This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/5d7192-a719-4cd7-994a-62c01dc69cca/1/KO2DY0u9wdedPHwObsI7cPYbfFQ.roa File: KO2DY0u9wdedPHwObsI7cPYbfFQ.roa (raw, json) Hash identifier: chzNX5SpmlEt8RciW6ST6qYzL/lzzcsJcvqyYaAMbaQ= Subject key identifier: 28:ED:83:63:4B:BD:C1:D7:9D:3C:7C:0E:6E:C2:3B:70:F6:1B:7C:54 Certificate issuer: /CN=67ce179cbe13ddb14012985a067100ef98a55601 Certificate serial: 019B797EA8C3F9C82C2D750174639B27F5BC Authority key identifier: 67:CE:17:9C:BE:13:DD:B1:40:12:98:5A:06:71:00:EF:98:A5:56:01 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z84XnL4T3bFAEphaBnEA75ilVgE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/5d7192-a719-4cd7-994a-62c01dc69cca/1/KO2DY0u9wdedPHwObsI7cPYbfFQ.roa Signing time: Thu 01 Jan 2026 12:18:22 +0000 ROA not before: Thu 01 Jan 2026 12:18:22 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 51345 IP address blocks: 92.42.101.0/24 maxlen: 24 2a13:1c40::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/5d7192-a719-4cd7-994a-62c01dc69cca/1/Z84XnL4T3bFAEphaBnEA75ilVgE.crl rsync://rpki.ripe.net/repository/DEFAULT/6a/5d7192-a719-4cd7-994a-62c01dc69cca/1/Z84XnL4T3bFAEphaBnEA75ilVgE.mft rsync://rpki.ripe.net/repository/DEFAULT/Z84XnL4T3bFAEphaBnEA75ilVgE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 16:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7e:a8:c3:f9:c8:2c:2d:75:01:74:63:9b:27:f5:bc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=67ce179cbe13ddb14012985a067100ef98a55601 Validity Not Before: Jan 1 12:18:22 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=28ed83634bbdc1d79d3c7c0e6ec23b70f61b7c54 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:f8:1c:df:d5:44:5f:5f:ea:9a:0b:2b:fb:c6: 95:47:dd:e5:26:c0:df:59:8c:77:48:5d:7d:a7:25: 71:3a:0b:c2:63:00:11:ef:77:ce:01:0e:f5:b5:3d: c8:ba:8d:d7:e0:70:a4:1b:d4:e5:a3:cb:22:17:28: 19:f1:c5:b9:ff:2b:90:96:c2:ca:59:ef:72:0b:ae: c9:fc:e0:ca:58:e7:bc:f7:ff:68:2d:03:9b:4e:5b: 18:3e:e0:d3:f2:60:b7:da:2d:ef:18:a4:b3:3e:cd: 63:d0:f9:31:7e:aa:ce:5f:3d:a0:49:b4:6c:ba:d8: af:d8:ce:af:f8:10:31:c2:28:ad:4d:d9:c2:05:39: 97:55:85:a8:5e:a3:08:e3:58:27:c0:91:79:ac:9c: 8a:93:69:f2:04:9f:ae:41:db:4d:72:14:77:81:61: a8:a8:67:1a:a9:12:5b:71:09:1a:ac:38:30:89:dd: b1:32:47:1b:53:3b:25:0c:94:3b:b1:34:69:bc:12: e1:2f:da:c5:98:f0:82:1b:70:d5:a8:c0:13:0e:bb: 41:0f:16:d1:d3:a5:5c:72:b0:9a:ee:d1:65:22:07: ca:f8:ca:dd:60:65:e1:d1:b1:34:65:9e:bc:34:2e: e5:ab:6a:11:37:b0:0e:84:d6:62:c7:b0:c1:f1:67: 9b:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:ED:83:63:4B:BD:C1:D7:9D:3C:7C:0E:6E:C2:3B:70:F6:1B:7C:54 X509v3 Authority Key Identifier: keyid:67:CE:17:9C:BE:13:DD:B1:40:12:98:5A:06:71:00:EF:98:A5:56:01 