This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/377b97-3830-4067-b0bf-f807fd67b54f/1/LWh1HaeL5ortaVH3kik7DExqh78.roa File: LWh1HaeL5ortaVH3kik7DExqh78.roa (raw, json) Hash identifier: qIpCeksyx0E8+hCHbqahdqByF+0cRttYVhOA2hnKbtU= Subject key identifier: 2D:68:75:1D:A7:8B:E6:8A:ED:69:51:F7:92:29:3B:0C:4C:6A:87:BF Certificate issuer: /CN=110274b45d8fed463ed1e766ed71770ffd899186 Certificate serial: 019B7F14F0A9B8BE4DFE4191B10E166080DB Authority key identifier: 11:02:74:B4:5D:8F:ED:46:3E:D1:E7:66:ED:71:77:0F:FD:89:91:86 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EQJ0tF2P7UY-0edm7XF3D_2JkYY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/377b97-3830-4067-b0bf-f807fd67b54f/1/LWh1HaeL5ortaVH3kik7DExqh78.roa Signing time: Fri 02 Jan 2026 14:20:37 +0000 ROA not before: Fri 02 Jan 2026 14:20:37 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 204599 IP address blocks: 185.245.136.0/24 maxlen: 24 185.245.137.0/24 maxlen: 24 185.245.138.0/24 maxlen: 24 185.245.139.0/24 maxlen: 24 2a0d:5b80::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e5/377b97-3830-4067-b0bf-f807fd67b54f/1/EQJ0tF2P7UY-0edm7XF3D_2JkYY.crl rsync://rpki.ripe.net/repository/DEFAULT/e5/377b97-3830-4067-b0bf-f807fd67b54f/1/EQJ0tF2P7UY-0edm7XF3D_2JkYY.mft rsync://rpki.ripe.net/repository/DEFAULT/EQJ0tF2P7UY-0edm7XF3D_2JkYY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 01:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:14:f0:a9:b8:be:4d:fe:41:91:b1:0e:16:60:80:db Signature Algorithm: sha256WithRSAEncryption Issuer: CN=110274b45d8fed463ed1e766ed71770ffd899186 Validity Not Before: Jan 2 14:20:37 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=2d68751da78be68aed6951f792293b0c4c6a87bf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:77:09:74:a8:81:34:38:09:87:df:b6:64:1c: ee:3e:bc:6f:3e:3c:c6:32:ca:97:53:28:7e:dc:6e: be:b0:9e:ba:70:77:a6:18:12:de:64:95:87:7a:11: 16:4b:23:02:16:40:3b:43:9a:74:c7:43:50:83:83: f5:3e:01:93:33:02:b0:9b:a7:f7:b7:62:ef:9c:c3: 1c:39:25:4c:ad:a2:d8:3b:7f:32:33:2a:5d:39:10: 12:99:70:b7:7a:cc:d4:b1:af:95:ed:4d:33:75:e3: e2:24:35:d4:76:8e:c1:d6:b4:2e:c4:0f:bb:e4:15: 3c:87:9f:37:2f:65:f4:c0:ce:bc:eb:4b:fc:3f:9d: 89:8c:0f:18:6d:1c:11:78:32:d2:9b:89:15:f5:ca: 0e:f5:c2:ad:e7:31:75:38:17:1b:0a:a3:a9:4a:0b: 93:7e:b3:a3:97:c6:79:a3:ff:f0:52:df:d8:e8:0b: 83:73:74:b8:65:02:ca:fd:73:b7:21:e7:ef:ee:1d: 78:b1:50:d1:60:99:07:98:c2:85:e1:1e:03:a1:9b: 2e:39:62:5b:3a:1a:b9:5e:64:ed:1f:0d:37:82:da: ce:bc:1a:2e:67:69:77:85:05:bf:f4:14:ee:d5:e6: ba:02:4a:02:42:05:38:85:95:97:e0:e2:f4:89:d9: 25:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2D:68:75:1D:A7:8B:E6:8A:ED:69:51:F7:92:29:3B:0C:4C:6A:87:BF X509v3 Authority Key Identifier: keyid:11:02:74:B4:5D:8F:ED:46:3E:D1:E7:66:ED:71:77:0F:FD:89:91:86 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EQJ0tF2P7UY-0edm7XF3D_2JkYY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/377b97-3830-4067-b0bf-f807fd67b54f/1/LWh1HaeL5ortaVH3kik7DExqh78.