This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/KbtlTKcgt-X8HNV4rKo5uZlq6R8.roa File: KbtlTKcgt-X8HNV4rKo5uZlq6R8.roa (raw, json) Hash identifier: 70QTuQkF5890Kc+PvR2XYv1coLUM/SKD0ZPfp0La8K4= Subject key identifier: 29:BB:65:4C:A7:20:B7:E5:FC:1C:D5:78:AC:AA:39:B9:99:6A:E9:1F Certificate issuer: /CN=43d5ba0815c9f5193f80989ee893acacc4ba8849 Certificate serial: 019B7BA3CCE9D44EB5F2FE338F5C1D2E25D9 Authority key identifier: 43:D5:BA:08:15:C9:F5:19:3F:80:98:9E:E8:93:AC:AC:C4:BA:88:49 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/KbtlTKcgt-X8HNV4rKo5uZlq6R8.roa Signing time: Thu 01 Jan 2026 22:18:10 +0000 ROA not before: Thu 01 Jan 2026 22:18:10 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 205080 IP address blocks: 57.188.0.0/18 maxlen: 24 57.188.20.0/24 maxlen: 24 2a0a:90c0:1000::/40 maxlen: 48 2a0a:90c0:1066::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.crl rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.mft rsync://rpki.ripe.net/repository/DEFAULT/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:00:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a3:cc:e9:d4:4e:b5:f2:fe:33:8f:5c:1d:2e:25:d9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=43d5ba0815c9f5193f80989ee893acacc4ba8849 Validity Not Before: Jan 1 22:18:10 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=29bb654ca720b7e5fc1cd578acaa39b9996ae91f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:8f:5b:66:47:90:c5:28:72:25:90:7e:11:0d: a4:73:93:e8:7e:06:6d:2b:bf:52:fc:bc:07:70:fe: 25:c8:31:2b:c1:6d:ee:c5:ad:73:55:09:d8:b4:96: 0e:77:0c:6c:67:6c:04:21:16:43:1f:58:03:f6:0c: c3:61:2b:7a:8a:c7:70:63:30:a6:e1:39:07:0d:ed: aa:31:43:db:f7:fa:1c:4e:65:25:4d:67:0d:c1:b7: 44:89:ae:85:3c:0c:19:42:28:41:7e:9b:34:83:e1: ad:93:0b:d6:3f:56:b8:3d:76:6d:0e:24:41:61:41: 10:85:78:67:f4:ec:0f:ce:b9:8e:2b:96:87:28:f7: 9c:b1:69:08:68:5f:2f:64:c6:b2:e6:94:7a:6d:5c: 1b:f7:d3:f5:a3:62:e2:9e:5f:fd:1d:68:5b:c5:19: d8:9e:25:a3:d7:ed:e3:b5:e0:84:58:a5:d2:02:de: 09:50:89:93:6d:8a:cc:df:c7:b3:39:9d:48:f7:ae: 8b:d0:9c:22:c7:42:dc:02:11:66:18:62:ce:8c:fd: 23:35:37:b8:78:21:62:16:65:30:4f:0c:a4:c8:c3: 66:3a:73:c7:5b:1c:f0:76:6d:52:70:7d:e8:dc:b1: 4c:e2:bc:93:55:89:96:23:06:65:ff:5a:02:c0:68: f1:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:BB:65:4C:A7:20:B7:E5:FC:1C:D5:78:AC:AA:39:B9:99:6A:E9:1F X509v3 Authority Key Identifier: keyid:43:D5:BA:08:15:C9:F5:19:3F:80:98:9E:E8:93:AC:AC:C4:BA:88:49 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/KbtlTKcgt-X8HNV4rKo5uZlq6R8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 57.188.0.0/18 