This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/5b7c94-a60d-4399-9829-52b8166829d7/1/lKM1gHFyylwdRUKMaY5fLo9cQo4.roa File: lKM1gHFyylwdRUKMaY5fLo9cQo4.roa (raw, json) Hash identifier: s0i27z26ycWaj2Sw/lN75r12wdUfV6zW3S6uMy4zqRE= Subject key identifier: 94:A3:35:80:71:72:CA:5C:1D:45:42:8C:69:8E:5F:2E:8F:5C:42:8E Certificate issuer: /CN=8d8740799c91c2630a8092178db824f3a889a75f Certificate serial: 019B7A5B1731EC5F9F381D1366D4A4C32100 Authority key identifier: 8D:87:40:79:9C:91:C2:63:0A:80:92:17:8D:B8:24:F3:A8:89:A7:5F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jYdAeZyRwmMKgJIXjbgk86iJp18.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/5b7c94-a60d-4399-9829-52b8166829d7/1/lKM1gHFyylwdRUKMaY5fLo9cQo4.roa Signing time: Thu 01 Jan 2026 16:19:08 +0000 ROA not before: Thu 01 Jan 2026 16:19:08 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 44453 IP address blocks: 144.208.0.0/19 maxlen: 32 144.208.128.0/22 maxlen: 32 144.208.132.0/22 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f3/5b7c94-a60d-4399-9829-52b8166829d7/1/jYdAeZyRwmMKgJIXjbgk86iJp18.crl rsync://rpki.ripe.net/repository/DEFAULT/f3/5b7c94-a60d-4399-9829-52b8166829d7/1/jYdAeZyRwmMKgJIXjbgk86iJp18.mft rsync://rpki.ripe.net/repository/DEFAULT/jYdAeZyRwmMKgJIXjbgk86iJp18.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 01:01:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5b:17:31:ec:5f:9f:38:1d:13:66:d4:a4:c3:21:00 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8d8740799c91c2630a8092178db824f3a889a75f Validity Not Before: Jan 1 16:19:08 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=94a335807172ca5c1d45428c698e5f2e8f5c428e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:f5:5d:fe:87:9b:2b:40:4a:7c:8a:9a:73:12: 0a:b8:ac:a4:f2:94:3e:ed:b2:ec:8d:f3:de:c8:c0: a1:6f:0e:d6:1a:69:61:c3:16:61:73:75:60:75:71: ba:4a:f3:6c:13:69:87:26:14:47:b0:4e:bd:e5:71: 31:d4:60:f7:11:bc:5e:1e:c1:96:d0:62:07:98:b3: bb:3e:88:99:c8:0e:61:a1:ef:e2:1f:21:29:63:14: 0b:70:5b:fd:b0:79:11:a7:ef:d9:fb:dd:24:e4:d3: c5:0b:43:9c:37:7a:22:d9:10:bd:2c:4b:b7:be:e3: 68:4c:44:0b:30:bc:55:5c:90:b2:a7:25:07:74:2a: 81:f9:c9:59:53:b9:3c:95:2f:a5:74:31:a1:57:d7: 39:79:08:e8:f4:a3:be:75:44:28:4f:4a:1a:c7:d3: b5:eb:e8:1b:12:f9:a6:95:87:9d:37:72:63:33:f6: 03:30:5f:fc:30:6d:c6:9e:5e:4b:81:ac:7c:da:11: 9d:4d:ff:1f:c0:1a:94:5e:e6:66:dd:5e:82:f1:62: cc:62:df:08:d0:25:32:5f:41:ae:01:0b:5f:2e:cf: 9c:9d:2a:06:5a:ee:8f:b2:c7:ad:d2:a3:14:4c:ec: 16:52:11:43:f8:9a:c6:d0:07:92:92:a2:0b:21:54: 4c:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 94:A3:35:80:71:72:CA:5C:1D:45:42:8C:69:8E:5F:2E:8F:5C:42:8E X509v3 Authority Key Identifier: keyid:8D:87:40:79:9C:91:C2:63:0A:80:92:17:8D:B8:24:F3:A8:89:A7:5F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jYdAeZyRwmMKgJIXjbgk86iJp18.