This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/9cbb06-b4da-4c94-b418-4b081cc2b39a/1/ksaatSaKxA-y0WXvpifwAI5WkmY.roa File: ksaatSaKxA-y0WXvpifwAI5WkmY.roa (raw, json) Hash identifier: FBqVdV7XXAfAEJJwTss1e7NjG8kEmROWtZrVwbWVdUo= Subject key identifier: 92:C6:9A:B5:26:8A:C4:0F:B2:D1:65:EF:A6:27:F0:00:8E:56:92:66 Certificate issuer: /CN=43e0a364131841056d48b2d788ea00ca4b91db56 Certificate serial: 019B79ECC0BCC2B532EA7F81F88825550D55 Authority key identifier: 43:E0:A3:64:13:18:41:05:6D:48:B2:D7:88:EA:00:CA:4B:91:DB:56 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q-CjZBMYQQVtSLLXiOoAykuR21Y.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/9cbb06-b4da-4c94-b418-4b081cc2b39a/1/ksaatSaKxA-y0WXvpifwAI5WkmY.roa Signing time: Thu 01 Jan 2026 14:18:37 +0000 ROA not before: Thu 01 Jan 2026 14:18:37 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 48254 IP address blocks: 45.8.224.0/24 maxlen: 24 45.8.225.0/24 maxlen: 24 45.8.226.0/24 maxlen: 24 45.8.227.0/24 maxlen: 24 46.247.89.0/24 maxlen: 24 46.247.90.0/24 maxlen: 24 46.247.91.0/24 maxlen: 24 185.146.164.0/24 maxlen: 24 185.146.165.0/24 maxlen: 24 185.146.166.0/24 maxlen: 24 185.146.167.0/24 maxlen: 24 185.151.28.0/24 maxlen: 24 185.151.29.0/24 maxlen: 24 185.151.30.0/24 maxlen: 24 185.151.31.0/24 maxlen: 24 193.176.16.0/24 maxlen: 24 193.176.17.0/24 maxlen: 24 194.38.52.0/24 maxlen: 24 194.38.53.0/24 maxlen: 24 194.38.54.0/24 maxlen: 24 2a07:7800::/29 maxlen: 48 2a07:7800::/48 maxlen: 48 2a07:7800:1::/48 maxlen: 48 2a07:7800:2::/48 maxlen: 48 2a07:7800:3::/48 maxlen: 48 2a07:7800:4::/48 maxlen: 48 2a07:7800:5::/48 maxlen: 48 2a07:7800:6::/48 maxlen: 48 2a07:7800:7::/48 maxlen: 48 2a07:7800:8::/48 maxlen: 48 2a07:7800:9::/48 maxlen: 48 2a07:7800:10::/48 maxlen: 48 2a07:7800:11::/48 maxlen: 48 2a07:7800:12::/48 maxlen: 48 2a07:7800:13::/48 maxlen: 48 2a07:7800:14::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7f/9cbb06-b4da-4c94-b418-4b081cc2b39a/1/Q-CjZBMYQQVtSLLXiOoAykuR21Y.crl rsync://rpki.ripe.net/repository/DEFAULT/7f/9cbb06-b4da-4c94-b418-4b081cc2b39a/1/Q-CjZBMYQQVtSLLXiOoAykuR21Y.mft rsync://rpki.ripe.net/repository/DEFAULT/Q-CjZBMYQQVtSLLXiOoAykuR21Y.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:ec:c0:bc:c2:b5:32:ea:7f:81:f8:88:25:55:0d:55 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=43e0a364131841056d48b2d788ea00ca4b91db56 Validity Not Before: Jan 1 14:18:37 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=92c69ab5268ac40fb2d165efa627f0008e569266 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:df:8f:20:77:20:28:92:a8:95:4d:e7:c0:69: c8:e3:fd:df:44:66:41:98:e4:12:1c:bb:9d:ce:48: 07:c6:c4:54:bc:8d:49:34:e8:91:f6:0b:ac:cf:4b: 2c:17:47:9e:2e:84:e2:30:a9:b7:d0:e8:8c:b0:4d: 3a:56:20:58:4b:d9:49:6e:5d:6b:14:7f:25:4b:7e: 6f:e3:c4:94:36:6d:8a:94:0b:1f:c6:81:ef:ee:2f: 96:b8:8e:bd:14:38:f0:12:c2:87:5b:bc:98:0a:98: 13:5f:bb:bd:23:2f:98:cc:37:7e:c6:69:76:47:d9: b8:e6:00:7b:0c:0d:80:d1:ec:07:c2:db:cd:e4:56: 50:d9:d5:d9:5c:85:b0:d3:3c:3b:60:08:5e:5d:06: e5:40:00:5d:89:a3:f8:f0:7b:4e:8b:bb:aa:12:e9: 36:a8:b2:d8:d2:c8:6f:07:1d:d1:66:40:89:10:f9: 40:58:6b:be:85:eb:8b:9e:c5:9c:7c:21:51:d1:b6: 50:23:ee:69:e7:fd:81:20:2e:69:b7:39:75:e1:c8: 8e:1d:c3:06:a5:04:da:04:a0:12:51:06:17:4f:d3: 21:9b:73:06:c4:bc:f6:10:1d:a5:cf:e2:a6:78:78: 0c:11:41:b4:7b:92:86:2a:21:dd:93:8e:b3:d8:ba: 1b:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 92:C6:9A:B5:26:8A:C4:0F:B2:D1:65:EF:A6:27:F0:00:8E:56:92:66 X509v3 Authority Key Identifier: keyid:43:E0:A3:64:13:18:41:05:6D:48:B2:D7:88:EA:00:CA:4B:91:DB:56 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q-CjZBMYQQVtSLLXiOoAykuR21Y.