This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/00a95d-937c-473c-a85f-f87787b1d03c/1/KyIkZp5v8qniJmGJJW64WpulkNA.roa File: KyIkZp5v8qniJmGJJW64WpulkNA.roa (raw, json) Hash identifier: 1AsKxqyIstssG9Pu2llDF8+d4jVczV5NqO2oa4GLJAk= Subject key identifier: 2B:22:24:66:9E:6F:F2:A9:E2:26:61:89:25:6E:B8:5A:9B:A5:90:D0 Certificate issuer: /CN=8df893edf33208d7a2cf62268613769fb4967c66 Certificate serial: 019B7EA56F071517FECD6D468D6E7839ACB3 Authority key identifier: 8D:F8:93:ED:F3:32:08:D7:A2:CF:62:26:86:13:76:9F:B4:96:7C:66 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jfiT7fMyCNeiz2ImhhN2n7SWfGY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/00a95d-937c-473c-a85f-f87787b1d03c/1/KyIkZp5v8qniJmGJJW64WpulkNA.roa Signing time: Fri 02 Jan 2026 12:18:49 +0000 ROA not before: Fri 02 Jan 2026 12:18:49 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 43108 IP address blocks: 91.194.76.0/23 maxlen: 23 91.228.4.0/22 maxlen: 22 195.28.26.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3d/00a95d-937c-473c-a85f-f87787b1d03c/1/jfiT7fMyCNeiz2ImhhN2n7SWfGY.crl rsync://rpki.ripe.net/repository/DEFAULT/3d/00a95d-937c-473c-a85f-f87787b1d03c/1/jfiT7fMyCNeiz2ImhhN2n7SWfGY.mft rsync://rpki.ripe.net/repository/DEFAULT/jfiT7fMyCNeiz2ImhhN2n7SWfGY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a5:6f:07:15:17:fe:cd:6d:46:8d:6e:78:39:ac:b3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8df893edf33208d7a2cf62268613769fb4967c66 Validity Not Before: Jan 2 12:18:49 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=2b2224669e6ff2a9e2266189256eb85a9ba590d0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:57:16:91:8d:77:57:16:d2:f0:be:a4:18:35: 8c:45:95:75:e6:dc:8f:06:78:5a:78:5d:7e:7d:98: 25:ea:bd:15:54:9e:83:db:b1:d2:cc:53:ea:a7:fe: dd:e5:59:e0:54:98:33:05:da:51:1f:af:a3:f8:9c: 90:2b:f2:e6:2b:47:84:16:20:5e:9f:c6:21:cc:56: 5c:a1:04:99:c8:e7:9e:44:4f:17:eb:81:34:6d:af: 00:13:12:e7:c1:e6:61:f5:ae:a1:b4:7c:d4:6f:75: 65:54:3a:4e:bb:90:71:b9:f2:db:3f:f5:f7:d7:6e: d4:f9:cd:32:8c:a2:49:79:14:6b:da:4a:92:2b:ae: 9f:02:d2:85:e3:62:08:bd:31:ce:15:c1:3d:de:05: 85:a9:5c:af:ee:85:2b:16:84:50:a2:7c:e6:41:43: 65:00:5e:a4:c9:72:2a:4e:46:9e:1a:aa:eb:84:e6: 6f:d2:ba:00:4c:f4:02:51:29:ff:b6:b1:d4:54:ac: db:70:ae:78:e5:4a:6b:bf:a8:2e:46:2a:21:6f:60: 5f:75:44:29:d0:bc:13:05:7c:56:32:94:c0:e3:37: ed:6e:b5:9a:12:24:00:63:fb:c3:fe:0d:73:f6:ff: 90:d6:2a:3c:ee:14:c1:52:ad:9e:ea:1f:42:e6:c4: 04:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2B:22:24:66:9E:6F:F2:A9:E2:26:61:89:25:6E:B8:5A:9B:A5:90:D0 X509v3 Authority Key Identifier: keyid:8D:F8:93:ED:F3:32:08:D7:A2:CF:62:26:86:13:76:9F:B4:96:7C:66 