This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/cfa2ae-e524-4bd0-875b-89ace38220fb/1/lcClvb5lWoz5BZz6OaFdK3R9xGE.roa File: lcClvb5lWoz5BZz6OaFdK3R9xGE.roa (raw, json) Hash identifier: PsC5EzzQ7hkTxDvFDTx+fSsbRwpbMLn+Jz+ec7/QAp0= Subject key identifier: 95:C0:A5:BD:BE:65:5A:8C:F9:05:9C:FA:39:A1:5D:2B:74:7D:C4:61 Certificate issuer: /CN=46ba3f80039b9e784cfb24bf2c7ddb24e1900a76 Certificate serial: 019B77C6EA2B2AF224575B6FDAFACABA5EA3 Authority key identifier: 46:BA:3F:80:03:9B:9E:78:4C:FB:24:BF:2C:7D:DB:24:E1:90:0A:76 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Rro_gAObnnhM-yS_LH3bJOGQCnY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/cfa2ae-e524-4bd0-875b-89ace38220fb/1/lcClvb5lWoz5BZz6OaFdK3R9xGE.roa Signing time: Thu 01 Jan 2026 04:18:03 +0000 ROA not before: Thu 01 Jan 2026 04:18:03 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 57073 IP address blocks: 85.198.76.0/22 maxlen: 24 91.230.107.0/24 maxlen: 24 94.141.112.0/22 maxlen: 24 176.101.88.0/21 maxlen: 24 185.62.200.0/23 maxlen: 24 185.62.202.0/24 maxlen: 24 185.138.252.0/22 maxlen: 24 185.138.252.0/24 maxlen: 24 185.138.253.0/24 maxlen: 24 185.138.254.0/24 maxlen: 24 185.138.255.0/24 maxlen: 24 194.1.214.0/24 maxlen: 24 213.184.154.0/23 maxlen: 24 213.184.154.0/24 maxlen: 24 213.184.156.0/22 maxlen: 24 2a03:720::/32 maxlen: 48 2a03:720:18::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/85/cfa2ae-e524-4bd0-875b-89ace38220fb/1/Rro_gAObnnhM-yS_LH3bJOGQCnY.crl rsync://rpki.ripe.net/repository/DEFAULT/85/cfa2ae-e524-4bd0-875b-89ace38220fb/1/Rro_gAObnnhM-yS_LH3bJOGQCnY.mft rsync://rpki.ripe.net/repository/DEFAULT/Rro_gAObnnhM-yS_LH3bJOGQCnY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 02 Jan 2026 00:18:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c6:ea:2b:2a:f2:24:57:5b:6f:da:fa:ca:ba:5e:a3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=46ba3f80039b9e784cfb24bf2c7ddb24e1900a76 Validity Not Before: Jan 1 04:18:03 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=95c0a5bdbe655a8cf9059cfa39a15d2b747dc461 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:1a:ab:77:37:2a:f5:3a:74:28:7d:fc:d7:57: 34:f1:74:f3:e1:c6:5f:cf:85:1a:48:7e:e1:3f:09: a1:b7:39:5c:f2:e4:26:d3:01:b6:dc:78:5a:67:a3: 8f:c4:9c:1d:a9:19:3d:fe:5d:e8:f8:a8:f8:9c:7e: 59:51:16:80:93:82:df:6b:b7:ba:53:88:4d:b8:ec: ae:c5:37:51:dd:aa:7d:ec:cc:90:99:60:35:01:9f: 9d:b5:d4:e9:09:45:b6:8b:5e:8e:fa:5e:9d:9b:ce: d3:76:bd:bd:34:0a:b6:e5:9c:0f:cf:bb:9b:ee:06: 44:51:dc:8f:a6:5c:28:14:f8:13:c2:bc:80:d6:64: 09:97:a1:53:a0:9b:45:e4:a0:77:27:90:df:e0:b0: 03:00:42:68:e3:f5:32:4a:02:ef:4d:d6:49:90:5e: 21:08:65:6b:52:ac:6e:f2:0f:25:84:09:37:17:a0: b5:fc:64:98:21:4d:5a:9c:24:3d:b2:5a:f4:23:6c: 1c:e7:cc:06:1c:9a:a1:a1:42:cb:72:02:51:0c:b8: 49:28:1a:a8:60:82:ca:fb:19:b1:b4:00:3e:be:1e: fc:3a:a4:57:5d:35:01:f5:42:5d:ed:3c:2e:2f:b0: 6e:4d:19:ca:98:73:d0:89:f7:a2:17:65:1e:11:62: bd:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 95:C0:A5:BD:BE:65:5A:8C:F9:05:9C:FA:39:A1:5D:2B:74:7D:C4:61 X509v3 Authority Key Identifier: keyid:46:BA:3F:80:03:9B:9E:78:4C:FB:24:BF:2C:7D:DB:24:E1:90:0A:76 