This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/496773-5018-48dc-a240-f60d6f7182a1/1/Ku186Y-Tu0woDCZbFinpqq7ZdFE.roa File: Ku186Y-Tu0woDCZbFinpqq7ZdFE.roa (raw, json) Hash identifier: v4Tz8TXIdty6/ZjbJ1ivX2W0EU7wX33Cwf/C7mVCK74= Subject key identifier: 2A:ED:7C:E9:8F:93:BB:4C:28:0C:26:5B:16:29:E9:AA:AE:D9:74:51 Certificate issuer: /CN=8821a39aed9da4ee3ab6639d244508fa1e8d20f6 Certificate serial: 019B79ECD510ED8C233D63575609FCC8768D Authority key identifier: 88:21:A3:9A:ED:9D:A4:EE:3A:B6:63:9D:24:45:08:FA:1E:8D:20:F6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iCGjmu2dpO46tmOdJEUI-h6NIPY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/496773-5018-48dc-a240-f60d6f7182a1/1/Ku186Y-Tu0woDCZbFinpqq7ZdFE.roa Signing time: Thu 01 Jan 2026 14:18:42 +0000 ROA not before: Thu 01 Jan 2026 14:18:42 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 2914 IP address blocks: 45.137.128.0/22 maxlen: 22 192.144.44.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/04/496773-5018-48dc-a240-f60d6f7182a1/1/iCGjmu2dpO46tmOdJEUI-h6NIPY.crl rsync://rpki.ripe.net/repository/DEFAULT/04/496773-5018-48dc-a240-f60d6f7182a1/1/iCGjmu2dpO46tmOdJEUI-h6NIPY.mft rsync://rpki.ripe.net/repository/DEFAULT/iCGjmu2dpO46tmOdJEUI-h6NIPY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 08 Jan 2026 14:00:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:ec:d5:10:ed:8c:23:3d:63:57:56:09:fc:c8:76:8d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8821a39aed9da4ee3ab6639d244508fa1e8d20f6 Validity Not Before: Jan 1 14:18:42 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=2aed7ce98f93bb4c280c265b1629e9aaaed97451 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:1a:1e:28:f4:c4:f6:99:d7:0d:08:2a:ee:97: 60:5c:35:1d:fc:da:85:85:b7:db:65:6a:76:b6:cc: 34:53:95:ff:8f:b5:e0:5e:58:e8:3f:df:97:9c:02: 8d:68:6a:a7:34:1e:16:a1:37:c0:4d:19:dd:e7:58: 74:d4:76:e3:cd:ae:c8:57:eb:34:55:09:7f:5b:34: 54:bd:75:dd:e3:88:b0:79:b6:ba:81:02:b8:50:f9: 64:21:fc:65:82:87:f4:32:15:50:72:2a:c3:e6:73: d5:b2:bc:b7:27:54:60:be:a6:2b:7c:8e:09:66:ed: e6:00:69:67:b3:b1:e3:5a:c9:29:a4:83:3d:e1:05: 09:c6:93:5e:0e:e2:ec:ff:d8:74:5a:d4:fe:de:4d: ca:74:74:5d:2a:67:f7:cb:72:a2:d4:54:57:de:ea: c1:a8:2e:7e:84:13:08:4f:85:b3:ac:e2:af:af:66: bb:33:df:6c:db:be:b7:4c:55:e0:c4:8b:ca:d8:fd: 5c:e3:a5:58:da:52:75:3b:50:98:76:e3:a6:0d:67: a0:80:ba:5f:d0:38:7d:a2:98:ea:8d:b7:20:18:d3: d3:28:49:92:1e:17:67:89:7e:1c:0d:f6:f8:7f:9a: 63:e6:bb:2f:46:9f:d5:47:2a:62:a5:3f:c4:f9:b4: 89:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:ED:7C:E9:8F:93:BB:4C:28:0C:26:5B:16:29:E9:AA:AE:D9:74:51 X509v3 Authority Key Identifier: