This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/bfb4f2-887a-4013-a8f8-8e300efd13bc/1/KYwuzPdQcxFtvMJ482Z-no0-rlI.roa File: KYwuzPdQcxFtvMJ482Z-no0-rlI.roa (raw, json) Hash identifier: WFv3oIQNO2UW+gImEV96V10XtC3ybgEz6IBrXZKDplc= Subject key identifier: 29:8C:2E:CC:F7:50:73:11:6D:BC:C2:78:F3:66:7E:9E:8D:3E:AE:52 Certificate issuer: /CN=08285473c978ca51ce5469aa4aedca16445bd652 Certificate serial: 019B7EA70C2D367C9C3EF0F20751156B51B9 Authority key identifier: 08:28:54:73:C9:78:CA:51:CE:54:69:AA:4A:ED:CA:16:44:5B:D6:52 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CChUc8l4ylHOVGmqSu3KFkRb1lI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/bfb4f2-887a-4013-a8f8-8e300efd13bc/1/KYwuzPdQcxFtvMJ482Z-no0-rlI.roa Signing time: Fri 02 Jan 2026 12:20:35 +0000 ROA not before: Fri 02 Jan 2026 12:20:35 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 42863 IP address blocks: 31.22.128.0/17 maxlen: 24 46.50.0.0/17 maxlen: 24 83.223.224.0/19 maxlen: 24 88.214.128.0/18 maxlen: 24 89.214.0.0/16 maxlen: 24 92.250.0.0/17 maxlen: 24 95.69.0.0/17 maxlen: 24 185.92.96.0/22 maxlen: 24 188.140.0.0/17 maxlen: 24 2a02:870::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/bfb4f2-887a-4013-a8f8-8e300efd13bc/1/CChUc8l4ylHOVGmqSu3KFkRb1lI.crl rsync://rpki.ripe.net/repository/DEFAULT/01/bfb4f2-887a-4013-a8f8-8e300efd13bc/1/CChUc8l4ylHOVGmqSu3KFkRb1lI.mft rsync://rpki.ripe.net/repository/DEFAULT/CChUc8l4ylHOVGmqSu3KFkRb1lI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a7:0c:2d:36:7c:9c:3e:f0:f2:07:51:15:6b:51:b9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=08285473c978ca51ce5469aa4aedca16445bd652 Validity Not Before: Jan 2 12:20:35 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=298c2eccf75073116dbcc278f3667e9e8d3eae52 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:06:78:42:84:0d:68:3b:8c:e3:b0:d3:fd:94: e4:17:5b:e6:22:52:15:6e:3b:6d:26:38:8f:25:18: 19:6b:52:19:56:d8:69:61:72:06:31:3d:9e:c7:b2: 9c:cb:62:a9:79:77:6d:ba:24:59:7f:16:73:aa:f0: fd:49:a2:30:9a:7d:f2:a6:dc:9b:e9:da:26:ca:f8: c2:f8:53:8d:e7:e6:d2:51:e2:96:f3:a6:13:aa:d3: cb:2e:09:85:9f:cf:02:d3:e7:c0:8a:8f:f0:3c:04: 19:11:c3:00:30:8a:5b:3d:8e:e1:ca:89:4b:a8:0f: b1:45:df:cb:ec:df:0f:84:9e:3c:00:56:34:30:14: 67:54:d9:bd:86:52:4b:3d:f7:33:20:3e:b3:81:ad: c4:0f:95:49:f7:83:97:6d:8b:46:29:a7:54:ba:92: 1b:fb:c8:04:aa:37:3a:46:7a:2d:bd:dc:81:5d:14: 59:7b:50:17:5c:cf:4a:2f:1f:65:43:24:8f:7d:13: bd:d2:33:e9:54:96:16:a7:b7:d1:1e:bc:48:35:a7: 1a:f4:4e:a3:cf:7b:de:40:a4:54:8d:dc:32:5f:7a: 85:ae:19:af:71:d9:0b:5c:50:af:57:b1:87:7e:5c: dd:6e:c9:98:4d:cd:bb:f7:b0:0b:15:af:d9:8b:ec: 71:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:8C:2E:CC:F7:50:73:11:6D:BC:C2:78:F3:66:7E:9E:8D:3E:AE:52 X509v3 Authority Key Identifier: keyid:08:28:54:73:C9:78:CA:51:CE:54:69:AA:4A:ED:CA:16:44:5B:D6:52 