This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/ab7f0d-dd30-48df-bb0c-85b26b3ed983/1/knDMH2cT6X9zpZOHV6KWJKXM32g.roa File: knDMH2cT6X9zpZOHV6KWJKXM32g.roa (raw, json) Hash identifier: arPSRktl1sXhku4kqnqqJyXzy3Zxw9oz2dPJBl2xgrs= Subject key identifier: 92:70:CC:1F:67:13:E9:7F:73:A5:93:87:57:A2:96:24:A5:CC:DF:68 Certificate issuer: /CN=6b4137c95719de3b0651e44ad0683501ae67eb88 Certificate serial: 019B78A3442F88A43508A08A258D552EE380 Authority key identifier: 6B:41:37:C9:57:19:DE:3B:06:51:E4:4A:D0:68:35:01:AE:67:EB:88 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a0E3yVcZ3jsGUeRK0Gg1Aa5n64g.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/ab7f0d-dd30-48df-bb0c-85b26b3ed983/1/knDMH2cT6X9zpZOHV6KWJKXM32g.roa Signing time: Thu 01 Jan 2026 08:18:44 +0000 ROA not before: Thu 01 Jan 2026 08:18:44 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 273163 IP address blocks: 185.240.212.0/23 maxlen: 23 185.240.212.0/24 maxlen: 24 185.240.213.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/ab7f0d-dd30-48df-bb0c-85b26b3ed983/1/a0E3yVcZ3jsGUeRK0Gg1Aa5n64g.crl rsync://rpki.ripe.net/repository/DEFAULT/92/ab7f0d-dd30-48df-bb0c-85b26b3ed983/1/a0E3yVcZ3jsGUeRK0Gg1Aa5n64g.mft rsync://rpki.ripe.net/repository/DEFAULT/a0E3yVcZ3jsGUeRK0Gg1Aa5n64g.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 16:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a3:44:2f:88:a4:35:08:a0:8a:25:8d:55:2e:e3:80 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6b4137c95719de3b0651e44ad0683501ae67eb88 Validity Not Before: Jan 1 08:18:44 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=9270cc1f6713e97f73a5938757a29624a5ccdf68 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8f:29:55:41:d0:e0:ff:03:93:8e:52:23:77:e5: 13:bd:ad:e3:c0:38:fd:5e:6a:26:92:96:d0:41:ed: da:23:34:09:57:db:2e:28:37:c2:9b:26:b5:45:bc: 45:c6:19:e7:5f:e4:e4:70:d3:20:f5:ed:bc:55:f5: e7:cf:da:c0:99:a2:42:4b:61:3c:7e:75:4a:8d:54: af:63:13:dc:59:9b:b5:61:ec:86:74:44:69:0b:ef: db:43:e6:2b:93:a9:29:ac:ed:ca:74:ee:86:f2:98: 38:fa:1f:e0:ac:da:fa:4d:84:9f:19:eb:c9:eb:7e: 08:30:93:6b:53:41:66:43:91:1d:ef:07:f1:a2:c9: 81:fd:d3:25:c7:cb:1f:6f:e7:7c:a5:04:b0:47:9b: 0e:b3:c6:16:63:33:9e:c3:ba:74:7a:7c:cd:88:13: 8b:f9:df:de:37:5c:05:47:55:9d:5b:f0:4c:eb:29: e2:08:83:95:e7:21:cd:5e:9b:87:9d:25:19:1e:07: 38:fb:aa:03:7e:ff:20:57:e5:34:04:6b:f8:0c:37: b7:99:a1:84:44:03:d6:ae:f2:a6:71:4e:9e:25:af: 8f:bd:e8:19:e4:ec:25:00:0c:fc:2f:7f:91:90:ae: 1f:f2:22:bd:aa:6c:b5:43:7d:4f:75:cc:60:1b:14: 23:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 92:70:CC:1F:67:13:E9:7F:73:A5:93:87:57:A2:96:24:A5:CC:DF:68 X509v3 Authority Key Identifier: keyid:6B:41:37:C9:57:19:DE:3B:06:51:E4:4A:D0:68:35:01:AE:67:EB:88 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0E3yVcZ3jsGUeRK0Gg1Aa5n64g.