This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/KTMyv7vLJL4RhzKJMxYv2Q04XU0.roa File: KTMyv7vLJL4RhzKJMxYv2Q04XU0.roa (raw, json) Hash identifier: qlz3neHso26dPUfoq0gD9odJX4heiGA404bEQ8650r4= Subject key identifier: 29:33:32:BF:BB:CB:24:BE:11:87:32:89:33:16:2F:D9:0D:38:5D:4D Certificate issuer: /CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664 Certificate serial: 019B7A5B2CE53E1E78BD8B3FDF6360F29ECB Authority key identifier: 0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/KTMyv7vLJL4RhzKJMxYv2Q04XU0.roa Signing time: Thu 01 Jan 2026 16:19:14 +0000 ROA not before: Thu 01 Jan 2026 16:19:14 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 6762 IP address blocks: 5.180.177.0/24 maxlen: 24 185.213.194.0/24 maxlen: 24 193.38.155.0/24 maxlen: 24 193.163.87.0/24 maxlen: 24 194.62.160.0/24 maxlen: 24 195.225.83.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.mft rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 16:02:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5b:2c:e5:3e:1e:78:bd:8b:3f:df:63:60:f2:9e:cb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664 Validity Not Before: Jan 1 16:19:14 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=293332bfbbcb24be1187328933162fd90d385d4d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:dd:c8:c5:ac:db:82:63:26:a7:13:4b:8b:79: 20:46:47:91:dd:c3:23:c0:a0:ba:ca:57:9f:76:c8: cf:81:76:d6:0e:1d:c6:6e:18:ef:8b:5f:ed:b1:f9: 17:f2:75:aa:3e:2d:e7:e5:da:b0:a2:2b:31:fa:ee: 34:0b:94:17:36:7f:67:dd:de:88:c6:2e:2f:89:4a: 67:6b:d4:6f:6a:9c:93:52:31:a1:f6:37:04:65:ae: 55:04:48:a7:fc:79:e6:66:44:77:06:6b:ba:57:31: 3a:d2:1a:a9:15:65:0c:3c:d7:3d:f7:36:dc:a3:6f: 5b:07:cf:96:a9:59:76:c0:ca:08:ed:3b:1b:2d:7c: 90:a5:87:51:80:b6:fb:55:29:32:58:71:dd:a6:47: 95:91:a9:19:29:64:ff:2e:e6:89:17:10:8d:c5:de: da:c4:7d:14:bd:9c:d2:f7:f8:55:19:f8:a3:e7:4b: 35:4a:b5:0f:28:f5:6d:6c:d3:ca:7a:30:e0:0f:8e: 2c:63:3c:54:45:ef:99:69:13:61:81:fd:df:7a:88: 89:c4:ad:50:70:07:55:02:0e:cc:19:61:04:12:a6: 66:d8:33:7c:fa:4d:75:55:32:e0:5e:6a:d9:3f:dc: b2:d6:08:d0:8c:15:92:27:59:a1:ef:e0:3b:25:b7: 1e:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:33:32:BF:BB:CB:24:BE:11:87:32:89:33:16:2F:D9:0D:38:5D:4D X509v3 Authority Key Identifier: keyid:0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/KTMyv7vLJL4RhzKJMxYv2Q04XU0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.180.177.0/24 185.213.194.0/24 193.38.155.0/24 