This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/d8e5e3-f897-4da2-9df6-b401a4a04492/1/kovNbi9k6C5VS9TsNsh4WwyJcj4.roa File: kovNbi9k6C5VS9TsNsh4WwyJcj4.roa (raw, json) Hash identifier: wfzyhy6lTcFvyZ3aO38IsSFTP7CeDM/2TXk86k8bbkg= Subject key identifier: 92:8B:CD:6E:2F:64:E8:2E:55:4B:D4:EC:36:C8:78:5B:0C:89:72:3E Certificate issuer: /CN=aa5212958d8e1baa144a82a821f93a890dcba49a Certificate serial: 019BDA5E33E64C58A108AAAF3029AC6EE68E Authority key identifier: AA:52:12:95:8D:8E:1B:AA:14:4A:82:A8:21:F9:3A:89:0D:CB:A4:9A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qlISlY2OG6oUSoKoIfk6iQ3LpJo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/d8e5e3-f897-4da2-9df6-b401a4a04492/1/kovNbi9k6C5VS9TsNsh4WwyJcj4.roa Signing time: Tue 20 Jan 2026 07:46:05 +0000 ROA not before: Tue 20 Jan 2026 07:46:05 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 208185 IP address blocks: 43.226.226.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/d8e5e3-f897-4da2-9df6-b401a4a04492/1/qlISlY2OG6oUSoKoIfk6iQ3LpJo.crl rsync://rpki.ripe.net/repository/DEFAULT/dc/d8e5e3-f897-4da2-9df6-b401a4a04492/1/qlISlY2OG6oUSoKoIfk6iQ3LpJo.mft rsync://rpki.ripe.net/repository/DEFAULT/qlISlY2OG6oUSoKoIfk6iQ3LpJo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:da:5e:33:e6:4c:58:a1:08:aa:af:30:29:ac:6e:e6:8e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=aa5212958d8e1baa144a82a821f93a890dcba49a Validity Not Before: Jan 20 07:46:05 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=928bcd6e2f64e82e554bd4ec36c8785b0c89723e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:ec:61:79:3b:19:f5:ae:b4:66:5a:61:f2:28: fd:1b:4e:48:11:1a:ca:9f:00:26:3d:39:8c:c1:51: 9c:ef:c5:77:ed:81:8a:30:44:2e:fd:e7:19:72:6e: 73:02:ef:1b:50:a5:76:25:80:fb:07:b1:53:b7:6a: ba:0d:0e:67:3b:69:dc:28:35:c9:13:5b:e3:6d:a0: 9e:cf:e9:f2:aa:06:11:c6:d6:20:0a:cf:35:8b:39: 3f:86:31:7e:0c:44:d5:d9:15:cb:92:c9:70:2e:74: af:71:21:c7:44:f6:af:ae:70:98:ec:3c:c5:3d:b0: 32:b8:09:0e:42:79:02:c9:85:4a:13:c5:37:df:71: 70:bf:84:ac:40:1c:42:05:1c:88:de:aa:f4:6e:84: 98:2a:1c:9e:06:b2:ce:95:37:c9:f1:30:7c:fd:7a: fc:48:8a:6e:60:53:93:55:28:c4:8c:f5:1c:c2:5f: 79:cc:cd:8e:17:da:db:0c:17:17:78:cd:d6:28:ef: 10:c5:5f:2c:8f:f2:ef:56:38:08:ba:b0:68:3e:6e: 2e:1e:c3:a9:e5:b5:eb:e9:34:3f:b5:3a:d3:05:ea: cb:3c:c6:1f:1d:de:c0:e7:fa:9b:71:50:60:bd:67: bb:27:df:e2:d5:cc:e3:72:7c:11:a1:a1:51:69:56: 78:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 92:8B:CD:6E:2F:64:E8:2E:55:4B:D4:EC:36:C8:78:5B:0C:89:72:3E X509v3 Authority Key Identifier: keyid:AA:52:12:95:8D:8E:1B:AA:14:4A:82:A8:21:F9:3A:89:0D:CB:A4:9A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qlISlY2OG6oUSoKoIfk6iQ3LpJo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/d8e5e3-f897-4da2-9df6-b401a4a04492/1/kovNbi9k6C5VS9TsNsh4WwyJcj4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/d8e5e3-f897-4da2-9df6-b401a4a04492/1/qlISlY2OG6oUSoKoIfk6iQ3LpJo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.226.226.0/24 