This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/b130b5-5fcc-4196-9075-5eff73e89fbb/1/KruYfdwnUNYxfXkcEK0pRrgHkqg.roa File: KruYfdwnUNYxfXkcEK0pRrgHkqg.roa (raw, json) Hash identifier: UrG6tcE8plAV8A8NaRxXB6Nz6rhzF4jRdCMcfNiMj5Q= Subject key identifier: 2A:BB:98:7D:DC:27:50:D6:31:7D:79:1C:10:AD:29:46:B8:07:92:A8 Certificate issuer: /CN=c8e50ca17134837a50d3063d43d443385abe6f49 Certificate serial: 019B7FF2B7B1E862E6E4E6CE1A878275F356 Authority key identifier: C8:E5:0C:A1:71:34:83:7A:50:D3:06:3D:43:D4:43:38:5A:BE:6F:49 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yOUMoXE0g3pQ0wY9Q9RDOFq-b0k.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/b130b5-5fcc-4196-9075-5eff73e89fbb/1/KruYfdwnUNYxfXkcEK0pRrgHkqg.roa Signing time: Fri 02 Jan 2026 18:22:51 +0000 ROA not before: Fri 02 Jan 2026 18:22:51 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 27630 IP address blocks: 193.28.57.0/24 maxlen: 24 193.28.60.0/24 maxlen: 24 193.28.93.0/24 maxlen: 24 193.28.106.0/24 maxlen: 24 2a10:3680::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a1/b130b5-5fcc-4196-9075-5eff73e89fbb/1/yOUMoXE0g3pQ0wY9Q9RDOFq-b0k.crl rsync://rpki.ripe.net/repository/DEFAULT/a1/b130b5-5fcc-4196-9075-5eff73e89fbb/1/yOUMoXE0g3pQ0wY9Q9RDOFq-b0k.mft rsync://rpki.ripe.net/repository/DEFAULT/yOUMoXE0g3pQ0wY9Q9RDOFq-b0k.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 06:00:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:f2:b7:b1:e8:62:e6:e4:e6:ce:1a:87:82:75:f3:56 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c8e50ca17134837a50d3063d43d443385abe6f49 Validity Not Before: Jan 2 18:22:51 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=2abb987ddc2750d6317d791c10ad2946b80792a8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:eb:03:93:e5:35:85:8b:7b:30:7d:16:db:b4:f0: b9:fe:3b:9c:7a:51:cb:66:c0:56:84:4d:db:5c:17: 3a:cd:da:a0:a7:62:b5:f2:11:ab:c4:dd:cf:91:39: e2:b8:e5:45:41:d3:98:55:7d:53:8e:a3:73:91:e4: 77:df:c2:bc:a1:ac:a8:0a:dd:3d:87:14:9e:cd:a1: 85:4c:c4:33:f7:65:89:cd:2a:98:81:71:6c:1e:fe: f8:6b:7a:56:f5:4b:ae:cc:70:8c:b2:8d:4c:c2:7a: dc:2b:2e:86:b7:06:45:a3:1a:0d:04:3e:17:bf:67: 86:d3:03:74:a1:9c:84:2e:74:96:1e:92:f3:1a:3f: 91:bb:ac:eb:e5:46:00:7d:19:67:9e:40:cc:79:d1: fc:39:6f:50:f7:dd:81:99:1a:9e:4e:ed:cc:ae:c0: cb:0b:45:84:0c:7b:0f:32:97:19:5d:9d:f5:7e:b4: e5:e7:fc:db:ee:ef:f4:8a:4c:a4:55:84:fd:b1:a7: e8:6f:af:86:3c:e3:29:48:a8:8b:f9:98:77:37:25: 36:fe:0c:a0:c2:f4:3b:71:a6:8e:85:c4:ef:6b:f8: 93:02:52:2f:05:36:2f:70:5e:8c:1e:4c:6b:b9:a0: 2d:82:f1:8e:6e:ef:8d:56:a9:0a:a9:b1:52:de:a2: 63:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:BB:98:7D:DC:27:50:D6:31:7D:79:1C:10:AD:29:46:B8:07:92:A8 X509v3 Authority Key Identifier: keyid:C8:E5:0C:A1:71:34:83:7A:50:D3:06:3D:43:D4:43:38:5A:BE:6F:49 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yOUMoXE0g3pQ0wY9Q9RDOFq-b0k.