This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/2d346b-8825-4681-94e3-98441607b228/1/KUSYPuHV0BPhErEp3TcpVUt1EQA.roa File: KUSYPuHV0BPhErEp3TcpVUt1EQA.roa (raw, json) Hash identifier: sBg+JjnzDUbRmXsbrD21Od6LO8lyYKiFXNtgEPlf+T0= Subject key identifier: 29:44:98:3E:E1:D5:D0:13:E1:12:B1:29:DD:37:29:55:4B:75:11:00 Certificate issuer: /CN=8c05b364fcf319ccf53c5f2e8c634290ac0eb129 Certificate serial: 019B7AC8D44432611F8FC703A0372F6495B0 Authority key identifier: 8C:05:B3:64:FC:F3:19:CC:F5:3C:5F:2E:8C:63:42:90:AC:0E:B1:29 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jAWzZPzzGcz1PF8ujGNCkKwOsSk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/2d346b-8825-4681-94e3-98441607b228/1/KUSYPuHV0BPhErEp3TcpVUt1EQA.roa Signing time: Thu 01 Jan 2026 18:19:00 +0000 ROA not before: Thu 01 Jan 2026 18:19:00 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 211483 IP address blocks: 185.60.76.0/24 maxlen: 24 185.60.77.0/24 maxlen: 24 185.60.78.0/24 maxlen: 24 192.109.198.0/24 maxlen: 24 193.29.3.0/24 maxlen: 24 2a04:5b40::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/2d346b-8825-4681-94e3-98441607b228/1/jAWzZPzzGcz1PF8ujGNCkKwOsSk.crl rsync://rpki.ripe.net/repository/DEFAULT/5b/2d346b-8825-4681-94e3-98441607b228/1/jAWzZPzzGcz1PF8ujGNCkKwOsSk.mft rsync://rpki.ripe.net/repository/DEFAULT/jAWzZPzzGcz1PF8ujGNCkKwOsSk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 18:00:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:c8:d4:44:32:61:1f:8f:c7:03:a0:37:2f:64:95:b0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8c05b364fcf319ccf53c5f2e8c634290ac0eb129 Validity Not Before: Jan 1 18:19:00 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=2944983ee1d5d013e112b129dd3729554b751100 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:92:69:a8:15:da:e9:78:a5:5d:c0:15:12:80: d2:a5:81:6e:73:f8:2e:30:71:b3:32:9b:fd:d1:68: de:3c:dd:f6:05:98:bc:ce:15:13:cb:98:8b:7f:b0: 90:2e:d1:c3:ab:95:d2:b3:a2:8e:00:f6:88:fb:8e: dc:63:90:f1:33:22:4f:af:78:7d:5a:fe:ab:83:58: 86:b9:99:3d:42:a4:c9:25:57:12:56:f9:9b:35:6a: 25:f4:71:c6:45:eb:56:75:06:fa:f5:f9:a7:a5:df: 1d:2b:fd:39:ef:6d:33:29:3c:5c:9d:08:d9:45:5b: 33:dc:06:bb:dd:01:6f:aa:af:60:4a:a3:3d:d2:91: 5f:a8:c4:00:8d:be:ca:07:d8:ac:61:20:f9:47:9e: e7:8a:34:30:7c:4c:57:09:8e:6d:cb:11:af:37:c2: 69:52:4f:a2:99:47:fe:3b:85:6c:39:0c:d2:03:64: 8e:68:b5:af:da:02:76:6b:82:65:72:1e:2b:36:c9: 92:6e:08:09:7c:90:92:96:f0:67:75:ac:34:95:b8: 0c:c1:0b:08:b6:ed:33:de:b4:aa:04:a6:bd:b9:4e: f3:ff:86:1a:55:27:a4:b7:15:74:52:56:3d:e2:b1: 0e:98:87:c5:bc:de:21:ac:60:fa:a0:f3:64:b4:37: 38:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:44:98:3E:E1:D5:D0:13:E1:12:B1:29:DD:37:29:55:4B:75:11:00 X509v3 Authority Key Identifier: keyid:8C:05:B3:64:FC:F3:19:CC:F5:3C:5F:2E:8C:63:42:90:AC:0E:B1:29 