This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/28f8ec-e577-4752-8685-1573ef6271eb/1/lWqEQF0aFyTLgW-NFz8-Hzv0C6U.roa File: lWqEQF0aFyTLgW-NFz8-Hzv0C6U.roa (raw, json) Hash identifier: ht7qKNgmNwlg0mr9NDGMiwl5H8f2BO9IP2v8m07eRCc= Subject key identifier: 95:6A:84:40:5D:1A:17:24:CB:81:6F:8D:17:3F:3E:1F:3B:F4:0B:A5 Certificate issuer: /CN=f27a6d4d32832831725c48db518a2400f1a924bd Certificate serial: 019B7E37CA025E4519BE73537752A0C9B43A Authority key identifier: F2:7A:6D:4D:32:83:28:31:72:5C:48:DB:51:8A:24:00:F1:A9:24:BD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8nptTTKDKDFyXEjbUYokAPGpJL0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/28f8ec-e577-4752-8685-1573ef6271eb/1/lWqEQF0aFyTLgW-NFz8-Hzv0C6U.roa Signing time: Fri 02 Jan 2026 10:19:03 +0000 ROA not before: Fri 02 Jan 2026 10:19:03 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 39232 IP address blocks: 78.109.48.0/21 maxlen: 21 78.109.48.0/22 maxlen: 22 78.109.52.0/22 maxlen: 22 185.18.244.0/22 maxlen: 22 185.18.244.0/23 maxlen: 23 185.18.246.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bb/28f8ec-e577-4752-8685-1573ef6271eb/1/8nptTTKDKDFyXEjbUYokAPGpJL0.crl rsync://rpki.ripe.net/repository/DEFAULT/bb/28f8ec-e577-4752-8685-1573ef6271eb/1/8nptTTKDKDFyXEjbUYokAPGpJL0.mft rsync://rpki.ripe.net/repository/DEFAULT/8nptTTKDKDFyXEjbUYokAPGpJL0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 10:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:37:ca:02:5e:45:19:be:73:53:77:52:a0:c9:b4:3a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f27a6d4d32832831725c48db518a2400f1a924bd Validity Not Before: Jan 2 10:19:03 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=956a84405d1a1724cb816f8d173f3e1f3bf40ba5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:0a:53:f4:70:ba:73:cd:fa:52:3a:17:f8:cd: 38:eb:3a:81:4e:e3:56:1b:3d:fc:39:07:fe:dc:39: 95:f8:3b:0e:21:54:82:40:3f:a3:fb:85:23:8e:be: ae:ad:88:ae:69:49:2b:0b:4e:ae:e3:f4:bd:8b:68: 67:33:06:08:2d:8b:ae:93:24:23:d2:0b:36:a5:5b: 76:fd:75:62:86:23:c1:0e:d3:02:48:81:e4:89:f7: 1e:66:f3:c7:62:de:44:da:1d:9c:12:b0:da:e0:3d: 49:46:65:12:79:7b:36:6d:c5:29:25:60:13:2a:e4: 1d:28:b9:97:d1:48:f1:41:10:8e:29:9c:53:99:56: 75:b7:7f:9c:0f:b5:5c:00:44:9e:c6:58:1b:db:ea: f9:de:78:43:44:d5:04:f1:66:36:4f:05:3c:89:99: c8:ff:fb:3a:03:70:9c:36:9e:9e:c7:76:8b:9b:1e: 0a:08:44:dc:88:4e:77:72:d9:fb:2f:ef:45:64:c5: 41:98:7d:f0:9e:39:9f:c5:9d:f8:89:c2:02:66:87: 36:b3:44:62:39:75:9f:98:17:e0:f4:9b:83:39:43: 57:27:83:e2:bf:a1:ab:02:0e:87:79:9f:8e:1b:1c: 3b:a6:4f:6f:a8:09:9f:85:7b:eb:45:65:f5:a6:e9: b4:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 95:6A:84:40:5D:1A:17:24:CB:81:6F:8D:17:3F:3E:1F:3B:F4:0B:A5 X509v3 Authority Key Identifier: keyid:F2:7A:6D:4D:32:83:28:31:72:5C:48:DB:51:8A:24:00:F1:A9:24:BD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8nptTTKDKDFyXEjbUYokAPGpJL0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/28f8ec-e577-4752-8685-1573ef6271eb/1/lWqEQF0aFyTLgW-NFz8-Hzv0C6U.