This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/513e8a-ad5b-42be-9b6e-b4269463bce8/1/leys0pjSHL9YEW5sO6ANqpFFx5c.roa File: leys0pjSHL9YEW5sO6ANqpFFx5c.roa (raw, json) Hash identifier: 9zF4zBfFF8tKINoW83chdjLm5f+mKJMMW9YkTlJDR08= Subject key identifier: 95:EC:AC:D2:98:D2:1C:BF:58:11:6E:6C:3B:A0:0D:AA:91:45:C7:97 Certificate issuer: /CN=4a83ee7dcc32837b0ba5b891d8f145435ab3b60a Certificate serial: 019B7BA52F8679A64EB77B278C6A103DBB91 Authority key identifier: 4A:83:EE:7D:CC:32:83:7B:0B:A5:B8:91:D8:F1:45:43:5A:B3:B6:0A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SoPufcwyg3sLpbiR2PFFQ1qztgo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/513e8a-ad5b-42be-9b6e-b4269463bce8/1/leys0pjSHL9YEW5sO6ANqpFFx5c.roa Signing time: Thu 01 Jan 2026 22:19:41 +0000 ROA not before: Thu 01 Jan 2026 22:19:41 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 199860 IP address blocks: 5.188.104.0/22 maxlen: 22 5.188.104.0/23 maxlen: 23 5.188.106.0/23 maxlen: 23 185.44.12.0/22 maxlen: 22 185.44.12.0/23 maxlen: 23 185.44.14.0/23 maxlen: 23 193.43.41.0/24 maxlen: 24 2a01:6520::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/513e8a-ad5b-42be-9b6e-b4269463bce8/1/SoPufcwyg3sLpbiR2PFFQ1qztgo.crl rsync://rpki.ripe.net/repository/DEFAULT/2a/513e8a-ad5b-42be-9b6e-b4269463bce8/1/SoPufcwyg3sLpbiR2PFFQ1qztgo.mft rsync://rpki.ripe.net/repository/DEFAULT/SoPufcwyg3sLpbiR2PFFQ1qztgo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 12:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a5:2f:86:79:a6:4e:b7:7b:27:8c:6a:10:3d:bb:91 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4a83ee7dcc32837b0ba5b891d8f145435ab3b60a Validity Not Before: Jan 1 22:19:41 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=95ecacd298d21cbf58116e6c3ba00daa9145c797 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:0c:bc:6b:d0:83:e4:94:25:6a:94:5f:4f:cd: a5:ff:38:2a:8d:41:e0:d0:d1:24:dc:4e:ca:b1:de: 79:a7:3e:a9:67:12:f0:a0:d7:78:51:aa:df:21:57: 88:d6:29:98:eb:c8:ea:93:86:8c:b0:bf:83:fa:84: 84:5a:80:a7:81:72:39:5f:7d:3c:df:ea:d7:dd:2d: cb:62:14:cb:72:71:bc:b3:23:92:0f:4c:2c:33:75: 96:fe:09:0c:22:f4:d9:83:ac:f5:76:4a:43:c0:54: 21:59:75:00:04:49:57:4b:fb:b4:e3:b8:0e:26:bf: 38:be:b4:4f:3e:ed:3c:50:8b:53:bf:cc:dd:aa:98: 34:02:77:f4:d6:f0:14:57:07:c8:d4:60:de:be:1d: 89:f9:a2:78:e3:d3:0c:d0:6a:24:25:8c:57:22:4c: 3c:00:e8:19:a1:e5:3a:3b:5a:fd:c5:0b:d6:6f:5e: bc:83:83:7f:9d:01:ac:17:2f:15:b4:fc:85:16:ce: 88:81:84:d7:b6:55:96:94:a2:d8:38:93:82:35:ec: b6:a0:0b:12:8d:1d:ea:d5:42:14:ed:6d:76:a6:fe: 66:5f:d3:59:bb:d6:41:77:19:cd:49:f6:53:78:3c: b6:d1:4c:96:28:bb:db:a7:c5:0f:de:39:d7:fd:88: 6b:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 95:EC:AC:D2:98:D2:1C:BF:58:11:6E:6C:3B:A0:0D:AA:91:45:C7:97 X509v3 Authority Key Identifier: