This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/044350-8cc9-486d-87c9-572c4e129d32/1/LgX3EnuU8OfYYtzP7MkhOHIuG6k.roa File: LgX3EnuU8OfYYtzP7MkhOHIuG6k.roa (raw, json) Hash identifier: tdx965ReIy+ujDSCSzvpO67kGikMuRqJQAFubursvgs= Subject key identifier: 2E:05:F7:12:7B:94:F0:E7:D8:62:DC:CF:EC:C9:21:38:72:2E:1B:A9 Certificate issuer: /CN=bc995d15502780acdf7b6e6a1865edb5a0e7dc4b Certificate serial: 019B7834E850485B13624730CD7955DF8464 Authority key identifier: BC:99:5D:15:50:27:80:AC:DF:7B:6E:6A:18:65:ED:B5:A0:E7:DC:4B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vJldFVAngKzfe25qGGXttaDn3Es.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/044350-8cc9-486d-87c9-572c4e129d32/1/LgX3EnuU8OfYYtzP7MkhOHIuG6k.roa Signing time: Thu 01 Jan 2026 06:18:11 +0000 ROA not before: Thu 01 Jan 2026 06:18:11 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 209242 IP address blocks: 2a14:71c0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/044350-8cc9-486d-87c9-572c4e129d32/1/vJldFVAngKzfe25qGGXttaDn3Es.crl rsync://rpki.ripe.net/repository/DEFAULT/ba/044350-8cc9-486d-87c9-572c4e129d32/1/vJldFVAngKzfe25qGGXttaDn3Es.mft rsync://rpki.ripe.net/repository/DEFAULT/vJldFVAngKzfe25qGGXttaDn3Es.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 25 Jan 2026 21:01:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:34:e8:50:48:5b:13:62:47:30:cd:79:55:df:84:64 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=bc995d15502780acdf7b6e6a1865edb5a0e7dc4b Validity Not Before: Jan 1 06:18:11 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=2e05f7127b94f0e7d862dccfecc92138722e1ba9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:e8:e4:51:e0:cf:ef:d4:12:8e:92:23:fc:03: 33:1a:95:e5:e0:0f:8f:5e:17:be:1f:51:2f:5e:1e: 2b:10:c4:86:00:3c:f7:6b:df:00:a2:b7:18:5c:da: 69:e7:64:eb:18:40:65:78:22:ff:15:22:3d:a8:ea: 4b:a3:99:09:e7:18:19:d2:75:76:ca:84:4d:47:36: f3:36:50:88:db:49:0d:5b:e3:43:81:e5:87:b9:43: 63:ba:57:bd:57:60:3a:be:c1:09:64:21:27:d9:14: ae:f0:2c:16:4f:36:4a:65:c2:f1:c2:67:3d:ae:d6: 76:94:33:97:98:4f:a2:59:39:45:58:5f:75:f0:9a: 84:1b:9c:ec:48:5c:89:7e:29:b5:0f:14:52:95:e3: 59:73:80:9a:56:7a:50:71:1a:e1:b1:e5:df:33:b9: a2:a8:e9:2e:a2:21:ea:5f:47:94:0c:36:7d:b4:b3: 6b:3d:9b:17:cc:af:10:b4:53:4b:6d:a7:ba:7c:86: ef:84:12:b3:1c:79:3e:53:e6:c7:51:6f:08:37:9b: 57:47:27:aa:18:e2:36:05:b4:59:c8:65:95:d1:9b: 5a:ff:63:81:4a:5f:11:09:f7:8a:fc:b2:67:bd:ce: 6b:4c:6f:34:2d:f5:74:70:de:92:66:5a:49:d0:84: 5f:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2E:05:F7:12:7B:94:F0:E7:D8:62:DC:CF:EC:C9:21:38:72:2E:1B:A9 X509v3 Authority Key Identifier: keyid:BC:99:5D:15:50:27:80:AC:DF:7B:6E:6A:18:65:ED:B5:A0:E7:DC:4B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vJldFVAngKzfe25qGGXttaDn3Es.