This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/7fa943-9ea6-4068-b6ae-a4d413d7f89c/1/KKWZx28likyMVAb14zfohn79Yug.roa File: KKWZx28likyMVAb14zfohn79Yug.roa (raw, json) Hash identifier: 4ZDQZPMsx4Sy0wYZWgttLz8wb3SoAPsBMt6QbOgSD10= Subject key identifier: 28:A5:99:C7:6F:25:8A:4C:8C:54:06:F5:E3:37:E8:86:7E:FD:62:E8 Certificate issuer: /CN=93ece780dfda43ab4a841727eb20d71fc76528bc Certificate serial: 019AB64D6E71DE7D2D1D3358A0E02D09481E Authority key identifier: 93:EC:E7:80:DF:DA:43:AB:4A:84:17:27:EB:20:D7:1F:C7:65:28:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k-zngN_aQ6tKhBcn6yDXH8dlKLw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/7fa943-9ea6-4068-b6ae-a4d413d7f89c/1/KKWZx28likyMVAb14zfohn79Yug.roa Signing time: Mon 24 Nov 2025 14:38:39 +0000 ROA not before: Mon 24 Nov 2025 14:38:39 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 214438 IP address blocks: 62.169.158.0/23 maxlen: 24 69.19.137.0/24 maxlen: 24 69.19.138.0/24 maxlen: 24 69.19.140.0/24 maxlen: 24 185.216.20.0/24 maxlen: 24 185.216.21.0/24 maxlen: 24 185.216.22.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/7fa943-9ea6-4068-b6ae-a4d413d7f89c/1/k-zngN_aQ6tKhBcn6yDXH8dlKLw.crl rsync://rpki.ripe.net/repository/DEFAULT/d3/7fa943-9ea6-4068-b6ae-a4d413d7f89c/1/k-zngN_aQ6tKhBcn6yDXH8dlKLw.mft rsync://rpki.ripe.net/repository/DEFAULT/k-zngN_aQ6tKhBcn6yDXH8dlKLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 21:29:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:b6:4d:6e:71:de:7d:2d:1d:33:58:a0:e0:2d:09:48:1e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=93ece780dfda43ab4a841727eb20d71fc76528bc Validity Not Before: Nov 24 14:38:39 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=28a599c76f258a4c8c5406f5e337e8867efd62e8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:9e:3f:79:0f:ec:94:e8:f5:f8:13:33:cd:76: 3e:93:e1:81:4f:a2:c8:63:85:7e:94:39:84:16:2a: ce:c7:bb:2a:5d:e3:5a:71:96:2f:ca:70:e3:62:21: 11:9d:70:83:70:1d:92:10:74:d4:50:e0:86:99:af: c8:ed:54:6d:65:3d:d8:66:99:1e:59:32:04:98:8f: 55:39:0a:6f:d7:2c:9f:ad:9e:f2:af:91:ca:4f:b0: d2:a0:ce:30:b2:95:99:ec:67:62:ea:74:9f:02:fd: de:2e:50:6b:77:23:18:3c:bb:7a:6a:9b:88:1c:da: 43:b2:6c:fd:f4:c4:8e:5f:1b:4d:d1:0e:18:68:37: e0:6f:21:1f:ed:43:13:54:f0:f7:26:07:07:d7:1b: 02:21:33:0f:f8:dd:44:9b:5b:20:6a:6e:b6:cf:54: 69:5b:78:d9:ae:97:c7:bf:84:e7:3a:a1:36:37:92: 6f:dd:f2:ca:6e:30:33:31:7b:66:06:6a:58:a9:b4: 55:67:c7:0f:e4:97:e7:06:2a:e7:ca:4e:ef:85:85: 88:88:10:23:c4:2e:08:c1:1a:63:b2:36:fd:54:ea: e4:be:74:21:c0:d2:51:af:81:73:66:be:ac:d5:8c: 25:3d:36:0a:6a:c3:37:11:67:26:99:31:e2:85:21: 41:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:A5:99:C7:6F:25:8A:4C:8C:54:06:F5:E3:37:E8:86:7E:FD:62:E8 X509v3 Authority Key Identifier: keyid:93:EC:E7:80:DF:DA:43:AB:4A:84:17:27:EB:20:D7:1F:C7:65:28:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k-zngN_aQ6tKhBcn6yDXH8dlKLw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/7fa943-9ea6-4068-b6ae-a4d413d7f89c/1/KKWZx28likyMVAb14zfohn79Yug.