keyid:4A:83:EE:7D:CC:32:83:7B:0B:A5:B8:91:D8:F1:45:43:5A:B3:B6:0A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SoPufcwyg3sLpbiR2PFFQ1qztgo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/513e8a-ad5b-42be-9b6e-b4269463bce8/1/leys0pjSHL9YEW5sO6ANqpFFx5c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/513e8a-ad5b-42be-9b6e-b4269463bce8/1/SoPufcwyg3sLpbiR2PFFQ1qztgo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.188.104.0/22 185.44.12.0/22 193.43.41.0/24 IPv6: 2a01:6520::/32 Signature Algorithm: sha256WithRSAEncryption 41:90:25:cf:f3:ac:a8:61:b0:80:ef:05:7d:bc:6b:78:8e:ac: c2:eb:ee:26:1a:27:84:1b:bd:78:fd:63:b4:c6:66:12:18:70: 2b:c6:79:a9:c2:1b:70:b4:76:88:fa:77:cb:5b:5e:fd:23:e1: cd:fd:94:1c:7c:1e:51:af:ad:80:39:6c:06:b6:32:cd:60:cb: bd:5e:d5:d3:9d:bf:3e:8e:18:42:84:55:b0:e4:eb:a8:54:63: f2:48:68:c6:60:61:56:d3:49:b9:51:e7:be:51:32:97:91:23: 41:11:b0:77:4a:53:4a:fb:cd:a1:60:86:da:a4:c9:83:59:65: 47:72:ce:18:45:b3:e1:f2:7a:25:5c:65:2e:c7:34:c2:12:b9: d8:c3:22:48:22:fe:6a:d0:4a:ee:d9:2b:1e:c5:f8:db:02:18: eb:74:49:df:38:be:cd:4e:69:f7:99:4c:61:87:ff:17:32:f8: f6:60:fc:b6:aa:1b:a2:e9:c7:5b:c9:83:77:e2:3b:e1:44:b2: 7e:0d:80:c0:61:a0:24:c0:ca:07:92:cf:a8:f6:7e:57:39:c8: 1f:fd:5c:e8:e7:a0:fb:70:97:1e:94:bf:01:57:83:6e:0d:2b: de:a3:ff:8e:67:c7:7b:5d:99:c7:10:0d:22:34:f8:ba:47:f5: d9:0e:53:9b -----BEGIN CERTIFICATE----- MIIFGDCCBACgAwIBAgISAZt7pS+GeaZOt3snjGoQPbuRMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRhODNlZTdkY2MzMjgzN2IwYmE1Yjg5MWQ4ZjE0NTQzNWFi M2I2MGEwHhcNMjYwMTAxMjIxOTQxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5NWVjYWNkMjk4ZDIxY2JmNTgxMTZlNmMzYmEwMGRhYTkxNDVjNzk3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyQy8a9CD5JQlapRfT82l/zgqjUHg 0NEk3E7Ksd55pz6pZxLwoNd4UarfIVeI1imY68jqk4aMsL+D+oSEWoCngXI5X308 3+rX3S3LYhTLcnG8syOSD0wsM3WW/gkMIvTZg6z1dkpDwFQhWXUABElXS/u047gO Jr84vrRPPu08UItTv8zdqpg0Anf01vAUVwfI1GDevh2J+aJ449MM0GokJYxXIkw8 AOgZoeU6O1r9xQvWb168g4N/nQGsFy8VtPyFFs6IgYTXtlWWlKLYOJOCNey2oAsS jR3q1UIU7W12pv5mX9NZu9ZBdxnNSfZTeDy20UyWKLvbp8UP3jnX/YhrwQIDAQAB o4ICJDCCAiAwHQYDVR0OBBYEFJXsrNKY0hy/WBFubDugDaqRRceXMB8GA1UdIwQY MBaAFEqD7n3MMoN7C6W4kdjxRUNas7YKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvU29QdWZjd3lnM3NMcGJpUjJQRkZRMXF6dGdvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS81MTNlOGEtYWQ1Yi00MmJlLTliNmUt YjQyNjk0NjNiY2U4LzEvbGV5czBwalNITDlZRVc1c082QU5xcEZGeDVjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yYS81MTNlOGEtYWQ1Yi00MmJlLTliNmUtYjQyNjk0NjNiY2U4 LzEvU29QdWZjd3lnM3NMcGJpUjJQRkZRMXF6dGdvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCBbxoAwQC uSwMAwQAwSspMA0EAgACMAcDBQAqAWUgMA0GCSqGSIb3DQEBCwUAA4IBAQBBkCXP 86yoYbCA7wV9vGt4jqzC6+4mGieEG714/WO0xmYSGHArxnmpwhtwtHaI+nfLW179 I+HN/ZQcfB5Rr62AOWwGtjLNYMu9XtXTnb8+jhhChFWw5OuoVGPySGjGYGFW00m5 Uee+UTKXkSNBEbB3SlNK+82hYIbapMmDWWVHcs4YRbPh8nolXGUuxzTCErnYwyJI Iv5q0Eru2SsexfjbAhjrdEnfOL7NTmn3mUxhh/8XMvj2YPy2qhui6cdbyYN34jvh RLJ+DYDAYaAkwMoHks+o9n5XOcgf/Vzo56D7cJcelL8BV4NuDSveo/+OZ8d7XZnH EA0iNPi6R/XZDlOb -----END CERTIFICATE-----Generated at Fri Jan 2 18:34:10 2026 by rpki-client