This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/c720b4-1acb-4703-bc24-467e009daed0/1/LkRlWvjojGp88ImWjfx2Z3qaOy4.roa File: LkRlWvjojGp88ImWjfx2Z3qaOy4.roa (raw, json) Hash identifier: kB89kqUtMQKcyA7jSVcONA2ZKYzA7LpbjPMFFP5OhVw= Subject key identifier: 2E:44:65:5A:F8:E8:8C:6A:7C:F0:89:96:8D:FC:76:67:7A:9A:3B:2E Certificate issuer: /CN=a3a82ee9aa1106ed720d63c3844e666440e34438 Certificate serial: 019B7C135086A6DB8AF66EAE08488B1F0407 Authority key identifier: A3:A8:2E:E9:AA:11:06:ED:72:0D:63:C3:84:4E:66:64:40:E3:44:38 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o6gu6aoRBu1yDWPDhE5mZEDjRDg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/c720b4-1acb-4703-bc24-467e009daed0/1/LkRlWvjojGp88ImWjfx2Z3qaOy4.roa Signing time: Fri 02 Jan 2026 00:19:59 +0000 ROA not before: Fri 02 Jan 2026 00:19:59 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 12826 IP address blocks: 185.23.132.0/23 maxlen: 23 185.23.132.0/24 maxlen: 24 185.23.133.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ad/c720b4-1acb-4703-bc24-467e009daed0/1/o6gu6aoRBu1yDWPDhE5mZEDjRDg.crl rsync://rpki.ripe.net/repository/DEFAULT/ad/c720b4-1acb-4703-bc24-467e009daed0/1/o6gu6aoRBu1yDWPDhE5mZEDjRDg.mft rsync://rpki.ripe.net/repository/DEFAULT/o6gu6aoRBu1yDWPDhE5mZEDjRDg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 15:00:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:13:50:86:a6:db:8a:f6:6e:ae:08:48:8b:1f:04:07 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a3a82ee9aa1106ed720d63c3844e666440e34438 Validity Not Before: Jan 2 00:19:59 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=2e44655af8e88c6a7cf089968dfc76677a9a3b2e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8e:85:89:51:7d:2c:78:73:59:68:b1:a7:11:7c: 47:fd:3e:2a:f9:79:23:4e:08:f2:e7:ff:bb:48:67: 9b:5d:d3:01:9c:cd:ff:4c:bd:cb:2f:b6:94:72:2c: c0:06:c8:b8:40:ae:16:e3:c9:cc:bf:c7:00:8c:ec: d3:80:0d:32:24:bd:e0:f2:32:f2:e6:c3:59:e1:03: 9e:21:af:9a:d0:88:a4:2d:65:db:5c:dc:15:34:59: 4c:eb:11:d7:73:70:30:af:7c:7b:95:4e:ae:78:11: f3:73:c7:47:3c:52:48:5a:ee:8b:8f:f1:27:24:a1: 55:89:63:94:fb:59:cd:39:c0:24:e9:72:1f:e5:7c: 47:ae:53:29:9b:2c:b8:03:43:24:98:b4:ba:ae:7a: 4c:1d:dc:0b:b1:77:81:fd:51:dd:85:e4:81:38:0e: 2a:68:a3:e2:35:f8:94:cf:d2:fc:ba:3e:85:e4:f5: fe:24:8f:99:16:74:ad:d6:18:1a:50:fd:5e:af:54: 69:56:bc:24:a9:7c:7c:6f:7e:03:4c:0e:bc:d0:86: 69:99:2c:b7:e2:43:18:69:7f:e5:7d:5a:c5:28:fd: a6:6c:a1:5d:e8:7e:5c:61:57:db:13:8f:c0:4e:fa: 62:1d:ab:18:32:bb:4b:e2:37:8a:ac:a9:eb:6d:1d: d0:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2E:44:65:5A:F8:E8:8C:6A:7C:F0:89:96:8D:FC:76:67:7A:9A:3B:2E X509v3 Authority Key Identifier: keyid:A3:A8:2E:E9:AA:11:06:ED:72:0D:63:C3:84:4E:66:64:40:E3:44:38 