193.163.87.0/24 194.62.160.0/24 195.225.83.0/24 Signature Algorithm: sha256WithRSAEncryption 57:fe:16:70:fe:68:51:23:99:ba:1d:bf:46:24:49:10:04:c4: 00:98:e5:a0:01:0a:b6:e9:79:d0:1c:b0:ea:0d:6c:c1:92:85: 10:28:d0:d4:32:4b:62:c8:17:f6:d1:1e:96:18:af:53:a2:76: 57:b5:fc:0b:71:6e:e3:17:cd:9f:21:d2:c3:0c:c7:ab:20:59: 18:c5:c2:0c:e8:39:33:6b:a8:18:fe:d2:9a:5e:12:37:b7:28: 30:a5:eb:40:33:3f:19:ec:90:e8:f6:9c:31:93:c9:62:ba:d6: 19:5f:95:02:fe:d4:f2:74:4e:f2:91:ea:d4:5d:af:60:a8:14: ba:ce:72:48:1c:98:4f:65:8e:be:c3:6a:dc:dc:b4:aa:a5:90: 67:a0:da:b7:a7:a2:34:b2:65:70:17:2f:e3:da:5a:7c:d9:c6: 80:5d:8b:b8:b6:56:a4:07:9b:76:e8:66:6c:71:b4:84:f5:20: 4a:13:7e:a6:ac:05:ff:b6:28:09:00:c5:0c:72:b9:7a:53:7d: 30:43:8c:31:43:54:84:3b:f7:6f:5f:c9:08:0b:4a:0d:42:dc: 6d:50:01:45:73:3c:e5:06:00:f1:e1:5b:45:41:63:c3:4f:a6: 0d:db:45:73:39:2f:69:5d:1c:e1:0c:4e:ed:1f:94:de:fe:eb: 81:76:b0:ac -----BEGIN CERTIFICATE----- MIIFGzCCBAOgAwIBAgISAZt6WyzlPh54vYs/32Ng8p7LMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBkMjk5OTA0MmM1ZTIwMDZiZDVhZWI3YTA1ZGUxZTk2YTVl NzM2NjQwHhcNMjYwMTAxMTYxOTE0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyOTMzMzJiZmJiY2IyNGJlMTE4NzMyODkzMzE2MmZkOTBkMzg1ZDRkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs93IxazbgmMmpxNLi3kgRkeR3cMj wKC6ylefdsjPgXbWDh3Gbhjvi1/tsfkX8nWqPi3n5dqwoisx+u40C5QXNn9n3d6I xi4viUpna9RvapyTUjGh9jcEZa5VBEin/HnmZkR3Bmu6VzE60hqpFWUMPNc99zbc o29bB8+WqVl2wMoI7TsbLXyQpYdRgLb7VSkyWHHdpkeVkakZKWT/LuaJFxCNxd7a xH0UvZzS9/hVGfij50s1SrUPKPVtbNPKejDgD44sYzxURe+ZaRNhgf3feoiJxK1Q cAdVAg7MGWEEEqZm2DN8+k11VTLgXmrZP9yy1gjQjBWSJ1mh7+A7JbcelwIDAQAB o4ICJzCCAiMwHQYDVR0OBBYEFCkzMr+7yyS+EYcyiTMWL9kNOF1NMB8GA1UdIwQY MBaAFA0pmQQsXiAGvVrregXeHpal5zZkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUt OGMxNTM5NjViYWM5LzEvS1RNeXY3dkxKTDRSaHpLSk14WXYyUTA0WFUwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUtOGMxNTM5NjViYWM5 LzEvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQABbSxAwQA udXCAwQAwSabAwQAwaNXAwQAwj6gAwQAw+FTMA0GCSqGSIb3DQEBCwUAA4IBAQBX /hZw/mhRI5m6Hb9GJEkQBMQAmOWgAQq26XnQHLDqDWzBkoUQKNDUMktiyBf20R6W GK9TonZXtfwLcW7jF82fIdLDDMerIFkYxcIM6Dkza6gY/tKaXhI3tygwpetAMz8Z 7JDo9pwxk8liutYZX5UC/tTydE7ykerUXa9gqBS6znJIHJhPZY6+w2rc3LSqpZBn oNq3p6I0smVwFy/j2lp82caAXYu4tlakB5t26GZscbSE9SBKE36mrAX/tigJAMUM crl6U30wQ4wxQ1SEO/dvX8kIC0oNQtxtUAFFczzlBgDx4VtFQWPDT6YN20VzOS9p XRzhDE7tH5Te/uuBdrCs -----END CERTIFICATE-----Generated at Mon Jan 19 20:00:52 2026 by rpki-client