This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/kGyEsCn19zoIZ3OpXCDKCkPYY1Q.roa File: kGyEsCn19zoIZ3OpXCDKCkPYY1Q.roa (raw, json) Hash identifier: X+y2Jd7yFczruWkZJreObIi24u/UfR4tlr84LgLHENM= Subject key identifier: 90:6C:84:B0:29:F5:F7:3A:08:67:73:A9:5C:20:CA:0A:43:D8:63:54 Certificate issuer: /CN=66de1d9dcdb25c1e532c5c9b69dfa757e306210e Certificate serial: 019B7A5A6B21427727D8C466D0CFCD716F69 Authority key identifier: 66:DE:1D:9D:CD:B2:5C:1E:53:2C:5C:9B:69:DF:A7:57:E3:06:21:0E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zt4dnc2yXB5TLFybad-nV-MGIQ4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/kGyEsCn19zoIZ3OpXCDKCkPYY1Q.roa Signing time: Thu 01 Jan 2026 16:18:24 +0000 ROA not before: Thu 01 Jan 2026 16:18:24 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 29075 IP address blocks: 45.10.224.0/23 maxlen: 23 45.10.226.0/24 maxlen: 24 45.94.124.0/22 maxlen: 22 45.94.128.0/22 maxlen: 22 45.94.128.0/23 maxlen: 23 45.94.130.0/23 maxlen: 23 85.118.32.0/19 maxlen: 19 91.109.176.0/20 maxlen: 20 128.204.224.0/20 maxlen: 20 141.255.144.0/20 maxlen: 20 178.20.48.0/21 maxlen: 21 185.10.252.0/22 maxlen: 24 185.10.252.0/24 maxlen: 24 185.10.254.0/24 maxlen: 24 185.10.255.0/24 maxlen: 24 185.118.0.0/22 maxlen: 22 185.123.24.0/22 maxlen: 22 185.177.180.0/22 maxlen: 22 188.121.224.0/19 maxlen: 19 188.121.227.0/24 maxlen: 24 212.85.144.0/20 maxlen: 20 2a00:1b88::/32 maxlen: 32 2a02:2178::/29 maxlen: 29 2a02:2178::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/Zt4dnc2yXB5TLFybad-nV-MGIQ4.crl rsync://rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/Zt4dnc2yXB5TLFybad-nV-MGIQ4.mft rsync://rpki.ripe.net/repository/DEFAULT/Zt4dnc2yXB5TLFybad-nV-MGIQ4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 16:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5a:6b:21:42:77:27:d8:c4:66:d0:cf:cd:71:6f:69 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=66de1d9dcdb25c1e532c5c9b69dfa757e306210e Validity Not Before: Jan 1 16:18:24 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=906c84b029f5f73a086773a95c20ca0a43d86354 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:07:db:0c:a0:0d:23:f3:e4:b8:81:3f:b8:2a: 73:05:ea:e1:3d:ad:a9:28:ef:ea:5e:08:a7:7a:82: 45:ad:8c:57:74:fd:c5:f9:f8:94:06:8f:a7:eb:a0: 1d:9e:08:00:06:14:27:5c:0d:96:15:43:5b:dd:d9: 0e:ad:b0:74:d3:07:92:5a:af:0e:bf:8d:29:b7:37: d5:03:4c:40:b9:96:fc:0c:6e:72:4b:5b:7a:57:72: 4d:4d:b6:40:ca:f3:ce:0f:25:47:ec:43:b0:3f:b3: 59:b5:5a:f1:48:b3:c7:ae:96:12:27:86:56:e4:5a: 9e:33:ae:17:03:9f:17:9a:d9:db:fc:d4:32:7d:22: f5:6a:d2:e9:4f:27:4d:98:87:ac:2c:6b:af:7c:d9: 64:85:fc:e8:08:6b:a5:f7:a3:c1:00:7b:2c:93:00: 8c:a7:94:80:ad:af:34:0c:a2:cd:2a:a8:ba:76:23: 2d:d5:40:53:a8:94:78:a8:87:62:c4:40:16:18:41: 8f:e8:fb:45:65:53:7a:01:57:b6:1f:3d:99:55:ac: f0:10:dd:bb:bc:1f:5a:4e:96:1e:32:14:f2:7b:a6: e3:5e:31:01:fd:5a:79:36:3b:f3:35:e8:05:41:5c: e8:16:93:bf:43:15:2c:59:2a:4b:48:0c:ce:28:3d: 91:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:6C:84:B0:29:F5:F7:3A:08:67:73:A9:5C:20:CA:0A:43:D8:63:54 X509v3 Authority Key Identifier: keyid:66:DE:1D:9D:CD:B2:5C:1E:53:2C:5C:9B:69:DF:A7:57:E3:06:21:0E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zt4dnc2yXB5TLFybad-nV-MGIQ4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/kGyEsCn19zoIZ3OpXCDKCkPYY1Q.