This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/d4b542-6392-43d0-a8c2-2cadcf6658ca/1/KwhaP0QeniVGjiTkn66bneMlJeY.roa File: KwhaP0QeniVGjiTkn66bneMlJeY.roa (raw, json) Hash identifier: iAwNlU5aGm8yC+EuRcL1q9j42YQqvBEOhpW7b2OSjjU= Subject key identifier: 2B:08:5A:3F:44:1E:9E:25:46:8E:24:E4:9F:AE:9B:9D:E3:25:25:E6 Certificate issuer: /CN=324ef76eb79074e69c73302ce4c2e0af47f45307 Certificate serial: 019B7CECDEABEB641C9DA74B7863B1E095AD Authority key identifier: 32:4E:F7:6E:B7:90:74:E6:9C:73:30:2C:E4:C2:E0:AF:47:F4:53:07 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Mk73breQdOacczAs5MLgr0f0Uwc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/d4b542-6392-43d0-a8c2-2cadcf6658ca/1/KwhaP0QeniVGjiTkn66bneMlJeY.roa Signing time: Fri 02 Jan 2026 04:17:36 +0000 ROA not before: Fri 02 Jan 2026 04:17:36 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 12776 IP address blocks: 194.56.165.0/24 maxlen: 24 194.56.166.0/24 maxlen: 24 2a05:8140::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/d4b542-6392-43d0-a8c2-2cadcf6658ca/1/Mk73breQdOacczAs5MLgr0f0Uwc.crl rsync://rpki.ripe.net/repository/DEFAULT/20/d4b542-6392-43d0-a8c2-2cadcf6658ca/1/Mk73breQdOacczAs5MLgr0f0Uwc.mft rsync://rpki.ripe.net/repository/DEFAULT/Mk73breQdOacczAs5MLgr0f0Uwc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 19:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:ec:de:ab:eb:64:1c:9d:a7:4b:78:63:b1:e0:95:ad Signature Algorithm: sha256WithRSAEncryption Issuer: CN=324ef76eb79074e69c73302ce4c2e0af47f45307 Validity Not Before: Jan 2 04:17:36 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=2b085a3f441e9e25468e24e49fae9b9de32525e6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:1c:52:ff:2e:43:61:16:52:de:91:48:4f:e5: bd:da:95:20:60:ef:3d:51:71:6b:08:6a:77:e2:79: 1a:c2:37:82:45:1e:17:01:33:91:7c:e1:29:e1:91: 45:4f:b6:33:65:d3:36:bb:28:f0:81:ac:1f:0a:60: 40:74:4a:b9:61:89:03:9d:f7:ba:c1:36:aa:58:5c: 32:60:d9:4d:50:0d:41:33:fd:6f:5a:e8:61:a4:4e: 13:cd:c9:e4:4f:0a:de:84:4b:9f:db:30:4a:87:83: fe:a9:22:ee:37:b3:7f:d0:70:17:45:73:0a:9b:78: d6:82:28:65:33:bc:e4:23:d7:8b:7e:e8:38:cd:80: 48:d9:96:c3:c4:23:b9:38:56:0e:7a:b5:31:59:f9: 26:96:fe:92:23:ff:cd:ae:30:1f:11:b0:b1:ab:99: f4:ab:0c:36:75:31:27:40:5b:93:d3:9e:c0:d7:8f: 1b:b8:3e:e1:71:c6:b5:42:84:c1:5b:1a:bb:c4:33: ed:ae:81:1a:c1:fc:b3:8c:c0:a0:50:6d:d9:fa:f7: 2a:d0:89:62:12:03:1f:ee:6e:60:9e:35:09:2b:76: 92:d4:64:a6:8d:ff:62:17:81:c2:cd:dd:ec:7d:20: 90:3a:56:23:b4:b2:ea:76:f7:07:51:d8:ca:8f:5c: 7c:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2B:08:5A:3F:44:1E:9E:25:46:8E:24:E4:9F:AE:9B:9D:E3:25:25:E6 X509v3 Authority Key Identifier: keyid:32:4E:F7:6E:B7:90:74:E6:9C:73:30:2C:E4:C2:E0:AF:47:F4:53:07 