This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/kInKZypR3Yvkxg9NAZ7gpb3-dTI.roa File: kInKZypR3Yvkxg9NAZ7gpb3-dTI.roa (raw, json) Hash identifier: pKey+tQl5JvNpi5ziaNcs7L0bJUXZdpr2J8u+DLpr84= Subject key identifier: 90:89:CA:67:2A:51:DD:8B:E4:C6:0F:4D:01:9E:E0:A5:BD:FE:75:32 Certificate issuer: /CN=88add9b671f7a36eb2367e34fee4bcb13b8f66cc Certificate serial: 019B77C76ECD7D20FD16607F6D41479497CE Authority key identifier: 88:AD:D9:B6:71:F7:A3:6E:B2:36:7E:34:FE:E4:BC:B1:3B:8F:66:CC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iK3ZtnH3o26yNn40_uS8sTuPZsw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/kInKZypR3Yvkxg9NAZ7gpb3-dTI.roa Signing time: Thu 01 Jan 2026 04:18:37 +0000 ROA not before: Thu 01 Jan 2026 04:18:37 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 5650 IP address blocks: 176.103.192.0/21 maxlen: 21 213.110.72.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/iK3ZtnH3o26yNn40_uS8sTuPZsw.crl rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/iK3ZtnH3o26yNn40_uS8sTuPZsw.mft rsync://rpki.ripe.net/repository/DEFAULT/iK3ZtnH3o26yNn40_uS8sTuPZsw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 19 Jan 2026 01:00:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c7:6e:cd:7d:20:fd:16:60:7f:6d:41:47:94:97:ce Signature Algorithm: sha256WithRSAEncryption Issuer: CN=88add9b671f7a36eb2367e34fee4bcb13b8f66cc Validity Not Before: Jan 1 04:18:37 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=9089ca672a51dd8be4c60f4d019ee0a5bdfe7532 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8a:72:51:eb:93:1c:0c:16:54:65:46:e1:b8:65: 4e:0e:71:df:4e:77:05:44:d7:83:39:26:09:a9:e4: de:22:0a:8d:b1:4c:a3:26:2b:e9:3b:b4:f5:d5:95: b3:85:14:d9:36:ee:0f:3e:69:2c:85:ba:68:1d:d4: e3:df:06:2e:68:ea:97:33:f9:1e:02:fe:53:11:b9: 06:f6:5d:57:18:ec:9d:65:84:8a:c0:05:80:dd:6d: 47:de:b4:7b:bd:e2:ca:73:7c:57:ea:a1:7d:38:8d: 1d:74:99:28:21:d5:93:09:f5:65:fe:98:eb:90:2d: b9:fc:31:a9:0c:cb:54:ae:43:19:f8:c3:51:ba:0e: 15:c3:45:f0:e6:1c:8d:ef:f3:97:ce:b1:7a:16:59: d2:a4:3f:7a:27:1d:bd:aa:b1:66:60:0c:a8:ee:1f: f2:d3:40:b6:b5:cb:c4:41:a9:e4:c3:83:ae:72:52: d1:0e:4f:cb:e0:b3:ba:9b:71:20:e2:1f:f3:eb:af: 2b:d5:16:f7:a9:78:c7:23:34:3a:ce:7e:91:c1:2e: b1:c1:34:d6:11:99:b6:14:3d:f8:25:04:39:d5:95: d1:bf:79:fc:47:eb:c3:fb:c7:d8:fd:f1:fd:ea:93: 85:a5:10:db:8e:25:6a:17:e3:1f:85:0d:4b:7f:e6: af:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:89:CA:67:2A:51:DD:8B:E4:C6:0F:4D:01:9E:E0:A5:BD:FE:75:32 X509v3 Authority Key Identifier: keyid:88:AD:D9:B6:71:F7:A3:6E:B2:36:7E:34:FE:E4:BC:B1:3B:8F:66:CC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iK3ZtnH3o26yNn40_uS8sTuPZsw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/kInKZypR3Yvkxg9NAZ7gpb3-dTI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/iK3ZtnH3o26yNn40_uS8sTuPZsw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 