This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/kjMi6obHpt9UHAnYG2JDcUbRz4I.roa File: kjMi6obHpt9UHAnYG2JDcUbRz4I.roa (raw, json) Hash identifier: eeNQkVMpQhVfJx2+o+C0G3gVG9NOsH6OImPcge0a9H8= Subject key identifier: 92:33:22:EA:86:C7:A6:DF:54:1C:09:D8:1B:62:43:71:46:D1:CF:82 Certificate issuer: /CN=cd108c225f2478cd4230179890d07284be1636cd Certificate serial: 019B7BA3AEE438E6A864E168BBEE60DD0CBC Authority key identifier: CD:10:8C:22:5F:24:78:CD:42:30:17:98:90:D0:72:84:BE:16:36:CD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zRCMIl8keM1CMBeYkNByhL4WNs0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/kjMi6obHpt9UHAnYG2JDcUbRz4I.roa Signing time: Thu 01 Jan 2026 22:18:03 +0000 ROA not before: Thu 01 Jan 2026 22:18:03 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 136038 IP address blocks: 2.59.152.0/22 maxlen: 22 2.59.152.0/24 maxlen: 24 2.59.154.0/24 maxlen: 24 2.59.155.0/24 maxlen: 24 45.91.224.0/22 maxlen: 22 45.91.226.0/24 maxlen: 24 45.91.227.0/24 maxlen: 24 45.142.152.0/22 maxlen: 22 45.142.152.0/24 maxlen: 24 45.142.155.0/24 maxlen: 24 91.204.224.0/22 maxlen: 22 91.204.225.0/24 maxlen: 24 185.202.100.0/22 maxlen: 22 185.202.103.0/24 maxlen: 24 193.239.150.0/23 maxlen: 23 193.239.150.0/24 maxlen: 24 193.239.154.0/23 maxlen: 23 193.239.154.0/24 maxlen: 24 194.126.202.0/24 maxlen: 24 194.126.215.0/24 maxlen: 24 194.126.219.0/24 maxlen: 24 194.126.227.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/zRCMIl8keM1CMBeYkNByhL4WNs0.crl rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/zRCMIl8keM1CMBeYkNByhL4WNs0.mft rsync://rpki.ripe.net/repository/DEFAULT/zRCMIl8keM1CMBeYkNByhL4WNs0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 04:01:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a3:ae:e4:38:e6:a8:64:e1:68:bb:ee:60:dd:0c:bc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cd108c225f2478cd4230179890d07284be1636cd Validity Not Before: Jan 1 22:18:03 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=923322ea86c7a6df541c09d81b62437146d1cf82 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:8e:4f:34:73:16:cb:c7:a2:1c:bc:97:35:9c: 16:00:63:77:a2:53:0f:60:88:81:26:f5:70:a0:08: d1:71:f6:57:8d:b9:30:cf:ef:c0:99:6d:9a:d7:e9: e3:50:f6:cc:20:5a:0f:36:9a:72:66:0c:69:9a:35: 01:01:f3:b8:df:99:d9:63:a1:ca:11:6a:05:2a:93: 82:26:53:69:b3:6f:2d:49:cd:99:a2:92:3e:5b:45: f5:2d:d9:f1:54:8f:0f:82:df:d8:4d:6f:f9:58:da: 6c:91:97:48:75:ca:1f:42:4d:c4:b8:62:4e:87:77: c5:e4:6d:f2:d3:fd:63:70:31:01:7c:69:da:0c:73: 6c:93:25:48:12:20:98:e2:47:28:83:22:aa:f8:02: bb:a0:9d:cb:8c:8c:b2:25:97:56:05:f3:a2:70:05: 9d:c1:76:b6:4e:24:e4:f2:52:97:4b:f9:80:31:10: 9f:1e:3c:6b:44:8c:3a:03:36:39:77:0e:4b:52:75: ed:95:3f:c4:49:db:3c:33:ed:50:36:db:15:20:42: 9c:23:46:d7:7e:1a:9f:38:f8:26:ef:f3:5a:df:df: c2:73:4e:0d:ce:29:b6:7a:2c:ea:47:72:72:40:51: d6:b2:55:e7:da:b5:36:f2:3a:d9:19:49:5c:9d:e8: f7:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 92:33:22:EA:86:C7:A6:DF:54:1C:09:D8:1B:62:43:71:46:D1:CF:82 X509v3 Authority Key Identifier: keyid:CD:10:8C:22:5F:24:78:CD:42:30:17:98:90:D0:72:84:BE:16:36:CD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zRCMIl8keM1CMBeYkNByhL4WNs0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/kjMi6obHpt9UHAnYG2JDcUbRz4I.