This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/kIsi_iESpzsRk8dHny5fopysRJQ.roa File: kIsi_iESpzsRk8dHny5fopysRJQ.roa (raw, json) Hash identifier: dDnGp8fWIlMUUv2OSZlAfuDJJe343h0p5pSFtpV/GEs= Subject key identifier: 90:8B:22:FE:21:12:A7:3B:11:93:C7:47:9F:2E:5F:A2:9C:AC:44:94 Certificate issuer: /CN=3af09ba33b5ae581b0d29323249314f76aa10511 Certificate serial: 019B7C800AD6DBD0B0C43A07B9CBD1ECDCB5 Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/kIsi_iESpzsRk8dHny5fopysRJQ.roa Signing time: Fri 02 Jan 2026 02:18:44 +0000 ROA not before: Fri 02 Jan 2026 02:18:44 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 12479 IP address blocks: 90.68.0.0/16 maxlen: 24 90.69.0.0/16 maxlen: 24 90.69.0.0/19 maxlen: 19 90.69.32.0/19 maxlen: 19 90.69.64.0/20 maxlen: 20 90.69.80.0/21 maxlen: 21 90.69.112.0/21 maxlen: 21 90.69.124.0/22 maxlen: 22 90.69.128.0/19 maxlen: 19 90.69.160.0/21 maxlen: 21 90.69.176.0/21 maxlen: 21 90.69.184.0/22 maxlen: 22 90.69.188.0/22 maxlen: 22 90.69.192.0/20 maxlen: 20 90.69.208.0/20 maxlen: 20 90.69.224.0/19 maxlen: 19 90.71.0.0/16 maxlen: 24 90.74.0.0/16 maxlen: 24 90.75.0.0/16 maxlen: 24 90.77.0.0/16 maxlen: 24 90.94.0.0/16 maxlen: 24 90.106.0.0/16 maxlen: 24 92.172.0.0/16 maxlen: 24 92.176.0.0/16 maxlen: 24 92.177.0.0/16 maxlen: 24 92.178.0.0/16 maxlen: 24 92.185.0.0/16 maxlen: 24 92.186.0.0/16 maxlen: 24 92.187.0.0/16 maxlen: 24 92.189.0.0/16 maxlen: 24 92.190.0.0/16 maxlen: 24 92.191.0.0/16 maxlen: 24 2a01:c500::/28 maxlen: 46 2a01:c500::/31 maxlen: 42 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.mft rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 09:00:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:80:0a:d6:db:d0:b0:c4:3a:07:b9:cb:d1:ec:dc:b5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511 Validity Not Before: Jan 2 02:18:44 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=908b22fe2112a73b1193c7479f2e5fa29cac4494 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:10:a0:89:0a:dc:64:a2:80:a2:bf:d0:d2:4d: af:d4:c6:29:35:2c:4e:e9:f7:b0:40:8c:81:33:c3: c0:d0:39:7e:16:18:fe:f1:d4:0e:03:96:53:76:54: 77:d7:d3:8b:07:c4:24:ab:6d:87:d4:96:e1:81:e9: da:c0:ff:96:f0:f0:57:e5:19:79:c0:0a:3e:6c:01: 48:2a:f4:de:68:3d:21:30:96:29:fd:05:33:1c:2f: f8:e5:be:b8:46:fd:9b:b9:85:ed:13:f1:f1:53:3b: ab:bb:4c:04:6d:ec:49:dc:56:6d:0a:28:3e:46:4c: f4:b3:1f:8f:a3:88:d1:a3:11:c7:73:77:35:20:4c: 9d:a4:9e:dd:ca:40:a5:db:97:9b:89:6b:37:ba:c7: 03:2f:d2:67:fc:bf:08:3a:61:f1:35:09:01:e4:d6: c5:63:8e:8c:b3:79:17:21:41:5e:fe:62:03:d5:ae: 7e:81:b2:9d:71:49:8b:d7:3f:a5:34:09:7e:0a:4a: 16:a4:f5:23:eb:15:27:87:4a:de:cf:64:5a:58:60: 58:09:36:f8:6c:ee:a0:55:8e:b9:3d:8f:0f:28:c3: 34:66:a4:db:aa:11:f2:9a:68:3e:23:44:49:50:b8: e4:ad:e5:8f:79:28:e6:68:15:61:68:13:f5:4c:7f: bb:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:8B:22:FE:21:12:A7:3B:11:93:C7:47:9F:2E:5F:A2:9C:AC:44:94 