This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/0f087b-7253-461e-9021-9a91219f06e1/1/lEbJm5syICAkDzBdnQFTwrUOmo0.roa File: lEbJm5syICAkDzBdnQFTwrUOmo0.roa (raw, json) Hash identifier: vOTfqhJ4GKJTkXberBptf2018gCEaSZ0ldd8I65tSrE= Subject key identifier: 94:46:C9:9B:9B:32:20:20:24:0F:30:5D:9D:01:53:C2:B5:0E:9A:8D Certificate issuer: /CN=0b30057817ed2fd9595846320fdb814c9fc44a13 Certificate serial: 019B7CEDBF732942246B857FEF628E7F7676 Authority key identifier: 0B:30:05:78:17:ED:2F:D9:59:58:46:32:0F:DB:81:4C:9F:C4:4A:13 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CzAFeBftL9lZWEYyD9uBTJ_EShM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/0f087b-7253-461e-9021-9a91219f06e1/1/lEbJm5syICAkDzBdnQFTwrUOmo0.roa Signing time: Fri 02 Jan 2026 04:18:34 +0000 ROA not before: Fri 02 Jan 2026 04:18:34 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 205183 IP address blocks: 130.43.168.0/24 maxlen: 24 2a0c:d780::/29 maxlen: 30 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/0f087b-7253-461e-9021-9a91219f06e1/1/CzAFeBftL9lZWEYyD9uBTJ_EShM.crl rsync://rpki.ripe.net/repository/DEFAULT/fe/0f087b-7253-461e-9021-9a91219f06e1/1/CzAFeBftL9lZWEYyD9uBTJ_EShM.mft rsync://rpki.ripe.net/repository/DEFAULT/CzAFeBftL9lZWEYyD9uBTJ_EShM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:ed:bf:73:29:42:24:6b:85:7f:ef:62:8e:7f:76:76 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0b30057817ed2fd9595846320fdb814c9fc44a13 Validity Not Before: Jan 2 04:18:34 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=9446c99b9b322020240f305d9d0153c2b50e9a8d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:94:c1:4f:b7:02:88:35:74:73:76:cc:13:b4:b9: 9e:2d:d1:4e:bb:2c:fd:30:96:15:44:4a:a3:8c:76: 40:07:8b:b0:23:5c:e3:97:e5:79:52:eb:b8:fd:33: 45:e4:67:80:9c:ef:a5:cf:c8:5e:d0:1e:fb:4c:53: c1:52:7f:cf:50:3d:3d:b6:2e:ad:15:ed:8f:e5:94: 60:ea:22:46:4b:95:1a:3b:7d:eb:76:a5:a3:53:44: a2:0e:17:3b:ee:f9:23:27:c5:ca:fc:e9:12:6c:64: e9:d9:da:ba:5f:10:5f:6e:7b:d3:3a:94:0e:01:a8: 2f:92:d8:71:b0:5b:08:9f:3f:06:04:d3:0d:a4:fe: e7:37:de:21:6b:b5:de:70:1f:b0:f8:d1:ee:49:38: 58:50:7b:58:1f:66:d6:25:bb:57:ee:b2:e7:11:01: 3f:02:b7:04:2f:b3:c1:46:04:a1:8f:f0:c0:e2:b1: fa:be:ce:5b:ea:bc:8f:4e:11:0b:2b:93:0c:5b:dc: 56:39:21:e2:de:bd:03:50:bb:4e:3e:d5:81:09:c8: 2c:af:bf:41:58:a0:c2:2e:fc:e6:bc:76:ed:bc:08: b8:41:a9:9b:76:85:d3:56:64:f8:f4:c7:cd:2e:06: 22:5b:a6:1d:c4:9c:9e:8f:e5:d8:3d:60:08:09:35: 88:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 94:46:C9:9B:9B:32:20:20:24:0F:30:5D:9D:01:53:C2:B5:0E:9A:8D X509v3 Authority Key Identifier: keyid:0B:30:05:78:17:ED:2F:D9:59:58:46:32:0F:DB:81:4C:9F:C4:4A:13 