This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/Lo8n8GTpAuX3cUT5TKIwpdDYMpk.roa File: Lo8n8GTpAuX3cUT5TKIwpdDYMpk.roa (raw, json) Hash identifier: LFfd8LdOzsN++zViD01pBmc6X7J6TGbEOTbK6bu+kU4= Subject key identifier: 2E:8F:27:F0:64:E9:02:E5:F7:71:44:F9:4C:A2:30:A5:D0:D8:32:99 Certificate issuer: /CN=65b7d6699835bfe9a8081dfc114df1bf6d215da7 Certificate serial: 019B79103D9AED9D76029A45ACCBE73E14B6 Authority key identifier: 65:B7:D6:69:98:35:BF:E9:A8:08:1D:FC:11:4D:F1:BF:6D:21:5D:A7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZbfWaZg1v-moCB38EU3xv20hXac.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/Lo8n8GTpAuX3cUT5TKIwpdDYMpk.roa Signing time: Thu 01 Jan 2026 10:17:46 +0000 ROA not before: Thu 01 Jan 2026 10:17:46 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 209242 IP address blocks: 213.182.199.0/24 maxlen: 24 213.182.210.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/ZbfWaZg1v-moCB38EU3xv20hXac.crl rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/ZbfWaZg1v-moCB38EU3xv20hXac.mft rsync://rpki.ripe.net/repository/DEFAULT/ZbfWaZg1v-moCB38EU3xv20hXac.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 25 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:10:3d:9a:ed:9d:76:02:9a:45:ac:cb:e7:3e:14:b6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=65b7d6699835bfe9a8081dfc114df1bf6d215da7 Validity Not Before: Jan 1 10:17:46 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=2e8f27f064e902e5f77144f94ca230a5d0d83299 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:cd:15:86:a9:c7:3e:4b:1d:b2:76:f8:38:bf: f3:bd:20:9a:0c:a9:dc:8f:cb:cb:79:ce:00:c7:60: 50:bd:22:b9:46:8f:63:8e:4b:a9:c0:45:04:e3:fa: e9:5a:dc:bb:e3:ab:af:b3:56:9d:02:32:25:dc:79: a6:1d:aa:59:3b:85:fb:62:d0:55:66:3b:be:b0:e4: 51:10:2b:c8:ba:c6:9e:5c:e1:32:07:01:96:06:a4: f8:5a:01:ed:5e:9f:b4:62:5e:0d:78:72:9e:91:10: 15:25:41:8c:ea:6a:82:f6:f9:00:26:ed:2f:a3:67: 61:24:84:db:0a:97:f3:63:15:40:c9:bb:3e:02:af: 3d:ee:9e:b2:2a:4a:27:db:c4:44:80:ff:f7:87:cc: b3:80:63:28:b3:d4:ec:41:a1:70:73:24:01:a4:e2: b8:ad:c2:67:fb:66:03:b3:06:ae:3b:7a:21:6a:e5: a5:e2:5e:c4:d2:9d:60:2c:ab:fa:50:47:75:6a:2d: 2b:12:05:2f:91:c4:71:1d:27:17:f4:34:69:68:33: 2e:1a:c4:ad:c3:09:93:4d:24:f2:d0:75:59:2d:2c: 6f:bb:85:ec:5e:fc:05:fd:63:82:8d:82:65:36:cd: 0b:26:35:0c:0a:35:5a:52:c8:f0:32:63:1d:cf:dc: 6c:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2E:8F:27:F0:64:E9:02:E5:F7:71:44:F9:4C:A2:30:A5:D0:D8:32:99 X509v3 Authority Key Identifier: keyid:65:B7:D6:69:98:35:BF:E9:A8:08:1D:FC:11:4D:F1:BF:6D:21:5D:A7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZbfWaZg1v-moCB38EU3xv20hXac.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/Lo8n8GTpAuX3cUT5TKIwpdDYMpk.