X509v3 Authority Key Identifier: keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/kIsi_iESpzsRk8dHny5fopysRJQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 90.68.0.0/15 90.71.0.0/16 90.74.0.0/15 90.77.0.0/16 90.94.0.0/16 90.106.0.0/16 92.172.0.0/16 92.176.0.0-92.178.255.255 92.185.0.0-92.187.255.255 92.189.0.0-92.191.255.255 IPv6: 2a01:c500::/28 Signature Algorithm: sha256WithRSAEncryption af:f0:08:b9:09:fc:4d:da:ab:8c:4d:7c:e1:22:0a:1d:79:82: 83:d2:85:2e:da:ec:a9:97:61:b4:72:a7:2c:33:30:8a:ec:47: 78:02:8a:94:4b:32:8b:fd:e6:6d:cc:25:b8:14:0b:db:99:5d: 4d:02:e2:48:14:a3:7b:7b:ff:d7:74:31:35:54:a3:ac:45:a8: 07:2a:20:3c:20:39:0e:01:73:c9:fb:22:2d:bd:b6:2c:b7:f1: 4a:b8:56:33:ef:34:9f:7a:c1:9d:8a:ef:6c:6b:6b:08:f0:26: 01:51:de:bc:08:e7:1f:c6:cd:c2:0c:b2:e4:95:5e:d2:25:e5: 50:52:57:89:15:82:96:56:1d:40:cd:79:2c:8b:46:38:6a:cc: 7a:c4:35:eb:a1:fd:c2:90:6d:fe:93:1a:f1:3a:f4:09:0e:55: 7d:28:b0:2e:27:b2:0d:dd:06:d1:aa:70:84:5a:25:96:77:bd: ad:09:7b:2a:96:54:9d:5b:3f:00:df:98:21:89:8f:b2:76:80: 98:e2:b6:cf:f3:07:cc:a8:2a:35:24:15:a7:1c:6c:8a:82:83: 01:66:ee:31:56:ff:d8:7c:54:87:41:30:91:67:84:ea:b8:6c: 47:08:97:30:fb:b5:bb:28:c7:03:ad:b7:d5:62:e7:a0:f3:25: 8b:88:06:a4 -----BEGIN CERTIFICATE----- MIIFTTCCBDWgAwIBAgISAZt8gArW29CwxDoHucvR7Ny1MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNhZjA5YmEzM2I1YWU1ODFiMGQyOTMyMzI0OTMxNGY3NmFh MTA1MTEwHhcNMjYwMTAyMDIxODQ0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5MDhiMjJmZTIxMTJhNzNiMTE5M2M3NDc5ZjJlNWZhMjljYWM0NDk0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsxCgiQrcZKKAor/Q0k2v1MYpNSxO 6fewQIyBM8PA0Dl+Fhj+8dQOA5ZTdlR319OLB8Qkq22H1JbhgenawP+W8PBX5Rl5 wAo+bAFIKvTeaD0hMJYp/QUzHC/45b64Rv2buYXtE/HxUzuru0wEbexJ3FZtCig+ Rkz0sx+Po4jRoxHHc3c1IEydpJ7dykCl25ebiWs3uscDL9Jn/L8IOmHxNQkB5NbF Y46Ms3kXIUFe/mID1a5+gbKdcUmL1z+lNAl+CkoWpPUj6xUnh0rez2RaWGBYCTb4 bO6gVY65PY8PKMM0ZqTbqhHymmg+I0RJULjkreWPeSjmaBVhaBP1TH+7wQIDAQAB o4ICWTCCAlUwHQYDVR0OBBYEFJCLIv4hEqc7EZPHR58uX6KcrESUMB8GA1UdIwQY MBaAFDrwm6M7WuWBsNKTIySTFPdqoQURMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQt NDU5MzVmNTA2YTEyLzEva0lzaV9pRVNwenNSazhkSG55NWZvcHlzUkpRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQtNDU5MzVmNTA2YTEy LzEvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjBNBAIAATBHAwMBWkQDAwBa RwMDAVpKAwMAWk0DAwBaXgMDAFpqAwMAXKwwCgMDBFywAwMAXLIwCgMDAFy5AwMC XLgwCgMDAFy9AwMGXIAwDQQCAAIwBwMFBCoBxQAwDQYJKoZIhvcNAQELBQADggEB AK/wCLkJ/E3aq4xNfOEiCh15goPShS7a7KmXYbRypywzMIrsR3gCipRLMov95m3M JbgUC9uZXU0C4kgUo3t7/9d0MTVUo6xFqAcqIDwgOQ4Bc8n7Ii29tiy38Uq4VjPv NJ96wZ2K72xrawjwJgFR3rwI5x/GzcIMsuSVXtIl5VBSV4kVgpZWHUDNeSyLRjhq zHrENeuh/cKQbf6TGvE69AkOVX0osC4nsg3dBtGqcIRaJZZ3va0JeyqWVJ1bPwDf mCGJj7J2gJjits/zB8yoKjUkFaccbIqCgwFm7jFW/9h8VIdBMJFnhOq4bEcIlzD7 tbsoxwOtt9Vi56DzJYuIBqQ= -----END CERTIFICATE-----Generated at Sun Jan 25 19:02:23 2026 by rpki-client