This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/cd1db3-2877-4f32-83c5-370b82e9f90b/1/kq-hWSmz-MFl73s5gbREYrag4Mo.roa File: kq-hWSmz-MFl73s5gbREYrag4Mo.roa (raw, json) Hash identifier: F1nBzA9PPwvdvb6M3PbhCg7MtCLOKfzqRqmw7zMeMt0= Subject key identifier: 92:AF:A1:59:29:B3:F8:C1:65:EF:7B:39:81:B4:44:62:B6:A0:E0:CA Certificate issuer: /CN=be9b5458c237db65848cb2acbec6db9423fcb3a6 Certificate serial: 019B7C7F4027B770BB09DDA62E61FFD55455 Authority key identifier: BE:9B:54:58:C2:37:DB:65:84:8C:B2:AC:BE:C6:DB:94:23:FC:B3:A6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vptUWMI322WEjLKsvsbblCP8s6Y.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/cd1db3-2877-4f32-83c5-370b82e9f90b/1/kq-hWSmz-MFl73s5gbREYrag4Mo.roa Signing time: Fri 02 Jan 2026 02:17:52 +0000 ROA not before: Fri 02 Jan 2026 02:17:52 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 200865 IP address blocks: 37.17.128.0/19 maxlen: 19 37.17.128.0/20 maxlen: 20 37.17.144.0/20 maxlen: 20 37.17.144.0/24 maxlen: 24 37.17.145.0/24 maxlen: 24 37.17.146.0/24 maxlen: 24 37.17.147.0/24 maxlen: 24 37.17.148.0/24 maxlen: 24 37.17.149.0/24 maxlen: 24 37.17.150.0/24 maxlen: 24 37.17.151.0/24 maxlen: 24 185.91.16.0/22 maxlen: 22 185.91.16.0/24 maxlen: 24 185.91.17.0/24 maxlen: 24 185.91.18.0/24 maxlen: 24 185.91.19.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/cd1db3-2877-4f32-83c5-370b82e9f90b/1/vptUWMI322WEjLKsvsbblCP8s6Y.crl rsync://rpki.ripe.net/repository/DEFAULT/36/cd1db3-2877-4f32-83c5-370b82e9f90b/1/vptUWMI322WEjLKsvsbblCP8s6Y.mft rsync://rpki.ripe.net/repository/DEFAULT/vptUWMI322WEjLKsvsbblCP8s6Y.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 30 Jan 2026 02:01:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:7f:40:27:b7:70:bb:09:dd:a6:2e:61:ff:d5:54:55 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=be9b5458c237db65848cb2acbec6db9423fcb3a6 Validity Not Before: Jan 2 02:17:52 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=92afa15929b3f8c165ef7b3981b44462b6a0e0ca Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8f:59:18:64:ec:79:4e:ff:76:fe:60:8a:42:0f: 20:f4:37:70:78:94:34:d2:3f:11:80:fa:94:65:a1: fb:c7:70:0d:b3:73:a1:67:f4:1d:cc:b0:12:34:7c: 1f:0e:8f:b7:58:87:dc:a4:09:be:5e:1c:2f:65:cb: bf:42:39:4f:35:f0:03:8b:99:3d:ef:29:fa:86:57: cb:59:ea:0f:94:ff:e5:f0:61:af:7e:b8:76:9a:e8: 1b:21:33:77:4c:83:20:ec:38:08:63:98:99:41:d7: 5d:e1:87:c4:48:61:ae:30:36:18:a4:d0:94:b9:cd: 0c:da:04:de:3e:71:22:89:94:d5:89:56:bf:54:11: db:2e:d4:df:35:ab:80:cf:0f:25:c6:26:6c:76:24: f8:7d:e6:c4:b0:10:e8:fb:21:35:a3:51:0f:3d:99: 02:1e:c8:a1:80:5e:53:d3:bd:f7:3c:f9:47:66:91: 47:df:cd:69:42:17:10:71:b8:6f:c9:57:0b:ce:3e: e0:24:91:ef:76:60:dd:d2:7b:96:6c:18:aa:2f:30: a0:7f:c4:52:61:94:44:70:4a:0d:bb:4e:fe:c5:57: c7:a2:e7:4d:cd:d0:36:b4:46:1a:be:3d:1e:0e:aa: 76:43:92:9e:38:97:f1:fd:37:73:6f:7f:50:1a:f9: 01:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 92:AF:A1:59:29:B3:F8:C1:65:EF:7B:39:81:B4:44:62:B6:A0:E0:CA X509v3 Authority Key Identifier: keyid:BE:9B:54:58:C2:37:DB:65:84:8C:B2:AC:BE:C6:DB:94:23:FC:B3:A6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vptUWMI322WEjLKsvsbblCP8s6Y.