This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/7bc5f0-e21b-423e-be1c-2d460e0726fa/1/KSM6-j7ZQdjUgo726e0-fcqcUhY.roa File: KSM6-j7ZQdjUgo726e0-fcqcUhY.roa (raw, json) Hash identifier: rShuWm/fiDs8a4GU2RfscjwEG1UcXC9a2zYTRv4DxMo= Subject key identifier: 29:23:3A:FA:3E:D9:41:D8:D4:82:8E:F6:E9:ED:3E:7D:CA:9C:52:16 Certificate issuer: /CN=f8d40a2a1389f54c23e7871b5ae87f653f659008 Certificate serial: 019B7B36BB66DD93D46436B8671B9E7007CB Authority key identifier: F8:D4:0A:2A:13:89:F5:4C:23:E7:87:1B:5A:E8:7F:65:3F:65:90:08 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-NQKKhOJ9Uwj54cbWuh_ZT9lkAg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/7bc5f0-e21b-423e-be1c-2d460e0726fa/1/KSM6-j7ZQdjUgo726e0-fcqcUhY.roa Signing time: Thu 01 Jan 2026 20:19:02 +0000 ROA not before: Thu 01 Jan 2026 20:19:02 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 49788 IP address blocks: 91.232.32.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/04/7bc5f0-e21b-423e-be1c-2d460e0726fa/1/1-NQKKhOJ9Uwj54cbWuh_ZT9lkAg.crl rsync://rpki.ripe.net/repository/DEFAULT/04/7bc5f0-e21b-423e-be1c-2d460e0726fa/1/1-NQKKhOJ9Uwj54cbWuh_ZT9lkAg.mft rsync://rpki.ripe.net/repository/DEFAULT/1-NQKKhOJ9Uwj54cbWuh_ZT9lkAg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 01:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:36:bb:66:dd:93:d4:64:36:b8:67:1b:9e:70:07:cb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f8d40a2a1389f54c23e7871b5ae87f653f659008 Validity Not Before: Jan 1 20:19:02 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=29233afa3ed941d8d4828ef6e9ed3e7dca9c5216 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:39:f4:3b:e4:ea:b0:2b:43:f0:e2:e0:53:ae: de:af:1d:00:8c:0e:ed:e2:4c:19:b4:27:a4:fe:52: b8:18:d5:c1:f9:71:71:ec:23:eb:13:35:d2:71:2b: 39:51:15:4b:98:d4:b1:95:b9:9e:b1:fc:be:52:79: 1b:b0:7f:16:24:db:6f:68:ac:4b:3d:b1:a3:19:6c: 74:aa:ad:24:99:65:05:ba:0a:c3:dc:ca:2a:4a:07: 61:a7:1e:55:b8:f0:9b:fd:bb:c5:e6:bd:31:fc:64: 86:f0:8d:2f:f1:e0:94:a4:5d:b9:b7:5d:94:15:d5: 01:c8:18:87:e2:63:2a:17:aa:9b:2d:79:93:c7:a5: 0b:14:6b:9e:e0:88:f0:f7:67:64:fb:d5:7b:7a:b9: cf:2a:1a:4c:49:cd:1f:41:33:ec:e1:11:90:d3:df: 65:44:1b:90:26:bb:e2:d9:9a:42:22:db:d3:c0:a1: 80:b9:25:ef:f1:cc:58:de:9a:91:0b:1a:c9:ff:e0: 71:e9:a9:96:11:bf:5c:e6:4d:12:86:5b:88:50:a4: 0e:13:f8:f5:72:ad:3a:90:79:17:c9:25:73:1a:02: be:6a:d5:c8:c1:07:79:23:be:17:57:5d:54:1c:7c: bf:59:fd:3a:c8:dc:ea:e8:06:9a:80:3f:27:7c:25: 60:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:23:3A:FA:3E:D9:41:D8:D4:82:8E:F6:E9:ED:3E:7D:CA:9C:52:16 X509v3 Authority Key Identifier: keyid:F8:D4:0A:2A:13:89:F5:4C:23:E7:87:1B:5A:E8:7F:65:3F:65:90:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-NQKKhOJ9Uwj54cbWuh_ZT9lkAg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/7bc5f0-e21b-423e-be1c-2d460e0726fa/1/KSM6-j7ZQdjUgo726e0-fcqcUhY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/04/7bc5f0-e21b-423e-be1c-2d460e0726fa/1/1-NQKKhOJ9Uwj54cbWuh_ZT9lkAg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.232.32.0/23 Signature Algorithm: sha256WithRSAEncryption 52:d5:41:6f:d3:49:ee:0e:f1:8c:80:84:b3:a5:09:9f:9c:c4: f8:c5:c8:a5:bc:1d:17:53:fd:44:10:cc:13:c5:a1:25:9a:b3: 46:1d:2a:05:a9:10:a0:88:cc:8f:ab:bd:42:54:e9:bd:ba:e0: d1:e8:8b:67:45:d7:53:48:80:cc:12:bc:0b:fa:7d:5e:09:bc: 09:82:73:5c:d8:3c:dc:07:f8:9f:d9:85:aa:e4:a0:98:02:61: 45:98:a1:9a:ca:d1:f6:c2:b9:88:88:ab:21:8f:bf:a3:7c:a0: d9:dd:7c:0c:e8:d4:31:07:24:40:4b:c5:99:75:89:4f:48:24: 9a:37:e8:c0:12:d2:50:7f:3d:22:55:1e:d1:2e:8d:50:f1:45: 32:11:00:a1:ce:1f:8d:4d:42:7b:01:57:3d:54:63:71:25:9d: fa:f7:f5:25:3a:de:90:64:32:71:76:3e:07:96:c3:f2:2b:90: d4:41:1f:e7:2d:5c:0f:c2:55:ef:2d:5e:0c:7b:f5:8c:4d:dc: cf:f4:e5:f5:14:cb:c1:ac:e1:7c:99:a3:72:59:df:c3:30:e9: 2e:38:f4:05:c0:a8:c9:c2:99:1b:34:a4:0e:78:75:43:75:d3: dd:1f:b5:76:e4:f8:70:90:62:13:50:77:1e:81:4c:ec:8d:8d: 54:94:fc:89 -----BEGIN CERTIFICATE----- MIIE/zCCA+egAwIBAgISAZt7Nrtm3ZPUZDa4ZxuecAfLMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGY4ZDQwYTJhMTM4OWY1NGMyM2U3ODcxYjVhZTg3ZjY1M2Y2 NTkwMDgwHhcNMjYwMTAxMjAxOTAyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyOTIzM2FmYTNlZDk0MWQ4ZDQ4MjhlZjZlOWVkM2U3ZGNhOWM1MjE2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoDn0O+TqsCtD8OLgU67erx0AjA7t 4kwZtCek/lK4GNXB+XFx7CPrEzXScSs5URVLmNSxlbmesfy+UnkbsH8WJNtvaKxL PbGjGWx0qq0kmWUFugrD3MoqSgdhpx5VuPCb/bvF5r0x/GSG8I0v8eCUpF25t12U FdUByBiH4mMqF6qbLXmTx6ULFGue4Ijw92dk+9V7ernPKhpMSc0fQTPs4RGQ099l RBuQJrvi2ZpCItvTwKGAuSXv8cxY3pqRCxrJ/+Bx6amWEb9c5k0ShluIUKQOE/j1 cq06kHkXySVzGgK+atXIwQd5I74XV11UHHy/Wf06yNzq6AaagD8nfCVgJwIDAQAB o4ICCzCCAgcwHQYDVR0OBBYEFCkjOvo+2UHY1IKO9untPn3KnFIWMB8GA1UdIwQY MBaAFPjUCioTifVMI+eHG1rof2U/ZZAIMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMS1OUUtLaE9KOVV3ajU0Y2JXdWhfWlQ5bGtBZy5jZXIw gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDQvN2JjNWYwLWUyMWItNDIzZS1iZTFj LTJkNDYwZTA3MjZmYS8xL0tTTTYtajdaUWRqVWdvNzI2ZTAtZmNxY1VoWS5yb2Ew gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0 b3J5L0RFRkFVTFQvMDQvN2JjNWYwLWUyMWItNDIzZS1iZTFjLTJkNDYwZTA3MjZm YS8xLzEtTlFLS2hPSjlVd2o1NGNiV3VoX1pUOWxrQWcuY3JsMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFb6CAw DQYJKoZIhvcNAQELBQADggEBAFLVQW/TSe4O8YyAhLOlCZ+cxPjFyKW8HRdT/UQQ zBPFoSWas0YdKgWpEKCIzI+rvUJU6b264NHoi2dF11NIgMwSvAv6fV4JvAmCc1zY PNwH+J/ZharkoJgCYUWYoZrK0fbCuYiIqyGPv6N8oNndfAzo1DEHJEBLxZl1iU9I JJo36MAS0lB/PSJVHtEujVDxRTIRAKHOH41NQnsBVz1UY3Elnfr39SU63pBkMnF2 PgeWw/IrkNRBH+ctXA/CVe8tXgx79YxN3M/05fUUy8Gs4XyZo3JZ38Mw6S449AXA qMnCmRs0pA54dUN1090ftXbk+HCQYhNQdx6BTOyNjVSU/Ik= -----END CERTIFICATE-----Generated at Mon Jan 26 09:25:15 2026 by rpki-client