This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/7986a9-4e46-4c33-92c9-31c95e2a1d6f/1/KLcO-4pnwNwQ0ENsv05vSQ934W8.roa File: KLcO-4pnwNwQ0ENsv05vSQ934W8.roa (raw, json) Hash identifier: FYOxX+97VqHTmC9VAss+Ib9pIE+EbJuTdglUDu9UfW0= Subject key identifier: 28:B7:0E:FB:8A:67:C0:DC:10:D0:43:6C:BF:4E:6F:49:0F:77:E1:6F Certificate issuer: /CN=93b2981978885696ce1c2bbf4af99dadc2c618eb Certificate serial: 019B78354DFBF2E6511465DED5529C41BE31 Authority key identifier: 93:B2:98:19:78:88:56:96:CE:1C:2B:BF:4A:F9:9D:AD:C2:C6:18:EB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k7KYGXiIVpbOHCu_SvmdrcLGGOs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/7986a9-4e46-4c33-92c9-31c95e2a1d6f/1/KLcO-4pnwNwQ0ENsv05vSQ934W8.roa Signing time: Thu 01 Jan 2026 06:18:37 +0000 ROA not before: Thu 01 Jan 2026 06:18:37 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 56410 IP address blocks: 5.149.168.0/21 maxlen: 21 45.137.184.0/22 maxlen: 22 45.158.112.0/22 maxlen: 24 62.146.164.0/22 maxlen: 22 80.190.0.0/22 maxlen: 22 81.173.12.0/22 maxlen: 22 91.216.236.0/24 maxlen: 24 91.216.241.0/24 maxlen: 24 93.119.24.0/22 maxlen: 22 144.2.240.0/21 maxlen: 21 159.253.224.0/22 maxlen: 22 185.32.152.0/22 maxlen: 22 185.57.100.0/22 maxlen: 22 185.57.102.0/24 maxlen: 24 185.122.132.0/22 maxlen: 22 185.156.196.0/22 maxlen: 22 2a04:b00::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/7986a9-4e46-4c33-92c9-31c95e2a1d6f/1/k7KYGXiIVpbOHCu_SvmdrcLGGOs.crl rsync://rpki.ripe.net/repository/DEFAULT/09/7986a9-4e46-4c33-92c9-31c95e2a1d6f/1/k7KYGXiIVpbOHCu_SvmdrcLGGOs.mft rsync://rpki.ripe.net/repository/DEFAULT/k7KYGXiIVpbOHCu_SvmdrcLGGOs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:35:4d:fb:f2:e6:51:14:65:de:d5:52:9c:41:be:31 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=93b2981978885696ce1c2bbf4af99dadc2c618eb Validity Not Before: Jan 1 06:18:37 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=28b70efb8a67c0dc10d0436cbf4e6f490f77e16f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:ca:84:2a:cf:20:fb:3d:03:48:dd:42:a6:cd: 3f:b8:3d:c1:b2:a1:dd:34:1c:eb:b7:16:f3:45:1e: 02:6d:0a:eb:04:e5:c2:a7:6c:39:b4:f8:2c:f0:dd: 42:6a:3b:5b:77:51:fc:45:f5:97:7e:ad:97:31:43: 52:0b:b5:cb:77:e7:7e:ff:10:98:da:a3:77:42:30: 7f:2e:fa:32:af:dd:85:4b:b0:5c:3c:0f:19:a3:da: 4a:d8:0a:4c:bc:4d:04:65:a0:4d:c7:98:2a:85:0a: d9:21:77:70:18:cf:84:f2:2d:45:56:f1:f7:93:37: 8f:dc:10:62:cb:f2:ee:b4:49:fb:67:3f:dd:2c:ce: 94:8d:a1:f4:59:7e:e2:3c:d4:33:e2:de:27:9d:5a: 76:0c:08:a7:d3:fc:38:27:74:75:cb:b5:f8:dd:29: e0:b3:a4:c1:0a:b8:d7:eb:83:fb:ab:e3:73:01:59: 8c:c6:96:b0:4e:a8:88:e8:e6:6e:20:a4:3f:14:93: 83:f1:4d:5c:6d:10:65:b3:4c:02:ef:93:57:d6:65: 7f:2b:c3:37:7b:9d:4d:30:52:e7:b0:a9:63:d2:16: 01:94:6b:96:8b:25:3b:e5:cd:ab:0a:61:9e:5b:9b: 5a:cd:bf:b4:e0:20:ad:9d:09:04:09:9f:20:69:f0: df:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:B7:0E:FB:8A:67:C0:DC:10:D0:43:6C:BF:4E:6F:49:0F:77:E1:6F X509v3 Authority Key Identifier: keyid:93:B2:98:19:78:88:56:96:CE:1C:2B:BF:4A:F9:9D:AD:C2:C6:18:EB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k7KYGXiIVpbOHCu_SvmdrcLGGOs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7986a9-4e46-4c33-92c9-31c95e2a1d6f/1/KLcO-4pnwNwQ0ENsv05vSQ934W8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7986a9-4e46-4c33-92c9-31c95e2a1d6f/1/k7KYGXiIVpbOHCu_SvmdrcLGGOs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.149.168.0/21 