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/b130b5-5fcc-4196-9075-5eff73e89fbb/1/KruYfdwnUNYxfXkcEK0pRrgHkqg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/b130b5-5fcc-4196-9075-5eff73e89fbb/1/yOUMoXE0g3pQ0wY9Q9RDOFq-b0k.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 193.28.57.0/24 193.28.60.0/24 193.28.93.0/24 193.28.106.0/24 IPv6: 2a10:3680::/29 Signature Algorithm: sha256WithRSAEncryption 33:bd:60:b4:fc:19:bc:f6:60:57:21:73:3e:54:2c:da:8f:c7: 01:e7:18:35:a6:4d:21:db:05:62:72:55:7c:c7:68:38:6f:46: 7f:45:c3:c6:24:a4:52:eb:34:f9:ad:a7:30:c1:81:2a:43:00: 50:86:11:a7:bb:6c:5c:f1:d5:cb:3c:be:ca:21:09:0e:6f:8f: b5:51:0b:9a:c4:75:ad:19:1b:0a:0e:42:1e:a7:c4:48:85:c5: 3b:09:2c:04:0e:15:0e:2a:e2:28:a2:69:db:64:52:93:cf:0b: cc:e7:f4:c7:ab:71:58:71:ed:a1:40:5b:56:12:98:0a:55:f7: 71:b7:e0:90:f8:87:67:8c:55:0e:9b:fe:5d:7e:21:c0:c4:bd: 95:25:b4:52:12:77:6f:a5:d8:dd:12:21:01:ba:a8:89:ec:cf: bd:85:60:68:b3:ed:ea:67:36:15:7e:55:77:47:cc:fa:39:7f: 99:36:ba:3e:23:4e:33:3b:d3:42:c5:71:2f:15:d4:63:84:80: b5:6e:de:b0:9f:9b:d0:39:d9:f8:3d:a7:70:80:5c:9b:96:2a: d4:dd:0f:a8:d4:15:b2:5d:e9:fc:c9:a9:63:a9:2c:19:4d:e3: 69:f3:bf:e2:8a:d3:51:6b:bf:33:bb:19:6a:67:5e:cc:34:37: 2f:d2:74:69 -----BEGIN CERTIFICATE----- MIIFHjCCBAagAwIBAgISAZt/8rex6GLm5ObOGoeCdfNWMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM4ZTUwY2ExNzEzNDgzN2E1MGQzMDYzZDQzZDQ0MzM4NWFi ZTZmNDkwHhcNMjYwMTAyMTgyMjUxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyYWJiOTg3ZGRjMjc1MGQ2MzE3ZDc5MWMxMGFkMjk0NmI4MDc5MmE4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6wOT5TWFi3swfRbbtPC5/jucelHL ZsBWhE3bXBc6zdqgp2K18hGrxN3PkTniuOVFQdOYVX1TjqNzkeR338K8oayoCt09 hxSezaGFTMQz92WJzSqYgXFsHv74a3pW9UuuzHCMso1MwnrcKy6GtwZFoxoNBD4X v2eG0wN0oZyELnSWHpLzGj+Ru6zr5UYAfRlnnkDMedH8OW9Q992BmRqeTu3MrsDL C0WEDHsPMpcZXZ31frTl5/zb7u/0ikykVYT9safob6+GPOMpSKiL+Zh3NyU2/gyg wvQ7caaOhcTva/iTAlIvBTYvcF6MHkxruaAtgvGObu+NVqkKqbFS3qJjRwIDAQAB o4ICKjCCAiYwHQYDVR0OBBYEFCq7mH3cJ1DWMX15HBCtKUa4B5KoMB8GA1UdIwQY MBaAFMjlDKFxNIN6UNMGPUPUQzhavm9JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveU9VTW9YRTBnM3BRMHdZOVE5UkRPRnEtYjBrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS9iMTMwYjUtNWZjYy00MTk2LTkwNzUt NWVmZjczZTg5ZmJiLzEvS3J1WWZkd25VTll4ZlhrY0VLMHBScmdIa3FnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hMS9iMTMwYjUtNWZjYy00MTk2LTkwNzUtNWVmZjczZTg5ZmJi LzEveU9VTW9YRTBnM3BRMHdZOVE5UkRPRnEtYjBrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAwRw5AwQA wRw8AwQAwRxdAwQAwRxqMA0EAgACMAcDBQMqEDaAMA0GCSqGSIb3DQEBCwUAA4IB AQAzvWC0/Bm89mBXIXM+VCzaj8cB5xg1pk0h2wViclV8x2g4b0Z/RcPGJKRS6zT5 racwwYEqQwBQhhGnu2xc8dXLPL7KIQkOb4+1UQuaxHWtGRsKDkIep8RIhcU7CSwE DhUOKuIoomnbZFKTzwvM5/THq3FYce2hQFtWEpgKVfdxt+CQ+IdnjFUOm/5dfiHA xL2VJbRSEndvpdjdEiEBuqiJ7M+9hWBos+3qZzYVflV3R8z6OX+ZNro+I04zO9NC xXEvFdRjhIC1bt6wn5vQOdn4PadwgFyblirU3Q+o1BWyXen8yaljqSwZTeNp87/i itNRa78zuxlqZ17MNDcv0nRp -----END CERTIFICATE-----Generated at Sun Jan 25 16:38:10 2026 by rpki-client