This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/KO4mia6vpCQ5fMg8P-ojUEmovkU.roa File: KO4mia6vpCQ5fMg8P-ojUEmovkU.roa (raw, json) Hash identifier: b7t7kGBW1DJSzBBc1XcCKIKNx+8AWkzeNhrLG3xW7cA= Subject key identifier: 28:EE:26:89:AE:AF:A4:24:39:7C:C8:3C:3F:EA:23:50:49:A8:BE:45 Certificate issuer: /CN=e4a2b8e90d157ea022f8e700024a93dc356a514d Certificate serial: 019B7DCB13494AE1B355A3D9EECCA1A17DAC Authority key identifier: E4:A2:B8:E9:0D:15:7E:A0:22:F8:E7:00:02:4A:93:DC:35:6A:51:4D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5KK46Q0VfqAi-OcAAkqT3DVqUU0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/KO4mia6vpCQ5fMg8P-ojUEmovkU.roa Signing time: Fri 02 Jan 2026 08:20:19 +0000 ROA not before: Fri 02 Jan 2026 08:20:19 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 20649 IP address blocks: 188.132.169.0/24 maxlen: 24 188.132.179.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/5KK46Q0VfqAi-OcAAkqT3DVqUU0.crl rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/5KK46Q0VfqAi-OcAAkqT3DVqUU0.mft rsync://rpki.ripe.net/repository/DEFAULT/5KK46Q0VfqAi-OcAAkqT3DVqUU0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:cb:13:49:4a:e1:b3:55:a3:d9:ee:cc:a1:a1:7d:ac Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e4a2b8e90d157ea022f8e700024a93dc356a514d Validity Not Before: Jan 2 08:20:19 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=28ee2689aeafa424397cc83c3fea235049a8be45 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:8a:e1:5a:0b:41:25:9d:d1:16:df:aa:a0:f3: e5:9e:17:a9:fe:f0:9e:49:a0:d2:4f:21:bf:aa:9c: 9b:bb:89:37:12:82:ce:86:f6:c7:85:d5:0a:10:b9: f8:7d:20:92:d1:d2:f5:46:0e:4d:ad:5d:1f:e7:99: 20:9d:bb:c8:e5:00:85:eb:0b:33:9f:4c:5b:05:5e: eb:a6:96:e0:86:3f:17:6b:b5:9e:95:38:86:23:10: 99:1a:4b:a2:4e:ae:fb:d8:86:79:0d:bb:49:42:73: 7c:20:f0:22:4e:8b:b2:f9:60:17:9c:7e:19:65:f4: 29:86:07:c5:e9:63:2d:96:e4:53:0b:0a:21:5e:e9: 5d:e4:f5:31:06:80:81:b9:93:47:3d:9e:a6:c6:dd: d3:0f:82:25:6b:f4:ff:e0:3c:a2:cb:6c:ce:6f:28: b6:9e:ae:45:28:0b:b5:67:a8:0f:e0:47:91:f1:7a: 2a:06:9a:c6:05:2b:b8:be:1b:f5:3d:23:14:b2:b4: fe:79:4b:b8:71:8f:fb:4b:f3:dd:60:5f:1e:95:ed: f1:74:1c:2d:58:68:70:fa:e2:25:39:ed:01:93:ec: 30:e4:75:35:76:2a:6a:94:1e:15:f1:a1:2c:ec:d6: 24:c2:34:08:1e:7c:75:b4:65:06:de:b3:3d:8c:89: dc:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:EE:26:89:AE:AF:A4:24:39:7C:C8:3C:3F:EA:23:50:49:A8:BE:45 X509v3 Authority Key Identifier: keyid:E4:A2:B8:E9:0D:15:7E:A0:22:F8:E7:00:02:4A:93:DC:35:6A:51:4D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5KK46Q0VfqAi-OcAAkqT3DVqUU0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/KO4mia6vpCQ5fMg8P-ojUEmovkU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/5KK46Q0VfqAi-OcAAkqT3DVqUU0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 