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jfiT7fMyCNeiz2ImhhN2n7SWfGY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/00a95d-937c-473c-a85f-f87787b1d03c/1/KyIkZp5v8qniJmGJJW64WpulkNA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/00a95d-937c-473c-a85f-f87787b1d03c/1/jfiT7fMyCNeiz2ImhhN2n7SWfGY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.194.76.0/23 91.228.4.0/22 195.28.26.0/23 Signature Algorithm: sha256WithRSAEncryption 79:3e:38:ba:ab:b6:0d:5f:76:7c:e9:91:91:ec:06:f3:cf:e6: 98:90:aa:4c:34:23:7e:57:ff:cd:7a:e6:3a:50:5a:ad:60:aa: 2d:2a:f4:23:56:f0:94:ff:b6:da:b2:5d:f0:c6:2a:54:2f:b5: 44:02:0f:15:55:dc:38:ae:52:01:80:6f:54:e3:ab:9b:a2:76: 19:d8:4e:de:23:a8:99:0e:41:17:23:5f:10:2f:07:ed:34:2b: 70:00:f3:c9:2c:57:f3:05:c1:31:2c:5b:77:33:13:34:5e:67: 00:37:6b:d6:a2:16:77:e6:87:a9:64:07:3a:15:a9:ad:dd:08: c9:55:9b:0b:40:db:c0:7e:0b:07:3d:fd:28:39:c5:01:de:e5: 6b:46:67:95:99:e9:0f:e2:d6:63:78:2a:fa:ff:2b:24:b2:43: f9:bb:30:58:1b:f1:dd:26:64:ef:9d:7c:26:84:a3:4a:4d:dd: 42:cd:98:53:84:e3:2c:46:6d:9d:e6:c6:70:8a:c5:a6:21:3f: 0f:05:82:0b:b9:65:b6:b4:44:c5:cc:70:2e:49:82:b2:40:0c: e1:ab:9a:a5:6c:b2:0c:d3:76:a8:76:be:69:35:f1:ad:1d:2e: 50:2a:22:d5:e3:e6:62:dd:2a:2c:fc:3f:f6:4e:84:a5:54:37: 08:62:3b:85 -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt+pW8HFRf+zW1GjW54OayzMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDhkZjg5M2VkZjMzMjA4ZDdhMmNmNjIyNjg2MTM3NjlmYjQ5 NjdjNjYwHhcNMjYwMTAyMTIxODQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyYjIyMjQ2NjllNmZmMmE5ZTIyNjYxODkyNTZlYjg1YTliYTU5MGQwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq1cWkY13VxbS8L6kGDWMRZV15tyP BnhaeF1+fZgl6r0VVJ6D27HSzFPqp/7d5VngVJgzBdpRH6+j+JyQK/LmK0eEFiBe n8YhzFZcoQSZyOeeRE8X64E0ba8AExLnweZh9a6htHzUb3VlVDpOu5BxufLbP/X3 127U+c0yjKJJeRRr2kqSK66fAtKF42IIvTHOFcE93gWFqVyv7oUrFoRQonzmQUNl AF6kyXIqTkaeGqrrhOZv0roATPQCUSn/trHUVKzbcK545Uprv6guRiohb2BfdUQp 0LwTBXxWMpTA4zftbrWaEiQAY/vD/g1z9v+Q1io87hTBUq2e6h9C5sQE2wIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFCsiJGaeb/Kp4iZhiSVuuFqbpZDQMB8GA1UdIwQY MBaAFI34k+3zMgjXos9iJoYTdp+0lnxmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvamZpVDdmTXlDTmVpejJJbWhoTjJuN1NXZkdZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8wMGE5NWQtOTM3Yy00NzNjLWE4NWYt Zjg3Nzg3YjFkMDNjLzEvS3lJa1pwNXY4cW5pSm1HSkpXNjRXcHVsa05BLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zZC8wMGE5NWQtOTM3Yy00NzNjLWE4NWYtZjg3Nzg3YjFkMDNj LzEvamZpVDdmTXlDTmVpejJJbWhoTjJuN1NXZkdZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBW8JMAwQC W+QEAwQBwxwaMA0GCSqGSIb3DQEBCwUAA4IBAQB5Pji6q7YNX3Z86ZGR7Abzz+aY kKpMNCN+V//NeuY6UFqtYKotKvQjVvCU/7basl3wxipUL7VEAg8VVdw4rlIBgG9U 46ubonYZ2E7eI6iZDkEXI18QLwftNCtwAPPJLFfzBcExLFt3MxM0XmcAN2vWohZ3 5oepZAc6Famt3QjJVZsLQNvAfgsHPf0oOcUB3uVrRmeVmekP4tZjeCr6/yskskP5 uzBYG/HdJmTvnXwmhKNKTd1CzZhThOMsRm2d5sZwisWmIT8PBYILuWW2tETFzHAu SYKyQAzhq5qlbLIM03aodr5pNfGtHS5QKiLV4+Zi3Sos/D/2ToSlVDcIYjuF -----END CERTIFICATE-----Generated at Sun Jan 25 22:15:15 2026 by rpki-client