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/ZbfWaZg1v-moCB38EU3xv20hXac.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 213.182.199.0/24 213.182.210.0/24 Signature Algorithm: sha256WithRSAEncryption 8b:85:f1:24:9d:4e:8b:f8:df:40:cf:d6:4e:3d:7c:88:c5:45: 6e:6c:3a:fb:0a:c0:8e:fe:67:27:b5:45:04:5b:74:a6:bf:23: 68:63:f1:28:a5:c4:05:de:38:d9:09:63:8d:8b:ea:82:f7:45: 63:4f:62:92:53:ae:5e:b0:2c:53:aa:6c:44:36:3d:94:30:eb: a4:db:cf:a8:46:75:c1:36:77:d6:6a:02:fd:86:40:b3:be:cd: ef:7e:bb:88:84:da:1b:84:18:cd:b0:3d:2c:bb:4b:3c:18:8e: e8:9c:c9:7c:50:fc:a4:41:88:bb:51:0d:3c:5e:6a:e6:40:f9: fd:94:90:24:69:ec:e7:25:86:55:86:1f:a2:1f:29:3b:27:4e: 10:78:aa:11:a3:f4:7f:02:f9:9e:8f:ca:cb:bb:7b:d6:11:dd: b2:d1:b8:0c:df:4d:89:69:fb:02:32:8d:47:58:6d:5f:39:41: c8:3c:07:95:6f:6f:56:55:44:39:7e:e9:a9:90:dd:bd:49:cd: 11:fd:65:70:f9:07:c3:e9:cc:fa:2d:62:f7:e0:89:ea:2f:11: b2:2d:09:1f:fb:40:74:8f:c5:3e:e2:1a:70:0a:ba:5b:e1:53: 16:ed:c0:95:87:c0:39:76:81:fe:e6:7d:74:69:dc:96:c2:af: 26:5a:5d:15 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt5ED2a7Z12AppFrMvnPhS2MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY1YjdkNjY5OTgzNWJmZTlhODA4MWRmYzExNGRmMWJmNmQy MTVkYTcwHhcNMjYwMTAxMTAxNzQ2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyZThmMjdmMDY0ZTkwMmU1Zjc3MTQ0Zjk0Y2EyMzBhNWQwZDgzMjk5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsc0VhqnHPksdsnb4OL/zvSCaDKnc j8vLec4Ax2BQvSK5Ro9jjkupwEUE4/rpWty746uvs1adAjIl3HmmHapZO4X7YtBV Zju+sORRECvIusaeXOEyBwGWBqT4WgHtXp+0Yl4NeHKekRAVJUGM6mqC9vkAJu0v o2dhJITbCpfzYxVAybs+Aq897p6yKkon28REgP/3h8yzgGMos9TsQaFwcyQBpOK4 rcJn+2YDswauO3ohauWl4l7E0p1gLKv6UEd1ai0rEgUvkcRxHScX9DRpaDMuGsSt wwmTTSTy0HVZLSxvu4XsXvwF/WOCjYJlNs0LJjUMCjVaUsjwMmMdz9xsiwIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFC6PJ/Bk6QLl93FE+UyiMKXQ2DKZMB8GA1UdIwQY MBaAFGW31mmYNb/pqAgd/BFN8b9tIV2nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWmJmV2FaZzF2LW1vQ0IzOEVVM3h2MjBoWGFjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC8wMjVlZTgtM2Y0Ny00NTdkLThkNDct OWU0MTNlYmY0MmYzLzEvTG84bjhHVHBBdVgzY1VUNVRLSXdwZERZTXBrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85MC8wMjVlZTgtM2Y0Ny00NTdkLThkNDctOWU0MTNlYmY0MmYz LzEvWmJmV2FaZzF2LW1vQ0IzOEVVM3h2MjBoWGFjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQA1bbHAwQA 1bbSMA0GCSqGSIb3DQEBCwUAA4IBAQCLhfEknU6L+N9Az9ZOPXyIxUVubDr7CsCO /mcntUUEW3SmvyNoY/EopcQF3jjZCWONi+qC90VjT2KSU65esCxTqmxENj2UMOuk 28+oRnXBNnfWagL9hkCzvs3vfruIhNobhBjNsD0su0s8GI7onMl8UPykQYi7UQ08 XmrmQPn9lJAkaeznJYZVhh+iHyk7J04QeKoRo/R/Avmej8rLu3vWEd2y0bgM302J afsCMo1HWG1fOUHIPAeVb29WVUQ5fumpkN29Sc0R/WVw+QfD6cz6LWL34InqLxGy LQkf+0B0j8U+4hpwCrpb4VMW7cCVh8A5doH+5n10adyWwq8mWl0V -----END CERTIFICATE-----Generated at Sun Jan 25 09:18:51 2026 by rpki-client