This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/7083b8-158f-40d2-91cc-9775a5d6604c/1/KoZviyPQEL5Xi6gVwYr2Cd9mx2c.roa File: KoZviyPQEL5Xi6gVwYr2Cd9mx2c.roa (raw, json) Hash identifier: fqe8eG4WVuOA3Nqn5E8vEQ5c8f4TyPMKdiIPBRAGwdE= Subject key identifier: 2A:86:6F:8B:23:D0:10:BE:57:8B:A8:15:C1:8A:F6:09:DF:66:C7:67 Certificate issuer: /CN=fe53426e2361ba665d8f25bd3cfaefc20ebda488 Certificate serial: 019B79ECC574BD0F7927AE640E11ADB029A9 Authority key identifier: FE:53:42:6E:23:61:BA:66:5D:8F:25:BD:3C:FA:EF:C2:0E:BD:A4:88 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_lNCbiNhumZdjyW9PPrvwg69pIg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/7083b8-158f-40d2-91cc-9775a5d6604c/1/KoZviyPQEL5Xi6gVwYr2Cd9mx2c.roa Signing time: Thu 01 Jan 2026 14:18:38 +0000 ROA not before: Thu 01 Jan 2026 14:18:38 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 31234 IP address blocks: 185.115.36.0/22 maxlen: 22 195.225.228.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/7083b8-158f-40d2-91cc-9775a5d6604c/1/_lNCbiNhumZdjyW9PPrvwg69pIg.crl rsync://rpki.ripe.net/repository/DEFAULT/0b/7083b8-158f-40d2-91cc-9775a5d6604c/1/_lNCbiNhumZdjyW9PPrvwg69pIg.mft rsync://rpki.ripe.net/repository/DEFAULT/_lNCbiNhumZdjyW9PPrvwg69pIg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 14:00:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:ec:c5:74:bd:0f:79:27:ae:64:0e:11:ad:b0:29:a9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=fe53426e2361ba665d8f25bd3cfaefc20ebda488 Validity Not Before: Jan 1 14:18:38 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=2a866f8b23d010be578ba815c18af609df66c767 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:ff:45:69:bb:de:b3:98:21:1f:98:08:86:0b: c9:40:f9:13:4d:b8:80:b9:da:36:33:d0:65:80:eb: 97:b0:ab:3b:1c:e2:e2:1d:4c:c4:42:f6:e1:03:55: ac:1a:3f:a0:20:6f:d2:f9:85:0d:80:02:4e:3c:6f: b2:b0:67:12:71:cf:9c:60:34:ed:5a:8e:89:a9:69: 42:3f:ff:d5:e5:d4:59:40:8e:79:30:bc:17:96:db: ed:a8:15:c7:31:30:33:ca:de:b5:a1:a2:b4:fc:3a: 14:29:c5:dc:a6:c9:fd:35:e5:cb:93:40:2a:fe:a6: 78:13:65:5b:26:50:5e:fc:ce:45:32:5b:33:f5:83: 43:dd:8a:c4:f7:7a:9e:aa:1a:8b:5e:1f:1b:28:3c: 47:db:4b:3a:51:b5:6b:02:ce:34:68:17:9c:68:ab: a7:fa:b0:92:83:3a:c6:82:ae:3a:7e:24:d0:11:04: 4b:97:bb:ac:61:f9:00:63:d0:20:14:d9:18:eb:fc: 68:ed:f1:8b:c4:25:e6:2b:83:c9:be:18:37:e3:de: 37:28:dd:c3:d4:51:5a:9e:72:e7:83:09:22:88:23: 06:2a:3e:9c:17:89:52:5d:ec:d2:fe:4b:a5:24:54: 98:b7:7f:54:9b:a0:1d:4c:93:d7:22:ec:6e:0f:96: 2a:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:86:6F:8B:23:D0:10:BE:57:8B:A8:15:C1:8A:F6:09:DF:66:C7:67 X509v3 Authority Key Identifier: keyid:FE:53:42:6E:23:61:BA:66:5D:8F:25:BD:3C:FA:EF:C2:0E:BD:A4:88 