This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/3bc707-76e7-4987-befa-981184dee131/1/KiGqqB6_C_ieZKJBT6I3N4MMdDE.roa File: KiGqqB6_C_ieZKJBT6I3N4MMdDE.roa (raw, json) Hash identifier: rhV7ftUdpJwNEXvedltkn1lDN8x7VUAPfzQjlu6gj8U= Subject key identifier: 2A:21:AA:A8:1E:BF:0B:F8:9E:64:A2:41:4F:A2:37:37:83:0C:74:31 Certificate issuer: /CN=d34fa6be3f5c38f4bb7e062b6707747f4961a048 Certificate serial: 019B7911285BCD3E86AF35F71C2FC52CBFEC Authority key identifier: D3:4F:A6:BE:3F:5C:38:F4:BB:7E:06:2B:67:07:74:7F:49:61:A0:48 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/00-mvj9cOPS7fgYrZwd0f0lhoEg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/3bc707-76e7-4987-befa-981184dee131/1/KiGqqB6_C_ieZKJBT6I3N4MMdDE.roa Signing time: Thu 01 Jan 2026 10:18:46 +0000 ROA not before: Thu 01 Jan 2026 10:18:46 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 210838 IP address blocks: 109.234.78.0/24 maxlen: 24 2a11:9c80::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/04/3bc707-76e7-4987-befa-981184dee131/1/00-mvj9cOPS7fgYrZwd0f0lhoEg.crl rsync://rpki.ripe.net/repository/DEFAULT/04/3bc707-76e7-4987-befa-981184dee131/1/00-mvj9cOPS7fgYrZwd0f0lhoEg.mft rsync://rpki.ripe.net/repository/DEFAULT/00-mvj9cOPS7fgYrZwd0f0lhoEg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 04:00:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:11:28:5b:cd:3e:86:af:35:f7:1c:2f:c5:2c:bf:ec Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d34fa6be3f5c38f4bb7e062b6707747f4961a048 Validity Not Before: Jan 1 10:18:46 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=2a21aaa81ebf0bf89e64a2414fa23737830c7431 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:bb:5a:2e:f2:5d:4c:42:fe:c1:31:80:48:39: 24:75:20:5d:fd:7d:7e:b4:1f:73:e9:7c:30:3d:a0: 0c:13:24:14:42:6d:87:3a:7b:88:c1:13:9f:f7:db: ea:79:b7:77:4a:e3:3d:e5:19:08:32:43:73:ef:c7: 08:11:39:f6:47:5f:92:ba:be:0a:ab:27:94:f4:a4: b4:b9:51:1d:27:d1:67:51:92:0f:23:84:95:01:28: 11:28:1e:0f:e9:87:14:3f:d4:d3:96:b8:06:6e:c7: 83:ed:a6:f5:a3:12:33:6b:4b:5b:a7:f5:47:e2:08: da:81:4d:6e:2d:99:a1:67:7f:b5:f9:7e:58:7a:3c: 97:4a:9f:fa:a1:97:f5:73:12:8f:24:6a:7a:8d:2f: 39:9a:7c:9a:7d:c5:df:b0:1e:ba:c2:3c:3a:c8:f8: e6:2c:04:bf:23:e2:c9:47:58:76:88:22:99:be:a3: 1a:c8:80:98:de:c0:22:d6:c1:a9:b9:8e:c8:e3:3d: 26:93:09:7c:49:0d:ed:49:f2:63:84:11:8a:99:07: 80:be:ea:aa:3d:aa:ef:54:dc:41:78:86:5f:32:27: e6:7c:7e:83:85:c8:e0:de:1a:de:5a:db:df:de:0f: a5:fd:cf:07:6b:9b:be:72:be:d1:93:2b:c3:f3:b5: 2b:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:21:AA:A8:1E:BF:0B:F8:9E:64:A2:41:4F:A2:37:37:83:0C:74:31 X509v3 Authority Key Identifier: keyid:D3:4F:A6:BE:3F:5C:38:F4:BB:7E:06:2B:67:07:74:7F:49:61:A0:48 