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/377b97-3830-4067-b0bf-f807fd67b54f/1/EQJ0tF2P7UY-0edm7XF3D_2JkYY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.245.136.0/22 IPv6: 2a0d:5b80::/29 Signature Algorithm: sha256WithRSAEncryption 21:b9:53:85:a9:d5:e1:b5:70:d5:49:67:07:79:44:08:e2:75: ee:a6:90:8b:19:48:6a:e6:f4:5c:85:54:eb:ec:3d:13:ef:42: f2:ac:36:e1:dc:f5:2e:ab:2f:ff:b1:8b:ae:c5:b5:0e:90:0d: 44:b2:25:bc:b3:d1:57:2a:92:7a:40:e6:47:1c:11:a4:5f:36: ff:6c:31:22:b4:63:88:e0:16:c5:f1:f6:35:ee:9b:7f:1c:52: e8:7f:c0:8a:22:97:c8:04:27:6f:27:29:d0:07:95:cf:3d:3f: 96:83:b8:63:70:32:fe:f4:14:d6:60:58:69:4c:bc:18:cf:96: f3:86:e8:68:37:d3:11:6b:30:f6:59:b0:0d:28:d8:12:46:1f: b5:0e:3b:f2:22:67:4e:c4:04:dd:c1:5c:24:4a:28:31:5f:2a: 4e:8a:2f:5f:20:60:d7:6a:a7:b7:27:25:0f:5f:b4:b4:95:5d: ed:58:59:b7:b7:ed:af:0b:92:fb:52:b0:2f:4b:12:8c:3a:13: 4c:55:81:93:6c:5c:f1:1d:c0:ce:b4:49:4f:73:65:99:e6:49: a4:07:1b:40:14:b6:4b:11:f8:ad:c0:5b:9f:ce:0c:4a:a2:47: 14:5f:b9:96:e6:25:23:1e:f5:33:e9:50:6b:cc:5c:e2:b6:4c: cf:dc:b8:75 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt/FPCpuL5N/kGRsQ4WYIDbMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDExMDI3NGI0NWQ4ZmVkNDYzZWQxZTc2NmVkNzE3NzBmZmQ4 OTkxODYwHhcNMjYwMTAyMTQyMDM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyZDY4NzUxZGE3OGJlNjhhZWQ2OTUxZjc5MjI5M2IwYzRjNmE4N2JmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwXcJdKiBNDgJh9+2ZBzuPrxvPjzG MsqXUyh+3G6+sJ66cHemGBLeZJWHehEWSyMCFkA7Q5p0x0NQg4P1PgGTMwKwm6f3 t2LvnMMcOSVMraLYO38yMypdORASmXC3eszUsa+V7U0zdePiJDXUdo7B1rQuxA+7 5BU8h583L2X0wM6860v8P52JjA8YbRwReDLSm4kV9coO9cKt5zF1OBcbCqOpSguT frOjl8Z5o//wUt/Y6AuDc3S4ZQLK/XO3Iefv7h14sVDRYJkHmMKF4R4DoZsuOWJb Ohq5XmTtHw03gtrOvBouZ2l3hQW/9BTu1ea6AkoCQgU4hZWX4OL0idklmQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFC1odR2ni+aK7WlR95IpOwxMaoe/MB8GA1UdIwQY MBaAFBECdLRdj+1GPtHnZu1xdw/9iZGGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRVFKMHRGMlA3VVktMGVkbTdYRjNEXzJKa1lZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS8zNzdiOTctMzgzMC00MDY3LWIwYmYt ZjgwN2ZkNjdiNTRmLzEvTFdoMUhhZUw1b3J0YVZIM2tpazdERXhxaDc4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lNS8zNzdiOTctMzgzMC00MDY3LWIwYmYtZjgwN2ZkNjdiNTRm LzEvRVFKMHRGMlA3VVktMGVkbTdYRjNEXzJKa1lZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCufWIMA0E AgACMAcDBQMqDVuAMA0GCSqGSIb3DQEBCwUAA4IBAQAhuVOFqdXhtXDVSWcHeUQI 4nXuppCLGUhq5vRchVTr7D0T70LyrDbh3PUuqy//sYuuxbUOkA1EsiW8s9FXKpJ6 QOZHHBGkXzb/bDEitGOI4BbF8fY17pt/HFLof8CKIpfIBCdvJynQB5XPPT+Wg7hj cDL+9BTWYFhpTLwYz5bzhuhoN9MRazD2WbANKNgSRh+1DjvyImdOxATdwVwkSigx XypOii9fIGDXaqe3JyUPX7S0lV3tWFm3t+2vC5L7UrAvSxKMOhNMVYGTbFzxHcDO tElPc2WZ5kmkBxtAFLZLEfitwFufzgxKokcUX7mW5iUjHvUz6VBrzFzitkzP3Lh1 -----END CERTIFICATE-----Generated at Mon Jan 26 09:23:46 2026 by rpki-client