This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/069eab-f80d-4953-abc1-31aec07e945a/1/LoNlBcNLDsjTpM52ykl2lebJEjI.roa File: LoNlBcNLDsjTpM52ykl2lebJEjI.roa (raw, json) Hash identifier: lOQ33XAT96wBpF3zqP8+czX8fkzmJEjqnIn0kWh3SsQ= Subject key identifier: 2E:83:65:05:C3:4B:0E:C8:D3:A4:CE:76:CA:49:76:95:E6:C9:12:32 Certificate issuer: /CN=0a48c04816aa61f935e14a64c3ebba910ba651f4 Certificate serial: 019ACFF3BBB45005429C3EE3B3CEF67A8ECF Authority key identifier: 0A:48:C0:48:16:AA:61:F9:35:E1:4A:64:C3:EB:BA:91:0B:A6:51:F4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CkjASBaqYfk14Upkw-u6kQumUfQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/069eab-f80d-4953-abc1-31aec07e945a/1/LoNlBcNLDsjTpM52ykl2lebJEjI.roa Signing time: Sat 29 Nov 2025 14:10:48 +0000 ROA not before: Sat 29 Nov 2025 14:10:48 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 214743 IP address blocks: 91.198.23.0/24 maxlen: 24 176.111.37.0/24 maxlen: 24 176.111.38.0/24 maxlen: 24 176.111.39.0/24 maxlen: 24 193.105.241.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/069eab-f80d-4953-abc1-31aec07e945a/1/CkjASBaqYfk14Upkw-u6kQumUfQ.crl rsync://rpki.ripe.net/repository/DEFAULT/df/069eab-f80d-4953-abc1-31aec07e945a/1/CkjASBaqYfk14Upkw-u6kQumUfQ.mft rsync://rpki.ripe.net/repository/DEFAULT/CkjASBaqYfk14Upkw-u6kQumUfQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 08:00:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:cf:f3:bb:b4:50:05:42:9c:3e:e3:b3:ce:f6:7a:8e:cf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0a48c04816aa61f935e14a64c3ebba910ba651f4 Validity Not Before: Nov 29 14:10:48 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=2e836505c34b0ec8d3a4ce76ca497695e6c91232 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:98:8c:1b:ca:18:d1:9f:5e:8c:a1:70:3a:a3: 02:12:74:83:1b:41:ea:ee:18:01:81:57:99:e5:17: 6e:bb:d7:0f:d9:a1:fc:89:f5:9a:4a:04:31:f3:b6: 3e:aa:dd:3d:ea:cf:be:4c:71:b4:a8:f7:0d:1b:49: a3:6d:48:31:2d:a3:0f:e4:4b:d8:4b:1e:e2:c5:e3: 12:2e:c3:e7:23:b6:d2:44:b2:ee:13:d8:9b:35:2e: 36:19:8b:92:c5:da:69:e8:45:53:33:6a:5f:e7:70: 61:7a:9f:c3:3b:ab:e4:94:eb:8a:a0:95:14:0a:a9: 53:6f:85:22:ae:50:d1:ab:32:82:4c:ad:b0:5f:d3: 47:70:18:57:c5:c8:70:b6:a1:b6:28:b8:31:3c:a1: f3:11:0c:41:be:ad:47:fc:2f:7a:e8:93:df:57:55: 53:fe:82:92:c5:06:3f:25:3f:96:b0:b9:1c:61:75: e1:5e:bc:00:a1:52:fb:d3:87:55:bd:c6:69:dc:11: b8:e9:a9:59:37:94:d7:65:89:ee:31:2d:eb:27:08: f2:f2:78:8d:45:82:b2:6d:d1:2f:59:cb:96:99:82: f9:ac:83:5d:56:48:1f:72:f6:b8:be:54:14:c0:93: 6a:f5:20:7f:76:29:97:b0:93:d3:39:2f:1f:51:eb: 0a:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2E:83:65:05:C3:4B:0E:C8:D3:A4:CE:76:CA:49:76:95:E6:C9:12:32 X509v3 Authority Key Identifier: