVJB2wrbFCm832ccIRMFX48I+QIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFJUbEcioQONplGfIUtq6Sx5v97QxMB8GA1UdIwQY MBaAFCKHcpja5dWjvqvKFuktGhQelIYnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSW9keW1OcmwxYU8tcThvVzZTMGFGQjZVaGljLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS84NjUxYzUtYmQ3Ny00NjBkLTgzYmYt NTkzM2EwOWY3MmQxLzEvbFJzUnlLaEE0Mm1VWjhoUzJycExIbV8zdERFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82ZS84NjUxYzUtYmQ3Ny00NjBkLTgzYmYtNTkzM2EwOWY3MmQx LzEvSW9keW1OcmwxYU8tcThvVzZTMGFGQjZVaGljLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAo3LMMA0G CSqGSIb3DQEBCwUAA4IBAQCefl8FzzYHoytpL5VYMaDAs3Uk1KJnR8gyx8B7rChj CbNwzCOUWCen6y3H+gErqFaGflFXiHeack2OBOFQJjWf7MVU9Aoa0pPgP7ZaCEFo PiI+pybRiPnfOwNkmhG7o2s7EkTsBNeVnZJx3x4UYof+VcCivS5C6buRki8Q8/Ud itkNccuIVV6NKuRY6B6UW0yqxCkyZBk8zeCKOqadG8mT8G14gs1foAejR5Ne2lsq mZpGyBg9T3WUdvr9Ath8F67YVVyXsxcGtZ0wwQNOv3gH8rW+58yjpdU9UwepvCiO SQ8/2fXbR0K/9i7oOd9IO4bNAVZUAtsSZT/ic5b2kzX4 -----END CERTIFICATE-----Generated at Sun Jan 25 22:16:53 2026 by rpki-client