This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/kdXzCIFioFQpB7aiOA4YJz1nycQ.roa File: kdXzCIFioFQpB7aiOA4YJz1nycQ.roa (raw, json) Hash identifier: LtG6Ihi39JTK6OTgzMzkhdrYhxzLjNC5rKEfgm5WxPU= Subject key identifier: 91:D5:F3:08:81:62:A0:54:29:07:B6:A2:38:0E:18:27:3D:67:C9:C4 Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42 Certificate serial: 019B7F84FBB53CDA02F5310C67E31C8FC47E Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/kdXzCIFioFQpB7aiOA4YJz1nycQ.roa Signing time: Fri 02 Jan 2026 16:23:00 +0000 ROA not before: Fri 02 Jan 2026 16:23:00 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 204889 IP address blocks: 31.148.20.0/24 maxlen: 24 92.253.204.0/24 maxlen: 24 93.170.15.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.mft rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:01:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:84:fb:b5:3c:da:02:f5:31:0c:67:e3:1c:8f:c4:7e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42 Validity Not Before: Jan 2 16:23:00 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=91d5f3088162a0542907b6a2380e18273d67c9c4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:f1:1e:ea:87:a0:12:31:ec:cc:c5:88:53:49: 71:b0:fd:9d:e2:7e:8b:2e:25:b8:80:28:74:7c:f9: c9:36:2d:06:aa:51:1c:36:6b:7a:a1:db:64:4d:94: d7:d6:b2:36:e8:6b:fd:76:ef:5f:ea:01:60:3d:9d: cb:15:6a:00:fa:84:69:06:01:bc:47:a4:00:e1:c6: 0d:8b:e3:04:4b:72:cf:a8:cc:66:2c:d7:f1:38:eb: 6a:2d:ae:20:68:6e:e0:01:b5:02:52:75:3d:d0:3f: 34:ca:9a:ca:d8:7c:ae:5d:f6:a5:e0:b3:a9:7d:7d: e1:e5:ea:26:bb:d0:e6:8b:f8:94:70:00:ef:10:9f: 22:87:42:e6:b6:f1:50:48:16:40:15:82:85:09:8b: cc:1a:b5:7f:47:8c:be:4c:eb:17:19:3d:ed:ad:83: a5:ca:ac:14:be:dc:a7:4f:00:8e:6d:ec:11:dd:64: d9:87:a9:71:5d:37:17:30:44:b8:31:60:ad:c3:a8: 89:5e:7d:e0:77:00:d0:66:e0:a7:6b:ed:f8:65:0c: 51:3a:62:46:f3:c9:5d:e2:ed:4a:bd:91:9e:8e:6c: 8f:19:17:ce:f8:ec:6f:7f:f8:12:ea:59:34:45:c8: 90:1d:04:a6:70:67:03:c8:cf:68:7f:eb:c5:3c:09: 97:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 91:D5:F3:08:81:62:A0:54:29:07:B6:A2:38:0E:18:27:3D:67:C9:C4 X509v3 Authority Key Identifier: keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/kdXzCIFioFQpB7aiOA4YJz1nycQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.148.20.0/24 92.253.204.0/24 93.170.15.0/24 Signature Algorithm: sha256WithRSAEncryption 8d:4f:e4:07:02:89:9a:00:7e:0d:ca:2c:2c:73:e7:8e:a5:3c: 8a:a9:c4:fd:36:a7:c8:1d:96:9f:1e:61:cb:81:0a:05:f3:bc: 3f:4a:5f:b0:93:79:5c:fa:e4:85:48:33:2b:c4:2d:8e:06:12: 9b:d7:24:fa:b7:70:7a:92:99:95:69:ca:bc:cd:e8:fa:32:c1: 86:c3:df:21:e1:19:c4:24:0b:88:f9:4c:a9:e5:39:72:cc:90: e0:c2:b1:9f:b4:96:6d:c6:dd:8a:1d:43:a5:23:63:65:79:f4: cf:e4:df:4c:48:66:1e:4f:42:82:51:b8:95:61:21:95:d1:ac: d2:23:25:4d:e0:d0:10:ba:4b:b0:85:22:8c:50:d4:f1:34:7f: 50:3a:43:fd:66:10:94:9c:2d:91:06:30:f7:22:cd:f1:d2:26: c9:16:ec:40:1e:28:62:39:f5:c3:ed:40:21:68:a1:9b:0e:53: a9:6e:e1:d7:41:d5:84:57:91:f1:09:1e:e9:cb:15:c9:cc:9b: e1:f8:a5:d2:24:19:c1:33:fb:ca:a9:94:65:dc:80:fd:13:bd: 8a:7d:a0:8c:83:b8:aa:e4:e4:13:97:95:17:bd:9e:5b:c6:81: 87:cc:c9:ae:1c:94:89:de:b2:b5:71:bc:05:fc:aa:09:03:4e: a9:40:d1:ef -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt/hPu1PNoC9TEMZ+Mcj8R+MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh YWVmNDIwHhcNMjYwMTAyMTYyMzAwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5MWQ1ZjMwODgxNjJhMDU0MjkwN2I2YTIzODBlMTgyNzNkNjdjOWM0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvfEe6oegEjHszMWIU0lxsP2d4n6L LiW4gCh0fPnJNi0GqlEcNmt6odtkTZTX1rI26Gv9du9f6gFgPZ3LFWoA+oRpBgG8 R6QA4cYNi+MES3LPqMxmLNfxOOtqLa4gaG7gAbUCUnU90D80yprK2HyuXfal4LOp fX3h5eomu9Dmi/iUcADvEJ8ih0LmtvFQSBZAFYKFCYvMGrV/R4y+TOsXGT3trYOl yqwUvtynTwCObewR3WTZh6lxXTcXMES4MWCtw6iJXn3gdwDQZuCna+34ZQxROmJG 88ld4u1KvZGejmyPGRfO+Oxvf/gS6lk0RciQHQSmcGcDyM9of+vFPAmXtwIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFJHV8wiBYqBUKQe2ojgOGCc9Z8nEMB8GA1UdIwQY MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt MDYyYzY5MzNhYmVkLzEva2RYekNJRmlvRlFwQjdhaU9BNFlKejFueWNRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAH5QUAwQA XP3MAwQAXaoPMA0GCSqGSIb3DQEBCwUAA4IBAQCNT+QHAomaAH4Nyiwsc+eOpTyK qcT9NqfIHZafHmHLgQoF87w/Sl+wk3lc+uSFSDMrxC2OBhKb1yT6t3B6kpmVacq8 zej6MsGGw98h4RnEJAuI+Uyp5TlyzJDgwrGftJZtxt2KHUOlI2NlefTP5N9MSGYe T0KCUbiVYSGV0azSIyVN4NAQukuwhSKMUNTxNH9QOkP9ZhCUnC2RBjD3Is3x0ibJ FuxAHihiOfXD7UAhaKGbDlOpbuHXQdWEV5HxCR7pyxXJzJvh+KXSJBnBM/vKqZRl 3ID9E72KfaCMg7iq5OQTl5UXvZ5bxoGHzMmuHJSJ3rK1cbwF/KoJA06pQNHv -----END CERTIFICATE-----Generated at Sun Jan 25 22:14:04 2026 by rpki-client