This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/42f014-cd92-4205-aa53-1a80a2f7d7ea/1/l42LyB_1C2P-LllZFiZxTraA8VY.roa File: l42LyB_1C2P-LllZFiZxTraA8VY.roa (raw, json) Hash identifier: DBvrQLij/XijOP3rNHrPmHSYFZ7FdPcqe5/jQy1zmiA= Subject key identifier: 97:8D:8B:C8:1F:F5:0B:63:FE:2E:59:59:16:26:71:4E:B6:80:F1:56 Certificate issuer: /CN=cd576d876e17e67aa3b1f1c10dab39db2935e22b Certificate serial: 019B7EA676AFEDB442EAF9663D7E419279DE Authority key identifier: CD:57:6D:87:6E:17:E6:7A:A3:B1:F1:C1:0D:AB:39:DB:29:35:E2:2B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zVdth24X5nqjsfHBDas52yk14is.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/42f014-cd92-4205-aa53-1a80a2f7d7ea/1/l42LyB_1C2P-LllZFiZxTraA8VY.roa Signing time: Fri 02 Jan 2026 12:19:57 +0000 ROA not before: Fri 02 Jan 2026 12:19:57 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 62371 IP address blocks: 109.224.244.0/24 maxlen: 24 109.224.245.0/24 maxlen: 24 109.224.246.0/24 maxlen: 24 109.224.247.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/85/42f014-cd92-4205-aa53-1a80a2f7d7ea/1/zVdth24X5nqjsfHBDas52yk14is.crl rsync://rpki.ripe.net/repository/DEFAULT/85/42f014-cd92-4205-aa53-1a80a2f7d7ea/1/zVdth24X5nqjsfHBDas52yk14is.mft rsync://rpki.ripe.net/repository/DEFAULT/zVdth24X5nqjsfHBDas52yk14is.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a6:76:af:ed:b4:42:ea:f9:66:3d:7e:41:92:79:de Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cd576d876e17e67aa3b1f1c10dab39db2935e22b Validity Not Before: Jan 2 12:19:57 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=978d8bc81ff50b63fe2e59591626714eb680f156 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:94:b9:e8:39:83:01:2b:73:53:ba:48:13:78:0b: 1c:8b:f2:61:6d:50:39:5d:90:63:45:53:d1:4c:ea: f5:cb:82:98:ac:0c:de:47:e6:44:84:10:eb:36:4d: e7:e7:37:db:be:f3:a8:fb:40:f2:22:05:1e:1a:6f: 55:ab:a6:f9:6f:32:2a:03:2b:46:6f:02:7d:46:05: f6:cc:eb:c2:a6:ad:4b:fc:78:fd:af:ff:d4:ec:c8: 46:30:99:9c:bb:d9:59:33:09:66:9c:6c:f3:56:39: 2a:2d:f7:35:dd:fe:8f:c3:c8:e7:43:7f:07:66:26: cf:0e:c0:8e:a8:26:79:38:b0:b0:7e:3d:b0:c0:59: af:8e:5f:5b:11:7f:01:53:2f:70:c8:7a:66:55:ea: 91:0b:8f:ce:72:b7:dd:38:3c:f4:f8:c0:d7:86:5f: 95:ed:65:8a:fc:93:63:99:94:c0:c9:a0:4e:a0:20: 4c:b8:69:8d:05:cd:5b:62:91:a0:34:dd:bf:51:89: f9:f5:02:c4:f6:75:8d:02:57:93:d9:eb:e3:13:14: 7d:49:63:ca:d0:f1:ee:5d:3a:75:e2:8d:e8:c0:df: a9:24:ec:e9:b4:4f:1a:d6:79:0d:e3:40:c7:b8:c4: de:d5:3d:64:94:51:f5:e4:ec:db:88:db:46:8a:5d: 53:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 97:8D:8B:C8:1F:F5:0B:63:FE:2E:59:59:16:26:71:4E:B6:80:F1:56 X509v3 Authority Key Identifier: keyid:CD:57:6D:87:6E:17:E6:7A:A3:B1:F1:C1:0D:AB:39:DB:29:35:E2:2B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zVdth24X5nqjsfHBDas52yk14is.