This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/kmtJGb31zTt_pJ6GCyTQ9LzmkzE.roa File: kmtJGb31zTt_pJ6GCyTQ9LzmkzE.roa (raw, json) Hash identifier: Q5L6eWKaIz5gBzH7B4mLua9KGWq+PLDJnwr9Kj6N+qo= Subject key identifier: 92:6B:49:19:BD:F5:CD:3B:7F:A4:9E:86:0B:24:D0:F4:BC:E6:93:31 Certificate issuer: /CN=fe58952d393935f0d3bce814fd9178d04693aeb9 Certificate serial: 019B7C80973D1E91F616AA627646D2036B11 Authority key identifier: FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/kmtJGb31zTt_pJ6GCyTQ9LzmkzE.roa Signing time: Fri 02 Jan 2026 02:19:20 +0000 ROA not before: Fri 02 Jan 2026 02:19:20 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 39629 IP address blocks: 139.28.8.0/22 maxlen: 24 2a10:c300::/30 maxlen: 30 2a10:c304::/30 maxlen: 30 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.mft rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 04:01:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:80:97:3d:1e:91:f6:16:aa:62:76:46:d2:03:6b:11 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=fe58952d393935f0d3bce814fd9178d04693aeb9 Validity Not Before: Jan 2 02:19:20 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=926b4919bdf5cd3b7fa49e860b24d0f4bce69331 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:6d:6d:7a:01:3a:5b:a1:2d:25:ef:af:fd:5b: 09:94:f5:2c:96:a2:0e:ed:44:27:78:18:26:74:19: dc:fc:8c:4b:91:6f:7f:6c:c4:78:0e:2f:fb:70:77: 89:b7:40:29:c8:d1:1f:de:17:a1:b7:1e:70:ba:53: 4e:85:44:d7:e2:d5:27:00:2b:7f:35:d2:6f:f4:d2: d4:be:85:a8:54:fa:85:e5:4c:1f:30:74:1a:06:11: 42:e6:73:76:f4:7a:b4:7a:80:f7:8c:e1:57:8c:08: 44:71:42:c3:44:f4:82:42:27:fd:1f:ac:90:36:37: 0c:f1:55:1d:5a:6f:45:97:f2:c6:2a:a4:1d:94:14: cc:ca:72:9b:37:ff:f0:60:6f:77:04:8d:cc:da:e1: d4:f6:83:5e:84:e4:d7:69:5b:74:5f:d3:c3:49:39: da:5e:96:a8:8e:69:a6:4b:1a:8a:66:2d:06:3b:34: c0:1f:93:51:f4:d4:1b:41:d5:40:a8:36:17:93:14: 9d:4a:be:57:bf:c9:7b:0a:1f:24:65:57:7c:a1:9d: 4e:7f:77:5d:ea:70:6e:17:05:26:d3:b8:bc:6e:72: 5c:71:16:b6:d6:f3:39:65:9f:d1:37:46:77:b7:47: a0:66:91:5d:e8:63:a1:14:1c:5d:5b:71:9e:a2:33: e5:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 92:6B:49:19:BD:F5:CD:3B:7F:A4:9E:86:0B:24:D0:F4:BC:E6:93:31 X509v3 Authority Key Identifier: keyid:FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/kmtJGb31zTt_pJ6GCyTQ9LzmkzE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 139.28.8.0/22 IPv6: 2a10:c300::/29 Signature