This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/c44409-a65d-4b8a-bfea-4bedd3bd6ea1/1/KAZZmnJNcc3J8hdxVQCO2YzAFOk.roa File: KAZZmnJNcc3J8hdxVQCO2YzAFOk.roa (raw, json) Hash identifier: Tn9EAPhePmRvkHGL8zdRZCb2aqgnTcgDWpOmWf8X5WU= Subject key identifier: 28:06:59:9A:72:4D:71:CD:C9:F2:17:71:55:00:8E:D9:8C:C0:14:E9 Certificate issuer: /CN=133deed883c2a690ce54829b48f9d78cd7b25fd7 Certificate serial: 019B783530565AD5597BA0E0391C9351ED0A Authority key identifier: 13:3D:EE:D8:83:C2:A6:90:CE:54:82:9B:48:F9:D7:8C:D7:B2:5F:D7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ez3u2IPCppDOVIKbSPnXjNeyX9c.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/c44409-a65d-4b8a-bfea-4bedd3bd6ea1/1/KAZZmnJNcc3J8hdxVQCO2YzAFOk.roa Signing time: Thu 01 Jan 2026 06:18:30 +0000 ROA not before: Thu 01 Jan 2026 06:18:30 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 42487 IP address blocks: 89.28.144.0/21 maxlen: 21 2a01:58c0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/c44409-a65d-4b8a-bfea-4bedd3bd6ea1/1/Ez3u2IPCppDOVIKbSPnXjNeyX9c.crl rsync://rpki.ripe.net/repository/DEFAULT/34/c44409-a65d-4b8a-bfea-4bedd3bd6ea1/1/Ez3u2IPCppDOVIKbSPnXjNeyX9c.mft rsync://rpki.ripe.net/repository/DEFAULT/Ez3u2IPCppDOVIKbSPnXjNeyX9c.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:00:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:35:30:56:5a:d5:59:7b:a0:e0:39:1c:93:51:ed:0a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=133deed883c2a690ce54829b48f9d78cd7b25fd7 Validity Not Before: Jan 1 06:18:30 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=2806599a724d71cdc9f2177155008ed98cc014e9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:d0:4a:f8:e2:48:16:7e:dd:e1:d5:41:0d:80: 8d:88:86:88:10:90:8d:2d:30:28:06:2e:ce:31:c2: 64:85:18:a0:18:a6:cb:d1:5a:ee:3f:7c:98:7f:a9: 83:d9:a9:25:35:54:9d:eb:ab:f3:ad:a2:ce:ba:f4: 95:b6:8f:f4:8c:3f:33:5f:6a:04:a6:46:2c:66:79: d9:b6:5e:b3:1a:85:2f:30:4a:c0:62:37:3a:bd:e8: c9:db:00:89:2a:3b:7a:10:f3:2e:28:1b:28:84:2c: 33:0c:e5:c6:25:ac:a7:63:76:4d:ef:db:d9:77:cb: 7f:ee:50:db:a9:7f:48:78:00:3c:da:27:6e:df:72: c0:61:5b:49:4d:d5:2e:2c:6a:ee:75:1c:8c:b7:7b: 7c:11:fc:d4:44:3b:02:25:15:e3:ee:68:ab:8a:74: 0c:f6:11:1f:c5:92:20:75:80:4b:f6:da:b5:5e:46: cd:ae:5d:74:56:9a:6a:ce:08:dc:b0:5f:a7:fc:67: f5:96:2d:88:cf:3c:59:f5:42:24:aa:dd:ef:b7:fa: d7:84:12:0d:97:24:60:df:63:43:ca:a8:59:6b:bf: c0:16:d9:8f:f8:c3:a4:31:96:aa:a9:fd:07:b1:29: 3d:b3:a5:cb:9b:3b:ff:d1:19:a1:54:9d:94:71:34: 05:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:06:59:9A:72:4D:71:CD:C9:F2:17:71:55:00:8E:D9:8C:C0:14:E9 X509v3 Authority Key Identifier: keyid:13:3D:EE:D8:83:C2:A6:90:CE:54:82:9B:48:F9:D7:8C:D7:B2:5F:D7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ez3u2IPCppDOVIKbSPnXjNeyX9c.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/c44409-a65d-4b8a-bfea-4bedd3bd6ea1/1/KAZZmnJNcc3J8hdxVQCO2YzAFOk.