This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/8efa86-c35f-41b6-ad01-4906103dbd16/1/KZG3OMXklNZsBx6WgKitrALmZj0.roa File: KZG3OMXklNZsBx6WgKitrALmZj0.roa (raw, json) Hash identifier: 9SZwSzE7oslX10Qwql6XopOxhODMi+xGUT/9jnT+PNY= Subject key identifier: 29:91:B7:38:C5:E4:94:D6:6C:07:1E:96:80:A8:AD:AC:02:E6:66:3D Certificate issuer: /CN=34531c54b1e7956c2cc371b23e0a75567aa27518 Certificate serial: 019B7DCA898C6649AE5528C5F79F247467B5 Authority key identifier: 34:53:1C:54:B1:E7:95:6C:2C:C3:71:B2:3E:0A:75:56:7A:A2:75:18 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NFMcVLHnlWwsw3GyPgp1VnqidRg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/8efa86-c35f-41b6-ad01-4906103dbd16/1/KZG3OMXklNZsBx6WgKitrALmZj0.roa Signing time: Fri 02 Jan 2026 08:19:44 +0000 ROA not before: Fri 02 Jan 2026 08:19:44 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 212939 IP address blocks: 195.2.234.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/95/8efa86-c35f-41b6-ad01-4906103dbd16/1/NFMcVLHnlWwsw3GyPgp1VnqidRg.crl rsync://rpki.ripe.net/repository/DEFAULT/95/8efa86-c35f-41b6-ad01-4906103dbd16/1/NFMcVLHnlWwsw3GyPgp1VnqidRg.mft rsync://rpki.ripe.net/repository/DEFAULT/NFMcVLHnlWwsw3GyPgp1VnqidRg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 01:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:ca:89:8c:66:49:ae:55:28:c5:f7:9f:24:74:67:b5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=34531c54b1e7956c2cc371b23e0a75567aa27518 Validity Not Before: Jan 2 08:19:44 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=2991b738c5e494d66c071e9680a8adac02e6663d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:43:71:13:1d:84:1d:d1:d4:e8:cb:9f:20:e9: 39:79:1b:d9:ab:34:0a:dc:f3:80:1f:74:26:25:ba: 65:58:2a:56:23:42:b0:27:1f:6a:46:42:5b:fb:04: a2:62:9b:dd:0b:9b:fe:43:09:87:d9:7c:ea:4c:ce: 56:d2:88:84:c7:51:52:e6:55:b0:0f:01:c3:21:4b: ea:62:d6:2e:bd:e5:ae:a6:39:0d:62:dd:51:f1:28: b6:11:43:ef:09:7b:49:30:19:8f:c4:f5:57:f1:1e: 4d:81:b6:25:5c:ce:0a:ca:82:a8:0b:85:1c:9c:ee: d9:6a:07:55:ef:6c:df:3f:db:81:79:74:32:4c:e8: c0:f8:f2:b4:24:76:ef:cc:29:ad:ad:85:24:ba:1c: 85:46:af:3d:30:fa:d0:7c:15:a4:c6:49:17:61:66: 2a:7b:90:8f:30:71:0f:a8:2a:2f:13:5e:de:31:bd: 2d:a0:97:6c:3b:32:8c:fb:b4:19:78:c3:f7:3a:d9: b7:d2:86:f2:91:72:f9:b3:8e:f9:c5:04:be:0e:7d: ad:40:0c:4c:c6:36:36:2b:1b:f5:a2:df:c3:d7:d1: 8b:4b:28:6c:74:b2:78:f0:b7:e0:e1:83:60:79:9d: 90:69:c3:79:dd:13:55:2c:09:f5:54:67:3c:ac:c0: 6b:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:91:B7:38:C5:E4:94:D6:6C:07:1E:96:80:A8:AD:AC:02:E6:66:3D X509v3 Authority Key Identifier: keyid:34:53:1C:54:B1:E7:95:6C:2C:C3:71:B2:3E:0A:75:56:7A:A2:75:18 