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Rro_gAObnnhM-yS_LH3bJOGQCnY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/cfa2ae-e524-4bd0-875b-89ace38220fb/1/lcClvb5lWoz5BZz6OaFdK3R9xGE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/85/cfa2ae-e524-4bd0-875b-89ace38220fb/1/Rro_gAObnnhM-yS_LH3bJOGQCnY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 85.198.76.0/22 91.230.107.0/24 94.141.112.0/22 176.101.88.0/21 185.62.200.0-185.62.202.255 185.138.252.0/22 194.1.214.0/24 213.184.154.0-213.184.159.255 IPv6: 2a03:720::/32 Signature Algorithm: sha256WithRSAEncryption 47:db:32:7f:5f:c4:55:8f:17:80:86:a3:7b:b2:e3:43:81:90: a3:c5:17:8d:be:e7:7a:e7:48:cb:d0:a1:e2:ba:91:0e:0f:18: 44:cf:7c:82:dc:e4:23:65:c4:53:04:be:d0:4d:47:44:27:ce: 20:4e:2e:d7:74:7b:01:b2:3d:f0:c4:22:0a:d6:36:0e:41:d9: d2:3f:e6:e9:9a:be:e4:8a:5d:66:29:79:48:8b:fa:b3:23:92: d1:63:d9:e6:cf:4b:12:e9:71:19:01:f7:f5:81:cb:3c:57:fa: 93:18:38:c9:9c:9a:c3:94:33:1d:13:90:4f:06:48:78:c6:e6: ba:16:24:5e:08:e0:df:8a:94:a5:2e:9b:93:cb:d1:5d:9e:6c: 9f:00:23:e9:74:1c:5c:53:99:dd:4a:2b:b0:06:c9:2e:80:c6: b1:7b:8a:85:c2:26:05:c0:75:d0:b1:c6:47:c8:64:56:39:c2: 78:c1:dc:3e:2e:7f:bd:01:0b:2b:8d:0b:fe:4b:9e:dd:72:63: bc:5d:f7:aa:ba:bf:2a:23:6c:2c:90:cc:5c:20:b2:b2:3f:8e: d8:e8:4c:a2:bd:a8:bd:40:e2:95:38:85:ca:55:bb:a1:78:50: 3b:68:cf:ea:1a:38:eb:6b:5e:4f:44:73:27:e5:af:c4:b4:a9: 19:3e:4f:63 -----BEGIN CERTIFICATE----- MIIFRjCCBC6gAwIBAgISAZt3xuorKvIkV1tv2vrKul6jMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQ2YmEzZjgwMDM5YjllNzg0Y2ZiMjRiZjJjN2RkYjI0ZTE5 MDBhNzYwHhcNMjYwMTAxMDQxODAzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5NWMwYTViZGJlNjU1YThjZjkwNTljZmEzOWExNWQyYjc0N2RjNDYxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuBqrdzcq9Tp0KH3811c08XTz4cZf z4UaSH7hPwmhtzlc8uQm0wG23HhaZ6OPxJwdqRk9/l3o+Kj4nH5ZURaAk4Lfa7e6 U4hNuOyuxTdR3ap97MyQmWA1AZ+dtdTpCUW2i16O+l6dm87Tdr29NAq25ZwPz7ub 7gZEUdyPplwoFPgTwryA1mQJl6FToJtF5KB3J5Df4LADAEJo4/UySgLvTdZJkF4h CGVrUqxu8g8lhAk3F6C1/GSYIU1anCQ9slr0I2wc58wGHJqhoULLcgJRDLhJKBqo YILK+xmxtAA+vh78OqRXXTUB9UJd7TwuL7BuTRnKmHPQifeiF2UeEWK9oQIDAQAB o4ICUjCCAk4wHQYDVR0OBBYEFJXApb2+ZVqM+QWc+jmhXSt0fcRhMB8GA1UdIwQY MBaAFEa6P4ADm554TPskvyx92yThkAp2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUnJvX2dBT2JubmhNLXlTX0xIM2JKT0dRQ25ZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS9jZmEyYWUtZTUyNC00YmQwLTg3NWIt ODlhY2UzODIyMGZiLzEvbGNDbHZiNWxXb3o1Qlp6Nk9hRmRLM1I5eEdFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84NS9jZmEyYWUtZTUyNC00YmQwLTg3NWItODlhY2UzODIyMGZi LzEvUnJvX2dBT2JubmhNLXlTX0xIM2JKT0dRQ25ZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMGgGCCsGAQUFBwEHAQH/BFkwVzBGBAIAATBAAwQCVcZMAwQA W+ZrAwQCXo1wAwQDsGVYMAwDBAO5PsgDBAC5PsoDBAK5ivwDBADCAdYwDAMEAdW4 mgMEBdW4gDANBAIAAjAHAwUAKgMHIDANBgkqhkiG9w0BAQsFAAOCAQEAR9syf1/E VY8XgIaje7LjQ4GQo8UXjb7neudIy9Ch4rqRDg8YRM98gtzkI2XEUwS+0E1HRCfO IE4u13R7AbI98MQiCtY2DkHZ0j/m6Zq+5IpdZil5SIv6syOS0WPZ5s9LEulxGQH3 9YHLPFf6kxg4yZyaw5QzHROQTwZIeMbmuhYkXgjg34qUpS6bk8vRXZ5snwAj6XQc XFOZ3UorsAbJLoDGsXuKhcImBcB10LHGR8hkVjnCeMHcPi5/vQELK40L/kue3XJj vF33qrq/KiNsLJDMXCCysj+O2OhMor2ovUDilTiFylW7oXhQO2jP6ho462teT0Rz J+WvxLSpGT5PYw== -----END CERTIFICATE-----Generated at Thu Jan 1 09:11:18 2026 by rpki-client