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/28f8ec-e577-4752-8685-1573ef6271eb/1/8nptTTKDKDFyXEjbUYokAPGpJL0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 78.109.48.0/21 185.18.244.0/22 Signature Algorithm: sha256WithRSAEncryption 45:ff:d3:85:87:94:83:83:13:63:04:b4:8e:39:31:59:68:2b: 36:b5:03:24:05:42:3e:f8:1d:f7:d1:74:9e:d8:26:8c:49:2a: d7:78:fd:ff:2d:e1:99:8a:42:59:cc:38:7b:d0:df:cb:de:a7: 67:b8:56:0b:45:30:00:89:a0:c7:49:3b:94:69:27:f2:c3:ef: a7:03:7e:11:d3:85:c4:ea:8f:af:c2:9e:6f:a8:12:85:45:fd: 0b:44:2a:44:01:e4:24:6f:c9:b4:8b:e7:38:fb:71:d0:32:82: a5:59:27:a0:d4:da:3c:62:c4:44:a6:54:75:d4:99:29:8f:27: 08:73:33:19:cd:3a:2d:b4:a0:d0:e2:5f:28:cc:50:9d:94:51: 4f:71:16:0c:89:e1:29:7f:b7:44:d3:cf:2f:9b:5f:7f:3f:9f: 61:96:df:aa:ce:e6:67:f4:78:13:36:c8:a5:14:27:0c:e5:75: ca:47:13:45:cb:4d:b5:42:b2:8f:fd:02:45:06:68:66:47:2a: bf:b8:02:46:a7:e1:b2:32:42:0f:b6:8b:67:ee:4b:4c:28:04: 17:94:d1:a8:c7:07:09:bb:0a:53:4a:f1:b8:ce:05:02:8a:5f: 95:f0:bb:09:6b:77:41:a7:75:c0:8c:1d:07:9c:91:e0:91:a1: 1e:96:be:cf -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt+N8oCXkUZvnNTd1KgybQ6MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGYyN2E2ZDRkMzI4MzI4MzE3MjVjNDhkYjUxOGEyNDAwZjFh OTI0YmQwHhcNMjYwMTAyMTAxOTAzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5NTZhODQ0MDVkMWExNzI0Y2I4MTZmOGQxNzNmM2UxZjNiZjQwYmE1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2ApT9HC6c836UjoX+M046zqBTuNW Gz38OQf+3DmV+DsOIVSCQD+j+4Ujjr6urYiuaUkrC06u4/S9i2hnMwYILYuukyQj 0gs2pVt2/XVihiPBDtMCSIHkifceZvPHYt5E2h2cErDa4D1JRmUSeXs2bcUpJWAT KuQdKLmX0UjxQRCOKZxTmVZ1t3+cD7VcAESexlgb2+r53nhDRNUE8WY2TwU8iZnI //s6A3CcNp6ex3aLmx4KCETciE53ctn7L+9FZMVBmH3wnjmfxZ34icICZoc2s0Ri OXWfmBfg9JuDOUNXJ4Piv6GrAg6HeZ+OGxw7pk9vqAmfhXvrRWX1pum0EwIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFJVqhEBdGhcky4FvjRc/Ph879AulMB8GA1UdIwQY MBaAFPJ6bU0ygygxclxI21GKJADxqSS9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvOG5wdFRUS0RLREZ5WEVqYlVZb2tBUEdwSkwwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8yOGY4ZWMtZTU3Ny00NzUyLTg2ODUt MTU3M2VmNjI3MWViLzEvbFdxRVFGMGFGeVRMZ1ctTkZ6OC1IenYwQzZVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYi8yOGY4ZWMtZTU3Ny00NzUyLTg2ODUtMTU3M2VmNjI3MWVi LzEvOG5wdFRUS0RLREZ5WEVqYlVZb2tBUEdwSkwwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDTm0wAwQC uRL0MA0GCSqGSIb3DQEBCwUAA4IBAQBF/9OFh5SDgxNjBLSOOTFZaCs2tQMkBUI+ +B330XSe2CaMSSrXeP3/LeGZikJZzDh70N/L3qdnuFYLRTAAiaDHSTuUaSfyw++n A34R04XE6o+vwp5vqBKFRf0LRCpEAeQkb8m0i+c4+3HQMoKlWSeg1No8YsREplR1 1JkpjycIczMZzTottKDQ4l8ozFCdlFFPcRYMieEpf7dE088vm19/P59hlt+qzuZn 9HgTNsilFCcM5XXKRxNFy021QrKP/QJFBmhmRyq/uAJGp+GyMkIPtotn7ktMKAQX lNGoxwcJuwpTSvG4zgUCil+V8LsJa3dBp3XAjB0HnJHgkaEelr7P -----END CERTIFICATE-----Generated at Mon Jan 26 16:22:10 2026 by rpki-client