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CzAFeBftL9lZWEYyD9uBTJ_EShM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/0f087b-7253-461e-9021-9a91219f06e1/1/lEbJm5syICAkDzBdnQFTwrUOmo0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/0f087b-7253-461e-9021-9a91219f06e1/1/CzAFeBftL9lZWEYyD9uBTJ_EShM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 130.43.168.0/24 IPv6: 2a0c:d780::/29 Signature Algorithm: sha256WithRSAEncryption 25:37:02:84:42:06:b2:5c:50:2b:d6:6a:5f:28:76:57:47:a2: fb:62:81:3b:dd:db:32:aa:d8:c0:a9:2f:a6:17:32:24:16:c3: 92:42:3d:c3:71:8a:4f:fa:ab:31:19:95:78:60:99:1a:a4:a6: 67:7f:35:02:5f:07:fb:a2:f8:7b:41:6c:5d:fb:43:bc:ce:26: e6:2a:a3:61:4e:aa:17:db:3e:22:9e:8c:38:d8:a8:c3:e4:bd: a0:dd:ec:28:44:49:c7:6a:6e:90:ce:46:6a:5e:f6:b4:e8:2f: b5:a1:fd:c9:1c:42:59:a3:0a:ad:5f:28:60:0a:67:36:66:98: e5:fc:11:56:db:69:bf:f9:a6:81:7f:0d:4d:8b:52:ec:75:49: 19:c4:e1:b9:de:2f:a9:33:97:27:3a:8d:a1:64:19:ab:0c:a4: be:9d:65:6b:eb:bb:af:10:a7:1d:c5:09:f9:c1:af:fb:23:29: 34:74:91:d7:c4:8b:99:f4:d7:e4:38:38:7b:b0:19:51:44:42: b9:45:87:a3:1d:90:da:c7:ba:ee:39:33:32:a9:60:71:ea:72: b8:59:fa:fe:b5:a2:14:ff:a5:af:2d:bf:02:0e:19:80:2c:ea: ea:97:b1:2c:37:32:86:d6:8c:e6:82:a1:27:b6:2a:a7:d2:9a: 08:c0:c7:67 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt87b9zKUIka4V/72KOf3Z2MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBiMzAwNTc4MTdlZDJmZDk1OTU4NDYzMjBmZGI4MTRjOWZj NDRhMTMwHhcNMjYwMTAyMDQxODM0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5NDQ2Yzk5YjliMzIyMDIwMjQwZjMwNWQ5ZDAxNTNjMmI1MGU5YThkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlMFPtwKINXRzdswTtLmeLdFOuyz9 MJYVREqjjHZAB4uwI1zjl+V5Uuu4/TNF5GeAnO+lz8he0B77TFPBUn/PUD09ti6t Fe2P5ZRg6iJGS5UaO33rdqWjU0SiDhc77vkjJ8XK/OkSbGTp2dq6XxBfbnvTOpQO AagvkthxsFsInz8GBNMNpP7nN94ha7XecB+w+NHuSThYUHtYH2bWJbtX7rLnEQE/ ArcEL7PBRgShj/DA4rH6vs5b6ryPThELK5MMW9xWOSHi3r0DULtOPtWBCcgsr79B WKDCLvzmvHbtvAi4QambdoXTVmT49MfNLgYiW6YdxJyej+XYPWAICTWInQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFJRGyZubMiAgJA8wXZ0BU8K1DpqNMB8GA1UdIwQY MBaAFAswBXgX7S/ZWVhGMg/bgUyfxEoTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQ3pBRmVCZnRMOWxaV0VZeUQ5dUJUSl9FU2hNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8wZjA4N2ItNzI1My00NjFlLTkwMjEt OWE5MTIxOWYwNmUxLzEvbEViSm01c3lJQ0FrRHpCZG5RRlR3clVPbW8wLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mZS8wZjA4N2ItNzI1My00NjFlLTkwMjEtOWE5MTIxOWYwNmUx LzEvQ3pBRmVCZnRMOWxaV0VZeUQ5dUJUSl9FU2hNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAgiuoMA0E AgACMAcDBQMqDNeAMA0GCSqGSIb3DQEBCwUAA4IBAQAlNwKEQgayXFAr1mpfKHZX R6L7YoE73dsyqtjAqS+mFzIkFsOSQj3DcYpP+qsxGZV4YJkapKZnfzUCXwf7ovh7 QWxd+0O8zibmKqNhTqoX2z4inow42KjD5L2g3ewoREnHam6QzkZqXva06C+1of3J HEJZowqtXyhgCmc2Zpjl/BFW22m/+aaBfw1Ni1LsdUkZxOG53i+pM5cnOo2hZBmr DKS+nWVr67uvEKcdxQn5wa/7Iyk0dJHXxIuZ9NfkODh7sBlRREK5RYejHZDax7ru OTMyqWBx6nK4Wfr+taIU/6WvLb8CDhmALOrql7EsNzKG1ozmgqEntiqn0poIwMdn -----END CERTIFICATE-----Generated at Sun Jan 25 23:03:50 2026 by rpki-client