This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/d097bf-b0f5-43e1-86a2-cfb8da549067/1/LcyElSfep6rD8AEBau9p4Ves3zY.roa File: LcyElSfep6rD8AEBau9p4Ves3zY.roa (raw, json) Hash identifier: cVyB/pcI480WEjCma+PMg1jARTqe0Occ2uE2IiVCZZI= Subject key identifier: 2D:CC:84:95:27:DE:A7:AA:C3:F0:01:01:6A:EF:69:E1:57:AC:DF:36 Certificate issuer: /CN=2a1e65f8083c859bcd0d2c52a1e061eb5131f5f1 Certificate serial: 019B7B35F7A867DACBACA0AED8517B4BBD44 Authority key identifier: 2A:1E:65:F8:08:3C:85:9B:CD:0D:2C:52:A1:E0:61:EB:51:31:F5:F1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Kh5l-Ag8hZvNDSxSoeBh61Ex9fE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/d097bf-b0f5-43e1-86a2-cfb8da549067/1/LcyElSfep6rD8AEBau9p4Ves3zY.roa Signing time: Thu 01 Jan 2026 20:18:12 +0000 ROA not before: Thu 01 Jan 2026 20:18:12 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 207934 IP address blocks: 185.156.96.0/22 maxlen: 32 2a03:300::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f9/d097bf-b0f5-43e1-86a2-cfb8da549067/1/Kh5l-Ag8hZvNDSxSoeBh61Ex9fE.crl rsync://rpki.ripe.net/repository/DEFAULT/f9/d097bf-b0f5-43e1-86a2-cfb8da549067/1/Kh5l-Ag8hZvNDSxSoeBh61Ex9fE.mft rsync://rpki.ripe.net/repository/DEFAULT/Kh5l-Ag8hZvNDSxSoeBh61Ex9fE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 01:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:35:f7:a8:67:da:cb:ac:a0:ae:d8:51:7b:4b:bd:44 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a1e65f8083c859bcd0d2c52a1e061eb5131f5f1 Validity Not Before: Jan 1 20:18:12 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=2dcc849527dea7aac3f001016aef69e157acdf36 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:6a:4f:0e:fc:20:f1:e4:cd:b2:16:4b:90:a4: 82:b6:93:e0:81:98:6b:9b:0f:bf:94:77:ff:c4:75: 5a:42:e0:71:7f:64:76:98:db:fc:14:4c:aa:12:e8: 95:d2:5e:3f:b6:fe:6d:a6:da:f7:d9:75:5b:23:cf: c2:b3:4a:e8:5d:c7:92:20:eb:4e:06:93:32:35:cc: b4:a4:6f:fd:00:75:65:55:80:3b:02:f1:c9:16:ce: 4c:eb:6e:2f:d1:53:4e:86:ff:66:14:d5:ad:f7:0a: 2e:97:70:61:50:a9:ad:1b:e1:d6:89:9b:9f:2a:9d: 70:fe:44:31:01:39:d4:5b:9e:41:5f:6c:dc:c8:39: 09:56:62:b2:d3:3b:dc:df:7e:b3:65:df:32:d9:34: 91:a7:fd:54:17:e2:05:6e:13:7c:39:f6:ee:9e:5e: 49:bd:f0:83:65:6a:9a:f7:22:cd:b9:df:a1:dd:ac: 96:61:d7:c9:d3:f5:54:62:fe:d8:13:21:9a:b2:82: 8f:d6:76:1e:99:68:96:d3:17:2a:bf:7b:5b:80:6d: 16:ba:af:c0:bd:25:c9:ec:fc:4b:c0:50:f5:68:45: 9c:db:4f:96:f1:e1:cf:bc:94:ee:91:3e:c2:f5:8a: ea:47:a2:9a:bf:44:d8:c6:f8:55:03:53:7e:25:e8: d5:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2D:CC:84:95:27:DE:A7:AA:C3:F0:01:01:6A:EF:69:E1:57:AC:DF:36 X509v3 Authority Key Identifier: keyid:2A:1E:65:F8:08:3C:85:9B:CD:0D:2C:52:A1:E0:61:EB:51:31:F5:F1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Kh5l-Ag8hZvNDSxSoeBh61Ex9fE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/d097bf-b0f5-43e1-86a2-cfb8da549067/1/LcyElSfep6rD8AEBau9p4Ves3zY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/d097bf-b0f5-43e1-86a2-cfb8da549067/1/Kh5l-Ag8hZvNDSxSoeBh61Ex9fE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.156.96.0/22 IPv6: 2a03:300::/29 Signature Algorithm: sha256WithRSAEncryption 96:38:4c:bd:f8:3b:f0:ca:49:91:9b:ad:20:af:61:eb:80:32: d9:7d:0c:5b:63:e5:91:3b:b0:63:9a:ae:8f:96:85:34:4e:0d: 2a:b9:c0:69:ff:cf:20:d6:b6:7f:37:62:6f:b5:4c:d8:4d:62: b6:a5:e5:d2:d1:10:5a:f4:c4:03:ef:bd:ff:aa:f6:97:9c:53: 07:ec:1c:46:8b:b6:17:31:c0:18:dc:a3:80:34:9d:0d:6c:eb: 3b:ed:20:41:58:43:43:c9:12:bf:c5:79:31:f1:f1:b5:40:70: ab:30:24:df:4b:56:3a:80:67:39:73:5c:24:a4:43:c3:fc:fd: 96:f1:cf:b7:d2:53:2d:1f:e2:00:ad:52:01:b4:a9:87:69:09: 20:b8:1f:29:28:bf:ec:b8:c8:c7:7f:b1:87:31:1e:36:b0:63: 94:66:48:0a:b4:cc:30:7c:0a:3c:ae:10:da:f1:69:10:78:e7: f6:f3:d2:2e:da:3b:f8:58:72:c4:5d:11:7d:48:a1:d0:42:f2: e8:3b:90:cc:85:17:f6:71:de:78:78:3d:01:43:1c:23:99:53: fb:60:9c:c9:61:b2:f2:23:ec:65:2f:ef:43:06:ed:63:23:3b: cf:15:8c:38:d9:86:10:17:0e:26:c1:a9:17:cc:0d:00:fc:ff: f4:b5:ea:3e -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt7NfeoZ9rLrKCu2FF7S71EMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhMWU2NWY4MDgzYzg1OWJjZDBkMmM1MmExZTA2MWViNTEz MWY1ZjEwHhcNMjYwMTAxMjAxODEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyZGNjODQ5NTI3ZGVhN2FhYzNmMDAxMDE2YWVmNjllMTU3YWNkZjM2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo2pPDvwg8eTNshZLkKSCtpPggZhr mw+/lHf/xHVaQuBxf2R2mNv8FEyqEuiV0l4/tv5tptr32XVbI8/Cs0roXceSIOtO BpMyNcy0pG/9AHVlVYA7AvHJFs5M624v0VNOhv9mFNWt9woul3BhUKmtG+HWiZuf Kp1w/kQxATnUW55BX2zcyDkJVmKy0zvc336zZd8y2TSRp/1UF+IFbhN8Ofbunl5J vfCDZWqa9yLNud+h3ayWYdfJ0/VUYv7YEyGasoKP1nYemWiW0xcqv3tbgG0Wuq/A vSXJ7PxLwFD1aEWc20+W8eHPvJTukT7C9YrqR6Kav0TYxvhVA1N+JejV9wIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFC3MhJUn3qeqw/ABAWrvaeFXrN82MB8GA1UdIwQY MBaAFCoeZfgIPIWbzQ0sUqHgYetRMfXxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS2g1bC1BZzhoWnZORFN4U29lQmg2MUV4OWZFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS9kMDk3YmYtYjBmNS00M2UxLTg2YTIt Y2ZiOGRhNTQ5MDY3LzEvTGN5RWxTZmVwNnJEOEFFQmF1OXA0VmVzM3pZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mOS9kMDk3YmYtYjBmNS00M2UxLTg2YTItY2ZiOGRhNTQ5MDY3 LzEvS2g1bC1BZzhoWnZORFN4U29lQmg2MUV4OWZFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZxgMA0E AgACMAcDBQMqAwMAMA0GCSqGSIb3DQEBCwUAA4IBAQCWOEy9+DvwykmRm60gr2Hr gDLZfQxbY+WRO7Bjmq6PloU0Tg0qucBp/88g1rZ/N2JvtUzYTWK2peXS0RBa9MQD 773/qvaXnFMH7BxGi7YXMcAY3KOANJ0NbOs77SBBWENDyRK/xXkx8fG1QHCrMCTf S1Y6gGc5c1wkpEPD/P2W8c+30lMtH+IArVIBtKmHaQkguB8pKL/suMjHf7GHMR42 sGOUZkgKtMwwfAo8rhDa8WkQeOf289Iu2jv4WHLEXRF9SKHQQvLoO5DMhRf2cd54 eD0BQxwjmVP7YJzJYbLyI+xlL+9DBu1jIzvPFYw42YYQFw4mwakXzA0A/P/0teo+ -----END CERTIFICATE-----Generated at Mon Jan 26 10:14:00 2026 by rpki-client