188.132.169.0/24 188.132.179.0/24 Signature Algorithm: sha256WithRSAEncryption 55:d7:cc:a3:e2:f9:bd:10:cb:b5:8b:73:31:67:66:73:a1:d0: e9:74:e2:5e:97:1e:5e:31:4f:ba:57:ce:c3:c3:3c:a5:5f:67: 3a:80:d2:07:58:2a:94:be:ad:be:9b:25:5c:94:ad:de:ef:72: 85:b4:60:d2:40:cc:a7:a3:69:6d:3b:bc:5c:41:c6:7f:a4:c2: b5:a0:a1:0b:2a:57:eb:ec:b9:e4:cf:32:b5:98:6b:28:0c:9b: e2:77:7b:35:b5:35:e1:bc:f5:6f:e0:e1:0f:47:1d:2e:05:da: 6a:48:61:ff:ac:8f:09:27:55:8a:47:ef:42:5e:28:70:f2:0d: 72:ba:2e:d7:6f:95:47:05:54:cf:fd:0d:99:37:a1:35:43:5c: 00:7e:89:fd:83:04:a0:10:5e:e3:ff:52:38:15:64:3b:b1:c7: 70:43:17:a2:d0:bb:30:2b:fa:2a:de:86:2e:a0:98:d7:0e:46: 04:b4:dc:42:b7:eb:71:51:56:24:e0:57:2e:9a:66:95:9d:f9: 6d:35:35:53:13:24:e2:e1:35:db:46:0c:ee:ee:e0:ca:f2:ca: 70:68:d0:0c:37:67:19:98:d6:17:e2:1b:5a:3e:17:37:76:b3: dd:d4:fc:58:bc:e5:77:6d:64:03:d9:fa:6f:a1:45:38:ee:38: 05:eb:ba:4e -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt9yxNJSuGzVaPZ7syhoX2sMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGU0YTJiOGU5MGQxNTdlYTAyMmY4ZTcwMDAyNGE5M2RjMzU2 YTUxNGQwHhcNMjYwMTAyMDgyMDE5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyOGVlMjY4OWFlYWZhNDI0Mzk3Y2M4M2MzZmVhMjM1MDQ5YThiZTQ1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0YrhWgtBJZ3RFt+qoPPlnhep/vCe SaDSTyG/qpybu4k3EoLOhvbHhdUKELn4fSCS0dL1Rg5NrV0f55kgnbvI5QCF6wsz n0xbBV7rppbghj8Xa7WelTiGIxCZGkuiTq772IZ5DbtJQnN8IPAiTouy+WAXnH4Z ZfQphgfF6WMtluRTCwohXuld5PUxBoCBuZNHPZ6mxt3TD4Ila/T/4Dyiy2zObyi2 nq5FKAu1Z6gP4EeR8XoqBprGBSu4vhv1PSMUsrT+eUu4cY/7S/PdYF8ele3xdBwt WGhw+uIlOe0Bk+ww5HU1dipqlB4V8aEs7NYkwjQIHnx1tGUG3rM9jIncRQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFCjuJomur6QkOXzIPD/qI1BJqL5FMB8GA1UdIwQY MBaAFOSiuOkNFX6gIvjnAAJKk9w1alFNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNUtLNDZRMFZmcUFpLU9jQUFrcVQzRFZxVVUwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny82OTllODUtMTAyNy00YzdlLThhZTct ZGY0YTJlNzYwY2NiLzEvS080bWlhNnZwQ1E1Zk1nOFAtb2pVRW1vdmtVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85Ny82OTllODUtMTAyNy00YzdlLThhZTctZGY0YTJlNzYwY2Ni LzEvNUtLNDZRMFZmcUFpLU9jQUFrcVQzRFZxVVUwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAvISpAwQA vISzMA0GCSqGSIb3DQEBCwUAA4IBAQBV18yj4vm9EMu1i3MxZ2ZzodDpdOJelx5e MU+6V87DwzylX2c6gNIHWCqUvq2+myVclK3e73KFtGDSQMyno2ltO7xcQcZ/pMK1 oKELKlfr7LnkzzK1mGsoDJvid3s1tTXhvPVv4OEPRx0uBdpqSGH/rI8JJ1WKR+9C Xihw8g1yui7Xb5VHBVTP/Q2ZN6E1Q1wAfon9gwSgEF7j/1I4FWQ7scdwQxei0Lsw K/oq3oYuoJjXDkYEtNxCt+txUVYk4FcummaVnfltNTVTEyTi4TXbRgzu7uDK8spw aNAMN2cZmNYX4htaPhc3drPd1PxYvOV3bWQD2fpvoUU47jgF67pO -----END CERTIFICATE-----Generated at Mon Jan 26 02:43:34 2026 by rpki-client