Signature Algorithm: sha256WithRSAEncryption d2:fe:9a:4b:97:4a:02:fe:00:4f:ad:ff:21:54:5b:7a:e6:e7: bb:d8:41:eb:99:8a:e9:ed:2f:25:f6:71:21:38:c8:1b:cb:13: 7c:2e:1e:af:5e:49:ef:b0:ce:fa:6f:15:33:3f:e6:26:45:40: 03:3f:1a:42:4b:55:56:3a:ba:20:72:a1:25:bc:86:e7:ca:b8: 34:58:b1:fa:63:fc:96:77:9f:f0:da:5d:f4:4a:a5:bb:85:a1: a2:f2:b3:8e:98:0e:b4:9b:cd:91:fa:27:b9:42:ed:81:db:99: e9:b7:b8:8b:1d:d8:76:74:2e:2e:7a:47:93:92:20:cd:52:6c: 42:ab:b4:b0:d0:7c:4c:57:52:98:17:16:04:71:c6:ff:a9:f8: 07:b7:a1:67:a0:ff:e3:69:30:8c:cf:63:9b:7e:9e:45:3e:34: 3d:39:51:42:ee:2c:31:6e:01:40:4f:91:a6:c8:89:69:c5:53: 1f:7d:2b:6e:6e:55:c1:75:0e:3c:b1:df:9f:35:72:6b:1d:a7: 13:b7:9e:98:c9:ee:0d:af:3e:3c:58:af:9d:83:39:44:be:b0: 01:f3:0f:31:5d:04:5d:2a:bf:f8:29:fc:05:08:77:97:0d:07: f5:54:b8:7d:be:25:ed:25:0b:53:cc:08:76:50:6e:ea:82:88: 1b:96:8d:80 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZvaXjPmTFihCKqvMCmsbuaOMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFhNTIxMjk1OGQ4ZTFiYWExNDRhODJhODIxZjkzYTg5MGRj YmE0OWEwHhcNMjYwMTIwMDc0NjA1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5MjhiY2Q2ZTJmNjRlODJlNTU0YmQ0ZWMzNmM4Nzg1YjBjODk3MjNlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoexheTsZ9a60Zlph8ij9G05IERrK nwAmPTmMwVGc78V37YGKMEQu/ecZcm5zAu8bUKV2JYD7B7FTt2q6DQ5nO2ncKDXJ E1vjbaCez+nyqgYRxtYgCs81izk/hjF+DETV2RXLkslwLnSvcSHHRPavrnCY7DzF PbAyuAkOQnkCyYVKE8U333Fwv4SsQBxCBRyI3qr0boSYKhyeBrLOlTfJ8TB8/Xr8 SIpuYFOTVSjEjPUcwl95zM2OF9rbDBcXeM3WKO8QxV8sj/LvVjgIurBoPm4uHsOp 5bXr6TQ/tTrTBerLPMYfHd7A5/qbcVBgvWe7J9/i1czjcnwRoaFRaVZ48wIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFJKLzW4vZOguVUvU7DbIeFsMiXI+MB8GA1UdIwQY MBaAFKpSEpWNjhuqFEqCqCH5OokNy6SaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcWxJU2xZMk9HNm9VU29Lb0lmazZpUTNMcEpvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9kOGU1ZTMtZjg5Ny00ZGEyLTlkZjYt YjQwMWE0YTA0NDkyLzEva292TmJpOWs2QzVWUzlUc05zaDRXd3lKY2o0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kYy9kOGU1ZTMtZjg5Ny00ZGEyLTlkZjYtYjQwMWE0YTA0NDky LzEvcWxJU2xZMk9HNm9VU29Lb0lmazZpUTNMcEpvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAK+LiMA0G CSqGSIb3DQEBCwUAA4IBAQDS/ppLl0oC/gBPrf8hVFt65ue72EHrmYrp7S8l9nEh OMgbyxN8Lh6vXknvsM76bxUzP+YmRUADPxpCS1VWOrogcqElvIbnyrg0WLH6Y/yW d5/w2l30SqW7haGi8rOOmA60m82R+ie5Qu2B25npt7iLHdh2dC4uekeTkiDNUmxC q7Sw0HxMV1KYFxYEccb/qfgHt6FnoP/jaTCMz2Obfp5FPjQ9OVFC7iwxbgFAT5Gm yIlpxVMffStublXBdQ48sd+fNXJrHacTt56Yye4Nrz48WK+dgzlEvrAB8w8xXQRd Kr/4KfwFCHeXDQf1VLh9viXtJQtTzAh2UG7qgogblo2A -----END CERTIFICATE-----Generated at Sun Jan 25 17:34:23 2026 by rpki-client