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CChUc8l4ylHOVGmqSu3KFkRb1lI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/bfb4f2-887a-4013-a8f8-8e300efd13bc/1/KYwuzPdQcxFtvMJ482Z-no0-rlI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/01/bfb4f2-887a-4013-a8f8-8e300efd13bc/1/CChUc8l4ylHOVGmqSu3KFkRb1lI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.22.128.0/17 46.50.0.0/17 83.223.224.0/19 88.214.128.0/18 89.214.0.0/16 92.250.0.0/17 95.69.0.0/17 185.92.96.0/22 188.140.0.0/17 IPv6: 2a02:870::/32 Signature Algorithm: sha256WithRSAEncryption 16:15:b7:7c:6e:06:31:0a:5d:4d:59:5a:1c:6b:9a:6e:cd:53: bc:73:fd:de:28:81:ec:e0:f4:2f:d9:5b:8a:5c:40:2a:fd:31: fb:67:5d:f1:fe:30:11:c5:7d:0c:15:12:85:93:27:7e:56:6b: b7:62:1a:73:a6:07:de:59:ad:e6:25:bb:67:f2:44:fb:43:82: 48:81:5a:d8:43:7a:00:79:9e:b4:ff:d3:8f:01:99:ae:12:9e: 44:f6:c2:5f:10:62:aa:f6:01:61:cc:95:74:be:f4:68:30:9e: 7c:ad:1b:29:ea:55:e5:42:0a:45:b9:68:cd:3b:75:e8:83:06: 07:5b:67:77:bc:ae:e7:b9:7a:bc:f8:8f:bd:70:e3:a4:bd:ef: 5f:7b:a2:84:90:4e:6a:c2:72:2c:0d:b9:7b:7a:b2:87:8b:fc: cf:91:f5:e0:22:0b:6c:1c:54:22:87:ab:3a:1e:e2:ee:b5:76: dc:8c:29:12:51:3b:98:ce:e0:96:78:5e:97:72:de:90:ef:4b: 0d:28:a8:5f:6b:91:bb:cb:63:cd:ce:39:ec:93:ce:a3:2b:5e: 40:e7:8b:b2:f8:4f:0d:c3:ce:99:9a:c3:8f:27:52:de:48:56: 7f:1f:cf:72:32:09:df:ef:91:e3:91:a8:09:bb:01:ab:fe:3b: 15:e3:63:7e -----BEGIN CERTIFICATE----- MIIFOzCCBCOgAwIBAgISAZt+pwwtNnycPvDyB1EVa1G5MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA4Mjg1NDczYzk3OGNhNTFjZTU0NjlhYTRhZWRjYTE2NDQ1 YmQ2NTIwHhcNMjYwMTAyMTIyMDM1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyOThjMmVjY2Y3NTA3MzExNmRiY2MyNzhmMzY2N2U5ZThkM2VhZTUyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqwZ4QoQNaDuM47DT/ZTkF1vmIlIV bjttJjiPJRgZa1IZVthpYXIGMT2ex7Kcy2KpeXdtuiRZfxZzqvD9SaIwmn3yptyb 6domyvjC+FON5+bSUeKW86YTqtPLLgmFn88C0+fAio/wPAQZEcMAMIpbPY7hyolL qA+xRd/L7N8PhJ48AFY0MBRnVNm9hlJLPfczID6zga3ED5VJ94OXbYtGKadUupIb +8gEqjc6RnotvdyBXRRZe1AXXM9KLx9lQySPfRO90jPpVJYWp7fRHrxINaca9E6j z3veQKRUjdwyX3qFrhmvcdkLXFCvV7GHflzdbsmYTc2797ALFa/Zi+xx9QIDAQAB o4ICRzCCAkMwHQYDVR0OBBYEFCmMLsz3UHMRbbzCePNmfp6NPq5SMB8GA1UdIwQY MBaAFAgoVHPJeMpRzlRpqkrtyhZEW9ZSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQ0NoVWM4bDR5bEhPVkdtcVN1M0tGa1JiMWxJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9iZmI0ZjItODg3YS00MDEzLWE4Zjgt OGUzMDBlZmQxM2JjLzEvS1l3dXpQZFFjeEZ0dk1KNDgyWi1ubzAtcmxJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMS9iZmI0ZjItODg3YS00MDEzLWE4ZjgtOGUzMDBlZmQxM2Jj LzEvQ0NoVWM4bDR5bEhPVkdtcVN1M0tGa1JiMWxJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDA7BAIAATA1AwQHHxaAAwQH LjIAAwQFU9/gAwQGWNaAAwMAWdYDBAdc+gADBAdfRQADBAK5XGADBAe8jAAwDQQC AAIwBwMFACoCCHAwDQYJKoZIhvcNAQELBQADggEBABYVt3xuBjEKXU1ZWhxrmm7N U7xz/d4ogezg9C/ZW4pcQCr9MftnXfH+MBHFfQwVEoWTJ35Wa7diGnOmB95ZreYl u2fyRPtDgkiBWthDegB5nrT/048Bma4SnkT2wl8QYqr2AWHMlXS+9GgwnnytGynq VeVCCkW5aM07deiDBgdbZ3e8rue5erz4j71w46S97197ooSQTmrCciwNuXt6soeL /M+R9eAiC2wcVCKHqzoe4u61dtyMKRJRO5jO4JZ4Xpdy3pDvSw0oqF9rkbvLY83O OeyTzqMrXkDni7L4Tw3Dzpmaw48nUt5IVn8fz3IyCd/vkeORqAm7Aav+OxXjY34= -----END CERTIFICATE-----Generated at Mon Feb 9 22:32:21 2026 by rpki-client