This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/fd6069-4179-45be-b82a-af3f794ae607/1/KzmoITHkJpLOR4Tlul5pobyRKM4.roa File: KzmoITHkJpLOR4Tlul5pobyRKM4.roa (raw, json) Hash identifier: AsqRiFYDTCnKZFcWZmiW079vgPj+Gpml9bimn7NxEjY= Subject key identifier: 2B:39:A8:21:31:E4:26:92:CE:47:84:E5:BA:5E:69:A1:BC:91:28:CE Certificate issuer: /CN=af121cd6e11da095f856d79deec469d0c6358494 Certificate serial: 019B7A5A8426BEC2D878F293F6F1655AB64F Authority key identifier: AF:12:1C:D6:E1:1D:A0:95:F8:56:D7:9D:EE:C4:69:D0:C6:35:84:94 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rxIc1uEdoJX4Vted7sRp0MY1hJQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/fd6069-4179-45be-b82a-af3f794ae607/1/KzmoITHkJpLOR4Tlul5pobyRKM4.roa Signing time: Thu 01 Jan 2026 16:18:31 +0000 ROA not before: Thu 01 Jan 2026 16:18:31 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 204800 IP address blocks: 85.187.128.0/21 maxlen: 24 85.187.128.0/22 maxlen: 24 114.129.156.0/22 maxlen: 24 185.149.112.0/22 maxlen: 24 185.151.48.0/22 maxlen: 24 185.160.65.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/fd6069-4179-45be-b82a-af3f794ae607/1/rxIc1uEdoJX4Vted7sRp0MY1hJQ.crl rsync://rpki.ripe.net/repository/DEFAULT/4f/fd6069-4179-45be-b82a-af3f794ae607/1/rxIc1uEdoJX4Vted7sRp0MY1hJQ.mft rsync://rpki.ripe.net/repository/DEFAULT/rxIc1uEdoJX4Vted7sRp0MY1hJQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5a:84:26:be:c2:d8:78:f2:93:f6:f1:65:5a:b6:4f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=af121cd6e11da095f856d79deec469d0c6358494 Validity Not Before: Jan 1 16:18:31 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=2b39a82131e42692ce4784e5ba5e69a1bc9128ce Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:f5:a6:49:2c:77:b3:6f:6b:0c:68:c4:a5:48: 59:7b:fa:c7:96:70:e2:49:fa:73:cd:d4:1c:57:dc: 7a:97:57:6d:a7:26:fc:5f:90:af:1e:92:cd:66:34: 17:d0:05:f2:3e:2f:78:1e:39:37:51:c7:04:16:db: d7:b7:fc:13:53:69:2c:f4:28:94:bf:88:13:d0:eb: 7b:c1:a4:b9:7d:97:38:28:07:b5:b4:9a:55:92:0b: 65:97:23:eb:14:38:79:ec:54:51:67:ba:f4:9e:1d: ae:2a:ec:60:a3:d4:9f:59:9c:43:fb:8b:06:eb:08: 10:da:93:46:12:68:2c:50:6e:df:9d:92:1f:bf:66: 5c:1d:10:7f:a3:d0:c2:63:16:4d:63:38:ae:aa:91: 81:6d:b5:0d:3a:a9:9d:be:a2:39:89:2f:f9:93:5d: 01:6f:22:b4:5b:c3:91:02:e1:81:b4:8a:99:28:7c: 1c:06:b2:12:70:0d:f3:e0:82:88:d7:d7:ab:4f:14: 0b:27:bc:46:cd:dc:37:83:46:2b:44:32:a9:c0:3b: 9a:14:c8:0c:ec:4c:33:6b:34:21:68:44:d7:b2:4e: be:d7:83:b4:ed:b6:5d:a6:97:fa:20:5a:87:90:cd: 18:18:56:11:ba:9a:5e:07:b2:53:d1:c7:66:c9:35: a4:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2B:39:A8:21:31:E4:26:92:CE:47:84:E5:BA:5E:69:A1:BC:91:28:CE X509v3 Authority Key Identifier: keyid:AF:12:1C:D6:E1:1D:A0:95:F8:56:D7:9D:EE:C4:69:D0:C6:35:84:94 