This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/lcn7Wtg6ulEkp1Lc7XKZFro-mds.roa File: lcn7Wtg6ulEkp1Lc7XKZFro-mds.roa (raw, json) Hash identifier: QCmVx87F8wdoRkStlUnKFmP4R7y7QH8VIpoG6J8hkG4= Subject key identifier: 95:C9:FB:5A:D8:3A:BA:51:24:A7:52:DC:ED:72:99:16:BA:3E:99:DB Certificate issuer: /CN=c66d9d50b3b89d51c8aa2493e7ef4701d6251dad Certificate serial: 019B7910F4FD491C37F90589771BDD118098 Authority key identifier: C6:6D:9D:50:B3:B8:9D:51:C8:AA:24:93:E7:EF:47:01:D6:25:1D:AD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xm2dULO4nVHIqiST5-9HAdYlHa0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/lcn7Wtg6ulEkp1Lc7XKZFro-mds.roa Signing time: Thu 01 Jan 2026 10:18:32 +0000 ROA not before: Thu 01 Jan 2026 10:18:32 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 215493 IP address blocks: 2a0d:f407:1006::/48 maxlen: 48 2a0d:f407:1017::/48 maxlen: 48 2a0d:f407:1025::/48 maxlen: 48 2a0d:f407:1033::/48 maxlen: 48 2a0d:f407:1049::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/xm2dULO4nVHIqiST5-9HAdYlHa0.crl rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/xm2dULO4nVHIqiST5-9HAdYlHa0.mft rsync://rpki.ripe.net/repository/DEFAULT/xm2dULO4nVHIqiST5-9HAdYlHa0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:10:f4:fd:49:1c:37:f9:05:89:77:1b:dd:11:80:98 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c66d9d50b3b89d51c8aa2493e7ef4701d6251dad Validity Not Before: Jan 1 10:18:32 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=95c9fb5ad83aba5124a752dced729916ba3e99db Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:56:0f:f8:29:37:67:92:d2:59:5e:87:01:34: 66:60:95:00:f5:fa:cf:c3:5e:02:82:c3:a2:19:a1: ad:7a:5d:d7:67:6e:f0:86:bb:3e:8f:7c:62:87:9c: b1:f7:4f:79:2e:bd:2e:0f:c1:78:a2:0c:97:4b:99: 8c:57:01:a7:cf:9b:7e:5a:e8:f8:fb:75:58:4a:f2: 6e:16:37:ef:82:cb:62:ec:a9:53:81:c9:5e:c8:3c: fa:01:42:d7:c8:ce:14:df:8c:0b:af:9c:d1:d3:e0: 14:95:76:f6:01:9f:93:11:49:43:0f:db:5d:d6:13: 0e:a5:1b:34:d0:52:b4:bd:26:e6:4e:8d:14:b6:d6: 9c:90:21:7d:4e:fe:d0:e7:bd:34:fd:39:19:b5:5e: d8:90:bd:e3:d9:55:23:af:b4:a5:29:ae:ae:c4:b5: e9:4e:89:d1:79:ed:00:9e:c1:a0:33:f3:15:d2:3e: 58:6d:2c:0d:ad:af:76:47:e4:af:72:d6:64:7b:de: a4:81:b8:9a:b8:f5:75:7f:ed:5a:fc:32:72:49:a1: cc:ef:2b:d6:9b:ba:53:30:99:e9:fc:88:a9:58:20: ed:44:ef:ca:e4:c1:83:e7:40:64:e4:7d:ba:2e:80: d3:d6:fc:7e:82:ef:be:a2:f6:77:51:ce:1b:64:29: 8e:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 95:C9:FB:5A:D8:3A:BA:51:24:A7:52:DC:ED:72:99:16:BA:3E:99:DB X509v3 Authority Key Identifier: keyid:C6:6D:9D:50:B3:B8:9D:51:C8:AA:24:93:E7:EF:47:01:D6:25:1D:AD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xm2dULO4nVHIqiST5-9HAdYlHa0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/lcn7Wtg6ulEkp1Lc7XKZFro-mds.