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/00-mvj9cOPS7fgYrZwd0f0lhoEg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/3bc707-76e7-4987-befa-981184dee131/1/KiGqqB6_C_ieZKJBT6I3N4MMdDE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/04/3bc707-76e7-4987-befa-981184dee131/1/00-mvj9cOPS7fgYrZwd0f0lhoEg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 109.234.78.0/24 IPv6: 2a11:9c80::/29 Signature Algorithm: sha256WithRSAEncryption 92:00:5e:e9:3d:54:c8:13:56:1a:3b:62:d3:38:32:a4:91:41: 7e:b8:d2:f1:a3:a7:e2:9a:67:06:f3:72:e8:13:1a:d2:ae:96: 38:68:48:7c:7f:e0:61:a7:af:6c:ec:0b:e0:19:b5:cc:49:93: 9a:63:c2:57:26:64:16:26:39:e1:e5:2d:ee:72:bf:93:30:22: f4:39:43:e4:19:de:d5:e5:60:c4:d5:83:67:97:21:72:23:49: e4:b0:ed:72:56:80:88:89:7a:e3:44:f2:9d:47:db:64:e9:13: e0:44:bc:f1:f6:fe:03:35:e5:f6:82:ce:c9:f3:0d:19:14:6c: a0:5f:a6:2e:00:3e:0b:20:c4:cf:f8:6d:74:b8:2b:8f:e6:5e: 52:8e:05:06:e8:59:0b:97:4f:90:64:28:b0:09:3f:8c:fa:df: a9:dd:c8:31:3f:40:65:c1:59:d8:29:98:bb:be:80:2a:fe:83: 0d:41:5e:7f:a6:ce:ba:75:00:1b:e7:fd:f4:86:ec:56:ac:3a: f2:0a:86:38:c7:4a:81:0c:7d:b5:c3:5c:27:e3:e6:44:a0:f9: 17:15:bb:4c:52:5a:22:fa:d8:ca:b7:89:43:dc:ff:e4:a0:db: 41:72:19:0c:f2:64:6c:1c:3c:8b:8f:f0:8f:bc:2a:6f:56:a7: 7e:71:ae:bd -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt5EShbzT6GrzX3HC/FLL/sMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQzNGZhNmJlM2Y1YzM4ZjRiYjdlMDYyYjY3MDc3NDdmNDk2 MWEwNDgwHhcNMjYwMTAxMTAxODQ2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyYTIxYWFhODFlYmYwYmY4OWU2NGEyNDE0ZmEyMzczNzgzMGM3NDMxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAubtaLvJdTEL+wTGASDkkdSBd/X1+ tB9z6XwwPaAMEyQUQm2HOnuIwROf99vqebd3SuM95RkIMkNz78cIETn2R1+Sur4K qyeU9KS0uVEdJ9FnUZIPI4SVASgRKB4P6YcUP9TTlrgGbseD7ab1oxIza0tbp/VH 4gjagU1uLZmhZ3+1+X5YejyXSp/6oZf1cxKPJGp6jS85mnyafcXfsB66wjw6yPjm LAS/I+LJR1h2iCKZvqMayICY3sAi1sGpuY7I4z0mkwl8SQ3tSfJjhBGKmQeAvuqq ParvVNxBeIZfMifmfH6Dhcjg3hreWtvf3g+l/c8Ha5u+cr7RkyvD87UrqQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFCohqqgevwv4nmSiQU+iNzeDDHQxMB8GA1UdIwQY MBaAFNNPpr4/XDj0u34GK2cHdH9JYaBIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMDAtbXZqOWNPUFM3ZmdZclp3ZDBmMGxob0VnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC8zYmM3MDctNzZlNy00OTg3LWJlZmEt OTgxMTg0ZGVlMTMxLzEvS2lHcXFCNl9DX2llWktKQlQ2STNONE1NZERFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wNC8zYmM3MDctNzZlNy00OTg3LWJlZmEtOTgxMTg0ZGVlMTMx LzEvMDAtbXZqOWNPUFM3ZmdZclp3ZDBmMGxob0VnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAbepOMA0E AgACMAcDBQMqEZyAMA0GCSqGSIb3DQEBCwUAA4IBAQCSAF7pPVTIE1YaO2LTODKk kUF+uNLxo6fimmcG83LoExrSrpY4aEh8f+Bhp69s7AvgGbXMSZOaY8JXJmQWJjnh 5S3ucr+TMCL0OUPkGd7V5WDE1YNnlyFyI0nksO1yVoCIiXrjRPKdR9tk6RPgRLzx 9v4DNeX2gs7J8w0ZFGygX6YuAD4LIMTP+G10uCuP5l5SjgUG6FkLl0+QZCiwCT+M +t+p3cgxP0BlwVnYKZi7voAq/oMNQV5/ps66dQAb5/30huxWrDryCoY4x0qBDH21 w1wn4+ZEoPkXFbtMUloi+tjKt4lD3P/koNtBchkM8mRsHDyLj/CPvCpvVqd+ca69 -----END CERTIFICATE-----Generated at Fri Jan 2 14:22:10 2026 by rpki-client