This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/dea149-4fb8-4978-a46b-33985db8047a/1/Kfl3pnk4WRj9Z0Qy6749dOLgU38.roa File: Kfl3pnk4WRj9Z0Qy6749dOLgU38.roa (raw, json) Hash identifier: W89Dd5nFnJf5pZ0zuNV80AiSYR5AN7HLCE+G+TMesdY= Subject key identifier: 29:F9:77:A6:79:38:59:18:FD:67:44:32:EB:BE:3D:74:E2:E0:53:7F Certificate issuer: /CN=a24cf90329c47ba343a66cd65d38833a357b5955 Certificate serial: 019B797EB9E307CB8C19C03D73DAE7518B82 Authority key identifier: A2:4C:F9:03:29:C4:7B:A3:43:A6:6C:D6:5D:38:83:3A:35:7B:59:55 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/okz5AynEe6NDpmzWXTiDOjV7WVU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/dea149-4fb8-4978-a46b-33985db8047a/1/Kfl3pnk4WRj9Z0Qy6749dOLgU38.roa Signing time: Thu 01 Jan 2026 12:18:26 +0000 ROA not before: Thu 01 Jan 2026 12:18:26 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 211482 IP address blocks: 185.217.28.0/24 maxlen: 24 185.217.29.0/24 maxlen: 24 185.217.31.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/dea149-4fb8-4978-a46b-33985db8047a/1/okz5AynEe6NDpmzWXTiDOjV7WVU.crl rsync://rpki.ripe.net/repository/DEFAULT/86/dea149-4fb8-4978-a46b-33985db8047a/1/okz5AynEe6NDpmzWXTiDOjV7WVU.mft rsync://rpki.ripe.net/repository/DEFAULT/okz5AynEe6NDpmzWXTiDOjV7WVU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 12:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7e:b9:e3:07:cb:8c:19:c0:3d:73:da:e7:51:8b:82 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a24cf90329c47ba343a66cd65d38833a357b5955 Validity Not Before: Jan 1 12:18:26 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=29f977a679385918fd674432ebbe3d74e2e0537f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:f0:50:11:c8:2c:ac:5b:6a:78:35:7b:7d:e1: d5:1b:ca:62:36:d1:23:9c:6a:8a:9a:d1:40:ef:a1: 81:41:d9:a4:bf:f1:da:e2:00:d2:1a:d2:ba:a8:33: 3c:df:3e:e0:77:24:d2:79:89:d7:34:e1:b1:c5:73: 1e:3c:48:fe:2f:bc:fe:db:dd:5f:a6:7f:03:f3:96: d5:4c:98:4e:8a:51:14:59:a6:36:b3:fd:bd:af:f2: 15:bd:25:8f:56:5f:48:5a:00:e5:63:ee:38:f8:20: f4:a4:7d:3f:89:4f:c8:1f:1e:1b:d1:77:eb:43:e5: b0:fd:d9:85:8a:5b:c3:3f:ab:53:fa:8a:9b:67:f1: 2c:93:56:f6:a3:dc:71:de:0e:e1:76:fc:60:7b:48: d8:75:46:80:2f:27:85:fc:55:bc:68:98:a9:70:87: ba:38:6a:ce:c1:a4:66:4d:1c:76:79:78:28:f4:8a: 96:58:40:99:8d:b4:bf:c7:fd:57:cb:78:cd:a8:08: 19:fb:61:20:91:4f:07:cc:24:ca:29:45:e7:bf:5d: e4:f8:37:b7:c4:93:82:75:9d:b5:7f:bd:7f:ee:cf: 43:b5:19:b3:99:4f:43:ba:2c:98:b1:f0:8b:50:ce: 44:b8:f2:58:68:67:26:7c:ab:be:ff:c0:5b:4f:3b: cf:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:F9:77:A6:79:38:59:18:FD:67:44:32:EB:BE:3D:74:E2:E0:53:7F X509v3 Authority Key Identifier: keyid:A2:4C:F9:03:29:C4:7B:A3:43:A6:6C:D6:5D:38:83:3A:35:7B:59:55 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/okz5AynEe6NDpmzWXTiDOjV7WVU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/dea149-4fb8-4978-a46b-33985db8047a/1/Kfl3pnk4WRj9Z0Qy6749dOLgU38.