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/ab7f0d-dd30-48df-bb0c-85b26b3ed983/1/knDMH2cT6X9zpZOHV6KWJKXM32g.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/92/ab7f0d-dd30-48df-bb0c-85b26b3ed983/1/a0E3yVcZ3jsGUeRK0Gg1Aa5n64g.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.240.212.0/23 Signature Algorithm: sha256WithRSAEncryption 25:e3:55:04:2f:c7:b6:12:ec:74:ad:9f:cb:14:e8:bd:83:ec: 40:53:ba:51:e8:1a:9e:aa:7b:aa:92:f2:c4:4b:e7:bf:7e:3d: 8b:8b:a6:b7:fa:a1:00:05:c6:1d:b8:2f:30:2b:17:8c:d4:14: 31:b7:df:e7:32:d1:dd:3e:c0:1e:98:6e:37:48:31:90:79:be: 1f:f6:6c:de:57:98:ec:80:29:aa:90:ba:a0:87:99:a2:73:e5: 44:13:12:d7:ff:a2:00:bc:62:45:a7:31:b0:4e:ec:cc:66:8e: ad:d5:35:79:e7:90:ce:8a:0e:f3:19:50:7f:b4:77:90:eb:12: bc:df:28:48:b6:8b:a3:f4:84:6f:31:42:9a:77:52:83:39:0b: 8c:23:f5:5d:24:68:00:99:5a:a3:e4:7b:71:9b:a2:bd:67:13: e0:36:8f:fb:61:4d:71:26:c2:72:29:62:63:f8:ce:f0:d2:bd: 9d:c5:08:f0:55:e6:e0:67:6a:0e:16:51:a2:31:22:74:8a:f0: 7f:ee:54:0f:a7:20:ce:d4:e0:38:bd:22:2b:93:1e:92:e1:b4: af:53:c4:ad:45:5a:b4:f1:26:eb:50:07:85:7d:ea:7a:2a:7a: 13:21:17:31:5f:2f:84:89:87:83:7c:ac:20:a7:64:8f:35:17: fa:55:9d:51 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt4o0QviKQ1CKCKJY1VLuOAMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZiNDEzN2M5NTcxOWRlM2IwNjUxZTQ0YWQwNjgzNTAxYWU2 N2ViODgwHhcNMjYwMTAxMDgxODQ0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5MjcwY2MxZjY3MTNlOTdmNzNhNTkzODc1N2EyOTYyNGE1Y2NkZjY4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjylVQdDg/wOTjlIjd+UTva3jwDj9 XmomkpbQQe3aIzQJV9suKDfCmya1RbxFxhnnX+TkcNMg9e28VfXnz9rAmaJCS2E8 fnVKjVSvYxPcWZu1YeyGdERpC+/bQ+Yrk6kprO3KdO6G8pg4+h/grNr6TYSfGevJ 634IMJNrU0FmQ5Ed7wfxosmB/dMlx8sfb+d8pQSwR5sOs8YWYzOew7p0enzNiBOL +d/eN1wFR1WdW/BM6yniCIOV5yHNXpuHnSUZHgc4+6oDfv8gV+U0BGv4DDe3maGE RAPWrvKmcU6eJa+PvegZ5OwlAAz8L3+RkK4f8iK9qmy1Q31PdcxgGxQjUQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFJJwzB9nE+l/c6WTh1eiliSlzN9oMB8GA1UdIwQY MBaAFGtBN8lXGd47BlHkStBoNQGuZ+uIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYTBFM3lWY1ozanNHVWVSSzBHZzFBYTVuNjRnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi9hYjdmMGQtZGQzMC00OGRmLWJiMGMt ODViMjZiM2VkOTgzLzEva25ETUgyY1Q2WDl6cFpPSFY2S1dKS1hNMzJnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85Mi9hYjdmMGQtZGQzMC00OGRmLWJiMGMtODViMjZiM2VkOTgz LzEvYTBFM3lWY1ozanNHVWVSSzBHZzFBYTVuNjRnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBufDUMA0G CSqGSIb3DQEBCwUAA4IBAQAl41UEL8e2Eux0rZ/LFOi9g+xAU7pR6BqeqnuqkvLE S+e/fj2Li6a3+qEABcYduC8wKxeM1BQxt9/nMtHdPsAemG43SDGQeb4f9mzeV5js gCmqkLqgh5mic+VEExLX/6IAvGJFpzGwTuzMZo6t1TV555DOig7zGVB/tHeQ6xK8 3yhItouj9IRvMUKad1KDOQuMI/VdJGgAmVqj5Htxm6K9ZxPgNo/7YU1xJsJyKWJj +M7w0r2dxQjwVebgZ2oOFlGiMSJ0ivB/7lQPpyDO1OA4vSIrkx6S4bSvU8StRVq0 8SbrUAeFfep6KnoTIRcxXy+EiYeDfKwgp2SPNRf6VZ1R -----END CERTIFICATE-----Generated at Mon Jan 26 02:22:52 2026 by rpki-client