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/7fa943-9ea6-4068-b6ae-a4d413d7f89c/1/k-zngN_aQ6tKhBcn6yDXH8dlKLw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 62.169.158.0/23 69.19.137.0-69.19.138.255 69.19.140.0/24 185.216.20.0-185.216.22.255 Signature Algorithm: sha256WithRSAEncryption 76:38:13:b8:4e:cd:77:4e:d6:65:f7:5b:be:36:74:f3:5e:35: 28:a8:82:a2:41:72:02:66:fb:80:6a:8b:8b:e0:3e:7e:22:8a: 89:f3:8d:b5:2f:35:c1:0b:25:02:c9:f5:8f:d8:48:dd:47:35: 2f:95:fe:8a:0b:64:c0:ab:19:a8:47:41:14:ac:89:1e:4d:e7: 9b:83:55:20:84:8e:65:ef:3a:11:ae:23:f9:35:e8:9c:8d:7b: 29:e7:00:fe:a3:9d:1d:d4:c1:fe:a9:4c:37:2b:6b:99:95:85: 2b:fd:d7:dd:fb:2e:e3:ac:59:7b:a6:d0:7f:eb:05:a7:b5:41: fc:2f:93:79:00:71:26:64:e1:9a:7a:fb:f0:7b:d5:fa:28:b4: 86:7c:bd:72:39:d8:24:6b:35:8a:2f:a8:1d:68:05:02:e3:98: a1:66:a0:c5:37:c6:53:a4:28:e2:12:e3:3b:ca:3c:3c:dd:ea: 1d:9c:3b:02:03:81:b6:b5:2a:fc:c9:7e:12:24:ee:c2:a1:3c: ee:17:4d:6d:60:94:b0:4e:23:43:14:8d:b9:4c:cb:84:4d:e1: 4f:e8:9c:ec:d0:00:5a:49:76:1c:d7:aa:58:8e:19:b7:05:5a: 87:a6:7a:2d:a6:32:92:66:21:ce:c1:c5:7c:cf:4d:e5:e6:e8: 23:d9:12:b3 -----BEGIN CERTIFICATE----- MIIFHzCCBAegAwIBAgISAZq2TW5x3n0tHTNYoOAtCUgeMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkzZWNlNzgwZGZkYTQzYWI0YTg0MTcyN2ViMjBkNzFmYzc2 NTI4YmMwHhcNMjUxMTI0MTQzODM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyOGE1OTljNzZmMjU4YTRjOGM1NDA2ZjVlMzM3ZTg4NjdlZmQ2MmU4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqJ4/eQ/slOj1+BMzzXY+k+GBT6LI Y4V+lDmEFirOx7sqXeNacZYvynDjYiERnXCDcB2SEHTUUOCGma/I7VRtZT3YZpke WTIEmI9VOQpv1yyfrZ7yr5HKT7DSoM4wspWZ7Gdi6nSfAv3eLlBrdyMYPLt6apuI HNpDsmz99MSOXxtN0Q4YaDfgbyEf7UMTVPD3JgcH1xsCITMP+N1Em1sgam62z1Rp W3jZrpfHv4TnOqE2N5Jv3fLKbjAzMXtmBmpYqbRVZ8cP5JfnBirnyk7vhYWIiBAj xC4IwRpjsjb9VOrkvnQhwNJRr4FzZr6s1YwlPTYKasM3EWcmmTHihSFBtQIDAQAB o4ICKzCCAicwHQYDVR0OBBYEFCilmcdvJYpMjFQG9eM36IZ+/WLoMB8GA1UdIwQY MBaAFJPs54Df2kOrSoQXJ+sg1x/HZSi8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvay16bmdOX2FRNnRLaEJjbjZ5RFhIOGRsS0x3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy83ZmE5NDMtOWVhNi00MDY4LWI2YWUt YTRkNDEzZDdmODljLzEvS0tXWngyOGxpa3lNVkFiMTR6Zm9objc5WXVnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMy83ZmE5NDMtOWVhNi00MDY4LWI2YWUtYTRkNDEzZDdmODlj LzEvay16bmdOX2FRNnRLaEJjbjZ5RFhIOGRsS0x3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoAwQBPqmeMAwD BABFE4kDBABFE4oDBABFE4wwDAMEArnYFAMEALnYFjANBgkqhkiG9w0BAQsFAAOC AQEAdjgTuE7Nd07WZfdbvjZ08141KKiCokFyAmb7gGqLi+A+fiKKifONtS81wQsl Asn1j9hI3Uc1L5X+igtkwKsZqEdBFKyJHk3nm4NVIISOZe86Ea4j+TXonI17KecA /qOdHdTB/qlMNytrmZWFK/3X3fsu46xZe6bQf+sFp7VB/C+TeQBxJmThmnr78HvV +ii0hny9cjnYJGs1ii+oHWgFAuOYoWagxTfGU6Qo4hLjO8o8PN3qHZw7AgOBtrUq /Ml+EiTuwqE87hdNbWCUsE4jQxSNuUzLhE3hT+ic7NAAWkl2HNeqWI4ZtwVah6Z6 LaYykmYhzsHFfM9N5eboI9kSsw== -----END CERTIFICATE-----Generated at Sun Dec 7 03:34:13 2025 by rpki-client