This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/d8398e-232c-45c2-b8e0-9ce4767da2c1/1/LEwM1ia3LB4tjMF-xTBddTZwLEI.roa File: LEwM1ia3LB4tjMF-xTBddTZwLEI.roa (raw, json) Hash identifier: Dr/U4Sjro7hTaO7vuNctCUrPg7y8M1sJJNCpEq5nKx8= Subject key identifier: 2C:4C:0C:D6:26:B7:2C:1E:2D:8C:C1:7E:C5:30:5D:75:36:70:2C:42 Certificate issuer: /CN=a6a0434bebe5dfa63dda78c24a4ebc1d2cd7369d Certificate serial: 019B7910B6D227D7593D4203F087CF30B9F6 Authority key identifier: A6:A0:43:4B:EB:E5:DF:A6:3D:DA:78:C2:4A:4E:BC:1D:2C:D7:36:9D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pqBDS-vl36Y92njCSk68HSzXNp0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/d8398e-232c-45c2-b8e0-9ce4767da2c1/1/LEwM1ia3LB4tjMF-xTBddTZwLEI.roa Signing time: Thu 01 Jan 2026 10:18:17 +0000 ROA not before: Thu 01 Jan 2026 10:18:17 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 208583 IP address blocks: 2a0a:56c4:4::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/d8398e-232c-45c2-b8e0-9ce4767da2c1/1/pqBDS-vl36Y92njCSk68HSzXNp0.crl rsync://rpki.ripe.net/repository/DEFAULT/f4/d8398e-232c-45c2-b8e0-9ce4767da2c1/1/pqBDS-vl36Y92njCSk68HSzXNp0.mft rsync://rpki.ripe.net/repository/DEFAULT/pqBDS-vl36Y92njCSk68HSzXNp0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 10:01:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:10:b6:d2:27:d7:59:3d:42:03:f0:87:cf:30:b9:f6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a6a0434bebe5dfa63dda78c24a4ebc1d2cd7369d Validity Not Before: Jan 1 10:18:17 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=2c4c0cd626b72c1e2d8cc17ec5305d7536702c42 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:1e:e6:2c:b1:fe:bc:6e:a5:af:d4:aa:14:2f: 83:3b:69:ed:1d:e8:d3:ac:06:5b:b8:c3:4e:78:2b: c3:4f:00:17:14:62:0a:ab:90:81:99:d1:36:80:62: 44:c4:63:70:e3:6c:2a:10:c4:e7:b4:d5:e8:93:2d: 59:2a:a8:89:8d:5a:86:b5:81:72:e7:7c:2c:cb:5c: 43:06:a6:6e:94:e1:b0:ce:05:5c:9e:b7:05:88:0f: 34:56:ea:ba:cf:0a:9c:f6:ff:33:3d:46:7f:7e:7d: 35:72:a2:83:86:63:06:bf:e9:dd:b2:cb:0d:f8:1e: 6e:6c:08:12:83:00:40:13:47:9b:f5:73:9d:5b:5a: 9f:ae:5d:09:eb:bc:5b:a7:cb:e8:52:27:23:c6:18: 0e:d7:a8:34:71:ea:a0:20:9f:74:50:09:e9:f7:d8: b3:5d:fd:e5:11:4b:e8:8f:fb:5c:2c:3c:68:95:93: d1:c3:7a:e0:9e:2b:50:9a:32:f7:6e:fa:94:65:fd: 80:9c:56:61:1e:a3:17:73:9e:ed:9b:4d:45:f5:d5: d4:1c:65:dd:70:b6:3f:f4:90:ed:01:40:39:01:bf: 36:d4:7c:07:a7:73:0a:75:6c:4f:2a:5c:d4:6b:c5: 39:3d:03:60:cf:cb:e3:e3:c3:f1:52:3a:c8:b3:9e: 3b:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2C:4C:0C:D6:26:B7:2C:1E:2D:8C:C1:7E:C5:30:5D:75:36:70:2C:42 X509v3 Authority Key Identifier: keyid:A6:A0:43:4B:EB:E5:DF:A6:3D:DA:78:C2:4A:4E:BC:1D:2C:D7:36:9D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pqBDS-vl36Y92njCSk68HSzXNp0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/d8398e-232c-45c2-b8e0-9ce4767da2c1/1/LEwM1ia3LB4tjMF-xTBddTZwLEI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/d8398e-232c-45c2-b8e0-9ce4767da2c1/1/pqBDS-vl36Y92njCSk68HSzXNp0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0a:56c4:4::/48 Signature Algorithm: sha256WithRSAEncryption b6:ef:6d:f0:4f:69:17:5e:49:e7:02:5c:a9:18:48:ca:5c:89: 4f:fd:0f:9f:8b:6d:1a:e9:e6:7e:d1:a5:2c:2b:90:cb:23:16: 58:d1:29:de:6b:81:5c:53:e6:ce:4c:01:2c:e6:84:ff:07:67: d6:84:0b:dd:c4:7d:f4:a5:ba:52:78:db:f7:10:59:fe:34:3e: 33:4e:a1:9e:31:ed:d8:4c:97:a0:6a:30:62:b1:12:ea:4c:ca: 18:a0:46:93:4f:1a:57:43:b9:bb:fe:aa:4c:ad:ce:56:64:f0: 7f:25:2c:f9:cc:c2:45:88:73:99:b4:91:9a:09:c8:0c:27:7b: 1d:a8:6e:18:d7:f4:ed:ba:25:45:97:01:31:09:4b:2c:ba:77: c2:dc:51:7f:a6:06:02:05:3f:dc:99:4e:a1:dc:b1:6f:9a:d2: e2:79:1c:48:b2:a8:0d:f8:c3:78:36:b7:36:ca:5c:e2:b5:32: 15:f8:db:c3:d2:79:22:84:7a:00:d8:a3:76:17:65:2e:af:ec: ea:8e:28:7b:ea:16:a5:ff:0b:b9:75:0c:a9:ec:54:8c:57:aa: 40:80:7f:bb:81:c3:b1:93:4c:0d:3a:37:e0:84:b1:fd:af:f3: 2c:a4:06:b3:4d:1a:02:1f:05:87:14:ea:df:2a:5c:d2:1e:af: 7c:ff:b3:83 -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt5ELbSJ9dZPUID8IfPMLn2MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE2YTA0MzRiZWJlNWRmYTYzZGRhNzhjMjRhNGViYzFkMmNk NzM2OWQwHhcNMjYwMTAxMTAxODE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyYzRjMGNkNjI2YjcyYzFlMmQ4Y2MxN2VjNTMwNWQ3NTM2NzAyYzQyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAux7mLLH+vG6lr9SqFC+DO2ntHejT rAZbuMNOeCvDTwAXFGIKq5CBmdE2gGJExGNw42wqEMTntNXoky1ZKqiJjVqGtYFy 53wsy1xDBqZulOGwzgVcnrcFiA80Vuq6zwqc9v8zPUZ/fn01cqKDhmMGv+ndsssN +B5ubAgSgwBAE0eb9XOdW1qfrl0J67xbp8voUicjxhgO16g0ceqgIJ90UAnp99iz Xf3lEUvoj/tcLDxolZPRw3rgnitQmjL3bvqUZf2AnFZhHqMXc57tm01F9dXUHGXd cLY/9JDtAUA5Ab821HwHp3MKdWxPKlzUa8U5PQNgz8vj48PxUjrIs5475wIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFCxMDNYmtyweLYzBfsUwXXU2cCxCMB8GA1UdIwQY MBaAFKagQ0vr5d+mPdp4wkpOvB0s1zadMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcHFCRFMtdmwzNlk5Mm5qQ1NrNjhIU3pYTnAwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC9kODM5OGUtMjMyYy00NWMyLWI4ZTAt OWNlNDc2N2RhMmMxLzEvTEV3TTFpYTNMQjR0ak1GLXhUQmRkVFp3TEVJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mNC9kODM5OGUtMjMyYy00NWMyLWI4ZTAtOWNlNDc2N2RhMmMx LzEvcHFCRFMtdmwzNlk5Mm5qQ1NrNjhIU3pYTnAwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgpWxAAE MA0GCSqGSIb3DQEBCwUAA4IBAQC2723wT2kXXknnAlypGEjKXIlP/Q+fi20a6eZ+ 0aUsK5DLIxZY0Snea4FcU+bOTAEs5oT/B2fWhAvdxH30pbpSeNv3EFn+ND4zTqGe Me3YTJegajBisRLqTMoYoEaTTxpXQ7m7/qpMrc5WZPB/JSz5zMJFiHOZtJGaCcgM J3sdqG4Y1/TtuiVFlwExCUssunfC3FF/pgYCBT/cmU6h3LFvmtLieRxIsqgN+MN4 Nrc2ylzitTIV+NvD0nkihHoA2KN2F2Uur+zqjih76hal/wu5dQyp7FSMV6pAgH+7 gcOxk0wNOjfghLH9r/MspAazTRoCHwWHFOrfKlzSHq98/7OD -----END CERTIFICATE-----Generated at Sun Jan 25 19:37:06 2026 by rpki-client