This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/L3iBAdkNBgvWxhD_jjVuf8HzKKQ.roa File: L3iBAdkNBgvWxhD_jjVuf8HzKKQ.roa (raw, json) Hash identifier: /a1var5arDQaJXJwSn7wNWeaSJBwPDA2R6d4S5GjVtk= Subject key identifier: 2F:78:81:01:D9:0D:06:0B:D6:C6:10:FF:8E:35:6E:7F:C1:F3:28:A4 Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702 Certificate serial: 019B77C71398A11436EE0B875EEE69A5B141 Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/L3iBAdkNBgvWxhD_jjVuf8HzKKQ.roa Signing time: Thu 01 Jan 2026 04:18:13 +0000 ROA not before: Thu 01 Jan 2026 04:18:13 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 198154 IP address blocks: 85.133.194.0/24 maxlen: 24 85.133.195.0/24 maxlen: 24 85.133.221.0/24 maxlen: 24 85.133.225.0/24 maxlen: 24 85.133.230.0/24 maxlen: 24 85.133.248.0/24 maxlen: 24 85.133.250.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.mft rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c7:13:98:a1:14:36:ee:0b:87:5e:ee:69:a5:b1:41 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702 Validity Not Before: Jan 1 04:18:13 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=2f788101d90d060bd6c610ff8e356e7fc1f328a4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:49:a9:ea:62:73:45:12:b0:a0:8a:fd:57:13: 86:63:f2:c4:de:68:13:73:02:34:9a:ab:36:0c:59: 05:39:b2:49:f3:7e:7d:40:f1:34:67:69:a8:ef:f0: 70:9c:3b:11:1a:e9:27:a8:70:91:30:64:8e:49:8a: a7:d9:85:b5:63:bf:10:ed:fd:b5:50:c5:b5:3c:1c: b1:e3:af:63:9a:45:a3:19:eb:ae:5f:53:58:5a:cb: fd:e8:f3:e5:0c:54:d0:c4:4c:8d:f2:c1:ac:af:44: 95:95:48:2a:88:98:54:f3:30:d0:15:12:fd:2f:36: 69:a9:ab:94:30:b0:dc:47:48:26:42:92:71:87:9e: 6d:7e:64:34:5a:81:18:78:3e:dc:ea:1b:1b:d7:5f: 3f:6d:66:14:42:36:de:7c:f8:36:87:e3:c3:8a:1f: c3:4d:c4:d9:18:5a:aa:ff:d1:d5:ab:e9:c7:fd:b9: 96:a8:61:66:71:17:2c:2f:42:09:36:58:69:b8:79: 17:f0:32:13:b1:17:ce:00:54:bf:e6:c2:d1:d4:13: 5d:02:71:9d:20:9a:a1:7d:77:be:45:4a:af:bb:03: ca:56:45:8f:31:51:47:bd:53:f2:f8:8d:dc:6c:c4: 41:c4:a7:7a:14:8f:4a:b1:14:57:a6:48:a6:ba:73: c6:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2F:78:81:01:D9:0D:06:0B:D6:C6:10:FF:8E:35:6E:7F:C1:F3:28:A4 X509v3 Authority Key Identifier: keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/L3iBAdkNBgvWxhD_jjVuf8HzKKQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 85.133.194.0/23 