This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/Ken1-UyKUV7K-ivTPRx21HrB1go.roa File: Ken1-UyKUV7K-ivTPRx21HrB1go.roa (raw, json) Hash identifier: SzlYiDowE9Ts27wto98BsM6+plGlLtF6xf2nTMUOAKI= Subject key identifier: 29:E9:F5:F9:4C:8A:51:5E:CA:FA:2B:D3:3D:1C:76:D4:7A:C1:D6:0A Certificate issuer: /CN=821f1285d775a9f589243eac844adc5ab89d97c9 Certificate serial: 019B7E37B1E298708140AA6591198EC3A5FE Authority key identifier: 82:1F:12:85:D7:75:A9:F5:89:24:3E:AC:84:4A:DC:5A:B8:9D:97:C9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gh8Shdd1qfWJJD6shErcWridl8k.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/Ken1-UyKUV7K-ivTPRx21HrB1go.roa Signing time: Fri 02 Jan 2026 10:18:57 +0000 ROA not before: Fri 02 Jan 2026 10:18:57 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 202062 IP address blocks: 193.31.16.0/23 maxlen: 23 193.31.254.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.crl rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.mft rsync://rpki.ripe.net/repository/DEFAULT/gh8Shdd1qfWJJD6shErcWridl8k.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:37:b1:e2:98:70:81:40:aa:65:91:19:8e:c3:a5:fe Signature Algorithm: sha256WithRSAEncryption Issuer: CN=821f1285d775a9f589243eac844adc5ab89d97c9 Validity Not Before: Jan 2 10:18:57 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=29e9f5f94c8a515ecafa2bd33d1c76d47ac1d60a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:88:fb:27:40:72:00:87:4f:30:d5:78:fe:27:b0: 75:ac:1e:c5:12:aa:ac:52:21:44:78:f9:b3:c1:03: 7a:2f:d5:2f:0f:5a:48:3f:69:40:e9:27:10:9d:6d: 63:52:f3:c3:6f:e5:4c:e8:88:b7:19:69:84:84:3f: f9:ab:ab:5d:0a:b4:b7:c4:d6:8a:8f:b8:fe:f5:7c: ec:9f:db:6e:fd:1c:5f:69:55:77:4a:5c:ef:69:6a: 8e:a2:86:a9:f7:06:11:54:8c:61:d6:48:3e:98:eb: 64:b3:2a:5c:9c:b0:a1:71:2d:fd:10:2d:1d:15:1b: ea:1b:81:40:37:bb:7c:0a:df:58:77:d8:c9:2d:50: db:36:0c:46:f7:ec:23:10:4e:1e:ad:ef:66:eb:f8: 8a:1c:ba:0e:50:de:61:e6:82:db:de:fa:33:70:c4: 36:c0:4d:9b:cc:f6:b5:70:cc:7f:2f:a9:33:db:fc: e2:03:1f:ba:3a:91:53:f6:ac:01:59:3f:bc:df:93: 0d:9d:16:09:22:4c:8f:27:45:50:e2:24:6d:32:7d: 11:16:53:7f:48:30:6c:72:1d:e5:35:98:1d:d9:51: 25:89:d0:68:41:83:e6:78:70:b4:69:bd:51:b4:e8: 8f:47:a8:1e:57:d5:ca:e0:ce:17:5d:fd:40:33:60: 30:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:E9:F5:F9:4C:8A:51:5E:CA:FA:2B:D3:3D:1C:76:D4:7A:C1:D6:0A X509v3 Authority Key Identifier: keyid:82:1F:12:85:D7:75:A9:F5:89:24:3E:AC:84:4A:DC:5A:B8:9D:97:C9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gh8Shdd1qfWJJD6shErcWridl8k.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/Ken1-UyKUV7K-ivTPRx21HrB1go.