This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/589761-c662-4f13-870a-13e8801628f5/1/kmwS9zp0FNoIdCYHmD7lEmcie3Q.roa File: kmwS9zp0FNoIdCYHmD7lEmcie3Q.roa (raw, json) Hash identifier: dnAyHkLRkKFButzzN0BFh8XkXJNa+fP4jBji3sBqddo= Subject key identifier: 92:6C:12:F7:3A:74:14:DA:08:74:26:07:98:3E:E5:12:67:22:7B:74 Certificate issuer: /CN=761624dddc5c0279c7f8c9ff1288a4d3044c0847 Certificate serial: 019B7BA354F676F28CAB7E95DE48B7E0EC60 Authority key identifier: 76:16:24:DD:DC:5C:02:79:C7:F8:C9:FF:12:88:A4:D3:04:4C:08:47 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dhYk3dxcAnnH-Mn_Eoik0wRMCEc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/589761-c662-4f13-870a-13e8801628f5/1/kmwS9zp0FNoIdCYHmD7lEmcie3Q.roa Signing time: Thu 01 Jan 2026 22:17:40 +0000 ROA not before: Thu 01 Jan 2026 22:17:40 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 202865 IP address blocks: 185.152.68.0/22 maxlen: 22 185.152.68.0/23 maxlen: 23 185.152.68.0/24 maxlen: 24 185.152.69.0/24 maxlen: 24 185.152.70.0/23 maxlen: 23 185.152.70.0/24 maxlen: 24 185.152.71.0/24 maxlen: 24 2a07:8100::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/589761-c662-4f13-870a-13e8801628f5/1/dhYk3dxcAnnH-Mn_Eoik0wRMCEc.crl rsync://rpki.ripe.net/repository/DEFAULT/0d/589761-c662-4f13-870a-13e8801628f5/1/dhYk3dxcAnnH-Mn_Eoik0wRMCEc.mft rsync://rpki.ripe.net/repository/DEFAULT/dhYk3dxcAnnH-Mn_Eoik0wRMCEc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 13:01:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a3:54:f6:76:f2:8c:ab:7e:95:de:48:b7:e0:ec:60 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=761624dddc5c0279c7f8c9ff1288a4d3044c0847 Validity Not Before: Jan 1 22:17:40 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=926c12f73a7414da08742607983ee51267227b74 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8b:60:e0:79:a7:c5:ed:77:8f:b2:49:8a:76:52: 4b:c2:c2:57:3c:e7:5b:00:ea:1c:6b:2e:4d:5f:a8: 2c:88:8f:a2:0c:cd:b3:94:77:c5:cf:35:d5:81:39: 90:3c:d7:2f:ec:d1:df:21:a1:b3:37:fc:7d:bb:83: 05:00:23:a5:7f:fc:04:d2:53:17:6f:60:63:88:a4: 56:4d:16:7c:30:32:92:82:3c:43:75:4c:d3:6f:06: 08:1e:75:29:19:5e:33:1d:d5:40:05:b7:6b:71:2c: 1d:0e:e3:c2:a1:b5:85:c7:44:de:a1:fd:c7:bf:4d: c8:14:a9:7a:a5:ff:22:1c:b4:46:a1:5b:2d:35:af: 28:7b:3d:a2:16:9d:9e:49:1f:1b:75:2a:0c:e3:41: 4d:d6:ed:12:d7:57:9e:bf:d0:55:f2:c5:e7:57:bf: eb:54:0b:3f:f3:5a:5a:55:b2:3a:a1:5e:f6:c8:93: 5e:01:15:07:14:cf:39:c0:16:b5:90:6e:28:ab:4f: c0:0c:c7:e7:40:ba:b7:db:aa:4a:56:c5:90:f5:ff: cb:03:2c:fc:77:11:ec:2e:db:23:aa:f8:56:8b:2c: 37:73:a7:4e:ed:c0:11:42:7d:5b:59:e0:5b:b4:1b: e2:32:3c:04:1f:a2:10:72:14:de:e0:91:86:b2:b3: fa:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 92:6C:12:F7:3A:74:14:DA:08:74:26:07:98:3E:E5:12:67:22:7B:74 X509v3 Authority Key Identifier: keyid:76:16:24:DD:DC:5C:02:79:C7:F8:C9:FF:12:88:A4:D3:04:4C:08:47 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dhYk3dxcAnnH-Mn_Eoik0wRMCEc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/589761-c662-4f13-870a-13e8801628f5/1/kmwS9zp0FNoIdCYHmD7lEmcie3Q.