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z84XnL4T3bFAEphaBnEA75ilVgE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/5d7192-a719-4cd7-994a-62c01dc69cca/1/KO2DY0u9wdedPHwObsI7cPYbfFQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/5d7192-a719-4cd7-994a-62c01dc69cca/1/Z84XnL4T3bFAEphaBnEA75ilVgE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 92.42.101.0/24 IPv6: 2a13:1c40::/32 Signature Algorithm: sha256WithRSAEncryption 4e:de:55:09:00:58:fe:91:83:e2:69:cc:c2:22:b1:f8:4a:66: 8a:a5:11:f2:67:90:bc:75:2d:72:12:7b:f9:30:5a:fa:03:5f: 3f:cd:7d:75:0c:73:d4:fb:39:bc:f1:85:4e:48:63:fc:40:f0: 63:07:f3:c8:73:a9:de:0b:12:60:db:a8:c9:2e:89:3d:64:26: 46:fe:36:63:da:33:88:12:72:f1:ca:4b:93:b2:de:22:52:19: e1:71:7e:38:95:8b:28:0f:c3:a0:b2:f4:19:2d:a3:a5:23:ca: 15:c6:5d:7b:27:de:1b:c1:07:78:23:25:fc:e8:f6:32:dc:97: f7:3b:b3:73:d7:23:e1:e4:0e:40:32:67:80:66:4d:fe:5f:27: 95:85:ee:cc:60:0d:73:c5:48:1d:42:19:2c:12:6b:ab:74:5e: ab:94:79:f0:7d:b3:09:2e:ec:87:41:62:3b:8a:dd:30:bc:19: b2:06:3b:17:40:12:5f:59:e3:f4:4e:22:7d:3f:c7:11:16:2b: 1c:6e:d7:2e:2d:4b:a2:90:f4:c8:ff:9a:57:71:f4:ae:2e:86: 9f:03:d0:0b:63:8a:11:d9:fd:33:50:41:07:02:a6:8a:ee:9c: 89:a7:72:d3:98:e0:97:73:40:71:33:cd:bf:99:de:a2:52:4b: 17:bd:51:ad -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt5fqjD+cgsLXUBdGObJ/W8MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY3Y2UxNzljYmUxM2RkYjE0MDEyOTg1YTA2NzEwMGVmOThh NTU2MDEwHhcNMjYwMTAxMTIxODIyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyOGVkODM2MzRiYmRjMWQ3OWQzYzdjMGU2ZWMyM2I3MGY2MWI3YzU0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm/gc39VEX1/qmgsr+8aVR93lJsDf WYx3SF19pyVxOgvCYwAR73fOAQ71tT3Iuo3X4HCkG9Tlo8siFygZ8cW5/yuQlsLK We9yC67J/ODKWOe89/9oLQObTlsYPuDT8mC32i3vGKSzPs1j0PkxfqrOXz2gSbRs utiv2M6v+BAxwiitTdnCBTmXVYWoXqMI41gnwJF5rJyKk2nyBJ+uQdtNchR3gWGo qGcaqRJbcQkarDgwid2xMkcbUzslDJQ7sTRpvBLhL9rFmPCCG3DVqMATDrtBDxbR 06VccrCa7tFlIgfK+MrdYGXh0bE0ZZ68NC7lq2oRN7AOhNZix7DB8WebQQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFCjtg2NLvcHXnTx8Dm7CO3D2G3xUMB8GA1UdIwQY MBaAFGfOF5y+E92xQBKYWgZxAO+YpVYBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWjg0WG5MNFQzYkZBRXBoYUJuRUE3NWlsVmdFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS81ZDcxOTItYTcxOS00Y2Q3LTk5NGEt NjJjMDFkYzY5Y2NhLzEvS08yRFkwdTl3ZGVkUEh3T2JzSTdjUFliZkZRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82YS81ZDcxOTItYTcxOS00Y2Q3LTk5NGEtNjJjMDFkYzY5Y2Nh LzEvWjg0WG5MNFQzYkZBRXBoYUJuRUE3NWlsVmdFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAXCplMA0E AgACMAcDBQAqExxAMA0GCSqGSIb3DQEBCwUAA4IBAQBO3lUJAFj+kYPiaczCIrH4 SmaKpRHyZ5C8dS1yEnv5MFr6A18/zX11DHPU+zm88YVOSGP8QPBjB/PIc6neCxJg 26jJLok9ZCZG/jZj2jOIEnLxykuTst4iUhnhcX44lYsoD8OgsvQZLaOlI8oVxl17 J94bwQd4IyX86PYy3Jf3O7Nz1yPh5A5AMmeAZk3+XyeVhe7MYA1zxUgdQhksEmur dF6rlHnwfbMJLuyHQWI7it0wvBmyBjsXQBJfWeP0TiJ9P8cRFiscbtcuLUuikPTI /5pXcfSuLoafA9ALY4oR2f0zUEEHAqaK7pyJp3LTmOCXc0BxM82/md6iUksXvVGt -----END CERTIFICATE-----Generated at Mon Jan 26 00:24:33 2026 by rpki-client