This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/7256ec-c346-4b29-b7f5-3e40d01740b2/1/KJO5SafutHdx989Y4beR-MDi2-w.roa File: KJO5SafutHdx989Y4beR-MDi2-w.roa (raw, json) Hash identifier: DcoFrISYVHpYfF3qhUpQz0nKOtSKRePG4GmzBfnkvzE= Subject key identifier: 28:93:B9:49:A7:EE:B4:77:71:F7:CF:58:E1:B7:91:F8:C0:E2:DB:EC Certificate issuer: /CN=d10d5b30b46c7b97b2dbc4589cea3622ad756156 Certificate serial: 019B7A5AF48FB3779C2C95BAE8EE040DDF04 Authority key identifier: D1:0D:5B:30:B4:6C:7B:97:B2:DB:C4:58:9C:EA:36:22:AD:75:61:56 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0Q1bMLRse5ey28RYnOo2Iq11YVY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/7256ec-c346-4b29-b7f5-3e40d01740b2/1/KJO5SafutHdx989Y4beR-MDi2-w.roa Signing time: Thu 01 Jan 2026 16:18:59 +0000 ROA not before: Thu 01 Jan 2026 16:18:59 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 15830 IP address blocks: 81.17.200.0/21 maxlen: 21 81.90.64.0/20 maxlen: 20 82.133.128.0/17 maxlen: 17 87.108.0.0/16 maxlen: 16 109.75.232.0/21 maxlen: 21 194.187.212.0/22 maxlen: 22 217.64.176.0/20 maxlen: 20 2001:a68::/32 maxlen: 48 2a00:16a0::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/7256ec-c346-4b29-b7f5-3e40d01740b2/1/0Q1bMLRse5ey28RYnOo2Iq11YVY.crl rsync://rpki.ripe.net/repository/DEFAULT/2a/7256ec-c346-4b29-b7f5-3e40d01740b2/1/0Q1bMLRse5ey28RYnOo2Iq11YVY.mft rsync://rpki.ripe.net/repository/DEFAULT/0Q1bMLRse5ey28RYnOo2Iq11YVY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 19:00:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5a:f4:8f:b3:77:9c:2c:95:ba:e8:ee:04:0d:df:04 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d10d5b30b46c7b97b2dbc4589cea3622ad756156 Validity Not Before: Jan 1 16:18:59 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=2893b949a7eeb47771f7cf58e1b791f8c0e2dbec Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:45:e6:03:d7:84:b0:ef:aa:3e:aa:a4:72:28: ad:10:04:10:4c:55:15:ed:6e:16:ea:05:bd:5f:3e: bf:ff:f5:89:f1:f9:10:d2:d4:fb:8f:bf:f2:a3:42: 48:ec:27:0a:e2:56:50:ce:41:be:77:6e:03:6d:08: c8:d6:93:f3:70:c1:e8:a7:0e:4f:6c:d9:d5:fb:f5: 6a:b3:da:94:b7:98:a5:07:5f:fa:18:81:a0:30:55: 50:34:b9:c9:c1:e1:dc:95:c1:65:d2:2a:2e:e8:ba: 0e:fd:b7:e5:bc:28:49:2f:ed:bb:d2:7c:dd:5f:12: 8e:50:db:21:e3:9f:6f:b8:b3:b1:2a:83:7b:4f:39: a1:9a:d1:5c:cd:ca:41:f0:91:3d:7d:72:09:bb:4f: 6d:df:61:dc:f0:43:78:1a:4c:6c:5d:ab:15:04:5f: 68:1c:4b:43:f9:0d:fd:1f:4d:79:c5:0e:32:30:e8: 27:35:85:e0:1e:ae:a2:a5:3c:ba:75:61:db:b1:b0: 35:f2:70:8f:b9:5e:94:0f:12:80:03:3b:b2:74:0d: 08:02:87:39:16:fe:0b:4b:27:24:cc:94:11:e9:33: c0:e8:a4:bb:1e:53:4c:96:27:44:cf:0b:76:db:e7: 03:fa:d5:6e:42:45:26:89:6e:90:56:66:97:27:ca: f7:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:93:B9:49:A7:EE:B4:77:71:F7:CF:58:E1:B7:91:F8:C0:E2:DB:EC X509v3 Authority Key Identifier: keyid:D1:0D:5B:30:B4:6C:7B:97:B2:DB:C4:58:9C:EA:36:22:AD:75:61:56 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Q1bMLRse5ey28RYnOo2Iq11YVY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/7256ec-c346-4b29-b7f5-3e40d01740b2/1/KJO5SafutHdx989Y4beR-MDi2-w.