This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/kPZtrooPlOyF8jQupuEU9Gy1bJQ.roa File: kPZtrooPlOyF8jQupuEU9Gy1bJQ.roa (raw, json) Hash identifier: KtcI+6F6qPHzsOZYQ0EOD+pODuibLz2OAgS4M/a6Aq4= Subject key identifier: 90:F6:6D:AE:8A:0F:94:EC:85:F2:34:2E:A6:E1:14:F4:6C:B5:6C:94 Certificate issuer: /CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd Certificate serial: 019B7EA63BA373DB1504EFDD4BDBEB6DCADE Authority key identifier: 52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/kPZtrooPlOyF8jQupuEU9Gy1bJQ.roa Signing time: Fri 02 Jan 2026 12:19:41 +0000 ROA not before: Fri 02 Jan 2026 12:19:41 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 212660 IP address blocks: 198.38.94.0/24 maxlen: 24 198.38.95.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.crl rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.mft rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 10:01:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a6:3b:a3:73:db:15:04:ef:dd:4b:db:eb:6d:ca:de Signature Algorithm: sha256WithRSAEncryption Issuer: CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd Validity Not Before: Jan 2 12:19:41 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=90f66dae8a0f94ec85f2342ea6e114f46cb56c94 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:9f:a6:71:f1:49:2a:90:20:43:3d:42:86:76: 66:b5:e3:8e:04:68:b4:15:51:16:ba:15:55:6e:ce: e7:03:16:bf:27:7e:a8:e2:76:77:10:c5:ab:72:ee: 44:8d:5a:97:1f:26:a0:27:98:f3:b2:74:a2:43:6f: 64:85:60:90:5e:fa:5a:c8:fd:3c:9a:ad:c5:67:26: 7d:4b:ad:83:35:e2:f7:30:54:6b:64:5b:17:4d:48: 45:ae:12:18:b5:b5:a5:47:ff:8f:52:e4:82:2d:7e: a1:ee:16:08:43:df:2c:e4:26:e1:ff:85:d3:12:e0: af:d2:1a:bb:de:eb:05:22:b6:42:b5:32:fb:d8:0c: 8e:0b:45:f0:91:4d:55:21:dd:7f:ea:04:e6:88:c1: 25:c7:d7:80:2c:72:e3:dc:8b:92:a3:a9:14:08:66: 21:9a:13:33:6a:9d:65:09:b3:89:69:ee:13:0f:81: 44:2b:0d:d5:50:cc:4b:6f:2f:c0:db:8e:c1:69:47: 10:ee:d2:9b:73:6e:a1:38:c6:24:91:1e:6e:30:cd: 98:38:8d:1a:a1:05:9c:26:df:d3:57:0a:81:20:3d: 61:2e:90:26:1e:90:99:d2:27:d3:a7:47:ec:0b:02: 57:30:ca:17:69:e1:d6:56:9e:7c:28:72:78:12:3c: 3e:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:F6:6D:AE:8A:0F:94:EC:85:F2:34:2E:A6:E1:14:F4:6C:B5:6C:94 X509v3 Authority Key Identifier: keyid:52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/kPZtrooPlOyF8jQupuEU9Gy1bJQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 198.38.94.0/23 Signature Algorithm: sha256WithRSAEncryption 99:25:05:c9:84:cb:97:8a:50:19:12:67:fe:6f:4c:87:60:59: fc:f7:da:15:f5:c9:f1:a1:12:79:b6:2a:4a:1e:f0:69:5b:cd: 98:ef:fb:03:65:f6:46:41:ab:91:fb:e0:22:44:58:a1:ce:dc: a0:46:b6:0f:3c:8a:a4:05:c1:0a:ce:62:ef:8a:05:db:0e:0b: 9d:30:49:71:6c:42:e1:91:22:29:62:33:d8:ac:94:2f:b4:a7: 89:2e:f7:6b:bc:58:04:43:3d:0b:e6:5a:f7:81:e1:9a:42:a6: 4c:d0:d4:33:fe:01:a5:3d:5f:f7:af:7d:61:99:e4:be:03:c6: a9:e6:40:bb:13:8a:fd:24:21:f2:71:6a:84:74:4e:3b:8f:f6: 40:b5:ea:bf:45:d2:88:d9:13:ec:39:dd:19:37:fc:c0:d4:54: 9b:5b:39:a2:d3:e3:21:6b:02:44:50:4c:60:f2:d9:1a:1e:e9: 14:46:63:bd:2f:8c:e7:b9:4e:9c:bb:a1:fb:4f:fb:8f:30:af: 59:a3:32:17:fa:35:10:ef:0e:94:d1:5f:c3:81:c3:c9:d9:5e: 8d:48:cd:9c:78:01:35:32:51:ec:ca:39:29:9a:73:a3:3e:d2: 4b:18:1c:59:98:3d:c0:23:f3:20:f7:e7:72:03:f5:b2:02:93: c6:65:81:db -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt+pjujc9sVBO/dS9vrbcreMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDUyY2Q5YTY1MTJkYmYyNWE1ZjE5YjgyN2Q3YTJjN2UyMmEy ZWU4ZGQwHhcNMjYwMTAyMTIxOTQxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5MGY2NmRhZThhMGY5NGVjODVmMjM0MmVhNmUxMTRmNDZjYjU2Yzk0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnJ+mcfFJKpAgQz1ChnZmteOOBGi0 FVEWuhVVbs7nAxa/J36o4nZ3EMWrcu5EjVqXHyagJ5jzsnSiQ29khWCQXvpayP08 mq3FZyZ9S62DNeL3MFRrZFsXTUhFrhIYtbWlR/+PUuSCLX6h7hYIQ98s5Cbh/4XT EuCv0hq73usFIrZCtTL72AyOC0XwkU1VId1/6gTmiMElx9eALHLj3IuSo6kUCGYh mhMzap1lCbOJae4TD4FEKw3VUMxLby/A247BaUcQ7tKbc26hOMYkkR5uMM2YOI0a oQWcJt/TVwqBID1hLpAmHpCZ0ifTp0fsCwJXMMoXaeHWVp58KHJ4Ejw+gwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFJD2ba6KD5TshfI0LqbhFPRstWyUMB8GA1UdIwQY MBaAFFLNmmUS2/JaXxm4J9eix+IqLujdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUt Y2NhMzc2MDZiZjE4LzEva1BadHJvb1BsT3lGOGpRdXB1RVU5R3kxYkpRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUtY2NhMzc2MDZiZjE4 LzEvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBxiZeMA0G CSqGSIb3DQEBCwUAA4IBAQCZJQXJhMuXilAZEmf+b0yHYFn899oV9cnxoRJ5tipK HvBpW82Y7/sDZfZGQauR++AiRFihztygRrYPPIqkBcEKzmLvigXbDgudMElxbELh kSIpYjPYrJQvtKeJLvdrvFgEQz0L5lr3geGaQqZM0NQz/gGlPV/3r31hmeS+A8ap 5kC7E4r9JCHycWqEdE47j/ZAteq/RdKI2RPsOd0ZN/zA1FSbWzmi0+MhawJEUExg 8tkaHukURmO9L4znuU6cu6H7T/uPMK9ZozIX+jUQ7w6U0V/DgcPJ2V6NSM2ceAE1 MlHsyjkpmnOjPtJLGBxZmD3AI/Mg9+dyA/WyApPGZYHb -----END CERTIFICATE-----Generated at Sun Jan 25 19:01:57 2026 by rpki-client