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o6gu6aoRBu1yDWPDhE5mZEDjRDg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/c720b4-1acb-4703-bc24-467e009daed0/1/LkRlWvjojGp88ImWjfx2Z3qaOy4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/c720b4-1acb-4703-bc24-467e009daed0/1/o6gu6aoRBu1yDWPDhE5mZEDjRDg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.23.132.0/23 Signature Algorithm: sha256WithRSAEncryption 9b:0f:65:6a:80:87:c5:ac:ab:65:fb:00:c1:ba:88:f3:9c:e8: 59:d7:b0:cb:8e:d7:47:09:e2:f4:59:9b:4d:33:cd:aa:61:53: 72:84:d5:57:41:5c:8a:1c:df:37:92:20:16:12:74:55:6e:bd: 93:5b:30:6e:ce:1e:64:43:b7:a5:29:9f:27:02:e9:a6:d6:55: e8:3e:6a:34:39:ce:2d:6e:92:bb:60:28:77:1a:7e:e3:3c:1a: 8c:20:93:3d:c2:55:23:e1:c3:1a:2a:61:24:cc:fc:c2:0e:13: 62:5f:cf:81:8e:fc:2c:1b:12:67:56:6a:20:a5:c0:d1:0e:fb: 5e:d9:36:b2:bb:6f:75:96:55:07:5b:ed:b1:89:d6:34:ee:26: b5:44:52:16:a3:47:38:56:9c:55:07:0f:78:3c:7a:1f:17:30: c3:4b:cf:b3:d5:b7:2f:05:8f:54:53:f0:30:13:9b:37:41:59: 3e:80:ba:cd:7c:85:de:0a:76:80:32:cb:65:e8:ba:5c:89:8d: 02:6e:42:f9:1e:47:a6:d2:07:4e:9e:93:4d:43:95:62:76:bd: 77:f7:d7:b8:16:04:c3:43:82:c1:35:5e:bb:ea:0b:83:c1:7f: 70:70:45:b2:1c:4d:86:a2:22:1d:0b:e1:44:ca:69:d7:a2:9c: 90:b8:b0:b0 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt8E1CGptuK9m6uCEiLHwQHMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEzYTgyZWU5YWExMTA2ZWQ3MjBkNjNjMzg0NGU2NjY0NDBl MzQ0MzgwHhcNMjYwMTAyMDAxOTU5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyZTQ0NjU1YWY4ZTg4YzZhN2NmMDg5OTY4ZGZjNzY2NzdhOWEzYjJlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjoWJUX0seHNZaLGnEXxH/T4q+Xkj Tgjy5/+7SGebXdMBnM3/TL3LL7aUcizABsi4QK4W48nMv8cAjOzTgA0yJL3g8jLy 5sNZ4QOeIa+a0IikLWXbXNwVNFlM6xHXc3Awr3x7lU6ueBHzc8dHPFJIWu6Lj/En JKFViWOU+1nNOcAk6XIf5XxHrlMpmyy4A0MkmLS6rnpMHdwLsXeB/VHdheSBOA4q aKPiNfiUz9L8uj6F5PX+JI+ZFnSt1hgaUP1er1RpVrwkqXx8b34DTA680IZpmSy3 4kMYaX/lfVrFKP2mbKFd6H5cYVfbE4/ATvpiHasYMrtL4jeKrKnrbR3QfwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFC5EZVr46IxqfPCJlo38dmd6mjsuMB8GA1UdIwQY MBaAFKOoLumqEQbtcg1jw4ROZmRA40Q4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbzZndTZhb1JCdTF5RFdQRGhFNW1aRURqUkRnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC9jNzIwYjQtMWFjYi00NzAzLWJjMjQt NDY3ZTAwOWRhZWQwLzEvTGtSbFd2am9qR3A4OEltV2pmeDJaM3FhT3k0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hZC9jNzIwYjQtMWFjYi00NzAzLWJjMjQtNDY3ZTAwOWRhZWQw LzEvbzZndTZhb1JCdTF5RFdQRGhFNW1aRURqUkRnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuReEMA0G CSqGSIb3DQEBCwUAA4IBAQCbD2VqgIfFrKtl+wDBuojznOhZ17DLjtdHCeL0WZtN M82qYVNyhNVXQVyKHN83kiAWEnRVbr2TWzBuzh5kQ7elKZ8nAumm1lXoPmo0Oc4t bpK7YCh3Gn7jPBqMIJM9wlUj4cMaKmEkzPzCDhNiX8+BjvwsGxJnVmogpcDRDvte 2Tayu291llUHW+2xidY07ia1RFIWo0c4VpxVBw94PHofFzDDS8+z1bcvBY9UU/Aw E5s3QVk+gLrNfIXeCnaAMstl6LpciY0CbkL5Hkem0gdOnpNNQ5Vidr1399e4FgTD Q4LBNV676guDwX9wcEWyHE2GoiIdC+FEymnXopyQuLCw -----END CERTIFICATE-----Generated at Mon Jan 26 01:15:20 2026 by rpki-client