keyid:88:21:A3:9A:ED:9D:A4:EE:3A:B6:63:9D:24:45:08:FA:1E:8D:20:F6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iCGjmu2dpO46tmOdJEUI-h6NIPY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/496773-5018-48dc-a240-f60d6f7182a1/1/Ku186Y-Tu0woDCZbFinpqq7ZdFE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/04/496773-5018-48dc-a240-f60d6f7182a1/1/iCGjmu2dpO46tmOdJEUI-h6NIPY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.137.128.0/22 192.144.44.0/22 Signature Algorithm: sha256WithRSAEncryption 11:d0:e8:de:2f:d2:ed:92:a7:25:0a:39:28:36:eb:71:0e:6c: 46:dc:be:35:dd:2e:18:02:4e:d9:98:e3:8c:34:9e:45:3c:49: e0:3a:59:8a:70:1d:17:d4:8b:f5:42:7a:c4:cb:47:d1:5f:2a: 78:84:d9:74:81:a2:ad:10:c9:ad:e9:fc:51:4b:c6:e0:11:35: 27:6a:97:9e:12:63:f3:54:2c:f5:fb:4a:37:51:3d:cb:43:e9: a1:ca:19:bc:70:8b:89:24:7a:74:e7:38:66:74:8b:76:90:47: bb:73:de:8b:1a:ba:6b:8a:39:0f:6b:55:d1:7e:3f:25:4c:1a: be:03:f1:12:3a:d2:3f:69:73:9b:a7:be:15:b8:c3:f4:fb:96: 2f:b3:41:c7:34:d3:0c:6a:3e:fc:bd:95:fc:fb:53:cb:0f:f2: 93:91:30:33:4d:42:85:2d:ad:c2:80:67:06:cd:f9:30:f8:41: b3:f1:c2:d2:f7:bf:a8:d9:e0:2d:2b:f0:d3:ae:43:38:51:6c: 49:83:13:0b:ca:49:5b:48:91:8f:b5:3f:5f:6d:50:1f:95:d7: 77:f7:76:f7:e2:a1:32:94:bb:ee:f4:86:b6:d7:d5:f4:e1:27: ca:b5:87:e0:c9:c3:82:cd:26:3e:34:ad:b7:1e:ff:13:49:88: da:e5:a1:97 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt57NUQ7YwjPWNXVgn8yHaNMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg4MjFhMzlhZWQ5ZGE0ZWUzYWI2NjM5ZDI0NDUwOGZhMWU4 ZDIwZjYwHhcNMjYwMTAxMTQxODQyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyYWVkN2NlOThmOTNiYjRjMjgwYzI2NWIxNjI5ZTlhYWFlZDk3NDUxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuRoeKPTE9pnXDQgq7pdgXDUd/NqF hbfbZWp2tsw0U5X/j7XgXljoP9+XnAKNaGqnNB4WoTfATRnd51h01Hbjza7IV+s0 VQl/WzRUvXXd44iweba6gQK4UPlkIfxlgof0MhVQcirD5nPVsry3J1RgvqYrfI4J Zu3mAGlns7HjWskppIM94QUJxpNeDuLs/9h0WtT+3k3KdHRdKmf3y3Ki1FRX3urB qC5+hBMIT4WzrOKvr2a7M99s2763TFXgxIvK2P1c46VY2lJ1O1CYduOmDWeggLpf 0Dh9opjqjbcgGNPTKEmSHhdniX4cDfb4f5pj5rsvRp/VRypipT/E+bSJ0QIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFCrtfOmPk7tMKAwmWxYp6aqu2XRRMB8GA1UdIwQY MBaAFIgho5rtnaTuOrZjnSRFCPoejSD2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaUNHam11MmRwTzQ2dG1PZEpFVUktaDZOSVBZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC80OTY3NzMtNTAxOC00OGRjLWEyNDAt ZjYwZDZmNzE4MmExLzEvS3UxODZZLVR1MHdvRENaYkZpbnBxcTdaZEZFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wNC80OTY3NzMtNTAxOC00OGRjLWEyNDAtZjYwZDZmNzE4MmEx LzEvaUNHam11MmRwTzQ2dG1PZEpFVUktaDZOSVBZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLYmAAwQC wJAsMA0GCSqGSIb3DQEBCwUAA4IBAQAR0OjeL9LtkqclCjkoNutxDmxG3L413S4Y Ak7ZmOOMNJ5FPEngOlmKcB0X1Iv1QnrEy0fRXyp4hNl0gaKtEMmt6fxRS8bgETUn apeeEmPzVCz1+0o3UT3LQ+mhyhm8cIuJJHp05zhmdIt2kEe7c96LGrprijkPa1XR fj8lTBq+A/ESOtI/aXObp74VuMP0+5Yvs0HHNNMMaj78vZX8+1PLD/KTkTAzTUKF La3CgGcGzfkw+EGz8cLS97+o2eAtK/DTrkM4UWxJgxMLyklbSJGPtT9fbVAfldd3 93b34qEylLvu9Ia219X04SfKtYfgycOCzSY+NK23Hv8TSYja5aGX -----END CERTIFICATE-----Generated at Thu Jan 8 00:11:48 2026 by rpki-client