This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/b2c68e-eb3b-4e01-b50a-a86a24655870/1/K4tPBn3mDHxWQQ0mC5UfSt8RbNI.roa File: K4tPBn3mDHxWQQ0mC5UfSt8RbNI.roa (raw, json) Hash identifier: EPXhFOqzbmGAC3xjCqN6fTup4RvNIb3pcFL4UJPyUsU= Subject key identifier: 2B:8B:4F:06:7D:E6:0C:7C:56:41:0D:26:0B:95:1F:4A:DF:11:6C:D2 Certificate issuer: /CN=2d676a61dcf4d222ba66cda19430f61e611d8aae Certificate serial: 019B76EB41725B92CBA534D18254D474E91E Authority key identifier: 2D:67:6A:61:DC:F4:D2:22:BA:66:CD:A1:94:30:F6:1E:61:1D:8A:AE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LWdqYdz00iK6Zs2hlDD2HmEdiq4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/b2c68e-eb3b-4e01-b50a-a86a24655870/1/K4tPBn3mDHxWQQ0mC5UfSt8RbNI.roa Signing time: Thu 01 Jan 2026 00:18:07 +0000 ROA not before: Thu 01 Jan 2026 00:18:07 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 33011 IP address blocks: 185.235.236.0/22 maxlen: 24 2a0d:8100::/32 maxlen: 64 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/39/b2c68e-eb3b-4e01-b50a-a86a24655870/1/LWdqYdz00iK6Zs2hlDD2HmEdiq4.crl rsync://rpki.ripe.net/repository/DEFAULT/39/b2c68e-eb3b-4e01-b50a-a86a24655870/1/LWdqYdz00iK6Zs2hlDD2HmEdiq4.mft rsync://rpki.ripe.net/repository/DEFAULT/LWdqYdz00iK6Zs2hlDD2HmEdiq4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 25 Jan 2026 23:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:76:eb:41:72:5b:92:cb:a5:34:d1:82:54:d4:74:e9:1e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2d676a61dcf4d222ba66cda19430f61e611d8aae Validity Not Before: Jan 1 00:18:07 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=2b8b4f067de60c7c56410d260b951f4adf116cd2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:e6:4a:54:58:da:0c:96:8a:0b:0c:7f:35:97: 7e:d8:a0:db:51:96:11:84:e1:26:ae:cb:9d:b5:40: 60:d5:e6:aa:68:5a:e5:19:d4:43:f6:f3:aa:cb:78: 86:ef:dc:f6:d9:86:67:31:0b:6b:61:1b:d4:8f:c3: d9:62:33:db:ea:5c:22:3d:5e:34:ce:96:eb:4d:31: 4a:fa:a9:79:4c:24:2c:77:1f:14:1d:eb:1a:47:36: 3c:f1:a6:4a:e8:31:aa:96:8f:9c:59:a5:bf:79:ac: ed:84:52:0f:c3:2d:8a:dc:bd:9c:e7:7f:6f:9b:a5: bb:22:f4:78:05:f6:d2:69:ce:81:05:34:2e:5b:8f: 2a:e2:61:8c:0e:17:7c:e6:2c:7d:2a:bb:34:a6:e6: 3f:53:83:aa:53:3f:62:87:bd:b4:37:1f:46:22:24: 51:08:1c:f9:dd:95:bf:87:51:39:ca:5d:9d:6d:41: 9f:cc:42:0e:c9:b7:6f:c7:ce:db:06:69:cf:be:6a: 2e:55:21:8e:3f:52:f7:9b:60:5d:ea:67:e8:ff:ef: d6:4a:77:15:87:26:3f:18:c5:ec:d0:94:95:49:e9: d2:15:31:68:25:4c:f5:fb:5e:bc:99:ac:81:ff:17: ca:08:6d:72:86:21:9d:ef:aa:24:62:5e:9e:5a:5d: 19:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2B:8B:4F:06:7D:E6:0C:7C:56:41:0D:26:0B:95:1F:4A:DF:11:6C:D2 X509v3 Authority Key Identifier: keyid:2D:67:6A:61:DC:F4:D2:22:BA:66:CD:A1:94:30:F6:1E:61:1D:8A:AE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LWdqYdz00iK6Zs2hlDD2HmEdiq4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/b2c68e-eb3b-4e01-b50a-a86a24655870/1/K4tPBn3mDHxWQQ0mC5UfSt8RbNI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/39/b2c68e-eb3b-4e01-b50a-a86a24655870/1/LWdqYdz00iK6Zs2hlDD2HmEdiq4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.235.236.0/22 IPv6: 2a0d:8100::/32 Signature Algorithm: sha256WithRSAEncryption 33:ab:3a:7a:df:b6:1b:d2:c3:c6:03:b2:dc:0f:9f:38:07:e4: 86:33:34:5e:47:a3:27:15:29:43:04:42:24:3d:2b:2a:3d:96: c9:f6:ef:c0:1a:f9:3e:f5:bb:0d:a3:d7:7c:f5:f6:f4:f1:bd: 36:3f:ac:0d:d2:aa:fa:09:25:88:a7:f8:07:2e:71:04:35:43: 0b:ec:81:19:bb:03:fa:3d:bb:70:df:0d:b4:6d:88:ff:81:99: 4c:be:24:35:24:5e:7a:db:60:c5:c4:7f:5b:35:53:50:e7:41: e2:9d:9b:63:6f:2c:77:0a:b4:a9:66:1c:45:7a:1b:cf:a5:10: 5f:d9:c0:ac:fa:a7:a4:e6:f7:91:67:db:55:2c:f5:e1:d4:61: 0c:35:d2:1e:46:35:23:18:f4:c0:2c:3b:68:e1:d6:f4:cd:f9: ed:f4:f4:70:f4:47:88:a2:60:4e:4c:e2:7f:e4:dc:3f:f8:83: 70:52:18:32:e4:47:f3:34:93:6f:16:ec:ea:a4:34:81:33:ef: ff:25:f2:0a:07:39:af:08:a7:77:85:93:ca:b1:5c:f7:01:23: 55:0a:77:65:e5:8f:6a:cd:a7:ae:09:d4:70:bf:8d:d7:e1:25: 30:f7:e6:93:5a:2a:b6:91:7d:91:b4:c6:64:20:77:2a:65:e6: d2:ec:bb:a2 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt260FyW5LLpTTRglTUdOkeMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJkNjc2YTYxZGNmNGQyMjJiYTY2Y2RhMTk0MzBmNjFlNjEx ZDhhYWUwHhcNMjYwMTAxMDAxODA3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyYjhiNGYwNjdkZTYwYzdjNTY0MTBkMjYwYjk1MWY0YWRmMTE2Y2QyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2OZKVFjaDJaKCwx/NZd+2KDbUZYR hOEmrsudtUBg1eaqaFrlGdRD9vOqy3iG79z22YZnMQtrYRvUj8PZYjPb6lwiPV40 zpbrTTFK+ql5TCQsdx8UHesaRzY88aZK6DGqlo+cWaW/eazthFIPwy2K3L2c539v m6W7IvR4BfbSac6BBTQuW48q4mGMDhd85ix9Krs0puY/U4OqUz9ih720Nx9GIiRR CBz53ZW/h1E5yl2dbUGfzEIOybdvx87bBmnPvmouVSGOP1L3m2Bd6mfo/+/WSncV hyY/GMXs0JSVSenSFTFoJUz1+168mayB/xfKCG1yhiGd76okYl6eWl0ZdwIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFCuLTwZ95gx8VkENJguVH0rfEWzSMB8GA1UdIwQY MBaAFC1namHc9NIiumbNoZQw9h5hHYquMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTFdkcVlkejAwaUs2WnMyaGxERDJIbUVkaXE0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS9iMmM2OGUtZWIzYi00ZTAxLWI1MGEt YTg2YTI0NjU1ODcwLzEvSzR0UEJuM21ESHhXUVEwbUM1VWZTdDhSYk5JLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zOS9iMmM2OGUtZWIzYi00ZTAxLWI1MGEtYTg2YTI0NjU1ODcw LzEvTFdkcVlkejAwaUs2WnMyaGxERDJIbUVkaXE0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuevsMA0E AgACMAcDBQAqDYEAMA0GCSqGSIb3DQEBCwUAA4IBAQAzqzp637Yb0sPGA7LcD584 B+SGMzReR6MnFSlDBEIkPSsqPZbJ9u/AGvk+9bsNo9d89fb08b02P6wN0qr6CSWI p/gHLnEENUML7IEZuwP6Pbtw3w20bYj/gZlMviQ1JF5622DFxH9bNVNQ50HinZtj byx3CrSpZhxFehvPpRBf2cCs+qek5veRZ9tVLPXh1GEMNdIeRjUjGPTALDto4db0 zfnt9PRw9EeIomBOTOJ/5Nw/+INwUhgy5EfzNJNvFuzqpDSBM+//JfIKBzmvCKd3 hZPKsVz3ASNVCndl5Y9qzaeuCdRwv43X4SUw9+aTWiq2kX2RtMZkIHcqZebS7Lui -----END CERTIFICATE-----Generated at Sun Jan 25 10:28:56 2026 by rpki-client