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/42f014-cd92-4205-aa53-1a80a2f7d7ea/1/l42LyB_1C2P-LllZFiZxTraA8VY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/85/42f014-cd92-4205-aa53-1a80a2f7d7ea/1/zVdth24X5nqjsfHBDas52yk14is.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 109.224.244.0/22 Signature Algorithm: sha256WithRSAEncryption 9a:04:5b:f7:97:ac:30:ed:94:e2:28:c9:cc:4e:6a:16:c1:d4: 94:8a:ab:d8:bd:c9:b6:4a:c1:d9:a9:68:55:e7:5e:08:8b:27: c8:c9:6a:af:62:41:18:49:8d:4d:9a:16:6d:01:90:1c:4d:d3: d9:ff:33:e6:01:0e:b6:af:f8:22:1c:cf:9e:fe:ac:9f:3c:a3: 56:45:ba:33:5d:f1:e9:a8:5e:8c:fc:85:31:84:e9:dd:f3:14: 5f:14:e9:7f:49:bd:92:b3:16:ce:5b:65:18:e8:76:d9:74:0b: bf:ee:6e:56:c8:cb:68:4a:c5:2d:c9:0a:b0:f1:94:b9:0b:e5: f4:a1:9e:73:4c:e3:fe:d9:3b:bf:a5:06:80:f9:cc:b8:b1:b5: 43:b2:59:78:6a:b1:b5:78:df:5a:85:e1:8b:3e:3e:0d:70:ee: ef:02:bc:7a:cf:93:34:2e:44:16:1c:4a:c2:38:37:65:b5:e2: a1:08:ca:b5:76:5a:80:bf:0e:e5:49:09:42:84:0a:fe:7f:f2: 67:b9:d7:82:0e:e7:63:fc:9a:c7:c9:82:d9:0b:fb:04:6d:e3: 95:72:de:16:63:77:03:72:b4:cb:09:e5:38:dd:11:74:26:0a: 70:6b:9f:17:2c:7d:71:02:60:bf:09:b3:ea:0b:16:73:6f:7c: 74:c0:a4:12 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt+pnav7bRC6vlmPX5BknneMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNkNTc2ZDg3NmUxN2U2N2FhM2IxZjFjMTBkYWIzOWRiMjkz NWUyMmIwHhcNMjYwMTAyMTIxOTU3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5NzhkOGJjODFmZjUwYjYzZmUyZTU5NTkxNjI2NzE0ZWI2ODBmMTU2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlLnoOYMBK3NTukgTeAsci/JhbVA5 XZBjRVPRTOr1y4KYrAzeR+ZEhBDrNk3n5zfbvvOo+0DyIgUeGm9Vq6b5bzIqAytG bwJ9RgX2zOvCpq1L/Hj9r//U7MhGMJmcu9lZMwlmnGzzVjkqLfc13f6Pw8jnQ38H ZibPDsCOqCZ5OLCwfj2wwFmvjl9bEX8BUy9wyHpmVeqRC4/OcrfdODz0+MDXhl+V 7WWK/JNjmZTAyaBOoCBMuGmNBc1bYpGgNN2/UYn59QLE9nWNAleT2evjExR9SWPK 0PHuXTp14o3owN+pJOzptE8a1nkN40DHuMTe1T1klFH15OzbiNtGil1T8wIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFJeNi8gf9Qtj/i5ZWRYmcU62gPFWMB8GA1UdIwQY MBaAFM1XbYduF+Z6o7HxwQ2rOdspNeIrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvelZkdGgyNFg1bnFqc2ZIQkRhczUyeWsxNGlzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS80MmYwMTQtY2Q5Mi00MjA1LWFhNTMt MWE4MGEyZjdkN2VhLzEvbDQyTHlCXzFDMlAtTGxsWkZpWnhUcmFBOFZZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84NS80MmYwMTQtY2Q5Mi00MjA1LWFhNTMtMWE4MGEyZjdkN2Vh LzEvelZkdGgyNFg1bnFqc2ZIQkRhczUyeWsxNGlzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCbeD0MA0G CSqGSIb3DQEBCwUAA4IBAQCaBFv3l6ww7ZTiKMnMTmoWwdSUiqvYvcm2SsHZqWhV 514IiyfIyWqvYkEYSY1NmhZtAZAcTdPZ/zPmAQ62r/giHM+e/qyfPKNWRbozXfHp qF6M/IUxhOnd8xRfFOl/Sb2SsxbOW2UY6HbZdAu/7m5WyMtoSsUtyQqw8ZS5C+X0 oZ5zTOP+2Tu/pQaA+cy4sbVDsll4arG1eN9aheGLPj4NcO7vArx6z5M0LkQWHErC ODdlteKhCMq1dlqAvw7lSQlChAr+f/JnudeCDudj/JrHyYLZC/sEbeOVct4WY3cD crTLCeU43RF0Jgpwa58XLH1xAmC/CbPqCxZzb3x0wKQS -----END CERTIFICATE-----Generated at Mon Jan 26 03:56:44 2026 by rpki-client