IPv6: 2a0a:90c0:1000::/40 Signature Algorithm: sha256WithRSAEncryption ad:3d:03:73:e8:4c:8e:52:80:e7:bb:43:db:b4:29:28:9e:09: 7a:24:ec:0c:ad:c1:0a:79:2c:7b:7b:3c:91:ab:f3:ea:d1:e6: de:6b:07:21:1a:72:33:9a:c6:64:30:5b:f5:1b:52:91:62:cf: 4a:41:0b:a8:ad:9f:db:0c:32:38:00:b9:be:b3:2b:6d:14:15: e1:78:c4:2f:11:6f:50:f0:d3:03:22:d4:c4:dd:24:fb:de:39: 21:c1:e4:a8:2d:b3:be:ae:a8:2e:c5:b0:60:24:49:f2:18:f7: 2a:e5:64:e0:19:30:ae:f3:1e:f8:c9:cd:a2:2a:44:6a:6c:34: 19:10:bb:b7:6b:aa:b0:dc:c9:d1:2b:c3:98:fa:24:a2:be:07: d9:88:89:81:cf:dc:2b:08:68:2a:13:d0:4d:7c:0d:24:b8:96: 7b:f5:1f:fd:be:9f:bc:a2:55:82:67:52:e0:ec:f2:6b:51:fe: c1:79:c9:31:eb:11:2f:c8:bd:4b:9f:6e:52:f6:8b:f6:b1:a3: ae:ff:dd:d5:0d:ac:fa:0e:83:f3:65:08:d8:a3:76:3e:a7:cd: 75:13:e8:27:f6:d2:96:e9:79:35:39:7d:69:04:2a:1a:54:91: a8:ee:fb:3f:1b:c7:f7:84:38:85:42:7c:ea:bb:95:73:61:f9: 50:4d:9b:b1 -----BEGIN CERTIFICATE----- MIIFDTCCA/WgAwIBAgISAZt7o8zp1E618v4zj1wdLiXZMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQzZDViYTA4MTVjOWY1MTkzZjgwOTg5ZWU4OTNhY2FjYzRi YTg4NDkwHhcNMjYwMTAxMjIxODEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyOWJiNjU0Y2E3MjBiN2U1ZmMxY2Q1NzhhY2FhMzliOTk5NmFlOTFmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAto9bZkeQxShyJZB+EQ2kc5PofgZt K79S/LwHcP4lyDErwW3uxa1zVQnYtJYOdwxsZ2wEIRZDH1gD9gzDYSt6isdwYzCm 4TkHDe2qMUPb9/ocTmUlTWcNwbdEia6FPAwZQihBfps0g+GtkwvWP1a4PXZtDiRB YUEQhXhn9OwPzrmOK5aHKPecsWkIaF8vZMay5pR6bVwb99P1o2Linl/9HWhbxRnY niWj1+3jteCEWKXSAt4JUImTbYrM38ezOZ1I966L0Jwix0LcAhFmGGLOjP0jNTe4 eCFiFmUwTwykyMNmOnPHWxzwdm1ScH3o3LFM4ryTVYmWIwZl/1oCwGjxmwIDAQAB o4ICGTCCAhUwHQYDVR0OBBYEFCm7ZUynILfl/BzVeKyqObmZaukfMB8GA1UdIwQY MBaAFEPVuggVyfUZP4CYnuiTrKzEuohJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUTlXNkNCWEo5UmtfZ0ppZTZKT3NyTVM2aUVrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi83MjgyYjQtN2YxMS00ZWUwLWFiZWEt ZTEzZTU1NzljNWRjLzEvS2J0bFRLY2d0LVg4SE5WNHJLbzV1WmxxNlI4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hYi83MjgyYjQtN2YxMS00ZWUwLWFiZWEtZTEzZTU1NzljNWRj LzEvUTlXNkNCWEo5UmtfZ0ppZTZKT3NyTVM2aUVrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQGObwAMA4E AgACMAgDBgAqCpDAEDANBgkqhkiG9w0BAQsFAAOCAQEArT0Dc+hMjlKA57tD27Qp KJ4JeiTsDK3BCnkse3s8kavz6tHm3msHIRpyM5rGZDBb9RtSkWLPSkELqK2f2wwy OAC5vrMrbRQV4XjELxFvUPDTAyLUxN0k+945IcHkqC2zvq6oLsWwYCRJ8hj3KuVk 4BkwrvMe+MnNoipEamw0GRC7t2uqsNzJ0SvDmPokor4H2YiJgc/cKwhoKhPQTXwN JLiWe/Uf/b6fvKJVgmdS4Ozya1H+wXnJMesRL8i9S59uUvaL9rGjrv/d1Q2s+g6D 82UI2KN2PqfNdRPoJ/bSlul5NTl9aQQqGlSRqO77PxvH94Q4hUJ86ruVc2H5UE2b sQ== -----END CERTIFICATE-----Generated at Sun Jan 25 18:07:55 2026 by rpki-client