This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/bce53d-d39d-4e23-aa17-27fb5822b32d/1/LRI5ugsacRY_9SsCf8BXrAnsRXQ.roa File: LRI5ugsacRY_9SsCf8BXrAnsRXQ.roa (raw, json) Hash identifier: gNfzHqAbiGuTJ5h0CdAEwVUZIQ1YjSQukm3lO1KbwXI= Subject key identifier: 2D:12:39:BA:0B:1A:71:16:3F:F5:2B:02:7F:C0:57:AC:09:EC:45:74 Certificate issuer: /CN=0d44da5c1904095860e868180573ee3c895a7b45 Certificate serial: 019B7834C6E263B133591C4F8F0F18FA51F6 Authority key identifier: 0D:44:DA:5C:19:04:09:58:60:E8:68:18:05:73:EE:3C:89:5A:7B:45 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DUTaXBkECVhg6GgYBXPuPIlae0U.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/bce53d-d39d-4e23-aa17-27fb5822b32d/1/LRI5ugsacRY_9SsCf8BXrAnsRXQ.roa Signing time: Thu 01 Jan 2026 06:18:03 +0000 ROA not before: Thu 01 Jan 2026 06:18:03 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 25697 IP address blocks: 185.168.48.0/24 maxlen: 24 2a03:3b00:c::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/de/bce53d-d39d-4e23-aa17-27fb5822b32d/1/DUTaXBkECVhg6GgYBXPuPIlae0U.crl rsync://rpki.ripe.net/repository/DEFAULT/de/bce53d-d39d-4e23-aa17-27fb5822b32d/1/DUTaXBkECVhg6GgYBXPuPIlae0U.mft rsync://rpki.ripe.net/repository/DEFAULT/DUTaXBkECVhg6GgYBXPuPIlae0U.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:34:c6:e2:63:b1:33:59:1c:4f:8f:0f:18:fa:51:f6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0d44da5c1904095860e868180573ee3c895a7b45 Validity Not Before: Jan 1 06:18:03 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=2d1239ba0b1a71163ff52b027fc057ac09ec4574 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:d8:66:1e:ce:1a:63:87:77:42:df:06:6a:ad: 65:8d:16:4d:c2:33:3c:2b:c5:51:1a:c3:6e:88:3c: 1c:c8:3d:b0:3a:64:dc:8f:1d:a8:30:3c:65:73:60: b2:bd:bb:1f:df:58:b5:b7:15:5c:6a:f1:12:b2:b8: c4:74:9c:a0:64:d0:61:b7:1c:b4:c9:79:d7:a3:b4: 86:8b:23:57:56:c6:26:16:51:41:ea:7f:1a:fc:04: 42:49:f6:58:d7:17:d9:ff:98:0b:a8:18:ae:9a:d6: fa:08:16:f5:4b:99:c0:97:77:b8:d9:26:32:39:9d: 1b:60:2f:f6:bd:bb:60:88:b8:b5:79:dd:02:e2:91: 58:b5:99:6b:41:e2:96:e2:de:7e:e5:31:05:53:72: 5e:2e:9d:e8:7a:f3:75:14:db:93:d6:0c:0c:df:e8: 75:d5:01:c7:e7:b4:94:bf:9c:ee:dd:fc:17:e5:83: 73:14:c2:c0:ca:7a:f9:9b:6f:c3:ce:57:2d:b0:9b: cd:5d:15:73:a1:40:d5:d9:61:b3:28:ad:cd:79:7c: 73:09:e0:b6:63:8a:7a:68:1b:a7:08:63:9b:37:67: af:f7:e9:e4:3b:c3:be:11:e7:93:b6:8b:3b:4d:94: 54:eb:e2:31:44:7c:fd:4c:1e:16:51:db:dd:70:3c: 94:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2D:12:39:BA:0B:1A:71:16:3F:F5:2B:02:7F:C0:57:AC:09:EC:45:74 X509v3 Authority Key Identifier: keyid:0D:44:DA:5C:19:04:09:58:60:E8:68:18:05:73:EE:3C:89:5A:7B:45 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DUTaXBkECVhg6GgYBXPuPIlae0U.