This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/6db427-f7dc-4ea9-ae95-41490872fc4e/1/ksfa6RQDM_0VxmjR64arGWZD9rM.roa File: ksfa6RQDM_0VxmjR64arGWZD9rM.roa (raw, json) Hash identifier: eBadilkI77a4zTmLhePWsFBGmFNKACYzx+SMzHBV/40= Subject key identifier: 92:C7:DA:E9:14:03:33:FD:15:C6:68:D1:EB:86:AB:19:66:43:F6:B3 Certificate issuer: /CN=0969a2a39635b797476f1f1633ae8f27bf33b533 Certificate serial: 019B77C7640591B5C8D7C8C853D76D74607B Authority key identifier: 09:69:A2:A3:96:35:B7:97:47:6F:1F:16:33:AE:8F:27:BF:33:B5:33 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CWmio5Y1t5dHbx8WM66PJ78ztTM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/6db427-f7dc-4ea9-ae95-41490872fc4e/1/ksfa6RQDM_0VxmjR64arGWZD9rM.roa Signing time: Thu 01 Jan 2026 04:18:34 +0000 ROA not before: Thu 01 Jan 2026 04:18:34 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 212219 IP address blocks: 37.140.242.0/24 maxlen: 24 195.85.207.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/6db427-f7dc-4ea9-ae95-41490872fc4e/1/CWmio5Y1t5dHbx8WM66PJ78ztTM.crl rsync://rpki.ripe.net/repository/DEFAULT/20/6db427-f7dc-4ea9-ae95-41490872fc4e/1/CWmio5Y1t5dHbx8WM66PJ78ztTM.mft rsync://rpki.ripe.net/repository/DEFAULT/CWmio5Y1t5dHbx8WM66PJ78ztTM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 09:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c7:64:05:91:b5:c8:d7:c8:c8:53:d7:6d:74:60:7b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0969a2a39635b797476f1f1633ae8f27bf33b533 Validity Not Before: Jan 1 04:18:34 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=92c7dae9140333fd15c668d1eb86ab196643f6b3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:87:ca:ab:83:3c:94:69:e0:5f:c2:60:93:dd:5b: 5d:12:a2:6e:3c:0b:de:a1:e1:96:0e:7f:52:f1:00: b6:55:b6:f4:44:e9:55:89:db:3e:3b:af:50:25:bb: 7d:7a:f8:d9:a8:3a:e8:e1:7f:48:bd:74:c7:11:12: 00:b2:ed:2a:f5:72:4c:68:3b:99:ca:ef:e1:a4:5a: 3f:40:36:5c:8c:10:2a:20:fa:94:19:5a:3a:01:1f: e7:b7:eb:58:96:41:37:30:a5:4b:f3:e1:de:8e:67: 14:a3:2a:e3:79:6c:ca:cc:a1:d2:a6:f6:2d:40:d3: 7b:ff:8d:3c:b4:6e:6f:5a:7f:37:62:a9:e8:91:da: 5a:79:00:79:ff:d6:1d:9a:10:29:2e:33:98:8f:2d: 4a:d5:b6:ff:a4:13:77:c2:85:50:24:e0:8c:c6:98: 24:85:8f:3e:82:8d:4f:fa:aa:6b:2d:65:b1:a9:82: ef:bc:f3:92:a8:a7:28:36:1a:f5:73:6f:16:e7:96: e8:f3:5f:3f:1d:36:77:23:58:c3:12:d9:95:c7:a5: ef:01:cf:41:3c:ad:27:04:70:e3:34:f9:42:eb:30: fa:fd:16:3a:b1:12:61:cd:34:ed:29:c5:67:62:3c: 8f:b0:b6:3f:a7:72:c7:56:5e:8c:42:f4:5b:e9:d4: 01:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 92:C7:DA:E9:14:03:33:FD:15:C6:68:D1:EB:86:AB:19:66:43:F6:B3 X509v3 Authority Key Identifier: keyid:09:69:A2:A3:96:35:B7:97:47:6F:1F:16:33:AE:8F:27:BF:33:B5:33 