Algorithm: sha256WithRSAEncryption 6c:b2:e8:0b:49:76:f9:95:0e:99:9a:17:73:7f:88:e7:2c:b0: d1:59:14:19:5d:46:9f:8e:4a:56:b3:45:30:db:6a:5b:36:18: 3c:ff:59:70:c2:24:ac:bf:56:8d:db:5d:de:9d:d8:77:6f:fc: e0:54:17:c0:81:be:50:ad:0b:8e:82:ee:64:a6:49:82:59:25: 0e:f8:2b:35:7c:35:31:52:24:b2:f7:99:f5:62:19:18:d7:f4: b1:3a:dd:c7:72:3e:60:48:22:0b:2c:2b:6a:da:bf:aa:39:6b: cf:28:e0:e3:d9:33:cc:c0:b9:d2:99:f6:b8:32:28:9b:12:a7: 18:1c:10:94:c8:4d:bd:7a:1a:2c:17:7f:8a:ee:e2:e4:30:b9: 1b:da:29:06:38:f1:9c:02:84:7b:cb:41:b6:ff:9f:6a:14:c0: b8:cd:43:2e:2b:4a:a4:a0:db:fb:24:f1:82:16:d9:8f:d5:7b: c9:4c:56:e6:05:2e:c4:ec:b9:06:48:d0:d1:4f:33:fd:00:89: 3a:66:46:a5:bd:a9:f5:64:6d:8f:df:db:e5:66:a1:98:5d:ff: bc:f4:65:dd:cd:5e:9a:01:b4:02:09:5a:18:97:77:c2:f0:02: fa:c8:fe:b8:a5:2c:2a:e9:d2:ba:68:72:0a:6f:6c:aa:3c:14: 4d:25:47:a1 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt8gJc9HpH2FqpidkbSA2sRMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGZlNTg5NTJkMzkzOTM1ZjBkM2JjZTgxNGZkOTE3OGQwNDY5 M2FlYjkwHhcNMjYwMTAyMDIxOTIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5MjZiNDkxOWJkZjVjZDNiN2ZhNDllODYwYjI0ZDBmNGJjZTY5MzMxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv21tegE6W6EtJe+v/VsJlPUslqIO 7UQneBgmdBnc/IxLkW9/bMR4Di/7cHeJt0ApyNEf3hehtx5wulNOhUTX4tUnACt/ NdJv9NLUvoWoVPqF5UwfMHQaBhFC5nN29Hq0eoD3jOFXjAhEcULDRPSCQif9H6yQ NjcM8VUdWm9Fl/LGKqQdlBTMynKbN//wYG93BI3M2uHU9oNehOTXaVt0X9PDSTna XpaojmmmSxqKZi0GOzTAH5NR9NQbQdVAqDYXkxSdSr5Xv8l7Ch8kZVd8oZ1Of3dd 6nBuFwUm07i8bnJccRa21vM5ZZ/RN0Z3t0egZpFd6GOhFBxdW3GeojPlwQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFJJrSRm99c07f6Sehgsk0PS85pMxMB8GA1UdIwQY MBaAFP5YlS05OTXw07zoFP2ReNBGk665MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUt NWQ0OGI2NWNlNTczLzEva210SkdiMzF6VHRfcEo2R0N5VFE5THpta3pFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUtNWQ0OGI2NWNlNTcz LzEvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCixwIMA0E AgACMAcDBQMqEMMAMA0GCSqGSIb3DQEBCwUAA4IBAQBssugLSXb5lQ6Zmhdzf4jn LLDRWRQZXUafjkpWs0Uw22pbNhg8/1lwwiSsv1aN213endh3b/zgVBfAgb5QrQuO gu5kpkmCWSUO+Cs1fDUxUiSy95n1YhkY1/SxOt3Hcj5gSCILLCtq2r+qOWvPKODj 2TPMwLnSmfa4MiibEqcYHBCUyE29ehosF3+K7uLkMLkb2ikGOPGcAoR7y0G2/59q FMC4zUMuK0qkoNv7JPGCFtmP1XvJTFbmBS7E7LkGSNDRTzP9AIk6Zkalvan1ZG2P 39vlZqGYXf+89GXdzV6aAbQCCVoYl3fC8AL6yP64pSwq6dK6aHIKb2yqPBRNJUeh -----END CERTIFICATE-----Generated at Wed Jan 21 10:49:51 2026 by rpki-client