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NFMcVLHnlWwsw3GyPgp1VnqidRg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/8efa86-c35f-41b6-ad01-4906103dbd16/1/KZG3OMXklNZsBx6WgKitrALmZj0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/95/8efa86-c35f-41b6-ad01-4906103dbd16/1/NFMcVLHnlWwsw3GyPgp1VnqidRg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 195.2.234.0/24 Signature Algorithm: sha256WithRSAEncryption 9d:b4:9d:d6:24:f6:38:18:7f:23:fa:98:0d:bd:87:1a:49:c1: 32:0c:25:21:14:8e:4c:09:1d:b7:8e:12:73:fd:67:fd:bc:54: db:8a:c5:64:57:44:c1:e6:07:99:5c:eb:e6:24:93:88:cb:87: 4a:61:1c:a6:b4:ee:80:c0:77:80:de:98:b5:ab:49:75:5d:05: ac:9d:f7:a6:99:49:2e:5c:ce:1b:32:c9:41:60:57:d9:97:ac: 17:05:fe:91:0f:45:fb:dd:6b:4b:2c:3d:67:d6:20:48:1e:ec: 1a:fb:62:c3:bd:7c:5c:0e:78:b8:4c:d8:e9:3e:28:39:c7:c1: ea:60:33:65:76:2b:2a:07:84:8e:65:33:43:09:43:fd:74:d2: 7f:63:ee:e0:5c:31:ad:10:98:1b:e2:63:21:f5:08:7a:a4:1c: f1:48:9b:cc:8b:ae:58:44:60:eb:6c:23:40:1c:13:d9:d6:31: 38:d6:db:a0:45:3c:d6:89:fc:c1:5d:e2:aa:a3:71:37:38:fc: 0e:3a:8d:8c:f9:6f:03:84:9f:01:fa:a9:e1:55:77:4f:5d:b6: b3:f3:78:72:7a:67:04:b4:f7:d5:9b:f6:8d:03:ad:63:25:a5: 9e:35:e4:59:80:1f:bf:64:3e:04:9e:1a:23:47:d6:8b:c2:67: 84:18:b6:47 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt9yomMZkmuVSjF958kdGe1MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM0NTMxYzU0YjFlNzk1NmMyY2MzNzFiMjNlMGE3NTU2N2Fh Mjc1MTgwHhcNMjYwMTAyMDgxOTQ0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyOTkxYjczOGM1ZTQ5NGQ2NmMwNzFlOTY4MGE4YWRhYzAyZTY2NjNkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzUNxEx2EHdHU6MufIOk5eRvZqzQK 3POAH3QmJbplWCpWI0KwJx9qRkJb+wSiYpvdC5v+QwmH2XzqTM5W0oiEx1FS5lWw DwHDIUvqYtYuveWupjkNYt1R8Si2EUPvCXtJMBmPxPVX8R5NgbYlXM4KyoKoC4Uc nO7ZagdV72zfP9uBeXQyTOjA+PK0JHbvzCmtrYUkuhyFRq89MPrQfBWkxkkXYWYq e5CPMHEPqCovE17eMb0toJdsOzKM+7QZeMP3Otm30obykXL5s475xQS+Dn2tQAxM xjY2Kxv1ot/D19GLSyhsdLJ48Lfg4YNgeZ2QacN53RNVLAn1VGc8rMBr4wIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFCmRtzjF5JTWbAceloCorawC5mY9MB8GA1UdIwQY MBaAFDRTHFSx55VsLMNxsj4KdVZ6onUYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTkZNY1ZMSG5sV3dzdzNHeVBncDFWbnFpZFJnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS84ZWZhODYtYzM1Zi00MWI2LWFkMDEt NDkwNjEwM2RiZDE2LzEvS1pHM09NWGtsTlpzQng2V2dLaXRyQUxtWmowLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85NS84ZWZhODYtYzM1Zi00MWI2LWFkMDEtNDkwNjEwM2RiZDE2 LzEvTkZNY1ZMSG5sV3dzdzNHeVBncDFWbnFpZFJnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwwLqMA0G CSqGSIb3DQEBCwUAA4IBAQCdtJ3WJPY4GH8j+pgNvYcaScEyDCUhFI5MCR23jhJz /Wf9vFTbisVkV0TB5geZXOvmJJOIy4dKYRymtO6AwHeA3pi1q0l1XQWsnfemmUku XM4bMslBYFfZl6wXBf6RD0X73WtLLD1n1iBIHuwa+2LDvXxcDni4TNjpPig5x8Hq YDNldisqB4SOZTNDCUP9dNJ/Y+7gXDGtEJgb4mMh9Qh6pBzxSJvMi65YRGDrbCNA HBPZ1jE41tugRTzWifzBXeKqo3E3OPwOOo2M+W8DhJ8B+qnhVXdPXbaz83hyemcE tPfVm/aNA61jJaWeNeRZgB+/ZD4EnhojR9aLwmeEGLZH -----END CERTIFICATE-----Generated at Mon Jan 26 10:24:13 2026 by rpki-client