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jAWzZPzzGcz1PF8ujGNCkKwOsSk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/2d346b-8825-4681-94e3-98441607b228/1/KUSYPuHV0BPhErEp3TcpVUt1EQA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/2d346b-8825-4681-94e3-98441607b228/1/jAWzZPzzGcz1PF8ujGNCkKwOsSk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.60.76.0-185.60.78.255 192.109.198.0/24 193.29.3.0/24 IPv6: 2a04:5b40::/32 Signature Algorithm: sha256WithRSAEncryption 06:bb:51:05:c1:9a:5e:ac:04:45:f4:af:75:ee:8f:4f:45:88: 89:28:c0:c8:d9:a7:a9:da:67:2c:99:fe:a9:f0:0d:bf:a0:be: 2c:57:b4:77:09:ed:1e:56:cd:be:1b:89:31:f6:f5:ec:28:fd: d7:83:22:2b:6b:51:5e:61:e7:db:eb:e1:b3:da:d9:3a:61:b9: 58:10:b1:2b:2e:ac:5d:39:6c:e1:49:ff:22:30:d2:ea:14:cd: 30:e9:7f:cb:f6:40:6c:fd:7b:aa:79:53:bb:a6:fd:0c:b9:d0: 03:03:cf:56:ac:16:68:00:a6:aa:26:40:2a:f4:98:a5:68:90: 10:79:ac:17:0b:95:cc:3a:2f:e8:07:d4:f0:ae:81:84:fe:80: c2:1c:9f:64:ff:83:16:15:58:64:95:e7:f0:53:33:e8:8c:4b: 64:75:44:f0:d7:e7:43:be:ef:1d:94:66:52:77:8b:c6:1a:84: e0:7f:53:6c:64:e3:ef:2a:e7:83:bb:f3:54:a4:c3:20:b9:31: a9:08:dd:5a:79:96:fe:20:a0:db:a8:0a:28:e2:58:bf:5b:28: 92:1f:27:c2:ab:a3:34:2d:bb:55:c6:3b:6d:83:ca:5c:bf:35: e7:06:06:78:65:70:d1:70:25:fa:98:bc:b9:d9:3b:75:ba:55: 6e:5a:d8:ca -----BEGIN CERTIFICATE----- MIIFIDCCBAigAwIBAgISAZt6yNREMmEfj8cDoDcvZJWwMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDhjMDViMzY0ZmNmMzE5Y2NmNTNjNWYyZThjNjM0MjkwYWMw ZWIxMjkwHhcNMjYwMTAxMTgxOTAwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyOTQ0OTgzZWUxZDVkMDEzZTExMmIxMjlkZDM3Mjk1NTRiNzUxMTAwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt5JpqBXa6XilXcAVEoDSpYFuc/gu MHGzMpv90WjePN32BZi8zhUTy5iLf7CQLtHDq5XSs6KOAPaI+47cY5DxMyJPr3h9 Wv6rg1iGuZk9QqTJJVcSVvmbNWol9HHGRetWdQb69fmnpd8dK/05720zKTxcnQjZ RVsz3Aa73QFvqq9gSqM90pFfqMQAjb7KB9isYSD5R57nijQwfExXCY5tyxGvN8Jp Uk+imUf+O4VsOQzSA2SOaLWv2gJ2a4Jlch4rNsmSbggJfJCSlvBndaw0lbgMwQsI tu0z3rSqBKa9uU7z/4YaVSektxV0UlY94rEOmIfFvN4hrGD6oPNktDc4+wIDAQAB o4ICLDCCAigwHQYDVR0OBBYEFClEmD7h1dAT4RKxKd03KVVLdREAMB8GA1UdIwQY MBaAFIwFs2T88xnM9TxfLoxjQpCsDrEpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvakFXelpQenpHY3oxUEY4dWpHTkNrS3dPc1NrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi8yZDM0NmItODgyNS00NjgxLTk0ZTMt OTg0NDE2MDdiMjI4LzEvS1VTWVB1SFYwQlBoRXJFcDNUY3BWVXQxRVFBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Yi8yZDM0NmItODgyNS00NjgxLTk0ZTMtOTg0NDE2MDdiMjI4 LzEvakFXelpQenpHY3oxUEY4dWpHTkNrS3dPc1NrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaMAwDBAK5PEwD BAC5PE4DBADAbcYDBADBHQMwDQQCAAIwBwMFACoEW0AwDQYJKoZIhvcNAQELBQAD ggEBAAa7UQXBml6sBEX0r3Xuj09FiIkowMjZp6naZyyZ/qnwDb+gvixXtHcJ7R5W zb4biTH29ewo/deDIitrUV5h59vr4bPa2TphuVgQsSsurF05bOFJ/yIw0uoUzTDp f8v2QGz9e6p5U7um/Qy50AMDz1asFmgApqomQCr0mKVokBB5rBcLlcw6L+gH1PCu gYT+gMIcn2T/gxYVWGSV5/BTM+iMS2R1RPDX50O+7x2UZlJ3i8YahOB/U2xk4+8q 54O781SkwyC5MakI3Vp5lv4goNuoCijiWL9bKJIfJ8KrozQtu1XGO22Dyly/NecG BnhlcNFwJfqYvLnZO3W6VW5a2Mo= -----END CERTIFICATE-----Generated at Mon Jan 26 04:55:38 2026 by rpki-client