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_lNCbiNhumZdjyW9PPrvwg69pIg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/7083b8-158f-40d2-91cc-9775a5d6604c/1/KoZviyPQEL5Xi6gVwYr2Cd9mx2c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/7083b8-158f-40d2-91cc-9775a5d6604c/1/_lNCbiNhumZdjyW9PPrvwg69pIg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.115.36.0/22 195.225.228.0/22 Signature Algorithm: sha256WithRSAEncryption 4d:76:b9:15:1f:0a:05:15:80:2e:48:d0:b3:18:73:01:05:c5: 10:95:a9:d6:e8:c6:02:35:dc:46:69:da:8a:0d:76:aa:3c:9e: d2:7e:48:47:d3:bd:15:4b:32:8f:b0:bc:01:66:e4:78:a3:ca: 2f:ae:61:c4:a9:c0:ec:67:89:e0:49:50:e9:fc:9c:54:da:58: f5:cb:04:f8:ba:67:90:85:59:c2:bd:64:ee:7f:70:76:4f:6f: a5:02:65:d5:17:ce:b7:d8:51:07:20:cd:fd:98:b3:25:20:ec: d1:6c:8a:35:95:d3:3d:8a:b7:9c:57:b0:01:05:12:75:94:99: 78:db:c4:04:29:9b:71:be:59:cd:53:12:33:3a:18:06:59:25: 95:34:45:80:24:d0:af:59:58:33:3e:70:57:5a:33:23:4c:d3: aa:83:93:56:81:8c:67:27:8f:f4:52:8b:c9:ed:ea:f3:f8:9b: cd:b1:48:7c:76:b6:33:ac:fb:4f:7b:e1:23:00:7e:3f:a2:d9: d5:1a:1e:ec:48:c1:7f:17:c9:63:62:44:0e:30:03:35:00:47: 2e:f3:25:f9:2d:0a:0f:de:49:c9:5e:b7:b2:c9:5e:a9:f3:1b: ca:fb:d0:0e:d9:2c:dd:1a:98:91:f3:26:23:0e:24:79:77:d5: eb:82:25:78 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt57MV0vQ95J65kDhGtsCmpMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGZlNTM0MjZlMjM2MWJhNjY1ZDhmMjViZDNjZmFlZmMyMGVi ZGE0ODgwHhcNMjYwMTAxMTQxODM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyYTg2NmY4YjIzZDAxMGJlNTc4YmE4MTVjMThhZjYwOWRmNjZjNzY3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzP9Fabves5ghH5gIhgvJQPkTTbiA udo2M9BlgOuXsKs7HOLiHUzEQvbhA1WsGj+gIG/S+YUNgAJOPG+ysGcScc+cYDTt Wo6JqWlCP//V5dRZQI55MLwXltvtqBXHMTAzyt61oaK0/DoUKcXcpsn9NeXLk0Aq /qZ4E2VbJlBe/M5FMlsz9YND3YrE93qeqhqLXh8bKDxH20s6UbVrAs40aBecaKun +rCSgzrGgq46fiTQEQRLl7usYfkAY9AgFNkY6/xo7fGLxCXmK4PJvhg34943KN3D 1FFannLngwkiiCMGKj6cF4lSXezS/kulJFSYt39Um6AdTJPXIuxuD5YqpwIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFCqGb4sj0BC+V4uoFcGK9gnfZsdnMB8GA1UdIwQY MBaAFP5TQm4jYbpmXY8lvTz678IOvaSIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvX2xOQ2JpTmh1bVpkanlXOVBQcnZ3ZzY5cElnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi83MDgzYjgtMTU4Zi00MGQyLTkxY2Mt OTc3NWE1ZDY2MDRjLzEvS29adml5UFFFTDVYaTZnVndZcjJDZDlteDJjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wYi83MDgzYjgtMTU4Zi00MGQyLTkxY2MtOTc3NWE1ZDY2MDRj LzEvX2xOQ2JpTmh1bVpkanlXOVBQcnZ3ZzY5cElnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuXMkAwQC w+HkMA0GCSqGSIb3DQEBCwUAA4IBAQBNdrkVHwoFFYAuSNCzGHMBBcUQlanW6MYC NdxGadqKDXaqPJ7SfkhH070VSzKPsLwBZuR4o8ovrmHEqcDsZ4ngSVDp/JxU2lj1 ywT4umeQhVnCvWTuf3B2T2+lAmXVF8632FEHIM39mLMlIOzRbIo1ldM9irecV7AB BRJ1lJl428QEKZtxvlnNUxIzOhgGWSWVNEWAJNCvWVgzPnBXWjMjTNOqg5NWgYxn J4/0UovJ7erz+JvNsUh8drYzrPtPe+EjAH4/otnVGh7sSMF/F8ljYkQOMAM1AEcu 8yX5LQoP3knJXreyyV6p8xvK+9AO2SzdGpiR8yYjDiR5d9XrgiV4 -----END CERTIFICATE-----Generated at Mon Feb 9 22:37:05 2026 by rpki-client