This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/a27b39-8011-4142-86c2-cf83d6e40558/1/kNnArX8rxSQizIzXcuK9nc5VM20.roa File: kNnArX8rxSQizIzXcuK9nc5VM20.roa (raw, json) Hash identifier: vhtZwmPY49vps0U0PvF9ig8qAqogrTdDowNB1/EB0pk= Subject key identifier: 90:D9:C0:AD:7F:2B:C5:24:22:CC:8C:D7:72:E2:BD:9D:CE:55:33:6D Certificate issuer: /CN=bda96d02a822f46253c2aee680441d5ac27c3df5 Certificate serial: 019B7FF08C8861DDF407EB806EEB14D40005 Authority key identifier: BD:A9:6D:02:A8:22:F4:62:53:C2:AE:E6:80:44:1D:5A:C2:7C:3D:F5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/valtAqgi9GJTwq7mgEQdWsJ8PfU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/a27b39-8011-4142-86c2-cf83d6e40558/1/kNnArX8rxSQizIzXcuK9nc5VM20.roa Signing time: Fri 02 Jan 2026 18:20:29 +0000 ROA not before: Fri 02 Jan 2026 18:20:29 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 5413 IP address blocks: 37.252.60.0/22 maxlen: 23 95.172.224.0/19 maxlen: 24 212.105.160.0/19 maxlen: 24 2a00:10ef::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/a27b39-8011-4142-86c2-cf83d6e40558/1/valtAqgi9GJTwq7mgEQdWsJ8PfU.crl rsync://rpki.ripe.net/repository/DEFAULT/16/a27b39-8011-4142-86c2-cf83d6e40558/1/valtAqgi9GJTwq7mgEQdWsJ8PfU.mft rsync://rpki.ripe.net/repository/DEFAULT/valtAqgi9GJTwq7mgEQdWsJ8PfU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 06:00:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:f0:8c:88:61:dd:f4:07:eb:80:6e:eb:14:d4:00:05 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=bda96d02a822f46253c2aee680441d5ac27c3df5 Validity Not Before: Jan 2 18:20:29 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=90d9c0ad7f2bc52422cc8cd772e2bd9dce55336d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:fe:f7:b6:eb:50:05:2d:0b:de:9d:9b:26:69: 7f:8f:a1:61:b6:31:dd:d8:8f:ef:5f:b0:80:49:44: d9:93:d1:10:9d:94:66:60:39:2c:17:69:2c:8f:00: 2b:59:6c:19:cd:f2:d0:36:a5:24:a1:77:7b:da:2a: 18:90:0e:49:40:a7:6c:e9:24:69:34:ee:39:da:c8: f3:1a:fc:f1:a6:f3:4a:48:d5:1a:1b:92:ee:1e:4f: 5b:83:25:c0:67:55:5c:c4:f7:2a:96:19:59:b9:74: 2e:9a:3a:fd:ce:ff:b3:69:24:92:f5:5f:97:b8:5a: b1:e7:44:7f:78:68:3e:1a:38:76:4e:ca:6f:ee:b3: be:3b:26:32:a1:1b:f5:9d:c1:48:09:95:64:32:6a: b7:05:a3:ab:a9:8c:ee:01:ff:b6:6c:12:9c:11:c8: df:60:47:68:33:32:f3:13:8a:92:93:c8:3c:55:ac: 6e:ac:45:ba:f8:6b:55:10:50:08:60:e4:2f:68:13: 90:64:1b:2a:e6:d6:61:87:17:01:c2:ca:23:c7:eb: 0a:4e:96:b5:51:2e:82:e4:02:b3:96:eb:8d:be:60: cf:2e:03:1f:e4:0e:09:7d:c4:fd:7a:09:4a:10:c2: 13:ba:2d:06:5b:36:67:b6:20:4b:be:7f:a1:6d:b1: 7c:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:D9:C0:AD:7F:2B:C5:24:22:CC:8C:D7:72:E2:BD:9D:CE:55:33:6D X509v3 Authority Key Identifier: keyid:BD:A9:6D:02:A8:22:F4:62:53:C2:AE:E6:80:44:1D:5A:C2:7C:3D:F5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/valtAqgi9GJTwq7mgEQdWsJ8PfU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/a27b39-8011-4142-86c2-cf83d6e40558/1/kNnArX8rxSQizIzXcuK9nc5VM20.