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/xm2dULO4nVHIqiST5-9HAdYlHa0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0d:f407:1006::/48 2a0d:f407:1017::/48 2a0d:f407:1025::/48 2a0d:f407:1033::/48 2a0d:f407:1049::/48 Signature Algorithm: sha256WithRSAEncryption 96:8b:0b:a6:fc:2d:2d:7a:f0:65:85:14:56:e3:00:0e:a2:7f: 82:6b:ae:6b:04:bd:3d:43:7f:57:ac:f8:02:ef:e9:81:95:37: f4:11:b6:22:29:a8:b9:ea:10:de:d0:81:74:1f:c8:ff:27:11: de:dd:cb:96:4a:67:e2:ce:ae:c8:c3:99:68:01:bc:55:c9:aa: 37:ec:26:95:78:8b:6e:7c:3f:cf:dd:8a:6e:aa:6f:84:e2:7b: c0:c4:d5:5b:3c:31:cc:73:80:3a:73:c0:14:07:2d:74:27:f4: f1:60:e0:6d:d5:ca:57:14:9a:33:27:61:d3:e9:d1:65:d4:3a: 52:35:c6:ab:d1:eb:ae:c9:30:c8:0b:2b:70:93:e8:cd:53:22: 66:8a:e6:82:a6:14:a6:e7:1e:82:fb:69:be:79:68:68:cf:8a: b1:0b:a9:07:19:af:67:7f:b8:89:9e:20:a7:3a:c4:9f:a6:9f: 0b:36:a6:5b:0a:42:53:90:06:b3:8a:c1:aa:b1:36:45:c7:e1: 24:d1:f9:77:9b:e1:16:fb:8c:27:9c:04:63:27:18:0e:0b:8f: 41:b1:92:06:3a:04:54:f6:c0:31:69:81:6e:66:85:10:fa:36: 15:05:b6:c6:84:61:95:bd:38:90:19:2f:bf:56:93:58:8c:db: 1b:4c:ec:4f -----BEGIN CERTIFICATE----- MIIFJDCCBAygAwIBAgISAZt5EPT9SRw3+QWJdxvdEYCYMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM2NmQ5ZDUwYjNiODlkNTFjOGFhMjQ5M2U3ZWY0NzAxZDYy NTFkYWQwHhcNMjYwMTAxMTAxODMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5NWM5ZmI1YWQ4M2FiYTUxMjRhNzUyZGNlZDcyOTkxNmJhM2U5OWRiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm1YP+Ck3Z5LSWV6HATRmYJUA9frP w14CgsOiGaGtel3XZ27whrs+j3xih5yx9095Lr0uD8F4ogyXS5mMVwGnz5t+Wuj4 +3VYSvJuFjfvgsti7KlTgcleyDz6AULXyM4U34wLr5zR0+AUlXb2AZ+TEUlDD9td 1hMOpRs00FK0vSbmTo0UttackCF9Tv7Q5700/TkZtV7YkL3j2VUjr7SlKa6uxLXp TonRee0AnsGgM/MV0j5YbSwNra92R+SvctZke96kgbiauPV1f+1a/DJySaHM7yvW m7pTMJnp/IipWCDtRO/K5MGD50Bk5H26LoDT1vx+gu++ovZ3Uc4bZCmO6wIDAQAB o4ICMDCCAiwwHQYDVR0OBBYEFJXJ+1rYOrpRJKdS3O1ymRa6PpnbMB8GA1UdIwQY MBaAFMZtnVCzuJ1RyKokk+fvRwHWJR2tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveG0yZFVMTzRuVkhJcWlTVDUtOUhBZFlsSGEwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS80YmI3NGItOGQ2ZC00NTE0LWEzOWMt YjdjNTc4Yjc0ZTM1LzEvbGNuN1d0ZzZ1bEVrcDFMYzdYS1pGcm8tbWRzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hNS80YmI3NGItOGQ2ZC00NTE0LWEzOWMtYjdjNTc4Yjc0ZTM1 LzEveG0yZFVMTzRuVkhJcWlTVDUtOUhBZFlsSGEwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAzBAIAAjAtAwcAKg30BxAG AwcAKg30BxAXAwcAKg30BxAlAwcAKg30BxAzAwcAKg30BxBJMA0GCSqGSIb3DQEB CwUAA4IBAQCWiwum/C0tevBlhRRW4wAOon+Ca65rBL09Q39XrPgC7+mBlTf0EbYi Kai56hDe0IF0H8j/JxHe3cuWSmfizq7Iw5loAbxVyao37CaVeItufD/P3Ypuqm+E 4nvAxNVbPDHMc4A6c8AUBy10J/TxYOBt1cpXFJozJ2HT6dFl1DpSNcar0euuyTDI Cytwk+jNUyJmiuaCphSm5x6C+2m+eWhoz4qxC6kHGa9nf7iJniCnOsSfpp8LNqZb CkJTkAazisGqsTZFx+Ek0fl3m+EW+4wnnARjJxgOC49BsZIGOgRU9sAxaYFuZoUQ +jYVBbbGhGGVvTiQGS+/VpNYjNsbTOxP -----END CERTIFICATE-----Generated at Sun Jan 25 15:07:14 2026 by rpki-client