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/zRCMIl8keM1CMBeYkNByhL4WNs0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 2.59.152.0/22 45.91.224.0/22 45.142.152.0/22 91.204.224.0/22 185.202.100.0/22 193.239.150.0/23 193.239.154.0/23 194.126.202.0/24 194.126.215.0/24 194.126.219.0/24 194.126.227.0/24 Signature Algorithm: sha256WithRSAEncryption 74:6f:6a:a1:d5:e9:bd:7f:69:d5:97:a4:81:de:c4:60:30:e9: e7:05:bb:c4:cd:26:1f:62:a5:8b:ea:34:d4:75:fb:eb:49:1e: 41:1f:84:f8:8a:bb:27:7b:28:29:84:37:6b:83:a1:98:ee:66: 4f:89:3f:5d:20:89:f6:00:b5:14:bf:06:bc:15:3b:be:9d:c7: f1:ee:e9:d7:6c:40:5b:94:26:c7:4e:c5:4a:9f:30:89:8b:04: ce:b8:62:cb:6e:68:ad:74:7d:83:97:ac:90:e2:5a:45:a0:0b: 23:13:31:cc:f8:1d:ef:b8:64:68:f1:3a:b7:a9:7b:c1:8e:18: 21:1f:b4:f9:dd:e4:09:00:ee:35:41:f2:73:63:b6:e1:ba:38: 4b:69:c6:18:f5:14:0a:df:69:3e:1d:93:82:ca:26:84:60:10: ad:13:d1:6c:de:9f:36:68:64:6c:f0:e5:f8:40:6e:26:49:30: a6:f2:28:c7:04:ec:02:6d:ad:42:ff:08:2d:97:6b:81:69:9b: ab:51:aa:c7:3f:75:65:b1:d6:a9:73:0c:a0:c2:23:fe:3a:2b: ca:ef:96:a3:62:10:08:ea:c6:83:ea:65:f8:6b:f6:68:d9:87: dd:ec:f1:8f:9c:05:3b:b2:be:9a:0c:01:b8:ef:be:c1:73:1f: 48:5a:6f:8c -----BEGIN CERTIFICATE----- MIIFOTCCBCGgAwIBAgISAZt7o67kOOaoZOFou+5g3Qy8MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNkMTA4YzIyNWYyNDc4Y2Q0MjMwMTc5ODkwZDA3Mjg0YmUx NjM2Y2QwHhcNMjYwMTAxMjIxODAzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5MjMzMjJlYTg2YzdhNmRmNTQxYzA5ZDgxYjYyNDM3MTQ2ZDFjZjgyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA145PNHMWy8eiHLyXNZwWAGN3olMP YIiBJvVwoAjRcfZXjbkwz+/AmW2a1+njUPbMIFoPNppyZgxpmjUBAfO435nZY6HK EWoFKpOCJlNps28tSc2ZopI+W0X1LdnxVI8Pgt/YTW/5WNpskZdIdcofQk3EuGJO h3fF5G3y0/1jcDEBfGnaDHNskyVIEiCY4kcogyKq+AK7oJ3LjIyyJZdWBfOicAWd wXa2TiTk8lKXS/mAMRCfHjxrRIw6AzY5dw5LUnXtlT/ESds8M+1QNtsVIEKcI0bX fhqfOPgm7/Na39/Cc04Nzim2eizqR3JyQFHWslXn2rU28jrZGUlcnej3SwIDAQAB o4ICRTCCAkEwHQYDVR0OBBYEFJIzIuqGx6bfVBwJ2BtiQ3FG0c+CMB8GA1UdIwQY MBaAFM0QjCJfJHjNQjAXmJDQcoS+FjbNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvelJDTUlsOGtlTTFDTUJlWWtOQnloTDRXTnMwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8zNDhjZTUtY2EyMC00ODQ4LTg4NDQt YWU1MDI3MzY4MWE3LzEva2pNaTZvYkhwdDlVSEFuWUcySkRjVWJSejRJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNy8zNDhjZTUtY2EyMC00ODQ4LTg4NDQtYWU1MDI3MzY4MWE3 LzEvelJDTUlsOGtlTTFDTUJlWWtOQnloTDRXTnMwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQCAjuYAwQC LVvgAwQCLY6YAwQCW8zgAwQCucpkAwQBwe+WAwQBwe+aAwQAwn7KAwQAwn7XAwQA wn7bAwQAwn7jMA0GCSqGSIb3DQEBCwUAA4IBAQB0b2qh1em9f2nVl6SB3sRgMOnn BbvEzSYfYqWL6jTUdfvrSR5BH4T4irsneygphDdrg6GY7mZPiT9dIIn2ALUUvwa8 FTu+ncfx7unXbEBblCbHTsVKnzCJiwTOuGLLbmitdH2Dl6yQ4lpFoAsjEzHM+B3v uGRo8Tq3qXvBjhghH7T53eQJAO41QfJzY7bhujhLacYY9RQK32k+HZOCyiaEYBCt E9Fs3p82aGRs8OX4QG4mSTCm8ijHBOwCba1C/wgtl2uBaZurUarHP3Vlsdapcwyg wiP+OivK75ajYhAI6saD6mX4a/Zo2Yfd7PGPnAU7sr6aDAG4777Bcx9IWm+M -----END CERTIFICATE-----Generated at Sun Jan 25 13:47:29 2026 by rpki-client