This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/27cbd0-a7b9-45fb-9954-78d1144ad967/1/kJTuRCvouXJMaVDF0pdJUxYymkE.roa File: kJTuRCvouXJMaVDF0pdJUxYymkE.roa (raw, json) Hash identifier: u4BkMutspCjtHl2p10ecFJYI7igX5XDffjXXKmzdde8= Subject key identifier: 90:94:EE:44:2B:E8:B9:72:4C:69:50:C5:D2:97:49:53:16:32:9A:41 Certificate issuer: /CN=ce5d4560448f78a4dcdcb791a07dad2163a08cdf Certificate serial: 019B7F14DC253CA428C5569F0667A032CD53 Authority key identifier: CE:5D:45:60:44:8F:78:A4:DC:DC:B7:91:A0:7D:AD:21:63:A0:8C:DF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zl1FYESPeKTc3LeRoH2tIWOgjN8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/27cbd0-a7b9-45fb-9954-78d1144ad967/1/kJTuRCvouXJMaVDF0pdJUxYymkE.roa Signing time: Fri 02 Jan 2026 14:20:32 +0000 ROA not before: Fri 02 Jan 2026 14:20:32 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 20473 IP address blocks: 195.68.242.0/23 maxlen: 23 195.68.242.0/24 maxlen: 24 195.68.243.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/04/27cbd0-a7b9-45fb-9954-78d1144ad967/1/zl1FYESPeKTc3LeRoH2tIWOgjN8.crl rsync://rpki.ripe.net/repository/DEFAULT/04/27cbd0-a7b9-45fb-9954-78d1144ad967/1/zl1FYESPeKTc3LeRoH2tIWOgjN8.mft rsync://rpki.ripe.net/repository/DEFAULT/zl1FYESPeKTc3LeRoH2tIWOgjN8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 20:39:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:14:dc:25:3c:a4:28:c5:56:9f:06:67:a0:32:cd:53 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ce5d4560448f78a4dcdcb791a07dad2163a08cdf Validity Not Before: Jan 2 14:20:32 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=9094ee442be8b9724c6950c5d297495316329a41 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:99:17:7e:ad:8d:8c:ee:37:a6:13:14:b3:17: bc:45:29:07:ae:ad:3e:0d:b9:15:10:22:67:2e:1b: 10:1f:36:60:1f:0f:b1:76:fe:67:07:d9:18:39:c5: de:fb:fd:34:65:0e:ed:64:e9:c3:65:db:b3:14:d3: fb:b9:33:33:2e:76:0c:40:5c:81:7a:fa:dc:90:76: 59:d5:a4:30:02:09:51:24:ba:0a:a9:79:47:17:8e: ad:a8:06:65:d4:7d:7a:f8:01:1a:b2:84:bd:91:9e: 28:e9:0c:ca:1c:af:62:1d:59:6c:af:b4:cd:74:10: 0f:4a:b6:b2:c4:4e:af:56:d4:90:80:15:1c:33:cb: 91:f7:2e:2c:54:e7:1d:a6:b7:25:22:bc:04:e7:77: 3e:5a:04:2e:59:e0:f8:fc:23:20:d6:3f:6f:0f:07: cd:7f:fb:e6:16:9a:af:82:d5:f6:21:92:bc:b7:18: 7f:db:f4:ba:b3:33:a7:aa:19:a4:7f:2c:6a:7d:e6: fa:a7:09:27:92:d2:8d:dd:c7:3e:6b:0e:d9:fa:d2: d7:b9:68:68:cf:ba:f7:35:e8:65:4d:43:9c:bb:b9: fb:99:d8:92:c4:f5:03:3d:8a:83:2d:f2:c5:59:49: 19:dd:70:ef:45:e0:97:78:c2:e0:04:50:56:85:47: dd:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:94:EE:44:2B:E8:B9:72:4C:69:50:C5:D2:97:49:53:16:32:9A:41 X509v3 Authority Key Identifier: keyid:CE:5D:45:60:44:8F:78:A4:DC:DC:B7:91:A0:7D:AD:21:63:A0:8C:DF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zl1FYESPeKTc3LeRoH2tIWOgjN8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/27cbd0-a7b9-45fb-9954-78d1144ad967/1/kJTuRCvouXJMaVDF0pdJUxYymkE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/04/27cbd0-a7b9-45fb-9954-78d1144ad967/1/zl1FYESPeKTc3LeRoH2tIWOgjN8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 195.68.242.0/23 Signature Algorithm: sha256WithRSAEncryption 79:26:b5:00:f3:83:37:7a:80:eb:61:50:84:de:a6:ed:b3:94: 66:1d:6c:a6:5c:c5:18:81:47:d1:0c:50:4a:a3:4f:47:2f:44: cb:cd:ba:e8:a2:c9:a4:ff:1f:01:9f:c0:77:34:01:60:b9:23: e2:e6:78:e6:ff:44:de:77:e0:a6:05:20:1a:51:c8:f3:a7:b1: c2:e1:cc:21:f5:4c:3a:11:6e:0a:92:90:42:b8:d8:69:7e:4b: 2c:55:25:03:07:83:a8:e1:5e:c7:1d:f6:b2:33:28:2f:1f:a3: ea:2b:0d:1f:58:48:fd:a5:2b:d6:52:45:21:7b:db:2a:9f:1a: 04:50:4a:9b:ab:73:e9:47:9a:58:c3:62:b0:39:07:36:14:4d: 53:aa:2f:d1:c5:72:b4:92:a5:33:33:59:69:5b:e8:14:4e:03: 12:12:f2:9e:d0:dc:22:19:89:06:f9:3e:0d:57:61:2c:bb:5d: e9:3c:a0:61:00:8c:10:e5:47:53:0c:43:51:52:d5:f2:62:3d: 16:39:98:cd:a1:d0:2a:6a:e9:ef:39:cb:bd:f6:d7:85:6d:4c: aa:d7:96:cd:21:cd:29:82:80:0d:5d:dc:83:23:bb:94:ac:17: 53:ab:cf:7b:05:ed:21:41:53:cc:f1:89:6e:8e:f0:64:85:d7: 4b:0b:69:34 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt/FNwlPKQoxVafBmegMs1TMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNlNWQ0NTYwNDQ4Zjc4YTRkY2RjYjc5MWEwN2RhZDIxNjNh MDhjZGYwHhcNMjYwMTAyMTQyMDMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5MDk0ZWU0NDJiZThiOTcyNGM2OTUwYzVkMjk3NDk1MzE2MzI5YTQxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAspkXfq2NjO43phMUsxe8RSkHrq0+ DbkVECJnLhsQHzZgHw+xdv5nB9kYOcXe+/00ZQ7tZOnDZduzFNP7uTMzLnYMQFyB evrckHZZ1aQwAglRJLoKqXlHF46tqAZl1H16+AEasoS9kZ4o6QzKHK9iHVlsr7TN dBAPSrayxE6vVtSQgBUcM8uR9y4sVOcdprclIrwE53c+WgQuWeD4/CMg1j9vDwfN f/vmFpqvgtX2IZK8txh/2/S6szOnqhmkfyxqfeb6pwknktKN3cc+aw7Z+tLXuWho z7r3NehlTUOcu7n7mdiSxPUDPYqDLfLFWUkZ3XDvReCXeMLgBFBWhUfdywIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFJCU7kQr6LlyTGlQxdKXSVMWMppBMB8GA1UdIwQY MBaAFM5dRWBEj3ik3Ny3kaB9rSFjoIzfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvemwxRllFU1BlS1RjM0xlUm9IMnRJV09nak44LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC8yN2NiZDAtYTdiOS00NWZiLTk5NTQt NzhkMTE0NGFkOTY3LzEva0pUdVJDdm91WEpNYVZERjBwZEpVeFl5bWtFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wNC8yN2NiZDAtYTdiOS00NWZiLTk5NTQtNzhkMTE0NGFkOTY3 LzEvemwxRllFU1BlS1RjM0xlUm9IMnRJV09nak44LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw0TyMA0G CSqGSIb3DQEBCwUAA4IBAQB5JrUA84M3eoDrYVCE3qbts5RmHWymXMUYgUfRDFBK o09HL0TLzbroosmk/x8Bn8B3NAFguSPi5njm/0Ted+CmBSAaUcjzp7HC4cwh9Uw6 EW4KkpBCuNhpfkssVSUDB4Oo4V7HHfayMygvH6PqKw0fWEj9pSvWUkUhe9sqnxoE UEqbq3PpR5pYw2KwOQc2FE1Tqi/RxXK0kqUzM1lpW+gUTgMSEvKe0NwiGYkG+T4N V2Esu13pPKBhAIwQ5UdTDENRUtXyYj0WOZjNodAqaunvOcu99teFbUyq15bNIc0p goANXdyDI7uUrBdTq897Be0hQVPM8YlujvBkhddLC2k0 -----END CERTIFICATE-----Generated at Tue Jan 27 04:24:32 2026 by rpki-client