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/9cbb06-b4da-4c94-b418-4b081cc2b39a/1/ksaatSaKxA-y0WXvpifwAI5WkmY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/9cbb06-b4da-4c94-b418-4b081cc2b39a/1/Q-CjZBMYQQVtSLLXiOoAykuR21Y.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.8.224.0/22 46.247.89.0-46.247.91.255 185.146.164.0/22 185.151.28.0/22 193.176.16.0/23 194.38.52.0-194.38.54.255 IPv6: 2a07:7800::/29 Signature Algorithm: sha256WithRSAEncryption 3a:07:1d:cb:46:b5:a7:62:35:4c:e2:25:98:c7:51:13:95:fe: 45:2c:f2:22:de:17:65:36:7d:30:e0:f5:61:33:ee:21:04:85: a2:30:3d:a8:b9:9c:49:0a:c1:9f:02:c3:a0:ec:23:30:3f:4c: 21:6f:80:5c:7d:d7:33:56:57:23:47:ad:8e:ef:e3:5d:ce:29: fc:99:bb:43:60:18:2b:00:41:c6:2b:21:62:73:9a:b6:81:ea: b1:3d:49:03:c6:a2:7d:16:59:a5:fd:14:78:06:ab:60:3a:bd: b1:d3:c9:69:5c:1f:0c:01:12:5a:d8:e3:12:b8:79:4b:88:38: b5:2e:61:f1:63:71:2f:87:d5:60:6b:b1:ec:c6:c3:08:ef:f0: 0d:44:b3:c9:13:c0:07:df:54:9d:55:03:eb:02:40:d0:a0:80: b3:3a:32:32:17:44:f2:95:11:ed:e5:31:d3:da:09:84:8e:85: 65:8f:7d:b2:5e:42:04:c0:2a:ed:16:b9:b0:c1:7d:94:68:3c: 22:f2:0e:2f:d9:1e:46:73:53:87:5c:0c:83:4b:8e:b0:44:79: d0:3b:3e:b8:c8:9a:0e:3a:7f:3b:c9:40:75:37:40:08:4c:fa: 26:c6:2f:54:ce:c4:47:c4:d2:12:26:4b:5a:8a:27:f3:68:dc: ec:08:bb:d6 -----BEGIN CERTIFICATE----- MIIFOjCCBCKgAwIBAgISAZt57MC8wrUy6n+B+IglVQ1VMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQzZTBhMzY0MTMxODQxMDU2ZDQ4YjJkNzg4ZWEwMGNhNGI5 MWRiNTYwHhcNMjYwMTAxMTQxODM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5MmM2OWFiNTI2OGFjNDBmYjJkMTY1ZWZhNjI3ZjAwMDhlNTY5MjY2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA09+PIHcgKJKolU3nwGnI4/3fRGZB mOQSHLudzkgHxsRUvI1JNOiR9gusz0ssF0eeLoTiMKm30OiMsE06ViBYS9lJbl1r FH8lS35v48SUNm2KlAsfxoHv7i+WuI69FDjwEsKHW7yYCpgTX7u9Iy+YzDd+xml2 R9m45gB7DA2A0ewHwtvN5FZQ2dXZXIWw0zw7YAheXQblQABdiaP48HtOi7uqEuk2 qLLY0shvBx3RZkCJEPlAWGu+heuLnsWcfCFR0bZQI+5p5/2BIC5ptzl14ciOHcMG pQTaBKASUQYXT9Mhm3MGxLz2EB2lz+KmeHgMEUG0e5KGKiHdk46z2LobBQIDAQAB o4ICRjCCAkIwHQYDVR0OBBYEFJLGmrUmisQPstFl76Yn8ACOVpJmMB8GA1UdIwQY MBaAFEPgo2QTGEEFbUiy14jqAMpLkdtWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUS1DalpCTVlRUVZ0U0xMWGlPb0F5a3VSMjFZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi85Y2JiMDYtYjRkYS00Yzk0LWI0MTgt NGIwODFjYzJiMzlhLzEva3NhYXRTYUt4QS15MFdYdnBpZndBSTVXa21ZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83Zi85Y2JiMDYtYjRkYS00Yzk0LWI0MTgtNGIwODFjYzJiMzlh LzEvUS1DalpCTVlRUVZ0U0xMWGlPb0F5a3VSMjFZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMFwGCCsGAQUFBwEHAQH/BE0wSzA6BAIAATA0AwQCLQjgMAwD BAAu91kDBAIu91gDBAK5kqQDBAK5lxwDBAHBsBAwDAMEAsImNAMEAMImNjANBAIA AjAHAwUDKgd4ADANBgkqhkiG9w0BAQsFAAOCAQEAOgcdy0a1p2I1TOIlmMdRE5X+ RSzyIt4XZTZ9MOD1YTPuIQSFojA9qLmcSQrBnwLDoOwjMD9MIW+AXH3XM1ZXI0et ju/jXc4p/Jm7Q2AYKwBBxishYnOatoHqsT1JA8aifRZZpf0UeAarYDq9sdPJaVwf DAESWtjjErh5S4g4tS5h8WNxL4fVYGux7MbDCO/wDUSzyRPAB99UnVUD6wJA0KCA szoyMhdE8pUR7eUx09oJhI6FZY99sl5CBMAq7Ra5sMF9lGg8IvIOL9keRnNTh1wM g0uOsER50Ds+uMiaDjp/O8lAdTdACEz6JsYvVM7ER8TSEiZLWoon82jc7Ai71g== -----END CERTIFICATE-----Generated at Sun Jan 25 20:01:15 2026 by rpki-client