This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/293698-949d-4665-ba07-8cb4e253f175/1/lFmZ1r-ocL0yoqMbggjpkGrPea8.roa File: lFmZ1r-ocL0yoqMbggjpkGrPea8.roa (raw, json) Hash identifier: 6qzbhdeSH++M2Vfj/8glXhLo1pCgKlmjHvesyWCTjDI= Subject key identifier: 94:59:99:D6:BF:A8:70:BD:32:A2:A3:1B:82:08:E9:90:6A:CF:79:AF Certificate issuer: /CN=6fad6a71defe560a0e5c21ffbb4038fb41091295 Certificate serial: 019B79ED3E492614567687452B9D8AC68613 Authority key identifier: 6F:AD:6A:71:DE:FE:56:0A:0E:5C:21:FF:BB:40:38:FB:41:09:12:95 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b61qcd7-VgoOXCH_u0A4-0EJEpU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/293698-949d-4665-ba07-8cb4e253f175/1/lFmZ1r-ocL0yoqMbggjpkGrPea8.roa Signing time: Thu 01 Jan 2026 14:19:09 +0000 ROA not before: Thu 01 Jan 2026 14:19:09 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 44863 IP address blocks: 193.138.245.0/24 maxlen: 24 193.138.246.0/24 maxlen: 24 193.138.247.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/293698-949d-4665-ba07-8cb4e253f175/1/b61qcd7-VgoOXCH_u0A4-0EJEpU.crl rsync://rpki.ripe.net/repository/DEFAULT/87/293698-949d-4665-ba07-8cb4e253f175/1/b61qcd7-VgoOXCH_u0A4-0EJEpU.mft rsync://rpki.ripe.net/repository/DEFAULT/b61qcd7-VgoOXCH_u0A4-0EJEpU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:ed:3e:49:26:14:56:76:87:45:2b:9d:8a:c6:86:13 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6fad6a71defe560a0e5c21ffbb4038fb41091295 Validity Not Before: Jan 1 14:19:09 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=945999d6bfa870bd32a2a31b8208e9906acf79af Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:63:ef:7d:2b:1c:07:0f:50:1c:88:69:a7:fe: d5:4d:37:3b:23:0b:25:98:5c:42:69:73:93:af:01: c8:2f:71:00:d9:34:47:98:7e:5f:6f:3e:9d:27:68: 38:35:2d:c1:ba:95:33:fe:0f:49:a2:c3:5a:fc:dc: 5c:53:a6:94:c5:a3:d7:27:75:85:b9:16:23:1c:c2: 97:6c:25:0d:c1:8d:b1:3d:22:aa:57:a6:58:87:30: 63:2c:ec:a4:f4:66:00:82:c5:b4:da:07:bf:99:c8: c2:76:0c:14:37:68:db:91:35:fd:85:b1:a5:a5:a4: b3:c1:41:bf:68:31:c3:bf:5e:5a:78:dd:1b:53:d1: 2f:04:4a:58:a2:24:90:dc:19:0c:ef:27:73:2d:a9: 9a:37:7c:10:58:c2:d4:29:59:d6:ff:2f:f2:37:2f: 34:80:1c:55:8a:ef:e7:77:e2:26:2a:bf:5a:e0:ef: d2:82:3f:e3:3b:b9:10:60:a2:b9:e9:6a:ae:31:12: 7e:da:a6:a4:a2:9b:26:6a:9e:b4:7b:d0:73:4f:71: 77:87:44:95:4e:ac:6a:77:7e:fb:e8:29:86:5d:86: ec:c8:bb:c7:67:73:30:c5:8f:1d:54:3a:7d:64:d0: b2:f4:5c:30:e1:c2:85:14:be:b8:7a:77:c3:4c:ad: e6:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 94:59:99:D6:BF:A8:70:BD:32:A2:A3:1B:82:08:E9:90:6A:CF:79:AF X509v3 Authority Key Identifier: keyid:6F:AD:6A:71:DE:FE:56:0A:0E:5C:21:FF:BB:40:38:FB:41:09:12:95 