This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/KzdQ6MYBCl2ir-P86lDTtzaCt6M.roa File: KzdQ6MYBCl2ir-P86lDTtzaCt6M.roa (raw, json) Hash identifier: h0pLqI3V5xBNJ0ejZS7hNIXSpXsgRqsYEzH47nvj1rY= Subject key identifier: 2B:37:50:E8:C6:01:0A:5D:A2:AF:E3:FC:EA:50:D3:B7:36:82:B7:A3 Certificate issuer: /CN=c42708df93954aac601aef1835bd5d69245fb02f Certificate serial: 019B797F3522D0AA1AE6F8A1D8147F03A6AC Authority key identifier: C4:27:08:DF:93:95:4A:AC:60:1A:EF:18:35:BD:5D:69:24:5F:B0:2F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xCcI35OVSqxgGu8YNb1daSRfsC8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/KzdQ6MYBCl2ir-P86lDTtzaCt6M.roa Signing time: Thu 01 Jan 2026 12:18:58 +0000 ROA not before: Thu 01 Jan 2026 12:18:58 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 203329 IP address blocks: 194.121.56.0/24 maxlen: 24 2001:678:f44::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/xCcI35OVSqxgGu8YNb1daSRfsC8.crl rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/xCcI35OVSqxgGu8YNb1daSRfsC8.mft rsync://rpki.ripe.net/repository/DEFAULT/xCcI35OVSqxgGu8YNb1daSRfsC8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 12:00:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7f:35:22:d0:aa:1a:e6:f8:a1:d8:14:7f:03:a6:ac Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c42708df93954aac601aef1835bd5d69245fb02f Validity Not Before: Jan 1 12:18:58 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=2b3750e8c6010a5da2afe3fcea50d3b73682b7a3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:65:50:fc:68:a6:f9:5f:3e:63:d6:d4:4e:f6: ee:5a:02:66:73:f6:98:da:17:68:16:f6:52:50:49: 0a:97:52:0b:eb:cf:06:12:c7:d8:75:1c:c6:2d:cf: 92:65:29:b2:51:83:e8:79:57:f5:1b:e9:4a:2c:99: 2a:7b:3a:61:4b:72:65:fe:17:02:39:af:4e:17:8c: 0e:47:0c:fa:39:fa:c0:62:d0:46:50:41:69:41:df: 1e:13:48:21:e5:9d:a3:a1:a5:42:37:28:ae:50:15: 35:c7:51:d2:39:88:2f:c9:6e:31:e5:93:34:dd:a4: c4:37:20:3e:d8:3d:79:f4:11:db:43:3d:3e:77:48: 82:98:0d:86:77:00:47:0c:df:f8:73:f7:64:d6:37: ef:dd:7f:ad:e6:98:fb:88:b6:d7:35:c4:16:9c:e9: bc:3c:58:1c:d1:3a:d1:85:f2:04:23:49:e0:d6:75: 3f:26:8e:83:13:13:5b:8a:6d:e4:5a:7e:f8:ea:d0: 62:2d:1f:be:6e:5a:4b:b3:2d:79:1b:bb:51:a7:9f: 15:2a:6c:23:38:33:d1:d5:d7:fd:ef:bf:f5:e7:57: 59:0b:0f:c6:35:e4:13:20:c1:12:cf:46:98:76:92: 69:26:bd:cd:1d:fd:3e:84:53:15:7c:14:c0:9f:cc: 2b:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2B:37:50:E8:C6:01:0A:5D:A2:AF:E3:FC:EA:50:D3:B7:36:82:B7:A3 X509v3 Authority Key Identifier: keyid:C4:27:08:DF:93:95:4A:AC:60:1A:EF:18:35:BD:5D:69:24:5F:B0:2F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xCcI35OVSqxgGu8YNb1daSRfsC8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/KzdQ6MYBCl2ir-P86lDTtzaCt6M.