85.133.221.0/24 85.133.225.0/24 85.133.230.0/24 85.133.248.0/24 85.133.250.0/24 Signature Algorithm: sha256WithRSAEncryption 34:ed:b4:2f:3d:63:14:ee:94:b9:ef:7f:1a:0b:62:ac:0b:d4: 0d:1a:fc:fa:ce:b2:c3:22:79:d2:2f:a4:b3:67:49:cf:ea:ec: 91:9f:5e:b0:3f:41:09:8a:48:9b:51:7b:d3:61:bb:41:b3:a8: 94:26:59:59:55:60:98:dc:02:69:76:70:6b:ee:b7:34:08:7a: c5:10:27:84:28:42:f5:30:f3:08:ae:40:ce:b5:8b:23:a4:b7: 6f:a4:6f:3d:30:3f:ed:e1:89:b5:30:63:5b:e8:dc:a1:ea:3d: bb:12:1d:94:61:3a:03:a9:11:29:c1:03:60:b2:e3:32:6d:dc: cf:c9:ff:d4:7d:55:a6:87:e4:1b:c5:89:6d:46:ba:91:67:0f: 5b:6d:cb:82:9b:55:05:c9:3a:b2:3c:b6:e7:5f:81:ad:15:5b: 81:20:51:09:a4:6c:10:62:c1:a3:ef:86:a2:82:55:84:21:98: dd:44:91:b3:92:ba:1a:3d:87:7b:5b:fe:56:80:75:ab:f8:72: 15:05:fc:6f:b5:04:32:28:46:6f:a0:af:69:e3:24:56:4a:70: bb:66:b2:86:2e:b2:91:60:d2:eb:e1:0c:95:e0:b3:c0:b1:d1: 2c:8d:ae:76:0b:0e:fe:c1:b3:cc:08:55:35:04:5a:85:b1:9e: a2:0a:ac:ad -----BEGIN CERTIFICATE----- MIIFGzCCBAOgAwIBAgISAZt3xxOYoRQ27guHXu5ppbFBMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5 NDY3MDIwHhcNMjYwMTAxMDQxODEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyZjc4ODEwMWQ5MGQwNjBiZDZjNjEwZmY4ZTM1NmU3ZmMxZjMyOGE0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Ump6mJzRRKwoIr9VxOGY/LE3mgT cwI0mqs2DFkFObJJ8359QPE0Z2mo7/BwnDsRGuknqHCRMGSOSYqn2YW1Y78Q7f21 UMW1PByx469jmkWjGeuuX1NYWsv96PPlDFTQxEyN8sGsr0SVlUgqiJhU8zDQFRL9 LzZpqauUMLDcR0gmQpJxh55tfmQ0WoEYeD7c6hsb118/bWYUQjbefPg2h+PDih/D TcTZGFqq/9HVq+nH/bmWqGFmcRcsL0IJNlhpuHkX8DITsRfOAFS/5sLR1BNdAnGd IJqhfXe+RUqvuwPKVkWPMVFHvVPy+I3cbMRBxKd6FI9KsRRXpkimunPGKwIDAQAB o4ICJzCCAiMwHQYDVR0OBBYEFC94gQHZDQYL1sYQ/441bn/B8yikMB8GA1UdIwQY MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt NWQxZmE2NmMzNjNiLzEvTDNpQkFka05CZ3ZXeGhEX2pqVnVmOEh6S0tRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBVYXCAwQA VYXdAwQAVYXhAwQAVYXmAwQAVYX4AwQAVYX6MA0GCSqGSIb3DQEBCwUAA4IBAQA0 7bQvPWMU7pS5738aC2KsC9QNGvz6zrLDInnSL6SzZ0nP6uyRn16wP0EJikibUXvT YbtBs6iUJllZVWCY3AJpdnBr7rc0CHrFECeEKEL1MPMIrkDOtYsjpLdvpG89MD/t 4Ym1MGNb6Nyh6j27Eh2UYToDqREpwQNgsuMybdzPyf/UfVWmh+QbxYltRrqRZw9b bcuCm1UFyTqyPLbnX4GtFVuBIFEJpGwQYsGj74aiglWEIZjdRJGzkroaPYd7W/5W gHWr+HIVBfxvtQQyKEZvoK9p4yRWSnC7ZrKGLrKRYNLr4QyV4LPAsdEsja52Cw7+ wbPMCFU1BFqFsZ6iCqyt -----END CERTIFICATE-----Generated at Sun Jan 25 17:48:09 2026 by rpki-client