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/bce53d-d39d-4e23-aa17-27fb5822b32d/1/LRI5ugsacRY_9SsCf8BXrAnsRXQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/de/bce53d-d39d-4e23-aa17-27fb5822b32d/1/DUTaXBkECVhg6GgYBXPuPIlae0U.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.168.48.0/24 IPv6: 2a03:3b00:c::/48 Signature Algorithm: sha256WithRSAEncryption 1e:48:47:de:1e:af:fb:9e:35:ba:22:9e:76:7d:c5:9d:37:04: 18:4d:52:26:77:ea:fd:5e:98:96:5d:32:a0:8f:82:b3:29:48: 0c:cd:5f:18:b3:bd:0f:c3:ba:c2:3d:31:ae:f1:98:c0:2d:14: 4a:b6:ab:a9:e0:df:a5:70:b2:81:21:6a:35:d7:24:45:b1:9e: c3:01:9f:48:2f:43:8a:42:22:dd:80:74:46:41:24:76:03:76: 8f:de:26:12:17:b1:94:f3:9a:31:42:01:c7:05:ba:7b:41:46: b6:cb:39:d7:93:38:d9:4f:0a:82:69:ea:15:9a:08:8c:3f:5d: da:c7:cc:76:36:21:bf:e0:62:ff:7d:27:e0:06:9c:bf:e7:3b: 9d:dc:23:c4:d3:7a:cb:c4:9e:22:d1:51:ec:42:9e:65:d6:cd: 28:87:14:66:91:a8:ad:85:db:25:76:96:f5:7b:12:83:ec:aa: ac:a4:0e:1a:b6:97:9b:22:34:3c:3a:59:1e:11:34:42:a4:e6: 10:db:27:50:70:40:ef:ab:89:50:00:8f:cb:97:16:7d:05:44: a3:36:65:56:96:f3:2d:9d:4c:73:cb:80:e5:9e:90:17:4a:a5: ea:79:36:4f:f9:83:44:fc:c2:6c:c4:7d:35:e2:06:31:f9:bd: b7:68:66:67 -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgISAZt4NMbiY7EzWRxPjw8Y+lH2MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBkNDRkYTVjMTkwNDA5NTg2MGU4NjgxODA1NzNlZTNjODk1 YTdiNDUwHhcNMjYwMTAxMDYxODAzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyZDEyMzliYTBiMWE3MTE2M2ZmNTJiMDI3ZmMwNTdhYzA5ZWM0NTc0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArthmHs4aY4d3Qt8Gaq1ljRZNwjM8 K8VRGsNuiDwcyD2wOmTcjx2oMDxlc2Cyvbsf31i1txVcavESsrjEdJygZNBhtxy0 yXnXo7SGiyNXVsYmFlFB6n8a/ARCSfZY1xfZ/5gLqBiumtb6CBb1S5nAl3e42SYy OZ0bYC/2vbtgiLi1ed0C4pFYtZlrQeKW4t5+5TEFU3JeLp3oevN1FNuT1gwM3+h1 1QHH57SUv5zu3fwX5YNzFMLAynr5m2/DzlctsJvNXRVzoUDV2WGzKK3NeXxzCeC2 Y4p6aBunCGObN2ev9+nkO8O+EeeTtos7TZRU6+IxRHz9TB4WUdvdcDyUZQIDAQAB o4ICGjCCAhYwHQYDVR0OBBYEFC0SOboLGnEWP/UrAn/AV6wJ7EV0MB8GA1UdIwQY MBaAFA1E2lwZBAlYYOhoGAVz7jyJWntFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRFVUYVhCa0VDVmhnNkdnWUJYUHVQSWxhZTBVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS9iY2U1M2QtZDM5ZC00ZTIzLWFhMTct MjdmYjU4MjJiMzJkLzEvTFJJNXVnc2FjUllfOVNzQ2Y4QlhyQW5zUlhRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kZS9iY2U1M2QtZDM5ZC00ZTIzLWFhMTctMjdmYjU4MjJiMzJk LzEvRFVUYVhCa0VDVmhnNkdnWUJYUHVQSWxhZTBVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuagwMA8E AgACMAkDBwAqAzsAAAwwDQYJKoZIhvcNAQELBQADggEBAB5IR94er/ueNboinnZ9 xZ03BBhNUiZ36v1emJZdMqCPgrMpSAzNXxizvQ/DusI9Ma7xmMAtFEq2q6ng36Vw soEhajXXJEWxnsMBn0gvQ4pCIt2AdEZBJHYDdo/eJhIXsZTzmjFCAccFuntBRrbL OdeTONlPCoJp6hWaCIw/XdrHzHY2Ib/gYv99J+AGnL/nO53cI8TTesvEniLRUexC nmXWzSiHFGaRqK2F2yV2lvV7EoPsqqykDhq2l5siNDw6WR4RNEKk5hDbJ1BwQO+r iVAAj8uXFn0FRKM2ZVaW8y2dTHPLgOWekBdKpep5Nk/5g0T8wmzEfTXiBjH5vbdo Zmc= -----END CERTIFICATE-----Generated at Sun Jan 25 18:05:31 2026 by rpki-client