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/xCcI35OVSqxgGu8YNb1daSRfsC8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 194.121.56.0/24 IPv6: 2001:678:f44::/48 Signature Algorithm: sha256WithRSAEncryption 70:59:ba:31:fa:36:43:60:50:d6:f2:fa:4c:3d:46:ae:39:8c: a8:4b:9b:dc:f1:ca:fb:53:09:7d:4d:a4:9e:ab:06:6a:02:73: 90:30:22:11:13:ef:9b:a1:ec:3c:7a:86:0f:c0:5d:86:4e:9d: 2e:50:6a:b9:50:f0:a6:62:fb:2d:2f:43:05:ad:a1:ea:6a:9a: ae:30:99:28:51:90:09:86:b6:73:d7:c7:14:61:24:cf:09:97: 46:a9:84:0d:39:65:15:b7:62:6d:ae:06:bf:6c:e5:68:2c:03: f6:30:35:ef:10:c2:56:3e:33:49:b1:f6:87:d5:63:de:30:49: a8:62:a8:63:58:7b:92:56:eb:3d:64:6e:df:c5:f1:96:48:06: f7:07:42:5b:c5:ce:a2:87:08:5c:c6:51:a5:59:88:5f:31:8f: b6:a7:bc:06:4e:bf:59:6c:bf:1f:74:8b:e9:b8:50:c8:dd:20: 49:af:e2:51:8b:07:39:8f:f7:d6:b6:b5:78:79:13:2b:06:f5: 81:8e:23:79:1b:60:08:28:68:4c:b2:ab:04:2d:ef:d9:f9:cd: 33:5e:e2:a1:27:aa:46:01:12:5f:9f:af:87:00:57:53:12:41: 0c:92:6f:25:37:b5:a4:c0:31:38:4b:61:48:bf:03:16:7c:8f: 52:f2:8a:c4 -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgISAZt5fzUi0Koa5vih2BR/A6asMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM0MjcwOGRmOTM5NTRhYWM2MDFhZWYxODM1YmQ1ZDY5MjQ1 ZmIwMmYwHhcNMjYwMTAxMTIxODU4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyYjM3NTBlOGM2MDEwYTVkYTJhZmUzZmNlYTUwZDNiNzM2ODJiN2EzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1WVQ/Gim+V8+Y9bUTvbuWgJmc/aY 2hdoFvZSUEkKl1IL688GEsfYdRzGLc+SZSmyUYPoeVf1G+lKLJkqezphS3Jl/hcC Oa9OF4wORwz6OfrAYtBGUEFpQd8eE0gh5Z2joaVCNyiuUBU1x1HSOYgvyW4x5ZM0 3aTENyA+2D159BHbQz0+d0iCmA2GdwBHDN/4c/dk1jfv3X+t5pj7iLbXNcQWnOm8 PFgc0TrRhfIEI0ng1nU/Jo6DExNbim3kWn746tBiLR++blpLsy15G7tRp58VKmwj ODPR1df977/151dZCw/GNeQTIMESz0aYdpJpJr3NHf0+hFMVfBTAn8wrpQIDAQAB o4ICGjCCAhYwHQYDVR0OBBYEFCs3UOjGAQpdoq/j/OpQ07c2grejMB8GA1UdIwQY MBaAFMQnCN+TlUqsYBrvGDW9XWkkX7AvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveENjSTM1T1ZTcXhnR3U4WU5iMWRhU1Jmc0M4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9mNjE3YTUtMzI0MC00OGM0LWI3MTYt NzQxYzFkOGRlYTJiLzEvS3pkUTZNWUJDbDJpci1QODZsRFR0emFDdDZNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iNC9mNjE3YTUtMzI0MC00OGM0LWI3MTYtNzQxYzFkOGRlYTJi LzEveENjSTM1T1ZTcXhnR3U4WU5iMWRhU1Jmc0M4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwnk4MA8E AgACMAkDBwAgAQZ4D0QwDQYJKoZIhvcNAQELBQADggEBAHBZujH6NkNgUNby+kw9 Rq45jKhLm9zxyvtTCX1NpJ6rBmoCc5AwIhET75uh7Dx6hg/AXYZOnS5QarlQ8KZi +y0vQwWtoepqmq4wmShRkAmGtnPXxxRhJM8Jl0aphA05ZRW3Ym2uBr9s5WgsA/Yw Ne8QwlY+M0mx9ofVY94wSahiqGNYe5JW6z1kbt/F8ZZIBvcHQlvFzqKHCFzGUaVZ iF8xj7anvAZOv1lsvx90i+m4UMjdIEmv4lGLBzmP99a2tXh5EysG9YGOI3kbYAgo aEyyqwQt79n5zTNe4qEnqkYBEl+fr4cAV1MSQQySbyU3taTAMThLYUi/AxZ8j1Ly isQ= -----END CERTIFICATE-----Generated at Sun Jan 25 20:48:25 2026 by rpki-client