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/589761-c662-4f13-870a-13e8801628f5/1/dhYk3dxcAnnH-Mn_Eoik0wRMCEc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.152.68.0/22 IPv6: 2a07:8100::/29 Signature Algorithm: sha256WithRSAEncryption 9a:dd:3f:24:dd:41:1b:74:13:1e:ca:bc:23:12:3d:b8:bf:14: cc:f3:d4:6d:29:a0:aa:68:e5:5b:07:eb:b2:3b:1e:16:db:c0: ac:da:22:19:c0:0f:fc:47:c3:46:09:3a:f5:eb:94:35:33:a4: 60:66:f1:db:97:3a:3c:49:83:4c:c2:de:6f:94:30:e9:95:cf: 59:d8:de:07:9c:59:cf:cb:59:3d:45:b8:6a:d3:75:bf:68:55: 74:61:bd:98:c8:b1:d0:dc:9c:92:93:f4:0e:0f:1d:f5:39:fa: 88:5f:6f:12:2e:43:33:75:4b:6f:f3:4a:e4:1e:dd:c7:8a:73: 02:d3:80:48:b4:2d:e9:f8:57:52:46:34:ed:d5:b3:47:f7:95: 7a:2b:b8:38:5f:13:91:eb:a6:67:4f:78:bd:8f:9b:ac:a6:38: ac:6e:c2:5e:81:6a:d6:bb:64:96:90:e2:ad:b0:90:2e:dd:16: 0e:91:07:b5:13:1b:f7:d5:1f:89:d0:0d:72:40:d6:a5:7a:37: c4:15:e1:0c:e9:76:7c:b5:07:30:c2:76:f8:3a:22:94:98:44: fd:1b:e2:6a:8b:51:bc:78:be:d3:32:a3:b4:be:a5:e5:11:1c: 2e:10:63:4e:a8:7f:93:0a:f0:3a:d8:ef:be:5d:ee:f5:49:9c: 91:b6:cc:02 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt7o1T2dvKMq36V3ki34OxgMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc2MTYyNGRkZGM1YzAyNzljN2Y4YzlmZjEyODhhNGQzMDQ0 YzA4NDcwHhcNMjYwMTAxMjIxNzQwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5MjZjMTJmNzNhNzQxNGRhMDg3NDI2MDc5ODNlZTUxMjY3MjI3Yjc0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi2DgeafF7XePskmKdlJLwsJXPOdb AOocay5NX6gsiI+iDM2zlHfFzzXVgTmQPNcv7NHfIaGzN/x9u4MFACOlf/wE0lMX b2BjiKRWTRZ8MDKSgjxDdUzTbwYIHnUpGV4zHdVABbdrcSwdDuPCobWFx0Teof3H v03IFKl6pf8iHLRGoVstNa8oez2iFp2eSR8bdSoM40FN1u0S11eev9BV8sXnV7/r VAs/81paVbI6oV72yJNeARUHFM85wBa1kG4oq0/ADMfnQLq326pKVsWQ9f/LAyz8 dxHsLtsjqvhWiyw3c6dO7cARQn1bWeBbtBviMjwEH6IQchTe4JGGsrP6SQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFJJsEvc6dBTaCHQmB5g+5RJnInt0MB8GA1UdIwQY MBaAFHYWJN3cXAJ5x/jJ/xKIpNMETAhHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZGhZazNkeGNBbm5ILU1uX0VvaWswd1JNQ0VjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC81ODk3NjEtYzY2Mi00ZjEzLTg3MGEt MTNlODgwMTYyOGY1LzEva213Uzl6cDBGTm9JZENZSG1EN2xFbWNpZTNRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wZC81ODk3NjEtYzY2Mi00ZjEzLTg3MGEtMTNlODgwMTYyOGY1 LzEvZGhZazNkeGNBbm5ILU1uX0VvaWswd1JNQ0VjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZhEMA0E AgACMAcDBQMqB4EAMA0GCSqGSIb3DQEBCwUAA4IBAQCa3T8k3UEbdBMeyrwjEj24 vxTM89RtKaCqaOVbB+uyOx4W28Cs2iIZwA/8R8NGCTr165Q1M6RgZvHblzo8SYNM wt5vlDDplc9Z2N4HnFnPy1k9Rbhq03W/aFV0Yb2YyLHQ3JySk/QODx31OfqIX28S LkMzdUtv80rkHt3HinMC04BItC3p+FdSRjTt1bNH95V6K7g4XxOR66ZnT3i9j5us pjisbsJegWrWu2SWkOKtsJAu3RYOkQe1Exv31R+J0A1yQNalejfEFeEM6XZ8tQcw wnb4OiKUmET9G+Jqi1G8eL7TMqO0vqXlERwuEGNOqH+TCvA62O++Xe71SZyRtswC -----END CERTIFICATE-----Generated at Mon Feb 9 22:29:40 2026 by rpki-client