45.137.184.0/22 45.158.112.0/22 62.146.164.0/22 80.190.0.0/22 81.173.12.0/22 91.216.236.0/24 91.216.241.0/24 93.119.24.0/22 144.2.240.0/21 159.253.224.0/22 185.32.152.0/22 185.57.100.0/22 185.122.132.0/22 185.156.196.0/22 IPv6: 2a04:b00::/29 Signature Algorithm: sha256WithRSAEncryption 10:b0:28:b7:45:f9:c8:e6:12:3e:75:96:17:9a:9e:40:a4:7a: e7:21:c9:a3:b0:6d:f1:3c:31:d3:ac:ba:25:7f:71:7a:de:df: 32:f5:7b:ed:ef:40:51:d9:58:3b:7f:ac:e8:d5:20:e4:14:3d: 9a:a9:fc:9f:c1:5a:f5:67:cb:48:d5:a1:50:24:da:1f:ee:d0: d6:79:f7:7f:94:44:c2:6d:e2:ab:48:6a:96:2b:30:30:b8:27: f4:27:14:c5:75:af:e0:7f:f7:ae:08:82:9a:85:69:af:25:dd: 79:09:ab:fe:22:9c:21:54:cf:b0:84:de:44:b8:25:9b:5c:20: b1:7a:ce:4d:d3:71:d8:00:c4:e0:62:87:d4:4c:56:87:42:40: 98:a7:48:73:0f:a5:73:f8:b5:1d:4e:3e:ea:21:c9:47:b1:bd: 6c:5c:74:49:9d:6e:d9:8f:16:92:0f:ab:66:50:c4:19:32:7e: 32:99:9c:9b:5b:c3:2d:9e:8d:3b:de:f6:36:7c:c9:37:51:fa: 7c:81:39:26:d6:1b:88:60:11:a5:b7:0f:58:3d:0a:30:2b:db: 7c:9d:f4:e0:1f:c7:aa:b9:c7:48:98:fa:b2:97:51:02:34:2d: a6:6f:02:e7:91:5b:28:48:dd:20:0f:bb:6f:a2:38:c5:7c:68: ee:a3:ed:7d -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgISAZt4NU378uZRFGXe1VKcQb4xMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkzYjI5ODE5Nzg4ODU2OTZjZTFjMmJiZjRhZjk5ZGFkYzJj NjE4ZWIwHhcNMjYwMTAxMDYxODM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyOGI3MGVmYjhhNjdjMGRjMTBkMDQzNmNiZjRlNmY0OTBmNzdlMTZmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArMqEKs8g+z0DSN1Cps0/uD3BsqHd NBzrtxbzRR4CbQrrBOXCp2w5tPgs8N1Cajtbd1H8RfWXfq2XMUNSC7XLd+d+/xCY 2qN3QjB/Lvoyr92FS7BcPA8Zo9pK2ApMvE0EZaBNx5gqhQrZIXdwGM+E8i1FVvH3 kzeP3BBiy/LutEn7Zz/dLM6UjaH0WX7iPNQz4t4nnVp2DAin0/w4J3R1y7X43Sng s6TBCrjX64P7q+NzAVmMxpawTqiI6OZuIKQ/FJOD8U1cbRBls0wC75NX1mV/K8M3 e51NMFLnsKlj0hYBlGuWiyU75c2rCmGeW5tazb+04CCtnQkECZ8gafDfjQIDAQAB o4ICbTCCAmkwHQYDVR0OBBYEFCi3DvuKZ8DcENBDbL9Ob0kPd+FvMB8GA1UdIwQY MBaAFJOymBl4iFaWzhwrv0r5na3CxhjrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvazdLWUdYaUlWcGJPSEN1X1N2bWRyY0xHR09zLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS83OTg2YTktNGU0Ni00YzMzLTkyYzkt MzFjOTVlMmExZDZmLzEvS0xjTy00cG53TndRMEVOc3YwNXZTUTkzNFc4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wOS83OTg2YTktNGU0Ni00YzMzLTkyYzktMzFjOTVlMmExZDZm LzEvazdLWUdYaUlWcGJPSEN1X1N2bWRyY0xHR09zLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIGCBggrBgEFBQcBBwEB/wRzMHEwYAQCAAEwWgMEAwWVqAME Ai2JuAMEAi2ecAMEAj6SpAMEAlC+AAMEAlGtDAMEAFvY7AMEAFvY8QMEAl13GAME A5AC8AMEAp/94AMEArkgmAMEArk5ZAMEArl6hAMEArmcxDANBAIAAjAHAwUDKgQL ADANBgkqhkiG9w0BAQsFAAOCAQEAELAot0X5yOYSPnWWF5qeQKR65yHJo7Bt8Twx 06y6JX9xet7fMvV77e9AUdlYO3+s6NUg5BQ9mqn8n8Fa9WfLSNWhUCTaH+7Q1nn3 f5REwm3iq0hqliswMLgn9CcUxXWv4H/3rgiCmoVpryXdeQmr/iKcIVTPsITeRLgl m1wgsXrOTdNx2ADE4GKH1ExWh0JAmKdIcw+lc/i1HU4+6iHJR7G9bFx0SZ1u2Y8W kg+rZlDEGTJ+Mpmcm1vDLZ6NO972NnzJN1H6fIE5JtYbiGARpbcPWD0KMCvbfJ30 4B/HqrnHSJj6spdRAjQtpm8C55FbKEjdIA+7b6I4xXxo7qPtfQ== -----END CERTIFICATE-----Generated at Sun Jan 25 18:08:26 2026 by rpki-client