This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/9a3a98-d670-4343-9206-47bbaca078ff/1/KcpUiO15Gzl7SK9StcczqpLi6i8.roa File: KcpUiO15Gzl7SK9StcczqpLi6i8.roa (raw, json) Hash identifier: f2aZlDMUXJuXCv7f53eZgqwP78Uz9MlJPKMYPdzciVo= Subject key identifier: 29:CA:54:88:ED:79:1B:39:7B:48:AF:52:B5:C7:33:AA:92:E2:EA:2F Certificate issuer: /CN=247405e9cee39d71944d5e3149eb01b61f9adb1e Certificate serial: 019B79ECFCF0F2B292F2F9D59EA0BC7B6C42 Authority key identifier: 24:74:05:E9:CE:E3:9D:71:94:4D:5E:31:49:EB:01:B6:1F:9A:DB:1E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JHQF6c7jnXGUTV4xSesBth-a2x4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/9a3a98-d670-4343-9206-47bbaca078ff/1/KcpUiO15Gzl7SK9StcczqpLi6i8.roa Signing time: Thu 01 Jan 2026 14:18:52 +0000 ROA not before: Thu 01 Jan 2026 14:18:52 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 205958 IP address blocks: 185.30.168.0/23 maxlen: 23 185.30.170.0/23 maxlen: 23 185.194.102.0/23 maxlen: 23 2a0a:49c0::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9d/9a3a98-d670-4343-9206-47bbaca078ff/1/JHQF6c7jnXGUTV4xSesBth-a2x4.crl rsync://rpki.ripe.net/repository/DEFAULT/9d/9a3a98-d670-4343-9206-47bbaca078ff/1/JHQF6c7jnXGUTV4xSesBth-a2x4.mft rsync://rpki.ripe.net/repository/DEFAULT/JHQF6c7jnXGUTV4xSesBth-a2x4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 16:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:ec:fc:f0:f2:b2:92:f2:f9:d5:9e:a0:bc:7b:6c:42 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=247405e9cee39d71944d5e3149eb01b61f9adb1e Validity Not Before: Jan 1 14:18:52 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=29ca5488ed791b397b48af52b5c733aa92e2ea2f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:3b:d7:fa:d7:ec:47:85:2c:2f:a5:8c:34:d6: a0:16:ed:5d:d7:0e:55:93:21:63:72:80:a2:43:39: 13:20:23:a2:69:6c:73:1d:78:d7:91:88:32:33:2b: 1a:a7:d2:91:95:cd:0b:7c:37:ac:1d:cd:f5:2d:dd: 56:d0:e8:91:6b:eb:44:f1:82:52:e1:a2:8b:71:13: 91:c5:6a:37:6c:b6:61:b5:8c:3f:cc:cf:98:5c:73: a2:45:64:b8:e0:55:0f:45:ac:e0:56:28:96:d1:c7: a4:b3:3f:73:69:71:d0:b9:cd:ce:ce:27:2e:48:24: f5:18:48:5a:b3:ac:9a:e3:02:05:d4:31:82:1d:6d: 43:cd:18:cf:6f:f3:0d:0a:55:5f:61:f0:0b:7d:b4: 66:13:14:be:65:94:88:7e:f8:f5:3d:ac:24:f7:86: bb:c2:13:28:85:e5:b6:9c:d8:0b:d9:b4:d6:88:62: 55:7e:ee:a9:00:f9:4c:79:2e:46:49:02:56:8e:4c: a8:00:fa:8e:fe:08:a6:42:bc:5c:f4:85:ad:1a:27: 06:73:af:91:81:20:d8:8d:f2:19:73:50:a7:2f:2e: e5:b5:43:32:86:df:40:e6:78:e6:0f:ce:bf:e2:8e: 80:56:7d:7a:4f:d5:44:b0:54:74:16:cc:db:42:d9: 2c:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:CA:54:88:ED:79:1B:39:7B:48:AF:52:B5:C7:33:AA:92:E2:EA:2F X509v3 Authority Key Identifier: keyid:24:74:05:E9:CE:E3:9D:71:94:4D:5E:31:49:EB:01:B6:1F:9A:DB:1E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JHQF6c7jnXGUTV4xSesBth-a2x4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/9a3a98-d670-4343-9206-47bbaca078ff/1/KcpUiO15Gzl7SK9StcczqpLi6i8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/9a3a98-d670-4343-9206-47bbaca078ff/1/JHQF6c7jnXGUTV4xSesBth-a2x4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.30.168.0/22 185.194.102.0/23 IPv6: 2a0a:49c0::/29 Signature Algorithm: sha256WithRSAEncryption 9c:46:f4:4f:8a:e8:10:c8:ce:cd:c0:44:b5:39:d8:01:3c:f4: 49:e0:51:40:d2:13:18:82:b9:c2:06:63:3b:a2:e5:c7:06:8a: d3:e7:31:4c:70:35:39:1f:c0:20:a7:d2:1e:97:2e:0d:d3:41: 49:7d:4c:d3:ec:06:52:57:f8:e2:ae:43:eb:8d:05:90:a8:47: 50:8e:b4:06:d5:9a:43:a8:a5:f7:da:77:54:0f:fe:ae:86:f6: 94:21:7a:a7:a7:f6:fd:b8:26:21:03:e7:f8:63:33:64:9f:9e: f8:7e:88:e4:d4:a3:f5:c8:7b:b2:7d:5b:42:47:e1:fd:a9:2a: e8:f8:e7:14:95:5a:65:98:fa:52:1a:b1:4c:33:4b:15:27:bb: a2:70:b1:57:65:70:87:df:8f:2b:b3:c3:17:7d:06:6e:bb:ff: 09:d1:54:9e:49:5c:04:8f:d4:47:bd:fc:b1:9f:91:e8:a1:e0: 2e:76:9f:53:fd:5f:c1:97:a7:f5:46:f4:f4:a3:1f:48:0e:25: 09:d4:35:ff:a7:db:7a:87:85:68:3a:69:5c:80:2b:8e:f4:2a: 35:f9:ed:d3:61:50:f2:59:cb:b4:93:dd:fb:5c:8a:0c:a4:1d: 1e:40:71:bf:b3:7f:3c:1b:96:ff:50:98:50:02:9d:cf:94:51: a4:0e:36:5e -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt57Pzw8rKS8vnVnqC8e2xCMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI0NzQwNWU5Y2VlMzlkNzE5NDRkNWUzMTQ5ZWIwMWI2MWY5 YWRiMWUwHhcNMjYwMTAxMTQxODUyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyOWNhNTQ4OGVkNzkxYjM5N2I0OGFmNTJiNWM3MzNhYTkyZTJlYTJmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoTvX+tfsR4UsL6WMNNagFu1d1w5V kyFjcoCiQzkTICOiaWxzHXjXkYgyMysap9KRlc0LfDesHc31Ld1W0OiRa+tE8YJS 4aKLcRORxWo3bLZhtYw/zM+YXHOiRWS44FUPRazgViiW0ceksz9zaXHQuc3Ozicu SCT1GEhas6ya4wIF1DGCHW1DzRjPb/MNClVfYfALfbRmExS+ZZSIfvj1Pawk94a7 whMoheW2nNgL2bTWiGJVfu6pAPlMeS5GSQJWjkyoAPqO/gimQrxc9IWtGicGc6+R gSDYjfIZc1CnLy7ltUMyht9A5njmD86/4o6AVn16T9VEsFR0FszbQtksNQIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFCnKVIjteRs5e0ivUrXHM6qS4uovMB8GA1UdIwQY MBaAFCR0BenO451xlE1eMUnrAbYfmtseMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSkhRRjZjN2puWEdVVFY0eFNlc0J0aC1hMng0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC85YTNhOTgtZDY3MC00MzQzLTkyMDYt NDdiYmFjYTA3OGZmLzEvS2NwVWlPMTVHemw3U0s5U3RjY3pxcExpNmk4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85ZC85YTNhOTgtZDY3MC00MzQzLTkyMDYtNDdiYmFjYTA3OGZm LzEvSkhRRjZjN2puWEdVVFY0eFNlc0J0aC1hMng0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuR6oAwQB ucJmMA0EAgACMAcDBQMqCknAMA0GCSqGSIb3DQEBCwUAA4IBAQCcRvRPiugQyM7N wES1OdgBPPRJ4FFA0hMYgrnCBmM7ouXHBorT5zFMcDU5H8Agp9Iely4N00FJfUzT 7AZSV/jirkPrjQWQqEdQjrQG1ZpDqKX32ndUD/6uhvaUIXqnp/b9uCYhA+f4YzNk n574fojk1KP1yHuyfVtCR+H9qSro+OcUlVplmPpSGrFMM0sVJ7uicLFXZXCH348r s8MXfQZuu/8J0VSeSVwEj9RHvfyxn5HooeAudp9T/V/Bl6f1RvT0ox9IDiUJ1DX/ p9t6h4VoOmlcgCuO9Co1+e3TYVDyWcu0k937XIoMpB0eQHG/s388G5b/UJhQAp3P lFGkDjZe -----END CERTIFICATE-----Generated at Mon Jan 26 01:43:48 2026 by rpki-client