This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/c7d22b-2147-4336-9009-f9355fd98b6b/1/KPL6HnKyx2luB1t4vC0aqcZr0wg.roa File: KPL6HnKyx2luB1t4vC0aqcZr0wg.roa (raw, json) Hash identifier: M92XreNchoU/EBvexvOOBUg8UdW9cGPr/5RO0h4uYb8= Subject key identifier: 28:F2:FA:1E:72:B2:C7:69:6E:07:5B:78:BC:2D:1A:A9:C6:6B:D3:08 Certificate issuer: /CN=5b673422eff7e41c5e06d78e529f491f59150ff9 Certificate serial: 019B7CEE6D48C35EF3AE6709A5ADE84521E4 Authority key identifier: 5B:67:34:22:EF:F7:E4:1C:5E:06:D7:8E:52:9F:49:1F:59:15:0F:F9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W2c0Iu_35BxeBteOUp9JH1kVD_k.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/c7d22b-2147-4336-9009-f9355fd98b6b/1/KPL6HnKyx2luB1t4vC0aqcZr0wg.roa Signing time: Fri 02 Jan 2026 04:19:18 +0000 ROA not before: Fri 02 Jan 2026 04:19:18 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 208703 IP address blocks: 185.41.220.0/24 maxlen: 24 185.41.221.0/24 maxlen: 24 185.41.222.0/24 maxlen: 24 185.41.223.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/c7d22b-2147-4336-9009-f9355fd98b6b/1/W2c0Iu_35BxeBteOUp9JH1kVD_k.crl rsync://rpki.ripe.net/repository/DEFAULT/16/c7d22b-2147-4336-9009-f9355fd98b6b/1/W2c0Iu_35BxeBteOUp9JH1kVD_k.mft rsync://rpki.ripe.net/repository/DEFAULT/W2c0Iu_35BxeBteOUp9JH1kVD_k.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:ee:6d:48:c3:5e:f3:ae:67:09:a5:ad:e8:45:21:e4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5b673422eff7e41c5e06d78e529f491f59150ff9 Validity Not Before: Jan 2 04:19:18 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=28f2fa1e72b2c7696e075b78bc2d1aa9c66bd308 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:c1:8e:28:3f:41:2f:2c:74:0b:2b:d2:33:05: 5e:e2:41:96:fc:1f:5e:5c:0a:4f:86:f3:d7:c1:85: 33:35:09:aa:e1:fb:26:d4:35:15:bf:dc:79:6f:e5: 9b:81:c4:58:60:2c:8f:e6:54:d8:04:b2:74:1e:2f: 45:75:f3:e1:1e:5c:db:ed:65:1d:34:db:1a:58:a7: 3d:9a:a2:14:cd:55:02:6a:94:b9:71:08:39:74:0c: b6:f3:a1:db:3f:17:83:cd:95:a9:94:9b:55:82:d0: 75:16:8a:8d:05:6d:22:30:23:45:2e:51:ca:90:9b: c8:fd:e1:a0:9a:34:24:22:07:c0:af:9a:d1:51:c2: eb:07:99:d0:54:3b:62:94:a8:6e:6b:1e:d3:0a:82: f4:bc:37:3f:20:d7:05:45:61:62:f0:4a:a9:03:d3: d5:8c:79:01:81:b2:ae:88:de:29:81:4d:eb:44:a3: 8c:06:d6:46:6b:a1:92:36:98:39:f5:2c:65:43:64: ca:25:be:04:8d:2b:45:70:44:72:42:8a:71:58:38: 65:bd:3b:5c:45:7d:91:72:6d:58:a9:53:58:f2:86: 86:de:66:d3:6c:99:67:30:83:86:39:31:d7:4b:42: f6:19:79:10:b6:12:85:8e:0f:7f:ca:9a:d8:a3:fa: b3:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:F2:FA:1E:72:B2:C7:69:6E:07:5B:78:BC:2D:1A:A9:C6:6B:D3:08 X509v3 Authority Key Identifier: keyid:5B:67:34:22:EF:F7:E4:1C:5E:06:D7:8E:52:9F:49:1F:59:15:0F:F9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W2c0Iu_35BxeBteOUp9JH1kVD_k.