This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/8c1323-afcc-4b44-9881-06308a44856d/1/kL9jbHUoIoWWPmJDOjYutDKq9S4.roa File: kL9jbHUoIoWWPmJDOjYutDKq9S4.roa (raw, json) Hash identifier: vJG3x4EHXbeIpONFrJoAJLtr1KSHjKyEb3xfexUn52o= Subject key identifier: 90:BF:63:6C:75:28:22:85:96:3E:62:43:3A:36:2E:B4:32:AA:F5:2E Certificate issuer: /CN=2cb035707202d4013a4479be5112d7fa227b7275 Certificate serial: 019B775962FA16D37D0E9538DA7B9638BFBC Authority key identifier: 2C:B0:35:70:72:02:D4:01:3A:44:79:BE:51:12:D7:FA:22:7B:72:75 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LLA1cHIC1AE6RHm-URLX-iJ7cnU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/8c1323-afcc-4b44-9881-06308a44856d/1/kL9jbHUoIoWWPmJDOjYutDKq9S4.roa Signing time: Thu 01 Jan 2026 02:18:25 +0000 ROA not before: Thu 01 Jan 2026 02:18:25 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 209566 IP address blocks: 194.62.129.0/24 maxlen: 24 2a0d:8c40:209::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/8c1323-afcc-4b44-9881-06308a44856d/1/LLA1cHIC1AE6RHm-URLX-iJ7cnU.crl rsync://rpki.ripe.net/repository/DEFAULT/f1/8c1323-afcc-4b44-9881-06308a44856d/1/LLA1cHIC1AE6RHm-URLX-iJ7cnU.mft rsync://rpki.ripe.net/repository/DEFAULT/LLA1cHIC1AE6RHm-URLX-iJ7cnU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:59:62:fa:16:d3:7d:0e:95:38:da:7b:96:38:bf:bc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2cb035707202d4013a4479be5112d7fa227b7275 Validity Not Before: Jan 1 02:18:25 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=90bf636c75282285963e62433a362eb432aaf52e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:0d:ce:17:f4:b2:fc:2b:dc:d1:03:bb:91:a6: 38:af:58:79:de:86:ed:6b:2c:9e:ae:c1:0c:1f:f4: 33:33:84:7d:16:06:7b:06:03:e1:49:b0:de:57:26: df:da:56:c4:6f:eb:73:64:35:4f:1c:c5:94:c7:53: 20:22:4b:c4:dd:45:19:26:4d:40:ed:3a:cb:4d:9f: fb:6e:11:f8:33:c2:9e:21:35:eb:b5:29:bb:61:15: 8f:dc:1c:b9:d5:e3:f5:be:40:dd:30:db:3a:82:2d: 66:18:60:6a:d5:ed:6d:67:47:a7:19:05:fa:de:f8: 71:3e:81:77:0b:e0:bb:7e:46:91:e1:f4:6e:d9:e5: 2f:3e:04:4c:88:79:ea:a3:a3:00:ce:fc:da:dc:a3: c9:5c:ce:68:cc:35:f4:d2:22:d5:12:a6:6d:10:e1: f1:98:63:f8:a7:1b:67:89:79:29:17:d7:66:a5:e5: 4b:73:ad:5d:ab:4d:1b:86:a0:ef:eb:12:06:55:4b: 34:38:24:08:0d:fa:07:8b:2f:d3:ce:ff:ea:07:e1: bb:fd:ed:19:3c:c4:62:19:b3:4c:7c:f5:ee:ff:23: 98:2c:fb:80:d3:21:d2:d1:33:9d:c3:5c:3d:97:1a: 30:d7:cd:2e:b8:e0:53:e2:34:d0:2e:14:0e:bf:e3: dd:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:BF:63:6C:75:28:22:85:96:3E:62:43:3A:36:2E:B4:32:AA:F5:2E X509v3 Authority Key Identifier: keyid:2C:B0:35:70:72:02:D4:01:3A:44:79:BE:51:12:D7:FA:22:7B:72:75 