This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/dcf976-007d-4542-b0e2-5f8fc707836a/1/kRwhJc9YP7PBT_VxjXqr6kKnSig.roa File: kRwhJc9YP7PBT_VxjXqr6kKnSig.roa (raw, json) Hash identifier: sdwxFkjlQepYKbUeVajivy+Ki1wWl6h3Im8+Blt6i98= Subject key identifier: 91:1C:21:25:CF:58:3F:B3:C1:4F:F5:71:8D:7A:AB:EA:42:A7:4A:28 Certificate issuer: /CN=593897174f967490dbf6189d479df2c9371bf404 Certificate serial: 019B77C74AACB738B273E1C622D331EF11F0 Authority key identifier: 59:38:97:17:4F:96:74:90:DB:F6:18:9D:47:9D:F2:C9:37:1B:F4:04 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WTiXF0-WdJDb9hidR53yyTcb9AQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/dcf976-007d-4542-b0e2-5f8fc707836a/1/kRwhJc9YP7PBT_VxjXqr6kKnSig.roa Signing time: Thu 01 Jan 2026 04:18:28 +0000 ROA not before: Thu 01 Jan 2026 04:18:28 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 8495 IP address blocks: 185.67.36.0/23 maxlen: 23 185.67.36.0/24 maxlen: 24 185.67.37.0/24 maxlen: 24 2a05:bc0:1000::/47 maxlen: 47 2a05:bc0:1000::/48 maxlen: 48 2a05:bc0:1001::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bb/dcf976-007d-4542-b0e2-5f8fc707836a/1/WTiXF0-WdJDb9hidR53yyTcb9AQ.crl rsync://rpki.ripe.net/repository/DEFAULT/bb/dcf976-007d-4542-b0e2-5f8fc707836a/1/WTiXF0-WdJDb9hidR53yyTcb9AQ.mft rsync://rpki.ripe.net/repository/DEFAULT/WTiXF0-WdJDb9hidR53yyTcb9AQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 01:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c7:4a:ac:b7:38:b2:73:e1:c6:22:d3:31:ef:11:f0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=593897174f967490dbf6189d479df2c9371bf404 Validity Not Before: Jan 1 04:18:28 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=911c2125cf583fb3c14ff5718d7aabea42a74a28 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:f0:83:51:4c:39:8a:2f:7f:ca:9f:94:8f:f9: 87:b9:ee:a1:f6:82:2a:7d:70:2f:43:4b:9b:20:cd: 74:f7:02:fc:67:da:12:f8:26:1e:f4:58:4a:2c:4f: 42:17:ce:65:35:7b:07:64:f8:c2:8f:a5:ef:74:e8: 42:80:2f:f4:65:97:27:ac:69:7f:f7:97:24:82:04: b6:3f:13:bb:4d:1e:50:c6:31:ea:8f:33:32:4c:c1: 34:7b:22:ef:57:da:a5:bd:4c:98:f4:01:6d:15:6a: 3e:44:47:66:ae:28:1f:f1:3f:ad:fe:6c:4f:22:28: 74:36:84:93:0d:e9:f4:9c:05:55:9e:9a:0a:37:de: 51:15:f1:e9:24:44:1a:9b:25:81:a5:56:53:d4:b6: 8c:4c:47:0e:fa:0b:6d:ea:47:aa:31:f4:58:ba:07: a3:22:33:11:04:ec:d4:00:53:3b:f0:23:ce:74:79: 1c:70:6f:c7:f8:09:fa:7e:ee:9e:61:d8:6b:bd:38: f8:08:ad:05:68:e1:ab:13:6b:62:9c:66:2e:d8:fd: ae:78:79:3a:94:30:e6:3d:fe:4a:ed:83:20:f2:d5: a5:93:48:22:2b:f9:41:67:cc:88:e7:3a:2a:2c:08: d2:84:49:9e:6e:21:90:7e:f4:45:d1:57:fc:63:09: 31:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 91:1C:21:25:CF:58:3F:B3:C1:4F:F5:71:8D:7A:AB:EA:42:A7:4A:28 X509v3 Authority Key Identifier: keyid:59:38:97:17:4F:96:74:90:DB:F6:18:9D:47:9D:F2:C9:37:1B:F4:04 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WTiXF0-WdJDb9hidR53yyTcb9AQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/dcf976-007d-4542-b0e2-5f8fc707836a/1/kRwhJc9YP7PBT_VxjXqr6kKnSig.