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CWmio5Y1t5dHbx8WM66PJ78ztTM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/6db427-f7dc-4ea9-ae95-41490872fc4e/1/ksfa6RQDM_0VxmjR64arGWZD9rM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/20/6db427-f7dc-4ea9-ae95-41490872fc4e/1/CWmio5Y1t5dHbx8WM66PJ78ztTM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 37.140.242.0/24 195.85.207.0/24 Signature Algorithm: sha256WithRSAEncryption 8d:80:b5:63:e8:7f:97:dd:38:29:b7:b1:26:8d:d3:2c:5f:76: 2e:c5:59:6a:11:63:82:4d:16:8a:fc:ea:a6:9d:00:b1:38:38: 00:01:7f:d5:2e:56:a9:e7:3f:3c:d8:dc:eb:d3:c5:f6:21:8d: b2:9d:df:c0:7b:00:1b:e4:91:bb:9d:2d:c3:fe:24:d6:d8:be: 7f:33:8e:10:0c:0d:82:ef:eb:36:c6:76:1c:1d:b6:fe:73:8a: f1:cc:24:10:b0:83:12:5e:79:a4:77:6b:16:dc:5a:be:07:23: 72:6d:9d:2e:0c:2f:7b:ef:24:7e:e1:05:2c:31:c9:1c:25:e8: 19:35:16:31:77:04:fd:96:a3:34:af:34:46:ac:ec:8a:4b:5d: 48:48:f5:bd:3a:1a:0a:57:00:a3:b3:ae:bf:9b:16:21:ef:f8: 93:40:06:c3:a4:1a:ee:28:cc:9c:80:ad:98:d8:82:7a:77:cc: ea:b2:85:f1:30:80:74:a5:c2:9b:8f:3b:99:fe:5f:91:ff:74: 7e:10:1f:89:bd:0a:0e:ef:05:01:2e:65:af:f9:09:55:15:fa: c2:6a:22:82:de:77:e8:38:4d:08:b2:43:e5:a9:10:69:9f:66: c4:50:c1:ed:ec:b7:fc:02:1e:d4:72:bf:87:cb:38:3a:80:60: af:db:b8:44 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt3x2QFkbXI18jIU9dtdGB7MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA5NjlhMmEzOTYzNWI3OTc0NzZmMWYxNjMzYWU4ZjI3YmYz M2I1MzMwHhcNMjYwMTAxMDQxODM0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5MmM3ZGFlOTE0MDMzM2ZkMTVjNjY4ZDFlYjg2YWIxOTY2NDNmNmIzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh8qrgzyUaeBfwmCT3VtdEqJuPAve oeGWDn9S8QC2Vbb0ROlVids+O69QJbt9evjZqDro4X9IvXTHERIAsu0q9XJMaDuZ yu/hpFo/QDZcjBAqIPqUGVo6AR/nt+tYlkE3MKVL8+HejmcUoyrjeWzKzKHSpvYt QNN7/408tG5vWn83YqnokdpaeQB5/9YdmhApLjOYjy1K1bb/pBN3woVQJOCMxpgk hY8+go1P+qprLWWxqYLvvPOSqKcoNhr1c28W55bo818/HTZ3I1jDEtmVx6XvAc9B PK0nBHDjNPlC6zD6/RY6sRJhzTTtKcVnYjyPsLY/p3LHVl6MQvRb6dQB+wIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFJLH2ukUAzP9FcZo0euGqxlmQ/azMB8GA1UdIwQY MBaAFAlpoqOWNbeXR28fFjOujye/M7UzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQ1dtaW81WTF0NWRIYng4V002NlBKNzh6dFRNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC82ZGI0MjctZjdkYy00ZWE5LWFlOTUt NDE0OTA4NzJmYzRlLzEva3NmYTZSUURNXzBWeG1qUjY0YXJHV1pEOXJNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMC82ZGI0MjctZjdkYy00ZWE5LWFlOTUtNDE0OTA4NzJmYzRl LzEvQ1dtaW81WTF0NWRIYng4V002NlBKNzh6dFRNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAJYzyAwQA w1XPMA0GCSqGSIb3DQEBCwUAA4IBAQCNgLVj6H+X3Tgpt7EmjdMsX3YuxVlqEWOC TRaK/OqmnQCxODgAAX/VLlap5z882Nzr08X2IY2ynd/AewAb5JG7nS3D/iTW2L5/ M44QDA2C7+s2xnYcHbb+c4rxzCQQsIMSXnmkd2sW3Fq+ByNybZ0uDC977yR+4QUs MckcJegZNRYxdwT9lqM0rzRGrOyKS11ISPW9OhoKVwCjs66/mxYh7/iTQAbDpBru KMycgK2Y2IJ6d8zqsoXxMIB0pcKbjzuZ/l+R/3R+EB+JvQoO7wUBLmWv+QlVFfrC aiKC3nfoOE0IskPlqRBpn2bEUMHt7Lf8Ah7Ucr+Hyzg6gGCv27hE -----END CERTIFICATE-----Generated at Wed Jan 21 16:15:42 2026 by rpki-client