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/7256ec-c346-4b29-b7f5-3e40d01740b2/1/0Q1bMLRse5ey28RYnOo2Iq11YVY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 81.17.200.0/21 81.90.64.0/20 82.133.128.0/17 87.108.0.0/16 109.75.232.0/21 194.187.212.0/22 217.64.176.0/20 IPv6: 2001:a68::/32 2a00:16a0::/32 Signature Algorithm: sha256WithRSAEncryption 0a:08:a1:e3:28:72:e9:b0:fa:76:fc:91:c1:0a:5b:36:3f:03: 4b:8a:36:b6:74:30:b9:67:ae:e3:58:c4:31:15:63:45:e0:7b: 2e:de:ad:a5:ec:d3:05:66:0d:fe:ab:ed:d0:42:43:9b:6d:bb: a3:ef:10:0b:49:96:7f:2f:e1:ac:51:d1:90:88:a5:d0:09:d9: 6a:dc:9f:a5:dc:8a:7d:bd:ee:f5:8e:19:2d:1c:1c:da:ab:4e: 30:11:00:46:b2:40:e7:6c:cb:78:2a:1e:a6:b3:14:7f:cf:1d: 74:57:88:93:2b:64:f2:1c:bd:2d:fb:1f:6e:fd:0f:9e:55:43: ff:f1:26:31:98:d5:84:db:78:15:c3:e2:d1:2c:ca:5c:1b:9a: 91:ea:76:8b:55:53:ef:ea:9b:4a:92:77:54:96:53:56:5c:9b: 0f:da:61:f1:f0:0b:eb:6d:8d:79:8e:12:56:ff:12:9f:60:55: 14:93:14:4c:10:67:22:fb:49:bf:7b:c5:33:2a:1c:c7:85:e2: 15:2d:df:87:69:64:d5:0e:75:f9:23:18:9a:3a:1f:45:9d:76: f0:16:c3:db:96:21:23:fb:ce:a4:53:a9:21:a6:2b:9e:ca:b8: 9e:d5:9b:3d:55:53:88:0f:95:dd:38:45:3a:11:e5:d6:5f:c5: 8d:13:df:0d -----BEGIN CERTIFICATE----- MIIFNjCCBB6gAwIBAgISAZt6WvSPs3ecLJW66O4EDd8EMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQxMGQ1YjMwYjQ2YzdiOTdiMmRiYzQ1ODljZWEzNjIyYWQ3 NTYxNTYwHhcNMjYwMTAxMTYxODU5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyODkzYjk0OWE3ZWViNDc3NzFmN2NmNThlMWI3OTFmOGMwZTJkYmVjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn0XmA9eEsO+qPqqkciitEAQQTFUV 7W4W6gW9Xz6///WJ8fkQ0tT7j7/yo0JI7CcK4lZQzkG+d24DbQjI1pPzcMHopw5P bNnV+/Vqs9qUt5ilB1/6GIGgMFVQNLnJweHclcFl0iou6LoO/bflvChJL+270nzd XxKOUNsh459vuLOxKoN7TzmhmtFczcpB8JE9fXIJu09t32Hc8EN4GkxsXasVBF9o HEtD+Q39H015xQ4yMOgnNYXgHq6ipTy6dWHbsbA18nCPuV6UDxKAAzuydA0IAoc5 Fv4LSyckzJQR6TPA6KS7HlNMlidEzwt22+cD+tVuQkUmiW6QVmaXJ8r3+wIDAQAB o4ICQjCCAj4wHQYDVR0OBBYEFCiTuUmn7rR3cffPWOG3kfjA4tvsMB8GA1UdIwQY MBaAFNENWzC0bHuXstvEWJzqNiKtdWFWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMFExYk1MUnNlNWV5MjhSWW5PbzJJcTExWVZZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS83MjU2ZWMtYzM0Ni00YjI5LWI3ZjUt M2U0MGQwMTc0MGIyLzEvS0pPNVNhZnV0SGR4OTg5WTRiZVItTURpMi13LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yYS83MjU2ZWMtYzM0Ni00YjI5LWI3ZjUtM2U0MGQwMTc0MGIy LzEvMFExYk1MUnNlNWV5MjhSWW5PbzJJcTExWVZZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzAvBAIAATApAwQDURHIAwQE UVpAAwQHUoWAAwMAV2wDBANtS+gDBALCu9QDBATZQLAwFAQCAAIwDgMFACABCmgD BQAqABagMA0GCSqGSIb3DQEBCwUAA4IBAQAKCKHjKHLpsPp2/JHBCls2PwNLija2 dDC5Z67jWMQxFWNF4Hsu3q2l7NMFZg3+q+3QQkObbbuj7xALSZZ/L+GsUdGQiKXQ Cdlq3J+l3Ip9ve71jhktHBzaq04wEQBGskDnbMt4Kh6msxR/zx10V4iTK2TyHL0t +x9u/Q+eVUP/8SYxmNWE23gVw+LRLMpcG5qR6naLVVPv6ptKkndUllNWXJsP2mHx 8AvrbY15jhJW/xKfYFUUkxRMEGci+0m/e8UzKhzHheIVLd+HaWTVDnX5IxiaOh9F nXbwFsPbliEj+86kU6khpiueyrie1Zs9VVOID5XdOEU6EeXWX8WNE98N -----END CERTIFICATE-----Generated at Sat Jan 3 04:53:29 2026 by rpki-client