This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/a3fb67-d514-4aee-adb9-72bad9d73c80/1/kxfj2nv76RgasA6SFw9h3YIvRV8.roa File: kxfj2nv76RgasA6SFw9h3YIvRV8.roa (raw, json) Hash identifier: t6hEcQl764cybmk/fsQro0yyYfk+r+X51eI3dq/XPII= Subject key identifier: 93:17:E3:DA:7B:FB:E9:18:1A:B0:0E:92:17:0F:61:DD:82:2F:45:5F Certificate issuer: /CN=d0b849b9bc9042a1557331937e4ad71518af61cf Certificate serial: 019B7AC8B09F99CE50A06CDE447C18FD0C98 Authority key identifier: D0:B8:49:B9:BC:90:42:A1:55:73:31:93:7E:4A:D7:15:18:AF:61:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0LhJubyQQqFVczGTfkrXFRivYc8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/a3fb67-d514-4aee-adb9-72bad9d73c80/1/kxfj2nv76RgasA6SFw9h3YIvRV8.roa Signing time: Thu 01 Jan 2026 18:18:51 +0000 ROA not before: Thu 01 Jan 2026 18:18:51 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 50939 IP address blocks: 194.36.140.0/23 maxlen: 23 194.36.140.0/24 maxlen: 24 194.36.141.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/a3fb67-d514-4aee-adb9-72bad9d73c80/1/0LhJubyQQqFVczGTfkrXFRivYc8.crl rsync://rpki.ripe.net/repository/DEFAULT/40/a3fb67-d514-4aee-adb9-72bad9d73c80/1/0LhJubyQQqFVczGTfkrXFRivYc8.mft rsync://rpki.ripe.net/repository/DEFAULT/0LhJubyQQqFVczGTfkrXFRivYc8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 09:01:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:c8:b0:9f:99:ce:50:a0:6c:de:44:7c:18:fd:0c:98 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d0b849b9bc9042a1557331937e4ad71518af61cf Validity Not Before: Jan 1 18:18:51 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=9317e3da7bfbe9181ab00e92170f61dd822f455f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:9e:6b:be:d4:31:cf:ca:0f:cc:c3:ae:be:62: 63:04:8a:6d:ad:02:27:4f:ab:08:43:cd:ce:bd:0a: 03:bf:85:be:1c:e5:75:df:07:16:15:47:b6:65:8f: a8:d2:aa:5d:6e:7e:9a:27:cc:2e:a5:2a:86:18:de: e7:ff:e7:ae:7d:7f:13:90:81:dc:78:20:d8:cb:0b: c8:7c:1f:7a:20:84:07:58:b5:a7:4e:9a:2d:b4:1a: bd:a6:15:e7:bd:32:ce:5c:01:ed:37:56:45:42:91: 42:57:59:20:5f:29:d0:d0:25:5b:90:d9:3b:6d:41: bf:4b:33:58:c7:00:64:10:b8:0a:9a:c4:1a:63:9e: f4:77:8e:04:15:8d:70:43:7e:ef:e5:cb:0c:0c:3a: bc:54:50:15:af:bd:15:16:05:41:53:fe:8e:b2:34: fb:f8:02:73:76:a8:99:51:c1:b1:8a:f4:13:48:14: a7:7a:99:2f:9d:84:49:71:65:ad:43:7d:3f:ff:6c: 07:86:d8:83:03:4d:8e:45:42:b5:e2:e6:5a:6e:d0: 0c:fe:09:0f:50:1e:2a:02:2b:bc:0c:60:64:3e:88: f3:b7:c8:b2:42:ec:4f:c7:40:94:e9:1f:42:2a:b7: 76:5e:3d:bc:e0:30:5a:30:09:9d:fe:8b:72:5d:0a: 8f:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 93:17:E3:DA:7B:FB:E9:18:1A:B0:0E:92:17:0F:61:DD:82:2F:45:5F X509v3 Authority Key Identifier: keyid:D0:B8:49:B9:BC:90:42:A1:55:73:31:93:7E:4A:D7:15:18:AF:61:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0LhJubyQQqFVczGTfkrXFRivYc8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/a3fb67-d514-4aee-adb9-72bad9d73c80/1/kxfj2nv76RgasA6SFw9h3YIvRV8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/40/a3fb67-d514-4aee-adb9-72bad9d73c80/1/0LhJubyQQqFVczGTfkrXFRivYc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 194.36.140.0/23 Signature Algorithm: sha256WithRSAEncryption 56:17:e6:33:09:2d:9f:b4:cd:22:9e:8b:d7:ea:8c:e7:c0:e1: 5a:80:e5:bd:67:6d:b7:e3:76:c4:91:89:2c:ca:93:3e:e0:c5: 7f:ca:1e:4d:8c:2b:c0:e6:df:7e:e4:17:c2:9a:87:c3:bf:64: 56:8e:f6:83:fc:bd:37:26:0c:d3:98:7a:76:08:83:1f:a2:91: 4c:6e:3e:aa:c1:5d:2a:b2:f8:71:4d:d9:d2:03:8f:c1:a4:f0: e4:d0:6c:5f:be:28:ca:4b:cc:2f:9b:ed:4e:4a:03:47:4d:32: b8:9c:9a:2e:cc:89:16:14:14:cd:53:2b:dc:4a:a5:c3:d9:7a: ae:e5:c5:e3:72:bb:31:11:62:63:d7:df:e3:7a:db:b9:b6:67: 5e:62:23:76:5e:1a:03:3d:76:cf:0b:35:fd:c0:94:92:4c:14: c4:7f:50:3b:28:0c:95:44:68:c7:63:2b:ea:3a:47:7e:d9:c5: 82:5b:48:27:b9:04:ec:a0:5f:cd:47:bc:f3:ac:05:91:33:54: 67:40:16:86:c5:21:2c:a2:60:82:f5:19:d6:20:1a:37:7a:ed: 55:e4:52:c5:fd:3b:c4:8a:17:7c:df:e3:70:2e:05:b4:67:65: 6b:14:03:72:66:f8:90:ea:5f:fd:2e:e8:7e:e1:04:a1:66:76: b2:de:49:c6 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt6yLCfmc5QoGzeRHwY/QyYMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQwYjg0OWI5YmM5MDQyYTE1NTczMzE5MzdlNGFkNzE1MThh ZjYxY2YwHhcNMjYwMTAxMTgxODUxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5MzE3ZTNkYTdiZmJlOTE4MWFiMDBlOTIxNzBmNjFkZDgyMmY0NTVmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzZ5rvtQxz8oPzMOuvmJjBIptrQIn T6sIQ83OvQoDv4W+HOV13wcWFUe2ZY+o0qpdbn6aJ8wupSqGGN7n/+eufX8TkIHc eCDYywvIfB96IIQHWLWnTpottBq9phXnvTLOXAHtN1ZFQpFCV1kgXynQ0CVbkNk7 bUG/SzNYxwBkELgKmsQaY570d44EFY1wQ37v5csMDDq8VFAVr70VFgVBU/6OsjT7 +AJzdqiZUcGxivQTSBSnepkvnYRJcWWtQ30//2wHhtiDA02ORUK14uZabtAM/gkP UB4qAiu8DGBkPojzt8iyQuxPx0CU6R9CKrd2Xj284DBaMAmd/otyXQqPwQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFJMX49p7++kYGrAOkhcPYd2CL0VfMB8GA1UdIwQY MBaAFNC4Sbm8kEKhVXMxk35K1xUYr2HPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMExoSnVieVFRcUZWY3pHVGZrclhGUml2WWM4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9hM2ZiNjctZDUxNC00YWVlLWFkYjkt NzJiYWQ5ZDczYzgwLzEva3hmajJudjc2Umdhc0E2U0Z3OWgzWUl2UlY4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80MC9hM2ZiNjctZDUxNC00YWVlLWFkYjktNzJiYWQ5ZDczYzgw LzEvMExoSnVieVFRcUZWY3pHVGZrclhGUml2WWM4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwiSMMA0G CSqGSIb3DQEBCwUAA4IBAQBWF+YzCS2ftM0inovX6oznwOFagOW9Z22343bEkYks ypM+4MV/yh5NjCvA5t9+5BfCmofDv2RWjvaD/L03JgzTmHp2CIMfopFMbj6qwV0q svhxTdnSA4/BpPDk0GxfvijKS8wvm+1OSgNHTTK4nJouzIkWFBTNUyvcSqXD2Xqu 5cXjcrsxEWJj19/jetu5tmdeYiN2XhoDPXbPCzX9wJSSTBTEf1A7KAyVRGjHYyvq Okd+2cWCW0gnuQTsoF/NR7zzrAWRM1RnQBaGxSEsomCC9RnWIBo3eu1V5FLF/TvE ihd83+NwLgW0Z2VrFANyZviQ6l/9Luh+4QShZnay3knG -----END CERTIFICATE-----Generated at Sun Jan 25 19:38:08 2026 by rpki-client