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mk73breQdOacczAs5MLgr0f0Uwc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/d4b542-6392-43d0-a8c2-2cadcf6658ca/1/KwhaP0QeniVGjiTkn66bneMlJeY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/20/d4b542-6392-43d0-a8c2-2cadcf6658ca/1/Mk73breQdOacczAs5MLgr0f0Uwc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 194.56.165.0-194.56.166.255 IPv6: 2a05:8140::/29 Signature Algorithm: sha256WithRSAEncryption 6b:e9:f3:27:58:3e:d0:fc:6c:9b:79:66:ec:0c:0c:cb:d2:96: d2:33:86:d3:53:81:12:26:ea:57:76:43:d3:99:cd:78:81:68: 91:31:e1:a0:1d:02:ce:4e:14:25:fe:fd:00:e0:2a:45:72:48: 4e:81:46:2b:70:f3:32:fd:af:6e:93:65:fa:c3:08:9a:e8:47: c6:95:18:cb:cd:ed:56:f3:e6:98:e8:07:32:1e:1e:88:66:a4: 43:97:93:7c:02:d1:e0:57:ff:b8:d2:0e:9a:d2:24:6c:ce:6b: 96:a1:96:93:7f:fd:bb:41:42:13:86:15:13:db:2c:bf:9b:7e: 3c:43:50:45:8d:7f:9f:b0:74:ba:18:d2:99:8b:5c:a5:7f:56: f9:3b:bb:79:da:fe:01:23:46:bb:5e:a5:7a:04:de:f8:08:4a: 54:55:ef:7f:97:fb:f2:60:4c:cc:57:91:79:b3:ed:df:6a:bf: 48:73:74:12:38:5f:a1:20:b0:b4:a1:40:1d:21:01:a2:01:d7: e2:3c:58:3d:b0:02:72:d9:9f:e1:0d:0b:3e:3e:57:64:7b:d2: ae:ad:49:32:f9:0f:cf:b4:cf:a8:b0:74:5f:52:cd:ad:06:db: 8f:ce:54:81:28:5d:ce:6b:02:a8:8f:39:2a:d6:d3:3e:98:e6: 7a:9a:2f:a1 -----BEGIN CERTIFICATE----- MIIFFDCCA/ygAwIBAgISAZt87N6r62QcnadLeGOx4JWtMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDMyNGVmNzZlYjc5MDc0ZTY5YzczMzAyY2U0YzJlMGFmNDdm NDUzMDcwHhcNMjYwMTAyMDQxNzM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyYjA4NWEzZjQ0MWU5ZTI1NDY4ZTI0ZTQ5ZmFlOWI5ZGUzMjUyNWU2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApRxS/y5DYRZS3pFIT+W92pUgYO89 UXFrCGp34nkawjeCRR4XATORfOEp4ZFFT7YzZdM2uyjwgawfCmBAdEq5YYkDnfe6 wTaqWFwyYNlNUA1BM/1vWuhhpE4TzcnkTwrehEuf2zBKh4P+qSLuN7N/0HAXRXMK m3jWgihlM7zkI9eLfug4zYBI2ZbDxCO5OFYOerUxWfkmlv6SI//NrjAfEbCxq5n0 qww2dTEnQFuT057A148buD7hcca1QoTBWxq7xDPtroEawfyzjMCgUG3Z+vcq0Ili EgMf7m5gnjUJK3aS1GSmjf9iF4HCzd3sfSCQOlYjtLLqdvcHUdjKj1x8RQIDAQAB o4ICIDCCAhwwHQYDVR0OBBYEFCsIWj9EHp4lRo4k5J+um53jJSXmMB8GA1UdIwQY MBaAFDJO9263kHTmnHMwLOTC4K9H9FMHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTWs3M2JyZVFkT2FjY3pBczVNTGdyMGYwVXdjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC9kNGI1NDItNjM5Mi00M2QwLWE4YzIt MmNhZGNmNjY1OGNhLzEvS3doYVAwUWVuaVZHamlUa242NmJuZU1sSmVZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMC9kNGI1NDItNjM5Mi00M2QwLWE4YzItMmNhZGNmNjY1OGNh LzEvTWs3M2JyZVFkT2FjY3pBczVNTGdyMGYwVXdjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBADCOKUD BADCOKYwDQQCAAIwBwMFAyoFgUAwDQYJKoZIhvcNAQELBQADggEBAGvp8ydYPtD8 bJt5ZuwMDMvSltIzhtNTgRIm6ld2Q9OZzXiBaJEx4aAdAs5OFCX+/QDgKkVySE6B Ritw8zL9r26TZfrDCJroR8aVGMvN7Vbz5pjoBzIeHohmpEOXk3wC0eBX/7jSDprS JGzOa5ahlpN//btBQhOGFRPbLL+bfjxDUEWNf5+wdLoY0pmLXKV/Vvk7u3na/gEj RrtepXoE3vgISlRV73+X+/JgTMxXkXmz7d9qv0hzdBI4X6EgsLShQB0hAaIB1+I8 WD2wAnLZn+ENCz4+V2R70q6tSTL5D8+0z6iwdF9Sza0G24/OVIEoXc5rAqiPOSrW 0z6Y5nqaL6E= -----END CERTIFICATE-----Generated at Tue Feb 10 04:30:55 2026 by rpki-client