keyid:0A:48:C0:48:16:AA:61:F9:35:E1:4A:64:C3:EB:BA:91:0B:A6:51:F4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CkjASBaqYfk14Upkw-u6kQumUfQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/069eab-f80d-4953-abc1-31aec07e945a/1/LoNlBcNLDsjTpM52ykl2lebJEjI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/df/069eab-f80d-4953-abc1-31aec07e945a/1/CkjASBaqYfk14Upkw-u6kQumUfQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.198.23.0/24 176.111.37.0-176.111.39.255 193.105.241.0/24 Signature Algorithm: sha256WithRSAEncryption 61:11:8b:44:fe:14:1f:e4:57:1a:e8:1e:a5:58:28:ec:c9:99: 32:e2:fd:c8:62:40:cc:2c:d6:60:c9:a7:cb:ee:b4:6b:4e:27: 62:1b:11:eb:4a:35:68:53:7e:a9:4a:79:c7:41:ad:2c:24:ce: 8a:a5:f5:8d:e2:5b:b0:9a:01:e1:27:62:3f:cb:78:55:66:1e: 20:eb:4d:cc:c3:b9:79:ef:ab:ed:f7:f3:e2:79:f9:8c:5f:e2: d9:b9:ed:c0:80:33:06:c8:69:cf:03:e6:c8:37:bf:54:ad:0e: d0:16:eb:b4:0d:aa:aa:77:54:d1:b3:c1:bf:dd:52:95:4d:99: d1:e8:a4:fe:fd:cc:b1:20:5f:14:39:6f:b1:26:d5:a0:67:9c: b3:4f:ef:4d:d3:80:eb:e1:1c:79:35:ef:9e:63:cc:c3:91:87: e4:9d:89:2e:ff:c0:c3:53:f1:42:c9:06:68:5c:06:48:14:ab: d1:c7:f4:9a:8a:ed:68:eb:81:1a:21:11:cc:fe:72:90:a5:cd: b2:8f:d4:fc:2b:4b:26:62:46:1d:26:6f:2c:fc:60:d2:e6:4f: 6f:77:be:55:5d:10:d3:aa:09:6d:f7:9f:27:66:e7:a3:89:67: 30:8d:75:95:5c:7c:7f:c6:19:db:ff:0f:1e:63:d3:58:de:2d: 3c:c3:9a:bc -----BEGIN CERTIFICATE----- MIIFETCCA/mgAwIBAgISAZrP87u0UAVCnD7js872eo7PMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBhNDhjMDQ4MTZhYTYxZjkzNWUxNGE2NGMzZWJiYTkxMGJh NjUxZjQwHhcNMjUxMTI5MTQxMDQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyZTgzNjUwNWMzNGIwZWM4ZDNhNGNlNzZjYTQ5NzY5NWU2YzkxMjMyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArJiMG8oY0Z9ejKFwOqMCEnSDG0Hq 7hgBgVeZ5Rduu9cP2aH8ifWaSgQx87Y+qt096s++THG0qPcNG0mjbUgxLaMP5EvY Sx7ixeMSLsPnI7bSRLLuE9ibNS42GYuSxdpp6EVTM2pf53Bhep/DO6vklOuKoJUU CqlTb4UirlDRqzKCTK2wX9NHcBhXxchwtqG2KLgxPKHzEQxBvq1H/C966JPfV1VT /oKSxQY/JT+WsLkcYXXhXrwAoVL704dVvcZp3BG46alZN5TXZYnuMS3rJwjy8niN RYKybdEvWcuWmYL5rINdVkgfcva4vlQUwJNq9SB/dimXsJPTOS8fUesKHwIDAQAB o4ICHTCCAhkwHQYDVR0OBBYEFC6DZQXDSw7I06TOdspJdpXmyRIyMB8GA1UdIwQY MBaAFApIwEgWqmH5NeFKZMPrupELplH0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQ2tqQVNCYXFZZmsxNFVwa3ctdTZrUXVtVWZRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8wNjllYWItZjgwZC00OTUzLWFiYzEt MzFhZWMwN2U5NDVhLzEvTG9ObEJjTkxEc2pUcE01MnlrbDJsZWJKRWpJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kZi8wNjllYWItZjgwZC00OTUzLWFiYzEtMzFhZWMwN2U5NDVh LzEvQ2tqQVNCYXFZZmsxNFVwa3ctdTZrUXVtVWZRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAW8YXMAwD BACwbyUDBAOwbyADBADBafEwDQYJKoZIhvcNAQELBQADggEBAGERi0T+FB/kVxro HqVYKOzJmTLi/chiQMws1mDJp8vutGtOJ2IbEetKNWhTfqlKecdBrSwkzoql9Y3i W7CaAeEnYj/LeFVmHiDrTczDuXnvq+338+J5+Yxf4tm57cCAMwbIac8D5sg3v1St DtAW67QNqqp3VNGzwb/dUpVNmdHopP79zLEgXxQ5b7Em1aBnnLNP703TgOvhHHk1 755jzMORh+SdiS7/wMNT8ULJBmhcBkgUq9HH9JqK7WjrgRohEcz+cpClzbKP1Pwr SyZiRh0mbyz8YNLmT293vlVdENOqCW33nydm56OJZzCNdZVcfH/GGdv/Dx5j01je LTzDmrw= -----END CERTIFICATE-----Generated at Sat Dec 6 17:18:47 2025 by rpki-client