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/c7d22b-2147-4336-9009-f9355fd98b6b/1/KPL6HnKyx2luB1t4vC0aqcZr0wg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/16/c7d22b-2147-4336-9009-f9355fd98b6b/1/W2c0Iu_35BxeBteOUp9JH1kVD_k.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.41.220.0/22 Signature Algorithm: sha256WithRSAEncryption 93:c8:0a:b9:b1:34:6d:18:a0:b2:c1:c3:83:21:82:48:57:b9: 93:b4:94:0f:0d:28:89:50:1f:ce:97:1d:91:9b:47:5a:22:0d: 99:b2:26:90:e4:b9:16:9f:b9:4d:5c:9a:82:ae:85:2f:fc:23: 2c:31:a9:44:8f:c0:3d:8f:b8:54:50:67:64:b3:70:5b:34:1d: de:33:62:7c:01:6d:0d:fc:ec:84:e0:4e:53:a4:63:c4:2b:e0: 55:f7:1a:5c:c6:22:06:27:0f:c6:42:fc:91:86:4c:24:2f:72: bf:7d:d3:12:8d:47:02:93:99:f4:a0:68:3d:ce:f6:44:49:a6: ec:a7:50:7e:dd:81:f7:5c:88:2c:78:60:a6:b1:c1:da:c9:24: f0:89:79:5a:70:26:b0:5a:8d:31:02:ea:df:ac:38:86:1c:48: 54:fe:b6:4d:a8:21:e7:da:41:cd:b6:a7:7c:ee:17:7e:27:e7: 24:4d:e9:82:c6:5c:ea:b7:d4:2e:c6:f6:8f:05:ae:7c:d7:ed: b1:5b:7f:bb:33:42:16:60:79:a4:f9:4a:74:3b:73:58:c3:35: 3b:ae:4c:9f:a1:a3:e4:9e:e3:69:d6:42:2a:3b:3e:53:80:b9: 2b:7f:ee:5b:dd:fb:05:74:81:a9:f7:1c:44:23:e9:78:dc:c7: f3:fb:57:a3 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt87m1Iw17zrmcJpa3oRSHkMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDViNjczNDIyZWZmN2U0MWM1ZTA2ZDc4ZTUyOWY0OTFmNTkx NTBmZjkwHhcNMjYwMTAyMDQxOTE4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyOGYyZmExZTcyYjJjNzY5NmUwNzViNzhiYzJkMWFhOWM2NmJkMzA4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr8GOKD9BLyx0CyvSMwVe4kGW/B9e XApPhvPXwYUzNQmq4fsm1DUVv9x5b+WbgcRYYCyP5lTYBLJ0Hi9FdfPhHlzb7WUd NNsaWKc9mqIUzVUCapS5cQg5dAy286HbPxeDzZWplJtVgtB1FoqNBW0iMCNFLlHK kJvI/eGgmjQkIgfAr5rRUcLrB5nQVDtilKhuax7TCoL0vDc/INcFRWFi8EqpA9PV jHkBgbKuiN4pgU3rRKOMBtZGa6GSNpg59SxlQ2TKJb4EjStFcERyQopxWDhlvTtc RX2Rcm1YqVNY8oaG3mbTbJlnMIOGOTHXS0L2GXkQthKFjg9/yprYo/qz2QIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFCjy+h5yssdpbgdbeLwtGqnGa9MIMB8GA1UdIwQY MBaAFFtnNCLv9+QcXgbXjlKfSR9ZFQ/5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVzJjMEl1XzM1QnhlQnRlT1VwOUpIMWtWRF9rLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9jN2QyMmItMjE0Ny00MzM2LTkwMDkt ZjkzNTVmZDk4YjZiLzEvS1BMNkhuS3l4Mmx1QjF0NHZDMGFxY1pyMHdnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNi9jN2QyMmItMjE0Ny00MzM2LTkwMDktZjkzNTVmZDk4YjZi LzEvVzJjMEl1XzM1QnhlQnRlT1VwOUpIMWtWRF9rLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuSncMA0G CSqGSIb3DQEBCwUAA4IBAQCTyAq5sTRtGKCywcODIYJIV7mTtJQPDSiJUB/Olx2R m0daIg2ZsiaQ5LkWn7lNXJqCroUv/CMsMalEj8A9j7hUUGdks3BbNB3eM2J8AW0N /OyE4E5TpGPEK+BV9xpcxiIGJw/GQvyRhkwkL3K/fdMSjUcCk5n0oGg9zvZESabs p1B+3YH3XIgseGCmscHaySTwiXlacCawWo0xAurfrDiGHEhU/rZNqCHn2kHNtqd8 7hd+J+ckTemCxlzqt9QuxvaPBa581+2xW3+7M0IWYHmk+Up0O3NYwzU7rkyfoaPk nuNp1kIqOz5TgLkrf+5b3fsFdIGp9xxEI+l43Mfz+1ej -----END CERTIFICATE-----Generated at Mon Feb 9 21:13:59 2026 by rpki-client