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rxIc1uEdoJX4Vted7sRp0MY1hJQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/fd6069-4179-45be-b82a-af3f794ae607/1/KzmoITHkJpLOR4Tlul5pobyRKM4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/fd6069-4179-45be-b82a-af3f794ae607/1/rxIc1uEdoJX4Vted7sRp0MY1hJQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 85.187.128.0/21 114.129.156.0/22 185.149.112.0/22 185.151.48.0/22 185.160.65.0/24 Signature Algorithm: sha256WithRSAEncryption 98:a9:e9:51:b2:21:cf:74:de:81:53:0a:27:70:99:b8:e0:e7: ca:d4:f6:34:f2:20:8a:05:0c:8a:9f:3c:a8:5f:b8:b5:46:54: 7a:19:9b:17:ff:80:a3:91:6f:90:96:d5:bd:5f:24:80:8b:a4: be:20:a9:e3:67:d3:4f:70:53:46:61:49:1d:be:d3:10:75:b2: 27:31:6a:47:2d:e2:18:d5:c6:04:37:9a:bf:44:bf:f0:2f:43: 43:06:fd:16:a9:41:11:f8:fb:5a:26:f0:73:18:4b:05:12:6f: cb:93:25:d7:26:12:7e:61:bd:4f:47:1c:97:20:d7:a5:72:42: 1f:7e:60:99:c2:05:27:4e:bc:0e:c8:bd:2a:f3:39:d2:84:e1: 6e:f3:aa:be:f9:cd:57:a2:73:af:d0:5d:ef:56:de:df:68:a5: 49:22:05:9d:86:b2:e6:62:5e:e3:ed:b2:7e:7b:f9:43:8a:a9: 99:41:0d:a4:a5:0a:53:48:06:5f:8e:87:e3:3b:99:de:62:b1: 6c:fd:c1:fd:01:8a:4e:41:ba:ba:fe:d0:03:2d:15:90:69:b2: e6:86:c0:b7:29:0a:88:b9:76:e0:9b:18:b1:26:6a:53:5b:22: 8d:b8:b1:57:1c:32:48:ac:aa:6e:b5:15:70:cf:99:eb:14:4d: b0:e4:5e:17 -----BEGIN CERTIFICATE----- MIIFFTCCA/2gAwIBAgISAZt6WoQmvsLYePKT9vFlWrZPMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFmMTIxY2Q2ZTExZGEwOTVmODU2ZDc5ZGVlYzQ2OWQwYzYz NTg0OTQwHhcNMjYwMTAxMTYxODMxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyYjM5YTgyMTMxZTQyNjkyY2U0Nzg0ZTViYTVlNjlhMWJjOTEyOGNlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr/WmSSx3s29rDGjEpUhZe/rHlnDi SfpzzdQcV9x6l1dtpyb8X5CvHpLNZjQX0AXyPi94Hjk3UccEFtvXt/wTU2ks9CiU v4gT0Ot7waS5fZc4KAe1tJpVkgtllyPrFDh57FRRZ7r0nh2uKuxgo9SfWZxD+4sG 6wgQ2pNGEmgsUG7fnZIfv2ZcHRB/o9DCYxZNYziuqpGBbbUNOqmdvqI5iS/5k10B byK0W8ORAuGBtIqZKHwcBrIScA3z4IKI19erTxQLJ7xGzdw3g0YrRDKpwDuaFMgM 7EwzazQhaETXsk6+14O07bZdppf6IFqHkM0YGFYRuppeB7JT0cdmyTWkpwIDAQAB o4ICITCCAh0wHQYDVR0OBBYEFCs5qCEx5CaSzkeE5bpeaaG8kSjOMB8GA1UdIwQY MBaAFK8SHNbhHaCV+FbXne7EadDGNYSUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcnhJYzF1RWRvSlg0VnRlZDdzUnAwTVkxaEpRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9mZDYwNjktNDE3OS00NWJlLWI4MmEt YWYzZjc5NGFlNjA3LzEvS3ptb0lUSGtKcExPUjRUbHVsNXBvYnlSS000LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Zi9mZDYwNjktNDE3OS00NWJlLWI4MmEtYWYzZjc5NGFlNjA3 LzEvcnhJYzF1RWRvSlg0VnRlZDdzUnAwTVkxaEpRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQDVbuAAwQC coGcAwQCuZVwAwQCuZcwAwQAuaBBMA0GCSqGSIb3DQEBCwUAA4IBAQCYqelRsiHP dN6BUwoncJm44OfK1PY08iCKBQyKnzyoX7i1RlR6GZsX/4CjkW+QltW9XySAi6S+ IKnjZ9NPcFNGYUkdvtMQdbInMWpHLeIY1cYEN5q/RL/wL0NDBv0WqUER+PtaJvBz GEsFEm/LkyXXJhJ+Yb1PRxyXINelckIffmCZwgUnTrwOyL0q8znShOFu86q++c1X onOv0F3vVt7faKVJIgWdhrLmYl7j7bJ+e/lDiqmZQQ2kpQpTSAZfjofjO5neYrFs /cH9AYpOQbq6/tADLRWQabLmhsC3KQqIuXbgmxixJmpTWyKNuLFXHDJIrKputRVw z5nrFE2w5F4X -----END CERTIFICATE-----Generated at Sun Jan 25 18:20:42 2026 by rpki-client