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/86/dea149-4fb8-4978-a46b-33985db8047a/1/okz5AynEe6NDpmzWXTiDOjV7WVU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.217.28.0/23 185.217.31.0/24 Signature Algorithm: sha256WithRSAEncryption 16:a7:03:90:d9:8f:eb:18:84:44:c9:ea:ab:63:9b:3e:0d:60: a6:b4:58:f3:4e:e1:0e:06:8f:1f:cd:25:96:33:82:2f:be:e7: 14:30:69:1a:3f:d1:c5:47:d1:d5:d5:78:a7:fa:a9:d5:85:a6: 15:15:ef:08:3c:2e:66:60:76:a4:13:7f:d4:46:ed:25:72:73: 4b:1c:95:d4:be:7f:8f:ab:5c:cb:2a:81:ea:e3:ce:1f:dc:68: 17:26:c3:68:e0:c2:7b:33:10:9c:2d:7d:af:d1:08:0a:ba:58: 83:85:61:79:04:96:39:74:13:8f:eb:66:c8:9c:f9:2e:47:6f: 4d:f1:93:8c:6d:3c:fa:e5:8a:b5:5f:31:84:87:78:1f:87:33: 8c:ca:72:e7:8c:e7:25:e4:e7:69:52:56:48:27:3b:e0:ac:5b: f1:75:15:71:a2:a4:8d:56:b6:bd:e2:35:c7:74:b8:bc:b0:78: a5:2e:37:cc:ba:c7:9a:52:66:c4:a6:52:6b:7b:c4:d4:69:46: 73:36:b4:69:d1:52:13:6b:fe:05:52:19:9a:fc:7b:da:04:62: dd:90:d6:66:47:ea:83:cc:7a:f5:ab:c9:89:58:a2:ab:cb:8d: 6d:f6:76:68:c0:bc:1d:1d:24:01:4b:1f:84:f1:b7:e1:b2:1f: 11:7d:f5:b1 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt5frnjB8uMGcA9c9rnUYuCMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEyNGNmOTAzMjljNDdiYTM0M2E2NmNkNjVkMzg4MzNhMzU3 YjU5NTUwHhcNMjYwMTAxMTIxODI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyOWY5NzdhNjc5Mzg1OTE4ZmQ2NzQ0MzJlYmJlM2Q3NGUyZTA1MzdmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlvBQEcgsrFtqeDV7feHVG8piNtEj nGqKmtFA76GBQdmkv/Ha4gDSGtK6qDM83z7gdyTSeYnXNOGxxXMePEj+L7z+291f pn8D85bVTJhOilEUWaY2s/29r/IVvSWPVl9IWgDlY+44+CD0pH0/iU/IHx4b0Xfr Q+Ww/dmFilvDP6tT+oqbZ/Esk1b2o9xx3g7hdvxge0jYdUaALyeF/FW8aJipcIe6 OGrOwaRmTRx2eXgo9IqWWECZjbS/x/1Xy3jNqAgZ+2EgkU8HzCTKKUXnv13k+De3 xJOCdZ21f71/7s9DtRmzmU9DuiyYsfCLUM5EuPJYaGcmfKu+/8BbTzvPZQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFCn5d6Z5OFkY/WdEMuu+PXTi4FN/MB8GA1UdIwQY MBaAFKJM+QMpxHujQ6Zs1l04gzo1e1lVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb2t6NUF5bkVlNk5EcG16V1hUaURPalY3V1ZVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni9kZWExNDktNGZiOC00OTc4LWE0NmIt MzM5ODVkYjgwNDdhLzEvS2ZsM3BuazRXUmo5WjBReTY3NDlkT0xnVTM4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Ni9kZWExNDktNGZiOC00OTc4LWE0NmItMzM5ODVkYjgwNDdh LzEvb2t6NUF5bkVlNk5EcG16V1hUaURPalY3V1ZVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBudkcAwQA udkfMA0GCSqGSIb3DQEBCwUAA4IBAQAWpwOQ2Y/rGIREyeqrY5s+DWCmtFjzTuEO Bo8fzSWWM4IvvucUMGkaP9HFR9HV1Xin+qnVhaYVFe8IPC5mYHakE3/URu0lcnNL HJXUvn+Pq1zLKoHq484f3GgXJsNo4MJ7MxCcLX2v0QgKuliDhWF5BJY5dBOP62bI nPkuR29N8ZOMbTz65Yq1XzGEh3gfhzOMynLnjOcl5OdpUlZIJzvgrFvxdRVxoqSN Vra94jXHdLi8sHilLjfMuseaUmbEplJre8TUaUZzNrRp0VITa/4FUhma/HvaBGLd kNZmR+qDzHr1q8mJWKKry41t9nZowLwdHSQBSx+E8bfhsh8RffWx -----END CERTIFICATE-----Generated at Sun Jan 25 22:47:46 2026 by rpki-client