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/cd1db3-2877-4f32-83c5-370b82e9f90b/1/kq-hWSmz-MFl73s5gbREYrag4Mo.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/36/cd1db3-2877-4f32-83c5-370b82e9f90b/1/vptUWMI322WEjLKsvsbblCP8s6Y.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 37.17.128.0/19 185.91.16.0/22 Signature Algorithm: sha256WithRSAEncryption 93:a4:29:8e:79:8b:46:0b:e0:1a:02:fb:c6:53:f5:e0:7c:8e: 86:9b:5e:a4:8b:24:da:5e:66:ca:d1:df:dd:26:32:30:fd:14: d5:39:c3:97:df:3c:e5:fa:a3:97:5c:76:62:13:2d:3b:10:ee: 5b:be:c5:45:e9:c4:9c:aa:bd:bd:b8:c6:3b:5d:1c:4b:3e:1e: 96:b2:c8:f0:46:5e:06:0f:5c:46:fe:2e:dd:b5:fc:eb:7d:b9: a2:56:84:25:1f:6c:a2:c6:4f:52:a2:a1:6e:3f:fa:ae:89:b8: 13:a0:d2:d1:e1:98:f7:5a:73:af:68:a5:48:4f:49:8f:a5:05: 4a:7c:25:42:af:1e:31:c3:35:15:d6:a0:c4:da:4e:cf:14:ea: 49:ca:f1:f9:c4:97:d9:8f:04:f4:65:fe:31:91:eb:0c:38:3b: 95:13:e9:29:1e:fc:db:32:5c:da:5d:bb:9b:a7:cc:71:e0:2c: 8e:80:15:c3:28:06:6b:ed:3e:de:4a:69:bf:bc:44:17:3f:b0: e6:e9:06:9f:ea:e5:9e:69:50:7d:a7:b2:57:83:e0:36:9d:76: b4:7d:2a:6f:95:7a:34:d2:84:2f:10:18:52:55:10:c7:bf:fd: 41:57:42:da:30:ca:90:6c:14:b9:0a:21:ba:c5:25:1d:22:90: 6c:80:32:c4 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt8f0Ant3C7Cd2mLmH/1VRVMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGJlOWI1NDU4YzIzN2RiNjU4NDhjYjJhY2JlYzZkYjk0MjNm Y2IzYTYwHhcNMjYwMTAyMDIxNzUyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5MmFmYTE1OTI5YjNmOGMxNjVlZjdiMzk4MWI0NDQ2MmI2YTBlMGNhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj1kYZOx5Tv92/mCKQg8g9DdweJQ0 0j8RgPqUZaH7x3ANs3OhZ/QdzLASNHwfDo+3WIfcpAm+XhwvZcu/QjlPNfADi5k9 7yn6hlfLWeoPlP/l8GGvfrh2mugbITN3TIMg7DgIY5iZQddd4YfESGGuMDYYpNCU uc0M2gTePnEiiZTViVa/VBHbLtTfNauAzw8lxiZsdiT4febEsBDo+yE1o1EPPZkC HsihgF5T0733PPlHZpFH381pQhcQcbhvyVcLzj7gJJHvdmDd0nuWbBiqLzCgf8RS YZREcEoNu07+xVfHoudNzdA2tEYavj0eDqp2Q5KeOJfx/Tdzb39QGvkBcQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFJKvoVkps/jBZe97OYG0RGK2oODKMB8GA1UdIwQY MBaAFL6bVFjCN9tlhIyyrL7G25Qj/LOmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdnB0VVdNSTMyMldFakxLc3ZzYmJsQ1A4czZZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9jZDFkYjMtMjg3Ny00ZjMyLTgzYzUt MzcwYjgyZTlmOTBiLzEva3EtaFdTbXotTUZsNzNzNWdiUkVZcmFnNE1vLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNi9jZDFkYjMtMjg3Ny00ZjMyLTgzYzUtMzcwYjgyZTlmOTBi LzEvdnB0VVdNSTMyMldFakxLc3ZzYmJsQ1A4czZZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQFJRGAAwQC uVsQMA0GCSqGSIb3DQEBCwUAA4IBAQCTpCmOeYtGC+AaAvvGU/XgfI6Gm16kiyTa XmbK0d/dJjIw/RTVOcOX3zzl+qOXXHZiEy07EO5bvsVF6cScqr29uMY7XRxLPh6W ssjwRl4GD1xG/i7dtfzrfbmiVoQlH2yixk9SoqFuP/quibgToNLR4Zj3WnOvaKVI T0mPpQVKfCVCrx4xwzUV1qDE2k7PFOpJyvH5xJfZjwT0Zf4xkesMODuVE+kpHvzb MlzaXbubp8xx4CyOgBXDKAZr7T7eSmm/vEQXP7Dm6Qaf6uWeaVB9p7JXg+A2nXa0 fSpvlXo00oQvEBhSVRDHv/1BV0LaMMqQbBS5CiG6xSUdIpBsgDLE -----END CERTIFICATE-----Generated at Thu Jan 29 12:36:17 2026 by rpki-client