This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/d53c78-0d5b-4237-9999-0e2d697b27e3/1/KbY29WtKZkz8Fbjj7QvLlg811Iw.roa File: KbY29WtKZkz8Fbjj7QvLlg811Iw.roa (raw, json) Hash identifier: vGh5FY7zuISKMd7QAir+eppKFgiFx2llO5uFQh7FV0A= Subject key identifier: 29:B6:36:F5:6B:4A:66:4C:FC:15:B8:E3:ED:0B:CB:96:0F:35:D4:8C Certificate issuer: /CN=005ff9cc89c66a8a3a5d734a0d65c61fdc8518be Certificate serial: 019B7EA57A3790922FC734516BAAAB93B6FC Authority key identifier: 00:5F:F9:CC:89:C6:6A:8A:3A:5D:73:4A:0D:65:C6:1F:DC:85:18:BE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AF_5zInGaoo6XXNKDWXGH9yFGL4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/d53c78-0d5b-4237-9999-0e2d697b27e3/1/KbY29WtKZkz8Fbjj7QvLlg811Iw.roa Signing time: Fri 02 Jan 2026 12:18:52 +0000 ROA not before: Fri 02 Jan 2026 12:18:52 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 41637 IP address blocks: 194.50.113.0/24 maxlen: 24 2001:4d8f::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/d53c78-0d5b-4237-9999-0e2d697b27e3/1/AF_5zInGaoo6XXNKDWXGH9yFGL4.crl rsync://rpki.ripe.net/repository/DEFAULT/f8/d53c78-0d5b-4237-9999-0e2d697b27e3/1/AF_5zInGaoo6XXNKDWXGH9yFGL4.mft rsync://rpki.ripe.net/repository/DEFAULT/AF_5zInGaoo6XXNKDWXGH9yFGL4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 09:00:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a5:7a:37:90:92:2f:c7:34:51:6b:aa:ab:93:b6:fc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=005ff9cc89c66a8a3a5d734a0d65c61fdc8518be Validity Not Before: Jan 2 12:18:52 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=29b636f56b4a664cfc15b8e3ed0bcb960f35d48c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:f1:e8:be:7b:5b:95:9e:3a:2b:10:5d:d3:d8: 06:a8:08:ed:f8:09:92:c4:4e:12:20:5b:9a:30:bf: 54:ad:7c:49:f3:a5:8a:61:3e:a8:a3:b7:52:25:f9: 6b:04:fc:bc:2e:62:a1:13:89:d2:43:1e:da:96:60: 1e:7b:3a:b5:df:61:9f:60:19:c4:cf:3f:55:28:36: 52:4f:2e:51:24:fd:ab:1f:18:ab:99:56:a5:fd:00: 79:72:16:4b:b1:41:3a:4d:47:4e:65:99:38:73:9e: ad:1b:58:93:95:88:90:77:a9:70:c9:b9:3a:da:b1: 04:39:ae:ac:fc:72:11:cb:81:7f:61:56:5f:72:28: d2:d3:e8:03:e0:e7:b9:80:e6:5b:d7:95:32:27:eb: 0e:5a:f2:99:34:9f:70:30:4e:49:ed:a6:07:14:6b: 1c:ac:71:46:ad:33:31:5e:e3:a0:6b:6a:64:c0:59: 53:7f:43:18:fa:a6:ee:c0:10:2a:96:08:d1:ee:02: a1:ac:9c:b0:7e:f3:cb:a3:61:38:50:a3:60:7b:1e: 00:6f:17:73:5c:77:ec:6a:95:78:88:11:85:cb:16: 5d:a0:c9:87:5d:63:5e:61:b9:62:c8:b5:fe:09:cf: dd:d0:8c:95:98:bd:1e:da:93:0e:ee:ca:dd:c4:82: 95:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:B6:36:F5:6B:4A:66:4C:FC:15:B8:E3:ED:0B:CB:96:0F:35:D4:8C X509v3 Authority Key Identifier: keyid:00:5F:F9:CC:89:C6:6A:8A:3A:5D:73:4A:0D:65:C6:1F:DC:85:18:BE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AF_5zInGaoo6XXNKDWXGH9yFGL4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/d53c78-0d5b-4237-9999-0e2d697b27e3/1/KbY29WtKZkz8Fbjj7QvLlg811Iw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/d53c78-0d5b-4237-9999-0e2d697b27e3/1/AF_5zInGaoo6XXNKDWXGH9yFGL4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 