This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/f71cc2-b71d-4668-8661-0538e95f3f12/1/kzw9wdxbadrqtu7kVtbu2JLu-x8.roa File: kzw9wdxbadrqtu7kVtbu2JLu-x8.roa (raw, json) Hash identifier: Qk/H5R/hSYn97VwMdoQjOSY/SWlxXEJMhW6F91uFxtk= Subject key identifier: 93:3C:3D:C1:DC:5B:69:DA:EA:B6:EE:E4:56:D6:EE:D8:92:EE:FB:1F Certificate issuer: /CN=4776afb74fad5baf0a6180b49510d8b8497df8d3 Certificate serial: 019B7BA51E0730F7B4912F9514BA77FF03C2 Authority key identifier: 47:76:AF:B7:4F:AD:5B:AF:0A:61:80:B4:95:10:D8:B8:49:7D:F8:D3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/R3avt0-tW68KYYC0lRDYuEl9-NM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/f71cc2-b71d-4668-8661-0538e95f3f12/1/kzw9wdxbadrqtu7kVtbu2JLu-x8.roa Signing time: Thu 01 Jan 2026 22:19:37 +0000 ROA not before: Thu 01 Jan 2026 22:19:37 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 42044 IP address blocks: 185.24.65.0/24 maxlen: 24 185.24.66.0/24 maxlen: 24 193.105.170.0/24 maxlen: 24 212.18.250.0/24 maxlen: 24 2001:67c:2630::/48 maxlen: 48 2a04:2b00:100::/48 maxlen: 48 2a04:2b00:200::/48 maxlen: 48 2a04:2b00:212::/48 maxlen: 48 2a04:2b00:6374::/48 maxlen: 48 2a04:2b01::/32 maxlen: 32 2a04:2b02::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/94/f71cc2-b71d-4668-8661-0538e95f3f12/1/R3avt0-tW68KYYC0lRDYuEl9-NM.crl rsync://rpki.ripe.net/repository/DEFAULT/94/f71cc2-b71d-4668-8661-0538e95f3f12/1/R3avt0-tW68KYYC0lRDYuEl9-NM.mft rsync://rpki.ripe.net/repository/DEFAULT/R3avt0-tW68KYYC0lRDYuEl9-NM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 15:35:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a5:1e:07:30:f7:b4:91:2f:95:14:ba:77:ff:03:c2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4776afb74fad5baf0a6180b49510d8b8497df8d3 Validity Not Before: Jan 1 22:19:37 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=933c3dc1dc5b69daeab6eee456d6eed892eefb1f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:61:cc:10:d2:03:64:bd:b6:30:8a:ff:64:6b: 2e:34:5a:80:3e:42:51:28:e2:f2:98:66:27:f1:04: e2:5c:c8:4b:4b:c1:a9:23:e9:99:fc:e6:4b:da:1c: 8d:b3:3f:81:ad:49:a4:84:bd:d5:e3:e4:ab:1f:3b: a1:5f:95:58:3c:56:dd:7e:4d:28:0f:e2:1b:64:cd: ba:52:00:d1:55:6e:17:f6:e4:39:25:37:05:cd:be: f3:bf:7c:6f:95:d0:c9:77:79:fd:87:a1:5a:48:c0: f8:2b:18:bb:93:9b:f3:90:b0:47:28:8e:f2:75:1c: 96:61:5c:04:19:e9:0f:f3:e3:c4:e2:57:98:32:ef: 49:6e:f5:f4:45:f9:ef:9d:68:91:31:8f:7e:74:4b: c2:89:85:a9:c2:f8:1d:d7:c6:ad:33:0c:3d:78:1c: 99:0d:b4:77:7a:83:d4:cd:95:0c:97:7f:45:26:65: ce:53:f2:28:62:ed:dc:ed:27:b0:08:01:ba:4f:d7: aa:de:13:ca:a5:71:f5:83:44:55:19:9e:e3:ee:97: ee:e3:86:57:87:92:b4:66:e4:c9:7c:a0:e4:78:5e: 44:1a:8f:56:60:19:24:ef:d5:81:83:34:2f:95:8b: 58:ed:e6:3e:9e:e9:5b:4d:48:7b:e5:86:a3:6d:4e: a2:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 93:3C:3D:C1:DC:5B:69:DA:EA:B6:EE:E4:56:D6:EE:D8:92:EE:FB:1F X509v3 Authority Key Identifier: keyid:47:76:AF:B7:4F:AD:5B:AF:0A:61:80:B4:95:10:D8:B8:49:7D:F8:D3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R3avt0-tW68KYYC0lRDYuEl9-NM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/f71cc2-b71d-4668-8661-0538e95f3f12/1/kzw9wdxbadrqtu7kVtbu2JLu-x8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/94/f71cc2-b71d-4668-8661-0538e95f3f12/1/R3avt0-tW68KYYC0lRDYuEl9-NM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.24.65.0-185.24.66.255 193.105.170.0/24 212.18.250.0/24 IPv6: 2001:67c:2630::/48 2a04:2b00:100::/48 2a04:2b00:200::/48 2a04:2b00:212::/48 2a04:2b00:6374::/48 2a04:2b01::-2a04:2b02:ffff:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 79:d0:21:6b:3e:be:de:25:be:91:34:dc:fe:0a:ee:27:27:de: 1b:7d:85:e7:20:dd:56:24:91:50:60:2f:93:a3:83:7f:09:2a: 08:3e:25:8d:01:bb:df:0c:cf:10:99:45:82:bd:e8:7f:04:dd: aa:82:6b:b5:0c:ad:63:c4:1c:6e:fb:b6:55:ff:f1:44:de:f5: 90:31:88:f3:63:d7:1d:0f:b9:19:24:5d:e9:4d:03:08:dd:9c: 74:f7:50:ac:20:a1:9b:46:0c:3b:c0:b9:74:7c:b3:04:67:7e: ed:40:9e:34:5f:f8:7b:dc:d7:d9:ce:1c:09:d4:85:fe:21:52: ff:cb:37:2e:d5:b2:55:52:05:da:c4:a7:89:10:67:50:6a:89: b9:cf:5a:34:98:ae:09:5b:4b:37:17:81:e2:a8:4e:2e:41:d0: 54:ed:77:b6:50:07:94:28:6e:9a:09:2f:77:96:0c:9b:1b:bb: 3e:c4:3b:e2:63:b2:f0:71:00:ec:77:6c:7f:b4:0b:fd:36:80: 98:0d:be:a6:ad:d0:4d:fc:12:85:74:71:4e:35:72:02:19:fe: 3f:61:5c:d4:6d:8e:3f:dc:b4:6f:23:bf:e2:37:fc:d7:3b:4e: 46:f9:e8:18:60:d3:99:af:38:68:98:30:bf:73:7f:06:7a:82: 2d:9d:af:53 -----BEGIN CERTIFICATE----- MIIFVjCCBD6gAwIBAgISAZt7pR4HMPe0kS+VFLp3/wPCMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQ3NzZhZmI3NGZhZDViYWYwYTYxODBiNDk1MTBkOGI4NDk3 ZGY4ZDMwHhcNMjYwMTAxMjIxOTM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5MzNjM2RjMWRjNWI2OWRhZWFiNmVlZTQ1NmQ2ZWVkODkyZWVmYjFmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlmHMENIDZL22MIr/ZGsuNFqAPkJR KOLymGYn8QTiXMhLS8GpI+mZ/OZL2hyNsz+BrUmkhL3V4+SrHzuhX5VYPFbdfk0o D+IbZM26UgDRVW4X9uQ5JTcFzb7zv3xvldDJd3n9h6FaSMD4Kxi7k5vzkLBHKI7y dRyWYVwEGekP8+PE4leYMu9JbvX0RfnvnWiRMY9+dEvCiYWpwvgd18atMww9eByZ DbR3eoPUzZUMl39FJmXOU/IoYu3c7SewCAG6T9eq3hPKpXH1g0RVGZ7j7pfu44ZX h5K0ZuTJfKDkeF5EGo9WYBkk79WBgzQvlYtY7eY+nulbTUh75YajbU6i8QIDAQAB o4ICYjCCAl4wHQYDVR0OBBYEFJM8PcHcW2na6rbu5FbW7tiS7vsfMB8GA1UdIwQY MBaAFEd2r7dPrVuvCmGAtJUQ2LhJffjTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUjNhdnQwLXRXNjhLWVlDMGxSRFl1RWw5LU5NLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC9mNzFjYzItYjcxZC00NjY4LTg2NjEt MDUzOGU5NWYzZjEyLzEva3p3OXdkeGJhZHJxdHU3a1Z0YnUySkx1LXg4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85NC9mNzFjYzItYjcxZC00NjY4LTg2NjEtMDUzOGU5NWYzZjEy LzEvUjNhdnQwLXRXNjhLWVlDMGxSRFl1RWw5LU5NLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMHgGCCsGAQUFBwEHAQH/BGkwZzAgBAIAATAaMAwDBAC5GEED BAC5GEIDBADBaaoDBADUEvowQwQCAAIwPQMHACABBnwmMAMHACoEKwABAAMHACoE KwACAAMHACoEKwACEgMHACoEKwBjdDAOAwUAKgQrAQMFACoEKwIwDQYJKoZIhvcN AQELBQADggEBAHnQIWs+vt4lvpE03P4K7icn3ht9hecg3VYkkVBgL5Ojg38JKgg+ JY0Bu98MzxCZRYK96H8E3aqCa7UMrWPEHG77tlX/8UTe9ZAxiPNj1x0PuRkkXelN AwjdnHT3UKwgoZtGDDvAuXR8swRnfu1AnjRf+Hvc19nOHAnUhf4hUv/LNy7VslVS BdrEp4kQZ1BqibnPWjSYrglbSzcXgeKoTi5B0FTtd7ZQB5QobpoJL3eWDJsbuz7E O+JjsvBxAOx3bH+0C/02gJgNvqat0E38EoV0cU41cgIZ/j9hXNRtjj/ctG8jv+I3 /Nc7Tkb56Bhg05mvOGiYML9zfwZ6gi2dr1M= -----END CERTIFICATE-----Generated at Mon Jan 26 21:18:19 2026 by rpki-client