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/5b7c94-a60d-4399-9829-52b8166829d7/1/lKM1gHFyylwdRUKMaY5fLo9cQo4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/5b7c94-a60d-4399-9829-52b8166829d7/1/jYdAeZyRwmMKgJIXjbgk86iJp18.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 144.208.0.0/19 144.208.128.0/21 Signature Algorithm: sha256WithRSAEncryption 3d:bf:68:15:8d:d8:e1:c8:93:28:75:37:84:37:9a:1b:6c:e4: 46:35:2a:a1:de:3b:ae:73:3e:51:45:b2:4f:2b:1a:09:b1:78: eb:61:50:04:c7:1d:a3:c4:5b:7a:05:00:a1:ce:a3:77:dc:54: 6e:d7:d8:42:ca:98:ae:68:dd:43:18:52:f9:73:06:23:c6:0c: 2a:b1:af:2f:11:d9:5a:7b:4b:1c:a3:50:17:81:39:db:d5:69: 14:2c:29:d4:b5:3d:e6:e2:db:c2:d2:30:e0:b9:66:9e:a2:49: 3c:e7:70:b5:82:25:71:9a:52:4e:dd:52:43:aa:70:16:cf:cd: 87:97:bd:cf:6d:cf:a0:e4:28:6e:b0:bb:0a:11:d8:6a:b8:7e: 3e:b0:ca:07:3c:31:40:0e:8d:a1:3e:b9:73:47:04:07:96:c4: 22:14:a8:e9:e0:f2:d8:05:ba:dd:54:46:c2:d2:1f:c4:81:e3: 23:6a:88:f9:4a:9d:a2:2a:45:50:03:b3:91:2a:ab:7f:c1:e4: 97:98:29:45:8e:dd:c3:92:7b:e4:d4:62:43:6a:bb:bd:c2:47: 20:4a:73:c0:09:c5:6e:3a:41:6c:5e:b5:53:de:f8:3f:fb:cf: e6:03:63:fe:73:fb:76:99:cd:9c:97:8f:95:fc:5e:6c:f3:3b: 78:ca:1b:f1 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt6Wxcx7F+fOB0TZtSkwyEAMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDhkODc0MDc5OWM5MWMyNjMwYTgwOTIxNzhkYjgyNGYzYTg4 OWE3NWYwHhcNMjYwMTAxMTYxOTA4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5NGEzMzU4MDcxNzJjYTVjMWQ0NTQyOGM2OThlNWYyZThmNWM0MjhlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4PVd/oebK0BKfIqacxIKuKyk8pQ+ 7bLsjfPeyMChbw7WGmlhwxZhc3VgdXG6SvNsE2mHJhRHsE695XEx1GD3EbxeHsGW 0GIHmLO7PoiZyA5hoe/iHyEpYxQLcFv9sHkRp+/Z+90k5NPFC0OcN3oi2RC9LEu3 vuNoTEQLMLxVXJCypyUHdCqB+clZU7k8lS+ldDGhV9c5eQjo9KO+dUQoT0oax9O1 6+gbEvmmlYedN3JjM/YDMF/8MG3Gnl5Lgax82hGdTf8fwBqUXuZm3V6C8WLMYt8I 0CUyX0GuAQtfLs+cnSoGWu6Psset0qMUTOwWUhFD+JrG0AeSkqILIVRMZQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFJSjNYBxcspcHUVCjGmOXy6PXEKOMB8GA1UdIwQY MBaAFI2HQHmckcJjCoCSF424JPOoiadfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvallkQWVaeVJ3bU1LZ0pJWGpiZ2s4NmlKcDE4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy81YjdjOTQtYTYwZC00Mzk5LTk4Mjkt NTJiODE2NjgyOWQ3LzEvbEtNMWdIRnl5bHdkUlVLTWFZNWZMbzljUW80LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mMy81YjdjOTQtYTYwZC00Mzk5LTk4MjktNTJiODE2NjgyOWQ3 LzEvallkQWVaeVJ3bU1LZ0pJWGpiZ2s4NmlKcDE4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQFkNAAAwQD kNCAMA0GCSqGSIb3DQEBCwUAA4IBAQA9v2gVjdjhyJModTeEN5obbORGNSqh3juu cz5RRbJPKxoJsXjrYVAExx2jxFt6BQChzqN33FRu19hCypiuaN1DGFL5cwYjxgwq sa8vEdlae0sco1AXgTnb1WkULCnUtT3m4tvC0jDguWaeokk853C1giVxmlJO3VJD qnAWz82Hl73Pbc+g5ChusLsKEdhquH4+sMoHPDFADo2hPrlzRwQHlsQiFKjp4PLY BbrdVEbC0h/EgeMjaoj5Sp2iKkVQA7ORKqt/weSXmClFjt3Dknvk1GJDaru9wkcg SnPACcVuOkFsXrVT3vg/+8/mA2P+c/t2mc2cl4+V/F5s8zt4yhvx -----END CERTIFICATE-----Generated at Fri Jan 2 11:28:59 2026 by rpki-client