This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/8ba0dd-2fbb-4a6f-9a37-c2454ce28d48/1/kIdKfcVB8xoU-jL0GS61sHZEdFc.roa File: kIdKfcVB8xoU-jL0GS61sHZEdFc.roa (raw, json) Hash identifier: 0PfvIN3m+RMyfBShY3gPVZh53Z/48yCnaRs0eMSULZI= Subject key identifier: 90:87:4A:7D:C5:41:F3:1A:14:FA:32:F4:19:2E:B5:B0:76:44:74:57 Certificate issuer: /CN=42c30371986df5d564ee67074717b66a02ff5712 Certificate serial: 019B77C7311E7620BBA386304A7A498B4E65 Authority key identifier: 42:C3:03:71:98:6D:F5:D5:64:EE:67:07:47:17:B6:6A:02:FF:57:12 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QsMDcZht9dVk7mcHRxe2agL_VxI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/8ba0dd-2fbb-4a6f-9a37-c2454ce28d48/1/kIdKfcVB8xoU-jL0GS61sHZEdFc.roa Signing time: Thu 01 Jan 2026 04:18:21 +0000 ROA not before: Thu 01 Jan 2026 04:18:21 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 57728 IP address blocks: 188.122.192.0/19 maxlen: 19 2a0a:b6c0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/8ba0dd-2fbb-4a6f-9a37-c2454ce28d48/1/QsMDcZht9dVk7mcHRxe2agL_VxI.crl rsync://rpki.ripe.net/repository/DEFAULT/20/8ba0dd-2fbb-4a6f-9a37-c2454ce28d48/1/QsMDcZht9dVk7mcHRxe2agL_VxI.mft rsync://rpki.ripe.net/repository/DEFAULT/QsMDcZht9dVk7mcHRxe2agL_VxI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 07:01:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c7:31:1e:76:20:bb:a3:86:30:4a:7a:49:8b:4e:65 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=42c30371986df5d564ee67074717b66a02ff5712 Validity Not Before: Jan 1 04:18:21 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=90874a7dc541f31a14fa32f4192eb5b076447457 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:9d:3a:e7:95:27:cb:39:ec:fe:68:97:35:66: fe:92:fa:5b:fe:f8:03:1b:66:44:43:86:a4:bb:fb: 0a:0b:28:fa:c2:08:01:19:c9:95:88:b1:48:3e:70: 34:6b:65:48:b7:e3:c8:67:c1:fb:94:34:7c:f9:b4: 18:ca:c2:41:b0:ee:d0:6a:6d:21:65:18:bd:b6:1d: 57:2b:d0:bb:34:93:ec:71:f0:00:5a:20:08:49:34: 70:50:93:41:09:81:6d:17:2b:a3:98:d3:5a:2d:84: 84:2d:d6:c8:cb:11:95:40:5b:71:06:7d:82:31:c3: 22:27:f7:37:7b:28:a4:c1:ac:6f:f4:1e:b1:ee:56: 2e:96:b5:d8:e5:e6:76:00:a4:c5:1b:d7:d5:08:1a: 89:62:06:e1:ea:df:6a:2a:3b:73:4d:9f:04:99:08: 7e:78:e3:74:7a:f1:1a:b3:ac:41:82:40:8e:a8:45: 31:b6:a0:bd:7d:7f:c3:00:aa:e7:b5:d9:bc:3a:28: e9:2c:85:56:70:f3:d5:5b:76:73:2f:6b:85:cc:43: cd:12:f9:ec:64:fe:ff:79:94:11:df:97:d8:26:d6: 1a:96:a5:11:6b:a5:0f:2f:ac:15:6a:0d:f7:9c:81: 6a:6a:5a:33:d3:75:5e:cc:7b:3d:ca:81:f5:70:13: 5e:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:87:4A:7D:C5:41:F3:1A:14:FA:32:F4:19:2E:B5:B0:76:44:74:57 X509v3 Authority Key Identifier: keyid:42:C3:03:71:98:6D:F5:D5:64:EE:67:07:47:17:B6:6A:02:FF:57:12 