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/dcf976-007d-4542-b0e2-5f8fc707836a/1/WTiXF0-WdJDb9hidR53yyTcb9AQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.67.36.0/23 IPv6: 2a05:bc0:1000::/47 Signature Algorithm: sha256WithRSAEncryption 8f:65:ee:91:5f:22:fd:e7:f2:50:45:e6:a8:35:c1:24:ad:38: a5:ee:dc:31:5c:f1:cc:c7:b1:7a:5d:2b:a8:18:7c:75:c0:a4: d4:0e:82:cb:77:f6:e4:01:8d:5b:07:e7:ef:6d:d7:02:d0:03: d9:a0:78:b4:2b:dc:3c:b2:e2:06:19:dd:46:72:0e:71:b4:6a: 91:4d:4e:f2:1e:9d:5e:1e:01:b6:6c:69:91:2d:a3:1a:11:2c: ad:c5:cc:6b:db:26:d0:7c:0b:fd:0f:6b:8d:57:80:cb:5e:d6: 65:3f:a2:48:b8:84:2d:80:6f:34:97:7b:14:91:eb:f8:df:78: e3:c0:80:72:13:aa:9b:92:f0:84:27:03:18:b7:49:3e:3c:1a: a9:58:91:0f:86:c8:71:de:16:f8:70:f3:a6:22:51:79:08:d5: 7d:06:85:67:fd:ff:f3:bd:ea:36:39:3e:71:b8:a8:f0:31:90: 47:ee:b6:c7:3b:a6:2f:91:d0:17:4a:39:5a:bc:8e:61:7c:7c: 14:b1:14:04:20:b3:20:b6:8c:60:ce:23:95:c9:28:48:6d:e6: 98:1d:8c:05:ff:33:3b:07:74:f0:c4:d3:45:96:ca:5c:ea:75: 1d:fd:4b:41:d6:cc:b9:53:b6:22:11:e4:a7:7e:05:b4:58:6c: 8c:72:e2:c2 -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgISAZt3x0qstziyc+HGItMx7xHwMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDU5Mzg5NzE3NGY5Njc0OTBkYmY2MTg5ZDQ3OWRmMmM5Mzcx YmY0MDQwHhcNMjYwMTAxMDQxODI4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5MTFjMjEyNWNmNTgzZmIzYzE0ZmY1NzE4ZDdhYWJlYTQyYTc0YTI4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApPCDUUw5ii9/yp+Uj/mHue6h9oIq fXAvQ0ubIM109wL8Z9oS+CYe9FhKLE9CF85lNXsHZPjCj6XvdOhCgC/0ZZcnrGl/ 95ckggS2PxO7TR5QxjHqjzMyTME0eyLvV9qlvUyY9AFtFWo+REdmrigf8T+t/mxP Iih0NoSTDen0nAVVnpoKN95RFfHpJEQamyWBpVZT1LaMTEcO+gtt6keqMfRYugej IjMRBOzUAFM78CPOdHkccG/H+An6fu6eYdhrvTj4CK0FaOGrE2tinGYu2P2ueHk6 lDDmPf5K7YMg8tWlk0giK/lBZ8yI5zoqLAjShEmebiGQfvRF0Vf8YwkxhQIDAQAB o4ICGjCCAhYwHQYDVR0OBBYEFJEcISXPWD+zwU/1cY16q+pCp0ooMB8GA1UdIwQY MBaAFFk4lxdPlnSQ2/YYnUed8sk3G/QEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvV1RpWEYwLVdkSkRiOWhpZFI1M3l5VGNiOUFRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi9kY2Y5NzYtMDA3ZC00NTQyLWIwZTIt NWY4ZmM3MDc4MzZhLzEva1J3aEpjOVlQN1BCVF9WeGpYcXI2a0tuU2lnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYi9kY2Y5NzYtMDA3ZC00NTQyLWIwZTItNWY4ZmM3MDc4MzZh LzEvV1RpWEYwLVdkSkRiOWhpZFI1M3l5VGNiOUFRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBuUMkMA8E AgACMAkDBwEqBQvAEAAwDQYJKoZIhvcNAQELBQADggEBAI9l7pFfIv3n8lBF5qg1 wSStOKXu3DFc8czHsXpdK6gYfHXApNQOgst39uQBjVsH5+9t1wLQA9mgeLQr3Dyy 4gYZ3UZyDnG0apFNTvIenV4eAbZsaZEtoxoRLK3FzGvbJtB8C/0Pa41XgMte1mU/ oki4hC2AbzSXexSR6/jfeOPAgHITqpuS8IQnAxi3ST48GqlYkQ+GyHHeFvhw86Yi UXkI1X0GhWf9//O96jY5PnG4qPAxkEfutsc7pi+R0BdKOVq8jmF8fBSxFAQgsyC2 jGDOI5XJKEht5pgdjAX/MzsHdPDE00WWylzqdR39S0HWzLlTtiIR5Kd+BbRYbIxy 4sI= -----END CERTIFICATE-----Generated at Mon Jan 26 10:52:57 2026 by rpki-client