This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/KE8wPpi49xiO7rZJQ7uhlqOLLHw.roa File: KE8wPpi49xiO7rZJQ7uhlqOLLHw.roa (raw, json) Hash identifier: 2TxPIJ9ZSPXuWkn0jdm0N4HJMJsSy4jeH/o6WF6Nqr8= Subject key identifier: 28:4F:30:3E:98:B8:F7:18:8E:EE:B6:49:43:BB:A1:96:A3:8B:2C:7C Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a Certificate serial: 019B78A3770075FDE5EA75763E25FFF00913 Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/KE8wPpi49xiO7rZJQ7uhlqOLLHw.roa Signing time: Thu 01 Jan 2026 08:18:57 +0000 ROA not before: Thu 01 Jan 2026 08:18:57 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 61102 IP address blocks: 89.46.239.0/24 maxlen: 24 188.190.23.0/24 maxlen: 24 2a03:f80:972::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.mft rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a3:77:00:75:fd:e5:ea:75:76:3e:25:ff:f0:09:13 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a Validity Not Before: Jan 1 08:18:57 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=284f303e98b8f7188eeeb64943bba196a38b2c7c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:a5:cf:f7:ed:b7:36:c5:a0:14:24:16:5e:24: 10:e7:92:c7:b7:d8:f7:37:4f:c2:c4:a7:a6:bc:68: 96:74:a8:fc:5c:1b:6f:5c:16:ef:3d:63:ce:c5:9c: 39:11:22:ac:99:e5:de:d3:fd:8a:58:a9:b6:c6:56: a7:b2:03:c2:2e:5b:bb:9e:ac:61:a6:f5:27:0f:2d: a4:90:af:1e:e9:b8:3b:3c:fa:f9:61:f2:34:90:56: c6:cd:c4:16:34:9e:aa:02:1e:8f:fb:3d:ee:aa:c5: ca:2b:1b:4c:4e:c9:99:6e:fd:6b:a7:66:fd:c1:62: bc:72:7d:69:b2:cf:fb:a9:50:97:2f:43:ff:1e:c2: fd:2b:06:e7:57:e3:36:ec:91:95:90:54:9f:3d:19: 08:85:02:07:7d:a9:c0:03:02:d3:5b:9b:3a:0a:35: 15:dc:43:3c:f5:ac:3c:bb:13:b7:0f:2b:3d:ab:bd: cb:dd:6a:7b:95:c2:d4:46:dd:ea:be:29:ed:3a:74: 74:2c:57:f0:72:40:c7:1d:11:98:a9:b0:44:83:e1: 6a:6b:7e:70:02:86:d2:32:b8:f1:4d:23:5b:03:38: 7e:81:60:8c:64:f2:4e:e1:be:f2:3b:d1:ee:ad:de: 12:02:49:2e:bf:c4:23:54:f2:5b:bc:0b:2e:0a:ac: d5:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:4F:30:3E:98:B8:F7:18:8E:EE:B6:49:43:BB:A1:96:A3:8B:2C:7C X509v3 Authority Key Identifier: keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/KE8wPpi49xiO7rZJQ7uhlqOLLHw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 89.46.239.0/24 188.190.23.0/24 IPv6: 2a03:f80:972::/48 Signature Algorithm: sha256WithRSAEncryption 