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 193.31.16.0/23 193.31.254.0/23 Signature Algorithm: sha256WithRSAEncryption 72:c0:81:c6:71:26:b0:fb:71:8c:61:ec:81:60:71:f8:2b:f2: bf:a1:45:68:be:cb:77:07:f9:be:dc:e3:83:49:da:81:68:92: c0:5e:8f:19:ce:a8:e8:60:5e:25:b5:f0:45:45:c2:91:8e:3a: 3d:a3:45:53:d9:f6:92:8e:9c:7a:78:be:a1:3a:9a:84:07:1f: db:0f:48:f4:49:97:65:47:95:58:79:db:d3:f5:0c:60:24:4f: 2f:aa:4b:0b:63:5f:a7:da:7a:01:a4:66:17:2f:50:4e:81:98: 76:a8:30:02:63:4c:8b:25:fb:8a:21:d2:aa:d2:4b:0c:39:9a: 74:02:9f:bd:a7:99:90:a6:3a:56:bd:09:ef:b1:62:4a:5e:8e: df:ad:9a:c4:14:56:45:a2:db:77:4a:b6:40:72:9e:c9:ec:38: 99:41:b0:ec:f3:91:e5:8c:d1:72:62:25:97:61:c6:98:62:32: 20:e6:77:ab:1b:89:f9:a4:29:e2:de:9d:62:8d:a1:5f:28:be: 5a:28:ce:f7:5f:9a:ac:22:ad:eb:b8:45:50:2f:80:45:b8:6f: db:40:22:aa:06:5b:46:a1:4c:75:78:4f:60:5e:5b:f0:3a:33: 0f:a2:08:51:81:e3:87:b5:8a:04:0c:d1:77:18:1b:51:79:80: 2f:51:7a:c9 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt+N7HimHCBQKplkRmOw6X+MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDgyMWYxMjg1ZDc3NWE5ZjU4OTI0M2VhYzg0NGFkYzVhYjg5 ZDk3YzkwHhcNMjYwMTAyMTAxODU3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyOWU5ZjVmOTRjOGE1MTVlY2FmYTJiZDMzZDFjNzZkNDdhYzFkNjBhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiPsnQHIAh08w1Xj+J7B1rB7FEqqs UiFEePmzwQN6L9UvD1pIP2lA6ScQnW1jUvPDb+VM6Ii3GWmEhD/5q6tdCrS3xNaK j7j+9Xzsn9tu/RxfaVV3SlzvaWqOooap9wYRVIxh1kg+mOtksypcnLChcS39EC0d FRvqG4FAN7t8Ct9Yd9jJLVDbNgxG9+wjEE4ere9m6/iKHLoOUN5h5oLb3vozcMQ2 wE2bzPa1cMx/L6kz2/ziAx+6OpFT9qwBWT+835MNnRYJIkyPJ0VQ4iRtMn0RFlN/ SDBsch3lNZgd2VElidBoQYPmeHC0ab1RtOiPR6geV9XK4M4XXf1AM2AwhwIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFCnp9flMilFeyvor0z0cdtR6wdYKMB8GA1UdIwQY MBaAFIIfEoXXdan1iSQ+rIRK3Fq4nZfJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZ2g4U2hkZDFxZldKSkQ2c2hFcmNXcmlkbDhrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8xN2Q4MWQtMTczZC00NDg2LTk1NWQt NDhlZWE4ZDVmZWYxLzEvS2VuMS1VeUtVVjdLLWl2VFBSeDIxSHJCMWdvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yZi8xN2Q4MWQtMTczZC00NDg2LTk1NWQtNDhlZWE4ZDVmZWYx LzEvZ2g4U2hkZDFxZldKSkQ2c2hFcmNXcmlkbDhrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwR8QAwQB wR/+MA0GCSqGSIb3DQEBCwUAA4IBAQBywIHGcSaw+3GMYeyBYHH4K/K/oUVovst3 B/m+3OODSdqBaJLAXo8ZzqjoYF4ltfBFRcKRjjo9o0VT2faSjpx6eL6hOpqEBx/b D0j0SZdlR5VYedvT9QxgJE8vqksLY1+n2noBpGYXL1BOgZh2qDACY0yLJfuKIdKq 0ksMOZp0Ap+9p5mQpjpWvQnvsWJKXo7frZrEFFZFott3SrZAcp7J7DiZQbDs85Hl jNFyYiWXYcaYYjIg5nerG4n5pCni3p1ijaFfKL5aKM73X5qsIq3ruEVQL4BFuG/b QCKqBltGoUx1eE9gXlvwOjMPoghRgeOHtYoEDNF3GBtReYAvUXrJ -----END CERTIFICATE-----Generated at Sun Jan 25 20:47:58 2026 by rpki-client