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LLA1cHIC1AE6RHm-URLX-iJ7cnU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/8c1323-afcc-4b44-9881-06308a44856d/1/kL9jbHUoIoWWPmJDOjYutDKq9S4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/8c1323-afcc-4b44-9881-06308a44856d/1/LLA1cHIC1AE6RHm-URLX-iJ7cnU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 194.62.129.0/24 IPv6: 2a0d:8c40:209::/48 Signature Algorithm: sha256WithRSAEncryption 8d:98:51:5d:5b:ce:ae:90:5a:ed:9f:63:e3:c9:8d:90:48:82: 7e:da:ff:d5:0a:1a:1d:1b:16:10:0d:1f:63:d3:51:b3:be:40: 8f:a2:7b:63:e8:e1:61:23:42:ba:41:d8:a4:4b:84:0d:b4:59: 32:69:83:c4:bd:d8:0e:51:17:ec:41:0f:91:20:f9:20:65:22: 58:be:b4:16:84:2e:9a:33:2b:62:56:cf:81:a4:61:25:0f:73: e7:31:1c:36:aa:b6:78:ea:9f:f6:3e:c8:d8:cf:32:de:a3:38: 47:a8:0c:6f:d1:c1:96:22:b7:75:27:33:e0:8e:c1:f8:b6:9e: 34:85:ed:3f:75:53:10:f4:c1:89:b5:1c:e2:5a:7c:da:bf:76: a9:d7:92:11:d6:f8:69:ef:bb:24:54:04:c9:1d:a0:72:03:62: 03:0e:92:9d:46:de:55:03:a6:bf:24:6b:4d:e0:60:f3:08:a4: c2:1d:cf:16:c1:06:72:03:c3:2c:e3:16:d9:95:57:e7:55:be: 48:73:f4:4d:67:1c:60:cf:db:1f:dc:da:85:a7:59:3a:62:89: 1c:cc:db:b3:54:26:d0:32:f7:da:18:c3:dd:ff:99:ae:d8:c4: fe:54:3b:47:6a:15:48:e5:a0:a3:cd:1c:26:b8:cc:2c:ca:bf: 8d:98:72:9a -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgISAZt3WWL6FtN9DpU42nuWOL+8MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJjYjAzNTcwNzIwMmQ0MDEzYTQ0NzliZTUxMTJkN2ZhMjI3 YjcyNzUwHhcNMjYwMTAxMDIxODI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5MGJmNjM2Yzc1MjgyMjg1OTYzZTYyNDMzYTM2MmViNDMyYWFmNTJlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtA3OF/Sy/Cvc0QO7kaY4r1h53obt ayyersEMH/QzM4R9FgZ7BgPhSbDeVybf2lbEb+tzZDVPHMWUx1MgIkvE3UUZJk1A 7TrLTZ/7bhH4M8KeITXrtSm7YRWP3By51eP1vkDdMNs6gi1mGGBq1e1tZ0enGQX6 3vhxPoF3C+C7fkaR4fRu2eUvPgRMiHnqo6MAzvza3KPJXM5ozDX00iLVEqZtEOHx mGP4pxtniXkpF9dmpeVLc61dq00bhqDv6xIGVUs0OCQIDfoHiy/Tzv/qB+G7/e0Z PMRiGbNMfPXu/yOYLPuA0yHS0TOdw1w9lxow180uuOBT4jTQLhQOv+PdXQIDAQAB o4ICGjCCAhYwHQYDVR0OBBYEFJC/Y2x1KCKFlj5iQzo2LrQyqvUuMB8GA1UdIwQY MBaAFCywNXByAtQBOkR5vlES1/oie3J1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTExBMWNISUMxQUU2UkhtLVVSTFgtaUo3Y25VLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS84YzEzMjMtYWZjYy00YjQ0LTk4ODEt MDYzMDhhNDQ4NTZkLzEva0w5amJIVW9Jb1dXUG1KRE9qWXV0REtxOVM0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mMS84YzEzMjMtYWZjYy00YjQ0LTk4ODEtMDYzMDhhNDQ4NTZk LzEvTExBMWNISUMxQUU2UkhtLVVSTFgtaUo3Y25VLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwj6BMA8E AgACMAkDBwAqDYxAAgkwDQYJKoZIhvcNAQELBQADggEBAI2YUV1bzq6QWu2fY+PJ jZBIgn7a/9UKGh0bFhANH2PTUbO+QI+ie2Po4WEjQrpB2KRLhA20WTJpg8S92A5R F+xBD5Eg+SBlIli+tBaELpozK2JWz4GkYSUPc+cxHDaqtnjqn/Y+yNjPMt6jOEeo DG/RwZYit3UnM+COwfi2njSF7T91UxD0wYm1HOJafNq/dqnXkhHW+GnvuyRUBMkd oHIDYgMOkp1G3lUDpr8ka03gYPMIpMIdzxbBBnIDwyzjFtmVV+dVvkhz9E1nHGDP 2x/c2oWnWTpiiRzM27NUJtAy99oYw93/ma7YxP5UO0dqFUjloKPNHCa4zCzKv42Y cpo= -----END CERTIFICATE-----Generated at Sun Jan 25 22:42:20 2026 by rpki-client