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/044350-8cc9-486d-87c9-572c4e129d32/1/LgX3EnuU8OfYYtzP7MkhOHIuG6k.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/044350-8cc9-486d-87c9-572c4e129d32/1/vJldFVAngKzfe25qGGXttaDn3Es.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:71c0::/32 Signature Algorithm: sha256WithRSAEncryption 09:de:6f:f3:7b:ff:40:5b:4e:df:ab:b4:cf:ff:20:03:36:97: 60:3d:b3:f4:46:b7:52:84:fc:7f:f4:50:d9:c3:54:ad:e5:10: 31:04:3e:44:ec:b5:12:fe:02:0b:ce:ef:67:85:70:a5:42:41: 12:7a:0d:87:47:c1:b7:71:5d:ef:9f:79:43:5b:f9:fb:84:15: 8c:25:20:e7:82:82:98:9e:a8:ec:04:b9:23:69:6e:76:08:81: e1:56:ba:72:38:cc:a7:c2:d7:fe:51:68:85:b9:88:44:be:fa: 1c:17:3b:ef:d2:62:8c:48:ff:87:ca:87:46:e6:bf:c6:d9:31: 99:83:30:eb:95:df:10:e7:d8:42:b5:b0:53:7d:3e:62:52:9d: a0:bb:a2:4b:65:b3:1d:b9:17:7e:ef:83:67:b9:48:d8:f0:57: 22:c7:ce:9c:1e:8f:b0:8b:4b:06:19:20:ec:bf:a3:e4:90:d1: fe:2f:5f:6a:94:38:47:bf:09:37:87:37:0e:f5:fb:75:17:fc: 24:b8:88:e7:6a:6d:df:23:1c:7a:02:ad:77:33:01:b3:86:6e: 1d:8a:b2:f6:d6:73:b4:24:ed:25:4d:44:9b:86:bc:69:af:d4: ac:d1:bd:18:d6:44:ac:88:ea:81:41:8b:39:db:4b:d0:2d:2f: 04:f8:87:fa -----BEGIN CERTIFICATE----- MIIE/jCCA+agAwIBAgISAZt4NOhQSFsTYkcwzXlV34RkMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGJjOTk1ZDE1NTAyNzgwYWNkZjdiNmU2YTE4NjVlZGI1YTBl N2RjNGIwHhcNMjYwMTAxMDYxODExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyZTA1ZjcxMjdiOTRmMGU3ZDg2MmRjY2ZlY2M5MjEzODcyMmUxYmE5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3ejkUeDP79QSjpIj/AMzGpXl4A+P Xhe+H1EvXh4rEMSGADz3a98AorcYXNpp52TrGEBleCL/FSI9qOpLo5kJ5xgZ0nV2 yoRNRzbzNlCI20kNW+NDgeWHuUNjule9V2A6vsEJZCEn2RSu8CwWTzZKZcLxwmc9 rtZ2lDOXmE+iWTlFWF918JqEG5zsSFyJfim1DxRSleNZc4CaVnpQcRrhseXfM7mi qOkuoiHqX0eUDDZ9tLNrPZsXzK8QtFNLbae6fIbvhBKzHHk+U+bHUW8IN5tXRyeq GOI2BbRZyGWV0Zta/2OBSl8RCfeK/LJnvc5rTG80LfV0cN6SZlpJ0IRf4wIDAQAB o4ICCjCCAgYwHQYDVR0OBBYEFC4F9xJ7lPDn2GLcz+zJIThyLhupMB8GA1UdIwQY MBaAFLyZXRVQJ4Cs33tuahhl7bWg59xLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdkpsZEZWQW5nS3pmZTI1cUdHWHR0YURuM0VzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS8wNDQzNTAtOGNjOS00ODZkLTg3Yzkt NTcyYzRlMTI5ZDMyLzEvTGdYM0VudVU4T2ZZWXR6UDdNa2hPSEl1RzZrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYS8wNDQzNTAtOGNjOS00ODZkLTg3YzktNTcyYzRlMTI5ZDMy LzEvdkpsZEZWQW5nS3pmZTI1cUdHWHR0YURuM0VzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhRxwDAN BgkqhkiG9w0BAQsFAAOCAQEACd5v83v/QFtO36u0z/8gAzaXYD2z9Ea3UoT8f/RQ 2cNUreUQMQQ+ROy1Ev4CC87vZ4VwpUJBEnoNh0fBt3Fd7595Q1v5+4QVjCUg54KC mJ6o7AS5I2ludgiB4Va6cjjMp8LX/lFohbmIRL76HBc779JijEj/h8qHRua/xtkx mYMw65XfEOfYQrWwU30+YlKdoLuiS2WzHbkXfu+DZ7lI2PBXIsfOnB6PsItLBhkg 7L+j5JDR/i9fapQ4R78JN4c3DvX7dRf8JLiI52pt3yMcegKtdzMBs4ZuHYqy9tZz tCTtJU1Em4a8aa/UrNG9GNZErIjqgUGLOdtL0C0vBPiH+g== -----END CERTIFICATE-----Generated at Sun Jan 25 09:18:21 2026 by rpki-client