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QsMDcZht9dVk7mcHRxe2agL_VxI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/8ba0dd-2fbb-4a6f-9a37-c2454ce28d48/1/kIdKfcVB8xoU-jL0GS61sHZEdFc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/20/8ba0dd-2fbb-4a6f-9a37-c2454ce28d48/1/QsMDcZht9dVk7mcHRxe2agL_VxI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 188.122.192.0/19 IPv6: 2a0a:b6c0::/32 Signature Algorithm: sha256WithRSAEncryption 39:d3:72:e9:f6:40:77:52:37:68:6c:2b:59:78:2b:1a:57:d7: 2d:72:ea:db:f3:5f:38:d5:37:15:eb:13:65:82:bb:51:79:52: 48:a5:76:9c:49:9e:d8:4d:d7:c2:c2:d4:58:2b:a9:9e:fc:97: 52:91:70:bd:5d:c4:e3:09:4e:ef:74:e3:18:d8:0a:b7:fc:a0: bd:58:67:23:22:f6:bc:c6:78:fd:a0:ae:3b:64:64:df:2b:7c: 31:35:05:98:4d:d8:5d:71:6c:f4:df:a1:d6:07:cc:01:d5:1b: e4:91:d6:33:02:2e:57:62:a8:89:72:03:d0:d6:5e:9a:94:64: 69:d5:3c:e2:1d:b0:e2:7d:9e:ef:ab:de:12:b2:06:4f:71:f6: e1:c8:e2:34:16:7f:c0:82:46:40:02:77:7c:06:39:0d:51:c3: 76:8f:79:61:b0:e4:a0:d3:e6:3b:73:69:6a:c5:d0:8f:4a:48: dc:48:07:75:47:ba:cf:d8:5e:87:75:1f:1c:cd:fe:04:ad:df: 85:30:3f:9b:ed:25:21:15:a2:3d:39:b3:ea:39:3e:3a:b9:cc: f9:60:f3:e6:1f:7b:0c:f0:81:e8:e4:43:99:30:b3:c4:28:70: fe:54:e7:52:eb:3f:76:bc:4b:06:0b:3c:7a:a8:64:9d:41:97: d4:4c:dc:0c -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt3xzEediC7o4YwSnpJi05lMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQyYzMwMzcxOTg2ZGY1ZDU2NGVlNjcwNzQ3MTdiNjZhMDJm ZjU3MTIwHhcNMjYwMTAxMDQxODIxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5MDg3NGE3ZGM1NDFmMzFhMTRmYTMyZjQxOTJlYjViMDc2NDQ3NDU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtJ0655Unyzns/miXNWb+kvpb/vgD G2ZEQ4aku/sKCyj6wggBGcmViLFIPnA0a2VIt+PIZ8H7lDR8+bQYysJBsO7Qam0h ZRi9th1XK9C7NJPscfAAWiAISTRwUJNBCYFtFyujmNNaLYSELdbIyxGVQFtxBn2C McMiJ/c3eyikwaxv9B6x7lYulrXY5eZ2AKTFG9fVCBqJYgbh6t9qKjtzTZ8EmQh+ eON0evEas6xBgkCOqEUxtqC9fX/DAKrntdm8OijpLIVWcPPVW3ZzL2uFzEPNEvns ZP7/eZQR35fYJtYalqURa6UPL6wVag33nIFqaloz03VezHs9yoH1cBNeMQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFJCHSn3FQfMaFPoy9BkutbB2RHRXMB8GA1UdIwQY MBaAFELDA3GYbfXVZO5nB0cXtmoC/1cSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUXNNRGNaaHQ5ZFZrN21jSFJ4ZTJhZ0xfVnhJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC84YmEwZGQtMmZiYi00YTZmLTlhMzct YzI0NTRjZTI4ZDQ4LzEva0lkS2ZjVkI4eG9VLWpMMEdTNjFzSFpFZEZjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMC84YmEwZGQtMmZiYi00YTZmLTlhMzctYzI0NTRjZTI4ZDQ4 LzEvUXNNRGNaaHQ5ZFZrN21jSFJ4ZTJhZ0xfVnhJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQFvHrAMA0E AgACMAcDBQAqCrbAMA0GCSqGSIb3DQEBCwUAA4IBAQA503Lp9kB3UjdobCtZeCsa V9ctcurb81841TcV6xNlgrtReVJIpXacSZ7YTdfCwtRYK6me/JdSkXC9XcTjCU7v dOMY2Aq3/KC9WGcjIva8xnj9oK47ZGTfK3wxNQWYTdhdcWz036HWB8wB1RvkkdYz Ai5XYqiJcgPQ1l6alGRp1TziHbDifZ7vq94SsgZPcfbhyOI0Fn/AgkZAAnd8BjkN UcN2j3lhsOSg0+Y7c2lqxdCPSkjcSAd1R7rP2F6HdR8czf4Erd+FMD+b7SUhFaI9 ObPqOT46ucz5YPPmH3sM8IHo5EOZMLPEKHD+VOdS6z92vEsGCzx6qGSdQZfUTNwM -----END CERTIFICATE-----Generated at Mon Jan 26 13:10:48 2026 by rpki-client