176.103.192.0/21 213.110.72.0/22 Signature Algorithm: sha256WithRSAEncryption 22:b5:37:7b:d4:1a:aa:03:d5:7b:16:72:6c:06:a8:10:ce:c4: 65:f0:41:ec:1a:ce:5f:ed:63:80:f8:1f:eb:e1:f2:82:49:04: a9:66:14:bf:c1:02:95:12:cc:97:a6:d7:23:78:f3:45:4d:b6: d5:ca:fe:e5:99:e6:39:28:a2:7e:12:67:b6:05:f3:11:1b:c7: 6a:88:9b:0f:41:fc:f3:40:81:c7:f9:b7:a1:71:5a:f1:9b:53: 19:67:ba:95:10:f7:19:aa:90:bd:91:ad:95:c4:ba:e5:92:83: 59:ad:e5:6a:d5:18:99:8e:45:01:9e:09:0f:f0:ee:07:48:f1: 61:3d:e9:6b:5f:6b:a6:87:d6:0b:49:31:94:4c:6a:c5:6b:58: 8f:8c:4b:68:ac:9c:fd:c4:4d:00:3a:dd:ed:c5:a0:29:3d:ea: 21:86:14:39:2c:7f:bb:38:af:36:e4:3c:20:8f:73:bd:9e:75: 00:3d:36:a3:70:ba:3a:e4:aa:82:ad:30:bf:81:bd:03:c0:f5: f3:52:a0:b9:34:3a:1b:e7:d7:a5:83:71:da:4b:91:fe:e6:8f: 0b:89:3c:d6:8d:07:8d:01:4f:b2:d4:c1:01:d8:ef:b7:72:74: 4e:a8:55:44:d3:55:0b:a3:fe:41:30:1d:08:61:db:c7:04:23: 9b:2a:b2:cb -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt3x27NfSD9FmB/bUFHlJfOMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg4YWRkOWI2NzFmN2EzNmViMjM2N2UzNGZlZTRiY2IxM2I4 ZjY2Y2MwHhcNMjYwMTAxMDQxODM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5MDg5Y2E2NzJhNTFkZDhiZTRjNjBmNGQwMTllZTBhNWJkZmU3NTMyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAinJR65McDBZUZUbhuGVODnHfTncF RNeDOSYJqeTeIgqNsUyjJivpO7T11ZWzhRTZNu4PPmkshbpoHdTj3wYuaOqXM/ke Av5TEbkG9l1XGOydZYSKwAWA3W1H3rR7veLKc3xX6qF9OI0ddJkoIdWTCfVl/pjr kC25/DGpDMtUrkMZ+MNRug4Vw0Xw5hyN7/OXzrF6FlnSpD96Jx29qrFmYAyo7h/y 00C2tcvEQankw4OuclLRDk/L4LO6m3Eg4h/z668r1Rb3qXjHIzQ6zn6RwS6xwTTW EZm2FD34JQQ51ZXRv3n8R+vD+8fY/fH96pOFpRDbjiVqF+MfhQ1Lf+avGwIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFJCJymcqUd2L5MYPTQGe4KW9/nUyMB8GA1UdIwQY MBaAFIit2bZx96NusjZ+NP7kvLE7j2bMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaUszWnRuSDNvMjZ5Tm40MF91UzhzVHVQWnN3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8zZWQwMGEtMTVlZS00NjY0LWE3ZjEt YTFiOTZiOWI3MGY4LzEva0luS1p5cFIzWXZreGc5TkFaN2dwYjMtZFRJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zMy8zZWQwMGEtMTVlZS00NjY0LWE3ZjEtYTFiOTZiOWI3MGY4 LzEvaUszWnRuSDNvMjZ5Tm40MF91UzhzVHVQWnN3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDsGfAAwQC 1W5IMA0GCSqGSIb3DQEBCwUAA4IBAQAitTd71BqqA9V7FnJsBqgQzsRl8EHsGs5f 7WOA+B/r4fKCSQSpZhS/wQKVEsyXptcjePNFTbbVyv7lmeY5KKJ+Eme2BfMRG8dq iJsPQfzzQIHH+behcVrxm1MZZ7qVEPcZqpC9ka2VxLrlkoNZreVq1RiZjkUBngkP 8O4HSPFhPelrX2umh9YLSTGUTGrFa1iPjEtorJz9xE0AOt3txaApPeohhhQ5LH+7 OK825Dwgj3O9nnUAPTajcLo65KqCrTC/gb0DwPXzUqC5NDob59elg3HaS5H+5o8L iTzWjQeNAU+y1MEB2O+3cnROqFVE01ULo/5BMB0IYdvHBCObKrLL -----END CERTIFICATE-----Generated at Sun Jan 18 11:04:15 2026 by rpki-client