194.50.113.0/24 IPv6: 2001:4d8f::/32 Signature Algorithm: sha256WithRSAEncryption 58:90:dd:6a:5f:ab:49:57:27:d1:73:5d:79:47:9e:a6:09:74: 7b:cd:b3:03:e0:13:0e:a6:07:35:1e:bb:0a:eb:6a:3d:5c:66: dc:f7:29:af:5f:c6:39:f2:92:01:fc:fb:45:c3:d9:38:a7:ce: b6:31:f6:70:1f:5e:5a:62:49:11:64:cd:83:4a:29:e5:81:2f: 19:1a:8a:ec:e1:e9:c1:26:34:fb:89:2f:20:64:f0:a7:93:5d: b9:79:e0:07:e7:c3:9e:c8:78:a0:b5:1f:7a:bd:6e:95:8b:86: bb:9d:ce:76:d2:c0:57:e2:48:84:2d:34:fa:8e:59:df:6c:a4: 53:93:bc:44:0d:d6:f3:6a:a0:39:f0:c3:0d:bf:8f:ff:30:7a: 13:b2:38:03:57:35:a3:db:cb:85:84:62:bd:5e:80:15:aa:72: a3:e2:9f:8d:0a:18:0e:00:1f:a7:b6:42:1c:62:9f:2e:1c:db: 19:70:4e:47:4c:b9:4e:16:17:54:60:76:fb:c7:7b:3b:a8:0e: ed:1b:78:81:51:ae:64:2b:21:a0:8d:7a:bf:03:94:c3:3a:55: f0:2e:77:f5:19:ad:7b:bf:a1:13:a0:df:0a:58:a1:4f:3b:99: 35:3d:33:6f:dd:b2:0a:52:99:25:44:9a:4a:3d:a4:99:35:2d: 47:89:77:79 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt+pXo3kJIvxzRRa6qrk7b8MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDAwNWZmOWNjODljNjZhOGEzYTVkNzM0YTBkNjVjNjFmZGM4 NTE4YmUwHhcNMjYwMTAyMTIxODUyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyOWI2MzZmNTZiNGE2NjRjZmMxNWI4ZTNlZDBiY2I5NjBmMzVkNDhjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxfHovntblZ46KxBd09gGqAjt+AmS xE4SIFuaML9UrXxJ86WKYT6oo7dSJflrBPy8LmKhE4nSQx7almAeezq132GfYBnE zz9VKDZSTy5RJP2rHxirmVal/QB5chZLsUE6TUdOZZk4c56tG1iTlYiQd6lwybk6 2rEEOa6s/HIRy4F/YVZfcijS0+gD4Oe5gOZb15UyJ+sOWvKZNJ9wME5J7aYHFGsc rHFGrTMxXuOga2pkwFlTf0MY+qbuwBAqlgjR7gKhrJywfvPLo2E4UKNgex4Abxdz XHfsapV4iBGFyxZdoMmHXWNeYbliyLX+Cc/d0IyVmL0e2pMO7srdxIKV4wIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFCm2NvVrSmZM/BW44+0Ly5YPNdSMMB8GA1UdIwQY MBaAFABf+cyJxmqKOl1zSg1lxh/chRi+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQUZfNXpJbkdhb282WFhOS0RXWEdIOXlGR0w0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9kNTNjNzgtMGQ1Yi00MjM3LTk5OTkt MGUyZDY5N2IyN2UzLzEvS2JZMjlXdEtaa3o4RmJqajdRdkxsZzgxMUl3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mOC9kNTNjNzgtMGQ1Yi00MjM3LTk5OTktMGUyZDY5N2IyN2Uz LzEvQUZfNXpJbkdhb282WFhOS0RXWEdIOXlGR0w0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwjJxMA0E AgACMAcDBQAgAU2PMA0GCSqGSIb3DQEBCwUAA4IBAQBYkN1qX6tJVyfRc115R56m CXR7zbMD4BMOpgc1HrsK62o9XGbc9ymvX8Y58pIB/PtFw9k4p862MfZwH15aYkkR ZM2DSinlgS8ZGors4enBJjT7iS8gZPCnk125eeAH58OeyHigtR96vW6Vi4a7nc52 0sBX4kiELTT6jlnfbKRTk7xEDdbzaqA58MMNv4//MHoTsjgDVzWj28uFhGK9XoAV qnKj4p+NChgOAB+ntkIcYp8uHNsZcE5HTLlOFhdUYHb7x3s7qA7tG3iBUa5kKyGg jXq/A5TDOlXwLnf1Ga17v6EToN8KWKFPO5k1PTNv3bIKUpklRJpKPaSZNS1HiXd5 -----END CERTIFICATE-----Generated at Sun Jan 25 19:37:56 2026 by rpki-client