This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/KMalA_jOg2ht5pynxqro3O_CKb0.roa File: KMalA_jOg2ht5pynxqro3O_CKb0.roa (raw, json) Hash identifier: cDAD/NdMCtS57M6MAzqcGw+sF7ZJNTlHSQMwr+xfoQU= Subject key identifier: 28:C6:A5:03:F8:CE:83:68:6D:E6:9C:A7:C6:AA:E8:DC:EF:C2:29:BD Certificate issuer: /CN=279dbfdf4c20bdae8d6118566ece76444e46d171 Certificate serial: 019B7F14A38D7AFA04B83BB9F91C6E372AD9 Authority key identifier: 27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/KMalA_jOg2ht5pynxqro3O_CKb0.roa Signing time: Fri 02 Jan 2026 14:20:17 +0000 ROA not before: Fri 02 Jan 2026 14:20:17 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 12480 IP address blocks: 194.120.43.0/24 maxlen: 24 194.121.203.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.mft rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 25 Jan 2026 23:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:14:a3:8d:7a:fa:04:b8:3b:b9:f9:1c:6e:37:2a:d9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=279dbfdf4c20bdae8d6118566ece76444e46d171 Validity Not Before: Jan 2 14:20:17 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=28c6a503f8ce83686de69ca7c6aae8dcefc229bd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:08:d2:0f:87:26:ba:0f:a9:d5:3f:a1:09:6d: dc:43:59:e3:45:6c:3b:7d:67:3c:0f:3c:a5:7c:34: 7a:96:bd:47:6a:58:f4:da:f3:12:b3:49:49:b4:13: 1b:0c:c0:2f:80:8c:8f:92:cf:6c:a0:16:a2:f8:ee: b2:3c:35:75:24:32:bd:dc:ce:e3:ba:f5:78:20:e3: c5:e0:3c:3f:ea:d8:86:7f:05:b6:4e:a3:89:4c:fe: bd:1c:df:d4:45:a2:b9:81:11:dc:30:89:b6:35:46: e0:af:0d:35:eb:84:b2:fa:ac:87:e2:a0:2f:6b:e1: 72:b3:62:40:60:3a:0e:ac:25:61:31:f1:23:93:97: 6f:4e:5a:b3:f5:f4:63:4b:19:0c:70:44:0f:4c:d9: 51:67:7f:38:e2:55:0f:0f:84:d5:22:39:28:f6:83: 4a:aa:18:e6:e8:7e:a6:1d:f1:7b:ad:55:c9:b6:6d: ad:d6:1b:4b:1b:f6:66:2d:58:be:77:8f:d7:d2:c5: 5b:1f:8d:d4:17:86:de:66:57:ee:9e:53:1d:3f:59: 05:2d:1b:8e:cd:c9:d8:d6:90:4b:19:63:d5:8a:6d: 27:1d:51:2d:43:b9:a0:30:1c:8f:fd:1d:e1:fb:f2: cd:38:d2:32:7c:f2:5c:a9:f2:f4:95:88:b7:c9:8f: 34:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:C6:A5:03:F8:CE:83:68:6D:E6:9C:A7:C6:AA:E8:DC:EF:C2:29:BD X509v3 Authority Key Identifier: keyid:27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/KMalA_jOg2ht5pynxqro3O_CKb0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 194.120.43.0/24 194.121.203.0/24 Signature Algorithm: sha256WithRSAEncryption 79:4b:ad:18:69:7d:0e:6f:8e:c8:e1:3a:ba:29:06:9c:cc:49: 6f:6e:15:d3:f1:f5:05:85:de:c6:38:41:df:29:b2:8b:76:56: 2d:11:0f:19:7e:f7:97:0f:e1:1e:00:ef:d8:b6:db:0c:97:be: 0a:d3:91:94:04:a0:78:ab:d7:c1:95:bb:2c:96:bb:0c:1f:d0: 73:bc:43:79:37:ee:d4:25:96:55:a3:f6:68:af:34:fe:f1:a6: cb:d0:9e:0a:56:35:48:c7:7f:be:0d:45:8e:52:a4:a3:00:36: de:3f:b2:77:d1:4a:c2:32:6d:d2:eb:ca:a6:c7:b0:09:1e:d5: 96:66:25:43:6d:ca:3e:c5:a3:d0:31:dc:53:0b:83:c8:0c:8f: f3:34:f7:49:01:f5:c3:66:c9:0f:56:12:72:65:64:be:00:0c: 5a:ad:7c:0c:a2:32:3d:28:f1:ea:8d:b2:1d:44:c7:ac:bb:6c: 91:7b:63:36:58:bf:8c:77:50:eb:d6:33:b8:de:ff:b2:58:63: e7:42:9a:e5:92:b2:7d:4d:b0:6c:3a:56:8f:d1:0e:ba:38:94: 80:ac:bc:40:77:9d:63:85:2f:e3:38:01:2d:ad:3c:69:2f:2e: e2:12:d9:2c:c5:2b:f2:ed:19:9f:97:37:0c:52:72:4d:f7:73: bf:09:f5:33 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt/FKONevoEuDu5+RxuNyrZMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI3OWRiZmRmNGMyMGJkYWU4ZDYxMTg1NjZlY2U3NjQ0NGU0 NmQxNzEwHhcNMjYwMTAyMTQyMDE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyOGM2YTUwM2Y4Y2U4MzY4NmRlNjljYTdjNmFhZThkY2VmYzIyOWJkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlgjSD4cmug+p1T+hCW3cQ1njRWw7 fWc8DzylfDR6lr1Halj02vMSs0lJtBMbDMAvgIyPks9soBai+O6yPDV1JDK93M7j uvV4IOPF4Dw/6tiGfwW2TqOJTP69HN/URaK5gRHcMIm2NUbgrw0164Sy+qyH4qAv a+Fys2JAYDoOrCVhMfEjk5dvTlqz9fRjSxkMcEQPTNlRZ3844lUPD4TVIjko9oNK qhjm6H6mHfF7rVXJtm2t1htLG/ZmLVi+d4/X0sVbH43UF4beZlfunlMdP1kFLRuO zcnY1pBLGWPVim0nHVEtQ7mgMByP/R3h+/LNONIyfPJcqfL0lYi3yY80jwIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFCjGpQP4zoNobeacp8aq6Nzvwim9MB8GA1UdIwQY MBaAFCedv99MIL2ujWEYVm7OdkRORtFxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEt MGNmMTA5M2Q0NTQ4LzEvS01hbEFfak9nMmh0NXB5bnhxcm8zT19DS2IwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEtMGNmMTA5M2Q0NTQ4 LzEvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwngrAwQA wnnLMA0GCSqGSIb3DQEBCwUAA4IBAQB5S60YaX0Ob47I4Tq6KQaczElvbhXT8fUF hd7GOEHfKbKLdlYtEQ8ZfveXD+EeAO/YttsMl74K05GUBKB4q9fBlbsslrsMH9Bz vEN5N+7UJZZVo/ZorzT+8abL0J4KVjVIx3++DUWOUqSjADbeP7J30UrCMm3S68qm x7AJHtWWZiVDbco+xaPQMdxTC4PIDI/zNPdJAfXDZskPVhJyZWS+AAxarXwMojI9 KPHqjbIdRMesu2yRe2M2WL+Md1Dr1jO43v+yWGPnQprlkrJ9TbBsOlaP0Q66OJSA rLxAd51jhS/jOAEtrTxpLy7iEtksxSvy7RmflzcMUnJN93O/CfUz -----END CERTIFICATE-----Generated at Sun Jan 25 10:52:35 2026 by rpki-client