This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/479d06-9e84-4f76-8ae0-131d2916488c/1/kLdDobJoxiNwKp38C_JI5bwS1zU.roa File: kLdDobJoxiNwKp38C_JI5bwS1zU.roa (raw, json) Hash identifier: VUMgAlXcluXyqh/hX30Gkvrxy0BLwOOcuTnXgqsUDvk= Subject key identifier: 90:B7:43:A1:B2:68:C6:23:70:2A:9D:FC:0B:F2:48:E5:BC:12:D7:35 Certificate issuer: /CN=54e5d6917dc2dabfb5caf907c3e745149502c90e Certificate serial: 019B7DCB1BA58F29048803F3E0F0D376BEF6 Authority key identifier: 54:E5:D6:91:7D:C2:DA:BF:B5:CA:F9:07:C3:E7:45:14:95:02:C9:0E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VOXWkX3C2r-1yvkHw-dFFJUCyQ4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/479d06-9e84-4f76-8ae0-131d2916488c/1/kLdDobJoxiNwKp38C_JI5bwS1zU.roa Signing time: Fri 02 Jan 2026 08:20:21 +0000 ROA not before: Fri 02 Jan 2026 08:20:21 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 204440 IP address blocks: 185.248.248.0/23 maxlen: 24 185.248.248.0/24 maxlen: 24 185.248.249.0/24 maxlen: 24 185.248.250.0/24 maxlen: 24 185.248.251.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/81/479d06-9e84-4f76-8ae0-131d2916488c/1/VOXWkX3C2r-1yvkHw-dFFJUCyQ4.crl rsync://rpki.ripe.net/repository/DEFAULT/81/479d06-9e84-4f76-8ae0-131d2916488c/1/VOXWkX3C2r-1yvkHw-dFFJUCyQ4.mft rsync://rpki.ripe.net/repository/DEFAULT/VOXWkX3C2r-1yvkHw-dFFJUCyQ4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:cb:1b:a5:8f:29:04:88:03:f3:e0:f0:d3:76:be:f6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=54e5d6917dc2dabfb5caf907c3e745149502c90e Validity Not Before: Jan 2 08:20:21 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=90b743a1b268c623702a9dfc0bf248e5bc12d735 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:2a:0d:ef:62:0b:43:1f:9d:55:1d:f8:c8:a9: 82:b3:51:be:80:43:4a:d0:1e:94:ac:9b:26:2d:5c: 55:28:d2:6b:25:f4:2e:9a:5d:73:4d:8a:a7:b2:0a: ff:52:69:34:c3:9d:f6:05:97:9e:dd:8e:1a:c6:93: 24:ce:79:eb:45:1b:91:01:5a:2d:89:a6:92:4a:63: 32:03:8f:f5:a4:1b:69:02:f6:76:88:bd:53:e0:3d: 49:74:37:a9:c2:c6:ca:c0:3c:73:35:7e:6b:ac:09: 9e:fe:65:c7:0e:c8:46:82:2e:e2:22:b6:4d:9b:22: 45:ec:fd:42:23:5a:ac:3a:a7:5d:ae:82:97:11:09: 56:85:0d:96:c8:da:8f:9f:18:20:95:07:5f:a2:37: 45:0a:06:ea:1c:90:1d:8e:9d:ee:1d:e8:02:82:9a: 91:52:25:86:56:96:04:40:2f:5e:8b:29:78:b9:2c: e4:ac:7a:e0:60:54:43:3a:0f:12:23:27:04:67:e3: c4:05:b1:ea:c0:a1:75:d2:c2:62:c5:3f:85:d3:32: 2a:01:5a:bb:c3:60:5d:18:f8:f0:9e:34:9e:70:33: 42:82:0b:f1:66:79:a5:b4:b3:20:1b:e8:35:4b:7a: 4c:ac:8b:07:59:40:36:4e:fe:81:b7:31:d7:09:97: 41:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:B7:43:A1:B2:68:C6:23:70:2A:9D:FC:0B:F2:48:E5:BC:12:D7:35 X509v3 Authority Key Identifier: keyid:54:E5:D6:91:7D:C2:DA:BF:B5:CA:F9:07:C3:E7:45:14:95:02:C9:0E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VOXWkX3C2r-1yvkHw-dFFJUCyQ4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/479d06-9e84-4f76-8ae0-131d2916488c/1/kLdDobJoxiNwKp38C_JI5bwS1zU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/81/479d06-9e84-4f76-8ae0-131d2916488c/1/VOXWkX3C2r-1yvkHw-dFFJUCyQ4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.248.248.0/22 Signature Algorithm: sha256WithRSAEncryption bf:29:bc:bd:26:1b:f7:e7:e2:cc:23:f8:71:f9:ff:a3:02:52: 05:c4:6f:85:5b:b5:ae:4e:57:c6:94:69:44:c9:b2:74:7a:84: 07:ef:da:1f:42:6e:29:56:90:b3:93:f6:26:a4:37:38:82:e5: 59:42:3c:8f:82:19:76:8c:23:ab:13:00:19:d3:e2:b4:e4:6a: b5:71:27:3a:14:e0:c6:b0:6b:09:59:50:e8:aa:93:e4:66:6e: 8d:42:e4:81:69:bb:35:d8:fa:ed:29:2e:0e:a6:7e:46:a8:07: 19:8e:3b:2e:a4:31:60:5b:a9:b9:1a:b3:5a:a3:fd:2a:07:43: 7a:55:90:ca:fc:2f:c9:67:ee:3c:6e:9e:76:5c:13:66:46:56: 11:fe:9a:7b:5a:77:b1:ed:aa:f0:4e:3a:22:dd:c9:9a:5e:28: 37:fa:80:dc:ce:48:ef:b5:f6:ea:47:e6:94:76:8a:27:cd:2d: 57:66:f3:6e:50:bd:fe:9e:7c:38:83:ae:b4:0d:ea:4c:97:21: 32:4a:a7:fd:10:1b:14:02:d7:e3:02:23:8a:3c:d0:8a:69:4c: aa:48:aa:81:10:53:d9:8b:ba:a9:03:60:3b:96:d5:18:77:bb: 18:b4:db:63:45:31:78:b7:95:02:11:f3:84:d2:dd:1c:54:41: 60:8c:f5:44 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt9yxuljykEiAPz4PDTdr72MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDU0ZTVkNjkxN2RjMmRhYmZiNWNhZjkwN2MzZTc0NTE0OTUw MmM5MGUwHhcNMjYwMTAyMDgyMDIxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5MGI3NDNhMWIyNjhjNjIzNzAyYTlkZmMwYmYyNDhlNWJjMTJkNzM1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4yoN72ILQx+dVR34yKmCs1G+gENK 0B6UrJsmLVxVKNJrJfQuml1zTYqnsgr/Umk0w532BZee3Y4axpMkznnrRRuRAVot iaaSSmMyA4/1pBtpAvZ2iL1T4D1JdDepwsbKwDxzNX5rrAme/mXHDshGgi7iIrZN myJF7P1CI1qsOqddroKXEQlWhQ2WyNqPnxgglQdfojdFCgbqHJAdjp3uHegCgpqR UiWGVpYEQC9eiyl4uSzkrHrgYFRDOg8SIycEZ+PEBbHqwKF10sJixT+F0zIqAVq7 w2BdGPjwnjSecDNCggvxZnmltLMgG+g1S3pMrIsHWUA2Tv6BtzHXCZdBHQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFJC3Q6GyaMYjcCqd/AvySOW8Etc1MB8GA1UdIwQY MBaAFFTl1pF9wtq/tcr5B8PnRRSVAskOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVk9YV2tYM0Myci0xeXZrSHctZEZGSlVDeVE0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS80NzlkMDYtOWU4NC00Zjc2LThhZTAt MTMxZDI5MTY0ODhjLzEva0xkRG9iSm94aU53S3AzOENfSkk1YndTMXpVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84MS80NzlkMDYtOWU4NC00Zjc2LThhZTAtMTMxZDI5MTY0ODhj LzEvVk9YV2tYM0Myci0xeXZrSHctZEZGSlVDeVE0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCufj4MA0G CSqGSIb3DQEBCwUAA4IBAQC/Kby9Jhv35+LMI/hx+f+jAlIFxG+FW7WuTlfGlGlE ybJ0eoQH79ofQm4pVpCzk/YmpDc4guVZQjyPghl2jCOrEwAZ0+K05Gq1cSc6FODG sGsJWVDoqpPkZm6NQuSBabs12PrtKS4Opn5GqAcZjjsupDFgW6m5GrNao/0qB0N6 VZDK/C/JZ+48bp52XBNmRlYR/pp7Wnex7arwTjoi3cmaXig3+oDczkjvtfbqR+aU doonzS1XZvNuUL3+nnw4g660DepMlyEySqf9EBsUAtfjAiOKPNCKaUyqSKqBEFPZ i7qpA2A7ltUYd7sYtNtjRTF4t5UCEfOE0t0cVEFgjPVE -----END CERTIFICATE-----Generated at Sun Jan 25 16:28:29 2026 by rpki-client