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/34/c44409-a65d-4b8a-bfea-4bedd3bd6ea1/1/Ez3u2IPCppDOVIKbSPnXjNeyX9c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 89.28.144.0/21 IPv6: 2a01:58c0::/32 Signature Algorithm: sha256WithRSAEncryption 70:6f:39:de:da:68:87:96:d1:0d:14:ad:1a:a1:2b:36:81:1f: 8a:1a:f4:38:3a:10:30:0b:1c:9e:5e:f8:4c:73:34:47:47:f8: ca:19:fc:05:cc:ec:38:ff:9f:85:b9:07:f1:be:5c:2a:a8:42: cb:1c:8a:2d:07:48:e3:6a:4f:b5:9e:58:9d:a0:b5:59:b5:38: d8:19:5d:00:cd:b9:11:44:2d:55:59:b0:03:08:e5:d5:d2:3f: 31:f5:94:61:11:c7:f1:91:04:62:ff:9e:a0:35:e6:5f:be:1f: 3e:bf:52:3a:31:e5:42:e1:c3:7b:24:2c:71:90:2a:23:48:ea: fd:87:c2:ec:fd:3e:b1:3a:b3:52:61:ee:74:96:1a:82:d5:28: c0:79:cf:0e:8d:d6:96:85:61:ef:a8:5f:8f:c7:3f:59:e0:89: 2f:d0:df:7f:bd:a5:4e:8d:97:0d:83:47:25:1a:74:3a:36:eb: 50:81:0d:6a:85:f8:20:18:5f:ee:f4:d2:8c:f7:f0:61:25:19: e8:76:d8:3a:70:94:f9:a0:30:a7:49:1a:0c:c5:27:be:a5:18: b7:0e:68:c9:1d:91:bd:e2:7d:42:79:e3:b4:3f:e2:b0:73:b8: cd:d4:4a:02:33:fc:40:7b:d0:70:79:3f:81:dc:a3:55:00:80: a2:04:c8:50 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt4NTBWWtVZe6DgORyTUe0KMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDEzM2RlZWQ4ODNjMmE2OTBjZTU0ODI5YjQ4ZjlkNzhjZDdi MjVmZDcwHhcNMjYwMTAxMDYxODMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyODA2NTk5YTcyNGQ3MWNkYzlmMjE3NzE1NTAwOGVkOThjYzAxNGU5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArNBK+OJIFn7d4dVBDYCNiIaIEJCN LTAoBi7OMcJkhRigGKbL0VruP3yYf6mD2aklNVSd66vzraLOuvSVto/0jD8zX2oE pkYsZnnZtl6zGoUvMErAYjc6vejJ2wCJKjt6EPMuKBsohCwzDOXGJaynY3ZN79vZ d8t/7lDbqX9IeAA82idu33LAYVtJTdUuLGrudRyMt3t8EfzURDsCJRXj7mirinQM 9hEfxZIgdYBL9tq1XkbNrl10VppqzgjcsF+n/Gf1li2IzzxZ9UIkqt3vt/rXhBIN lyRg32NDyqhZa7/AFtmP+MOkMZaqqf0HsSk9s6XLmzv/0RmhVJ2UcTQFsQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFCgGWZpyTXHNyfIXcVUAjtmMwBTpMB8GA1UdIwQY MBaAFBM97tiDwqaQzlSCm0j514zXsl/XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRXozdTJJUENwcERPVklLYlNQblhqTmV5WDljLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9jNDQ0MDktYTY1ZC00YjhhLWJmZWEt NGJlZGQzYmQ2ZWExLzEvS0FaWm1uSk5jYzNKOGhkeFZRQ08yWXpBRk9rLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNC9jNDQ0MDktYTY1ZC00YjhhLWJmZWEtNGJlZGQzYmQ2ZWEx LzEvRXozdTJJUENwcERPVklLYlNQblhqTmV5WDljLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDWRyQMA0E AgACMAcDBQAqAVjAMA0GCSqGSIb3DQEBCwUAA4IBAQBwbzne2miHltENFK0aoSs2 gR+KGvQ4OhAwCxyeXvhMczRHR/jKGfwFzOw4/5+FuQfxvlwqqELLHIotB0jjak+1 nlidoLVZtTjYGV0AzbkRRC1VWbADCOXV0j8x9ZRhEcfxkQRi/56gNeZfvh8+v1I6 MeVC4cN7JCxxkCojSOr9h8Ls/T6xOrNSYe50lhqC1SjAec8OjdaWhWHvqF+Pxz9Z 4Ikv0N9/vaVOjZcNg0clGnQ6NutQgQ1qhfggGF/u9NKM9/BhJRnodtg6cJT5oDCn SRoMxSe+pRi3DmjJHZG94n1CeeO0P+Kwc7jN1EoCM/xAe9BweT+B3KNVAICiBMhQ -----END CERTIFICATE-----Generated at Mon Feb 9 21:00:16 2026 by rpki-client