61:6b:af:8f:91:4e:a2:b2:5f:65:3f:42:f2:00:0b:3d:bf:57: 11:41:3f:f0:ea:5d:01:cf:ba:a8:1b:50:d0:a4:cb:b3:02:b0: c1:0f:53:de:18:73:77:4e:e4:78:7b:5b:64:d4:c0:9d:c0:ae: aa:9f:e5:1a:7b:02:1c:ec:7a:2f:8a:91:c3:c4:9f:28:1d:ce: 0b:49:b5:32:84:66:bd:00:90:3e:82:ed:89:2d:08:41:ae:7f: e0:b0:c8:4e:87:db:c7:11:84:f7:13:14:e0:1b:54:4c:92:9b: c5:79:fe:47:65:c5:7a:5e:95:21:d7:b9:ef:0e:d8:cb:47:cc: b7:bc:57:ed:c1:64:17:69:ec:79:67:73:39:75:ab:ad:3a:57: b1:70:bb:93:5d:44:5d:34:08:ff:40:54:cc:1c:0d:f7:80:6a: 5e:8e:bb:a0:cf:b8:8d:ec:d7:e7:95:78:5c:88:70:9a:d1:d7: 1a:3c:d2:ab:5a:ce:11:db:b7:dc:52:ad:6f:95:2f:ad:ed:d1: e9:7a:22:23:01:39:3a:91:a7:41:b3:26:64:e2:6a:b4:66:2b: a5:db:c3:b7:71:5d:43:84:80:4a:fd:a6:76:4b:32:29:8c:c0: 53:3c:60:c6:17:f5:fb:7f:c7:64:fd:d4:fc:c5:ab:09:82:4a: b5:6f:77:f5 -----BEGIN CERTIFICATE----- MIIFFDCCA/ygAwIBAgISAZt4o3cAdf3l6nV2PiX/8AkTMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQyMTdiNDcyYzg0MWMxZDY4NTUwYTI0ZjE5MzZkMjljYzZj MjhmNmEwHhcNMjYwMTAxMDgxODU3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyODRmMzAzZTk4YjhmNzE4OGVlZWI2NDk0M2JiYTE5NmEzOGIyYzdjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw6XP9+23NsWgFCQWXiQQ55LHt9j3 N0/CxKemvGiWdKj8XBtvXBbvPWPOxZw5ESKsmeXe0/2KWKm2xlansgPCLlu7nqxh pvUnDy2kkK8e6bg7PPr5YfI0kFbGzcQWNJ6qAh6P+z3uqsXKKxtMTsmZbv1rp2b9 wWK8cn1pss/7qVCXL0P/HsL9KwbnV+M27JGVkFSfPRkIhQIHfanAAwLTW5s6CjUV 3EM89aw8uxO3Dys9q73L3Wp7lcLURt3qvintOnR0LFfwckDHHRGYqbBEg+Fqa35w AobSMrjxTSNbAzh+gWCMZPJO4b7yO9Hurd4SAkkuv8QjVPJbvAsuCqzVHQIDAQAB o4ICIDCCAhwwHQYDVR0OBBYEFChPMD6YuPcYju62SUO7oZajiyx8MB8GA1UdIwQY MBaAFNIXtHLIQcHWhVCiTxk20pzGwo9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGIt YjM4ZTI2NzdiM2RjLzEvS0U4d1BwaTQ5eGlPN3JaSlE3dWhscU9MTEh3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGItYjM4ZTI2NzdiM2Rj LzEvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAWS7vAwQA vL4XMA8EAgACMAkDBwAqAw+ACXIwDQYJKoZIhvcNAQELBQADggEBAGFrr4+RTqKy X2U/QvIACz2/VxFBP/DqXQHPuqgbUNCky7MCsMEPU94Yc3dO5Hh7W2TUwJ3Arqqf 5Rp7Ahzsei+KkcPEnygdzgtJtTKEZr0AkD6C7YktCEGuf+CwyE6H28cRhPcTFOAb VEySm8V5/kdlxXpelSHXue8O2MtHzLe8V+3BZBdp7Hlnczl1q606V7Fwu5NdRF00 CP9AVMwcDfeAal6Ou6DPuI3s1+eVeFyIcJrR1xo80qtazhHbt9xSrW+VL63t0el6 IiMBOTqRp0GzJmTiarRmK6Xbw7dxXUOEgEr9pnZLMimMwFM8YMYX9ft/x2T91PzF qwmCSrVvd/U= -----END CERTIFICATE-----Generated at Sun Jan 25 14:40:06 2026 by rpki-client