This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/ca34eb-8e20-4bf1-b1b2-5872109b67a8/1/KbTR7aHwwLpZYX34f5JnyinWFjs.roa File: KbTR7aHwwLpZYX34f5JnyinWFjs.roa (raw, json) Hash identifier: SB5fokkBufwe+kAeEHnmUVt4YkIfxrCsr/69Y8UsTR8= Subject key identifier: 29:B4:D1:ED:A1:F0:C0:BA:59:61:7D:F8:7F:92:67:CA:29:D6:16:3B Certificate issuer: /CN=e5a6794b91b81406412a137870bfde3b170de094 Certificate serial: 019B7EA72FFB01F181B24F352A7D3C8CF8AC Authority key identifier: E5:A6:79:4B:91:B8:14:06:41:2A:13:78:70:BF:DE:3B:17:0D:E0:94 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5aZ5S5G4FAZBKhN4cL_eOxcN4JQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/ca34eb-8e20-4bf1-b1b2-5872109b67a8/1/KbTR7aHwwLpZYX34f5JnyinWFjs.roa Signing time: Fri 02 Jan 2026 12:20:44 +0000 ROA not before: Fri 02 Jan 2026 12:20:44 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 199335 IP address blocks: 80.94.192.0/20 maxlen: 20 85.12.112.0/21 maxlen: 21 85.12.124.0/24 maxlen: 24 85.12.125.0/24 maxlen: 24 85.92.160.0/22 maxlen: 22 85.92.164.0/22 maxlen: 22 85.92.168.0/22 maxlen: 22 85.92.172.0/22 maxlen: 22 85.92.176.0/22 maxlen: 22 85.92.180.0/22 maxlen: 22 85.92.184.0/22 maxlen: 22 85.92.188.0/22 maxlen: 22 176.126.224.0/21 maxlen: 21 185.5.64.0/22 maxlen: 22 185.41.228.0/22 maxlen: 22 185.99.21.0/24 maxlen: 24 185.113.60.0/22 maxlen: 22 188.241.40.0/21 maxlen: 21 2a02:77c0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e9/ca34eb-8e20-4bf1-b1b2-5872109b67a8/1/5aZ5S5G4FAZBKhN4cL_eOxcN4JQ.crl rsync://rpki.ripe.net/repository/DEFAULT/e9/ca34eb-8e20-4bf1-b1b2-5872109b67a8/1/5aZ5S5G4FAZBKhN4cL_eOxcN4JQ.mft rsync://rpki.ripe.net/repository/DEFAULT/5aZ5S5G4FAZBKhN4cL_eOxcN4JQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 16:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a7:2f:fb:01:f1:81:b2:4f:35:2a:7d:3c:8c:f8:ac Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e5a6794b91b81406412a137870bfde3b170de094 Validity Not Before: Jan 2 12:20:44 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=29b4d1eda1f0c0ba59617df87f9267ca29d6163b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:c1:16:01:b1:67:73:03:be:10:ab:44:0b:62: 3a:99:36:07:b4:3e:6b:84:6e:7a:8c:50:93:fa:b5: a8:10:23:fe:69:7a:66:fb:24:83:f7:c6:32:e7:db: 79:ff:3e:e9:72:7c:b0:f7:c1:bb:0b:9a:7b:91:14: 0a:1f:06:05:a0:87:df:c4:e0:2a:b5:49:e1:11:eb: d6:c1:91:10:5c:0c:7a:36:6d:1d:86:80:ad:c6:03: ca:0a:e3:ff:06:16:5e:8a:ac:0f:cf:35:f2:da:d0: 60:e9:33:78:00:eb:e2:7c:b5:84:6c:80:7e:1b:a8: 92:64:b1:31:34:09:33:23:17:af:49:4f:8c:49:e2: 49:5b:08:e4:cf:64:c3:0a:70:7e:3c:38:14:42:79: 44:df:88:c2:c9:45:8d:d4:ca:47:40:dd:c0:ad:be: af:13:8b:93:7b:60:7a:f3:ca:c3:4c:aa:cb:e8:41: 65:ed:b4:87:02:45:cc:6b:ce:9a:6f:18:e0:8d:bb: 4b:5c:31:dd:99:57:ff:2d:cc:c1:77:fb:21:e2:37: a4:8f:75:aa:82:7e:65:0d:08:aa:ea:73:08:e6:bd: 00:85:f4:ea:97:f1:e7:b9:4c:ac:f8:b0:c6:38:6e: 42:d8:44:06:d2:5f:92:ba:64:45:27:a4:79:d2:13: 34:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:B4:D1:ED:A1:F0:C0:BA:59:61:7D:F8:7F:92:67:CA:29:D6:16:3B X509v3 Authority Key Identifier: keyid:E5:A6:79:4B:91:B8:14:06:41:2A:13:78:70:BF:DE:3B:17:0D:E0:94 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5aZ5S5G4FAZBKhN4cL_eOxcN4JQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/ca34eb-8e20-4bf1-b1b2-5872109b67a8/1/KbTR7aHwwLpZYX34f5JnyinWFjs.