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b61qcd7-VgoOXCH_u0A4-0EJEpU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/293698-949d-4665-ba07-8cb4e253f175/1/lFmZ1r-ocL0yoqMbggjpkGrPea8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/87/293698-949d-4665-ba07-8cb4e253f175/1/b61qcd7-VgoOXCH_u0A4-0EJEpU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 193.138.245.0-193.138.247.255 Signature Algorithm: sha256WithRSAEncryption 77:08:cf:46:3e:50:a8:f3:ae:b1:c2:7d:28:a9:cd:45:a1:8a: 46:6d:8c:20:cc:6c:b8:f3:8b:29:23:4a:b3:d1:af:32:aa:d8: 23:46:05:19:5e:6c:b0:74:b3:73:11:7d:8f:c7:74:1e:e8:39: 73:6c:e2:81:32:0b:c6:60:db:d3:6f:9b:9e:e4:81:0b:48:ac: 92:26:98:d1:10:f2:df:9a:b9:fa:58:93:83:2a:8c:08:41:2f: 68:81:84:d2:d6:54:84:62:08:8c:14:88:7e:19:12:0f:5b:84: bb:5a:03:78:8f:1a:d1:dc:ca:b4:b9:02:e0:fd:34:5d:6a:d4: e6:66:71:ec:3b:70:3d:b7:24:c1:fc:67:b9:08:a9:7a:c5:89: ea:67:8f:df:75:61:ac:82:e2:05:96:f8:76:b5:a5:93:62:b0: 85:25:f5:cb:82:fd:f4:cc:74:c2:3a:fc:e4:94:0c:25:be:3d: cd:2b:f7:7f:69:97:18:06:20:de:5c:96:b7:a1:9c:65:7a:c3: 86:c2:27:88:99:aa:10:37:a7:f6:59:de:86:cb:6e:58:26:ef: 5a:04:12:fb:60:0f:8e:04:b8:0d:41:4b:f1:23:eb:0a:92:e7: ab:d4:b7:95:93:4b:84:54:0e:ff:81:3c:63:f0:5c:5e:d9:d7: b4:29:fe:91 -----BEGIN CERTIFICATE----- MIIFBTCCA+2gAwIBAgISAZt57T5JJhRWdodFK52KxoYTMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZmYWQ2YTcxZGVmZTU2MGEwZTVjMjFmZmJiNDAzOGZiNDEw OTEyOTUwHhcNMjYwMTAxMTQxOTA5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5NDU5OTlkNmJmYTg3MGJkMzJhMmEzMWI4MjA4ZTk5MDZhY2Y3OWFmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnGPvfSscBw9QHIhpp/7VTTc7Iwsl mFxCaXOTrwHIL3EA2TRHmH5fbz6dJ2g4NS3BupUz/g9JosNa/NxcU6aUxaPXJ3WF uRYjHMKXbCUNwY2xPSKqV6ZYhzBjLOyk9GYAgsW02ge/mcjCdgwUN2jbkTX9hbGl paSzwUG/aDHDv15aeN0bU9EvBEpYoiSQ3BkM7ydzLamaN3wQWMLUKVnW/y/yNy80 gBxViu/nd+ImKr9a4O/Sgj/jO7kQYKK56WquMRJ+2qakopsmap60e9BzT3F3h0SV Tqxqd3776CmGXYbsyLvHZ3MwxY8dVDp9ZNCy9Fww4cKFFL64enfDTK3m3wIDAQAB o4ICETCCAg0wHQYDVR0OBBYEFJRZmda/qHC9MqKjG4II6ZBqz3mvMB8GA1UdIwQY MBaAFG+tanHe/lYKDlwh/7tAOPtBCRKVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYjYxcWNkNy1WZ29PWENIX3UwQTQtMEVKRXBVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8yOTM2OTgtOTQ5ZC00NjY1LWJhMDct OGNiNGUyNTNmMTc1LzEvbEZtWjFyLW9jTDB5b3FNYmdnanBrR3JQZWE4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Ny8yOTM2OTgtOTQ5ZC00NjY1LWJhMDctOGNiNGUyNTNmMTc1 LzEvYjYxcWNkNy1WZ29PWENIX3UwQTQtMEVKRXBVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBADBivUD BAPBivAwDQYJKoZIhvcNAQELBQADggEBAHcIz0Y+UKjzrrHCfSipzUWhikZtjCDM bLjziykjSrPRrzKq2CNGBRlebLB0s3MRfY/HdB7oOXNs4oEyC8Zg29Nvm57kgQtI rJImmNEQ8t+aufpYk4MqjAhBL2iBhNLWVIRiCIwUiH4ZEg9bhLtaA3iPGtHcyrS5 AuD9NF1q1OZmcew7cD23JMH8Z7kIqXrFiepnj991YayC4gWW+Ha1pZNisIUl9cuC /fTMdMI6/OSUDCW+Pc0r939plxgGIN5clrehnGV6w4bCJ4iZqhA3p/ZZ3obLblgm 71oEEvtgD44EuA1BS/Ej6wqS56vUt5WTS4RUDv+BPGPwXF7Z17Qp/pE= -----END CERTIFICATE-----Generated at Mon Jan 26 03:06:09 2026 by rpki-client