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/Zt4dnc2yXB5TLFybad-nV-MGIQ4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.10.224.0-45.10.226.255 45.94.124.0-45.94.131.255 85.118.32.0/19 91.109.176.0/20 128.204.224.0/20 141.255.144.0/20 178.20.48.0/21 185.10.252.0/22 185.118.0.0/22 185.123.24.0/22 185.177.180.0/22 188.121.224.0/19 212.85.144.0/20 IPv6: 2a00:1b88::/32 2a02:2178::/29 Signature Algorithm: sha256WithRSAEncryption 84:6b:57:e9:74:38:c8:65:91:ca:19:96:58:42:62:40:66:2a: 20:89:0a:eb:10:fc:88:d0:87:61:ce:f5:2b:c8:ad:c2:41:a0: 90:49:62:70:f1:c9:9a:f9:f5:46:4a:af:d8:82:02:5c:21:31: bc:78:1e:44:fe:44:b3:e8:11:8e:e3:d6:ec:e7:c7:8b:96:9a: 33:b1:de:7b:f6:94:dd:0a:0f:47:4c:65:27:15:6c:22:c5:af: f2:d4:b9:31:9c:ee:dd:78:b3:e6:2a:6a:45:91:f9:65:fc:9c: b3:6a:2c:47:8c:63:6c:29:47:65:2c:72:08:be:c8:d8:cb:0b: 22:d8:8b:35:60:52:85:60:54:3a:be:de:ba:bd:31:d3:08:67: 94:50:a0:d5:c0:66:b1:56:6d:00:20:4a:56:b6:e2:18:50:07: 98:bc:93:8b:4f:c2:5e:45:fe:18:e2:7d:26:f1:f4:cb:54:6b: c0:85:d8:f9:96:f5:d1:97:76:d5:fe:53:3c:4b:bb:0f:b1:13: 16:58:60:f4:2d:74:d1:73:80:b6:02:09:46:e7:a0:8c:b6:fe: 04:d2:3b:0c:b2:f7:b3:34:5f:3e:44:17:a4:c2:6d:90:c5:25: ba:c4:19:ec:01:e9:98:9a:ae:3b:92:17:88:79:4c:b1:f7:2c: 14:48:47:1b -----BEGIN CERTIFICATE----- MIIFbDCCBFSgAwIBAgISAZt6WmshQncn2MRm0M/NcW9pMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY2ZGUxZDlkY2RiMjVjMWU1MzJjNWM5YjY5ZGZhNzU3ZTMw NjIxMGUwHhcNMjYwMTAxMTYxODI0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5MDZjODRiMDI5ZjVmNzNhMDg2NzczYTk1YzIwY2EwYTQzZDg2MzU0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1wfbDKANI/PkuIE/uCpzBerhPa2p KO/qXgineoJFrYxXdP3F+fiUBo+n66AdnggABhQnXA2WFUNb3dkOrbB00weSWq8O v40ptzfVA0xAuZb8DG5yS1t6V3JNTbZAyvPODyVH7EOwP7NZtVrxSLPHrpYSJ4ZW 5FqeM64XA58Xmtnb/NQyfSL1atLpTydNmIesLGuvfNlkhfzoCGul96PBAHsskwCM p5SAra80DKLNKqi6diMt1UBTqJR4qIdixEAWGEGP6PtFZVN6AVe2Hz2ZVazwEN27 vB9aTpYeMhTye6bjXjEB/Vp5NjvzNegFQVzoFpO/QxUsWSpLSAzOKD2RsQIDAQAB o4ICeDCCAnQwHQYDVR0OBBYEFJBshLAp9fc6CGdzqVwgygpD2GNUMB8GA1UdIwQY MBaAFGbeHZ3NslweUyxcm2nfp1fjBiEOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWnQ0ZG5jMnlYQjVUTEZ5YmFkLW5WLU1HSVE0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC82MGZjZmUtN2IyYy00NjcyLWJjMmYt NDA0Nzk4NzA5NzZlLzEva0d5RXNDbjE5em9JWjNPcFhDREtDa1BZWTFRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82NC82MGZjZmUtN2IyYy00NjcyLWJjMmYtNDA0Nzk4NzA5NzZl LzEvWnQ0ZG5jMnlYQjVUTEZ5YmFkLW5WLU1HSVE0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIGNBggrBgEFBQcBBwEB/wR+MHwwZAQCAAEwXjAMAwQFLQrg AwQALQriMAwDBAItXnwDBAItXoADBAVVdiADBARbbbADBASAzOADBASN/5ADBAOy FDADBAK5CvwDBAK5dgADBAK5exgDBAK5sbQDBAW8eeADBATUVZAwFAQCAAIwDgMF ACoAG4gDBQMqAiF4MA0GCSqGSIb3DQEBCwUAA4IBAQCEa1fpdDjIZZHKGZZYQmJA ZiogiQrrEPyI0IdhzvUryK3CQaCQSWJw8cma+fVGSq/YggJcITG8eB5E/kSz6BGO 49bs58eLlpozsd579pTdCg9HTGUnFWwixa/y1LkxnO7deLPmKmpFkfll/JyzaixH jGNsKUdlLHIIvsjYywsi2Is1YFKFYFQ6vt66vTHTCGeUUKDVwGaxVm0AIEpWtuIY UAeYvJOLT8JeRf4Y4n0m8fTLVGvAhdj5lvXRl3bV/lM8S7sPsRMWWGD0LXTRc4C2 AglG56CMtv4E0jsMsvezNF8+RBekwm2QxSW6xBnsAemYmq47kheIeUyx9ywUSEcb -----END CERTIFICATE-----Generated at Sun Jan 25 23:48:46 2026 by rpki-client