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/ca34eb-8e20-4bf1-b1b2-5872109b67a8/1/5aZ5S5G4FAZBKhN4cL_eOxcN4JQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 80.94.192.0/20 85.12.112.0/21 85.12.124.0/23 85.92.160.0/19 176.126.224.0/21 185.5.64.0/22 185.41.228.0/22 185.99.21.0/24 185.113.60.0/22 188.241.40.0/21 IPv6: 2a02:77c0::/32 Signature Algorithm: sha256WithRSAEncryption 1d:0e:b6:87:62:68:a9:87:69:d5:92:1f:52:96:d7:34:42:00: b1:ca:92:bc:9d:71:30:a6:85:7e:7c:fa:80:c6:4d:6f:15:54: 5d:75:19:2c:30:46:3c:cb:ab:c8:65:06:70:e7:51:63:4a:bf: fc:5d:c7:c3:84:af:48:eb:ae:08:17:8a:70:96:64:cc:07:28: a1:22:d9:1c:4c:91:31:f1:a2:95:91:98:87:a7:23:2c:f6:0c: ec:37:83:3c:1f:d2:4e:ac:f2:41:b4:31:53:bc:0f:86:1f:f2: e3:d5:8f:c1:92:8b:cd:1c:fd:45:08:2e:66:d9:ac:c1:e7:54: 63:35:99:57:ef:52:9c:ce:c1:06:d6:d2:34:39:3e:47:c4:ed: 79:8e:25:48:86:0b:a8:9c:36:3a:02:11:67:a7:2b:0e:83:a9: 31:30:26:e8:75:06:e0:ce:db:24:ab:03:1c:04:ad:d4:aa:c9: 70:23:b3:9e:53:e4:59:7f:cd:15:3a:b9:03:e9:96:09:b1:77: 1e:86:00:e9:9b:02:c1:5f:d9:52:df:87:a1:12:cd:14:79:d8: 3a:f4:49:b5:e4:16:05:ce:c0:38:2d:ee:cb:41:ff:16:f2:9c: ff:de:69:6b:e8:0d:36:4b:b7:24:7a:b6:dd:ab:c2:5a:88:0c: 3e:b3:81:82 -----BEGIN CERTIFICATE----- MIIFQjCCBCqgAwIBAgISAZt+py/7AfGBsk81Kn08jPisMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGU1YTY3OTRiOTFiODE0MDY0MTJhMTM3ODcwYmZkZTNiMTcw ZGUwOTQwHhcNMjYwMTAyMTIyMDQ0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyOWI0ZDFlZGExZjBjMGJhNTk2MTdkZjg3ZjkyNjdjYTI5ZDYxNjNiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt8EWAbFncwO+EKtEC2I6mTYHtD5r hG56jFCT+rWoECP+aXpm+ySD98Yy59t5/z7pcnyw98G7C5p7kRQKHwYFoIffxOAq tUnhEevWwZEQXAx6Nm0dhoCtxgPKCuP/BhZeiqwPzzXy2tBg6TN4AOvifLWEbIB+ G6iSZLExNAkzIxevSU+MSeJJWwjkz2TDCnB+PDgUQnlE34jCyUWN1MpHQN3Arb6v E4uTe2B688rDTKrL6EFl7bSHAkXMa86abxjgjbtLXDHdmVf/LczBd/sh4jekj3Wq gn5lDQiq6nMI5r0AhfTql/HnuUys+LDGOG5C2EQG0l+SumRFJ6R50hM0eQIDAQAB o4ICTjCCAkowHQYDVR0OBBYEFCm00e2h8MC6WWF9+H+SZ8op1hY7MB8GA1UdIwQY MBaAFOWmeUuRuBQGQSoTeHC/3jsXDeCUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNWFaNVM1RzRGQVpCS2hONGNMX2VPeGNONEpRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS9jYTM0ZWItOGUyMC00YmYxLWIxYjIt NTg3MjEwOWI2N2E4LzEvS2JUUjdhSHd3THBaWVgzNGY1Sm55aW5XRmpzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lOS9jYTM0ZWItOGUyMC00YmYxLWIxYjItNTg3MjEwOWI2N2E4 LzEvNWFaNVM1RzRGQVpCS2hONGNMX2VPeGNONEpRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzBCBAIAATA8AwQEUF7AAwQD VQxwAwQBVQx8AwQFVVygAwQDsH7gAwQCuQVAAwQCuSnkAwQAuWMVAwQCuXE8AwQD vPEoMA0EAgACMAcDBQAqAnfAMA0GCSqGSIb3DQEBCwUAA4IBAQAdDraHYmiph2nV kh9Sltc0QgCxypK8nXEwpoV+fPqAxk1vFVRddRksMEY8y6vIZQZw51FjSr/8XcfD hK9I664IF4pwlmTMByihItkcTJEx8aKVkZiHpyMs9gzsN4M8H9JOrPJBtDFTvA+G H/Lj1Y/BkovNHP1FCC5m2azB51RjNZlX71KczsEG1tI0OT5HxO15jiVIhguonDY6 AhFnpysOg6kxMCbodQbgztskqwMcBK3UqslwI7OeU+RZf80VOrkD6ZYJsXcehgDp mwLBX9lS34ehEs0Uedg69Em15BYFzsA4Le7LQf8W8pz/3mlr6A02S7ckerbdq8Ja iAw+s4GC -----END CERTIFICATE-----Generated at Mon Jan 26 02:01:36 2026 by rpki-client