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/16/a27b39-8011-4142-86c2-cf83d6e40558/1/valtAqgi9GJTwq7mgEQdWsJ8PfU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 37.252.60.0/22 95.172.224.0/19 212.105.160.0/19 IPv6: 2a00:10ef::/32 Signature Algorithm: sha256WithRSAEncryption 03:51:8b:e8:e2:6e:ec:e4:7f:a5:db:07:22:26:b2:e9:ea:4b: 59:ea:f3:66:31:cd:77:c9:98:18:2b:a6:4a:4c:22:ef:77:1c: 4c:7a:1d:47:30:c8:c9:52:cc:45:93:b4:57:00:cc:dd:3f:30: 59:b3:d7:16:58:3e:1c:fc:67:96:01:a8:ef:f8:ab:1d:4c:f9: 9c:e5:8c:b2:8b:9b:49:68:16:b0:1a:94:03:34:1d:e4:4f:bc: f2:37:4c:7f:4d:3a:63:5d:3a:e9:5d:f3:b9:53:25:6e:8c:1b: e3:5c:c8:e7:28:c3:cd:02:d3:d6:4d:03:95:71:b2:c9:b1:23: c9:4e:be:6c:19:5a:4b:a6:ac:ba:7d:6c:e9:18:b7:40:60:15: 04:2e:89:56:c3:ba:46:10:11:33:8d:46:7c:ce:a7:0a:2e:d4: 26:ad:d5:7b:1b:00:c0:1d:1c:c2:5a:14:e1:05:46:e4:34:fe: fc:09:69:28:a7:4f:e7:8b:45:fe:2a:21:53:e4:b1:1e:4c:22: d5:84:aa:ff:57:d0:a4:cb:f5:f3:c1:e4:70:58:ce:9b:74:f1: 34:3b:8a:11:e9:1f:5d:f2:f7:f2:f6:5e:82:5d:56:f1:98:7d: 25:58:ad:10:69:12:07:7f:74:d3:a7:46:af:6e:b6:f0:2c:98: 6b:0f:dd:9a -----BEGIN CERTIFICATE----- MIIFGDCCBACgAwIBAgISAZt/8IyIYd30B+uAbusU1AAFMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGJkYTk2ZDAyYTgyMmY0NjI1M2MyYWVlNjgwNDQxZDVhYzI3 YzNkZjUwHhcNMjYwMTAyMTgyMDI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5MGQ5YzBhZDdmMmJjNTI0MjJjYzhjZDc3MmUyYmQ5ZGNlNTUzMzZkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuP73tutQBS0L3p2bJml/j6FhtjHd 2I/vX7CASUTZk9EQnZRmYDksF2ksjwArWWwZzfLQNqUkoXd72ioYkA5JQKds6SRp NO452sjzGvzxpvNKSNUaG5LuHk9bgyXAZ1VcxPcqlhlZuXQumjr9zv+zaSSS9V+X uFqx50R/eGg+Gjh2Tspv7rO+OyYyoRv1ncFICZVkMmq3BaOrqYzuAf+2bBKcEcjf YEdoMzLzE4qSk8g8VaxurEW6+GtVEFAIYOQvaBOQZBsq5tZhhxcBwsojx+sKTpa1 US6C5AKzluuNvmDPLgMf5A4JfcT9eglKEMITui0GWzZntiBLvn+hbbF80QIDAQAB o4ICJDCCAiAwHQYDVR0OBBYEFJDZwK1/K8UkIsyM13LivZ3OVTNtMB8GA1UdIwQY MBaAFL2pbQKoIvRiU8Ku5oBEHVrCfD31MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdmFsdEFxZ2k5R0pUd3E3bWdFUWRXc0o4UGZVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9hMjdiMzktODAxMS00MTQyLTg2YzIt Y2Y4M2Q2ZTQwNTU4LzEva05uQXJYOHJ4U1Fpekl6WGN1SzluYzVWTTIwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNi9hMjdiMzktODAxMS00MTQyLTg2YzItY2Y4M2Q2ZTQwNTU4 LzEvdmFsdEFxZ2k5R0pUd3E3bWdFUWRXc0o4UGZVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCJfw8AwQF X6zgAwQF1GmgMA0EAgACMAcDBQAqABDvMA0GCSqGSIb3DQEBCwUAA4IBAQADUYvo 4m7s5H+l2wciJrLp6ktZ6vNmMc13yZgYK6ZKTCLvdxxMeh1HMMjJUsxFk7RXAMzd PzBZs9cWWD4c/GeWAajv+KsdTPmc5Yyyi5tJaBawGpQDNB3kT7zyN0x/TTpjXTrp XfO5UyVujBvjXMjnKMPNAtPWTQOVcbLJsSPJTr5sGVpLpqy6fWzpGLdAYBUELolW w7pGEBEzjUZ8zqcKLtQmrdV7GwDAHRzCWhThBUbkNP78CWkop0/ni0X+KiFT5LEe TCLVhKr/V9Cky/XzweRwWM6bdPE0O4oR6R9d8vfy9l6CXVbxmH0lWK0QaRIHf3TT p0avbrbwLJhrD92a -----END CERTIFICATE-----Generated at Sun Jan 25 17:18:56 2026 by rpki-client