This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/24015f-091c-4c5d-b5c1-bcf77026939d/1/kZOd5Cty9wDNke0SSipQ7xUfjXk.roa File: kZOd5Cty9wDNke0SSipQ7xUfjXk.roa (raw, json) Hash identifier: Nh7Xl6+9xgc8FPGMljfSPGluYgLxctUPi58GqbyJNFM= Subject key identifier: 91:93:9D:E4:2B:72:F7:00:CD:91:ED:12:4A:2A:50:EF:15:1F:8D:79 Certificate issuer: /CN=c64fa0ad8987149f05534724b45a2f4d5ebf475d Certificate serial: 019B7F83422B7A02A3A3A8521932851DFFD3 Authority key identifier: C6:4F:A0:AD:89:87:14:9F:05:53:47:24:B4:5A:2F:4D:5E:BF:47:5D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xk-grYmHFJ8FU0cktFovTV6_R10.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/24015f-091c-4c5d-b5c1-bcf77026939d/1/kZOd5Cty9wDNke0SSipQ7xUfjXk.roa Signing time: Fri 02 Jan 2026 16:21:07 +0000 ROA not before: Fri 02 Jan 2026 16:21:07 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 59645 IP address blocks: 45.91.12.0/22 maxlen: 22 193.104.168.0/24 maxlen: 24 195.191.196.0/23 maxlen: 24 195.191.196.0/24 maxlen: 24 195.191.197.0/24 maxlen: 24 2a06:d1c0::/29 maxlen: 29 2a06:d1c0:a761::/48 maxlen: 48 2a06:d1c0:ac5a::/48 maxlen: 48 2a06:d1c0:deac::/48 maxlen: 48 2a06:d1c0:dead::/48 maxlen: 48 2a06:d1c0:deae::/48 maxlen: 48 2a06:d1c0:f761::/48 maxlen: 48 2a06:d1c1::/32 maxlen: 48 2a06:d1c1:a::/48 maxlen: 48 2a06:d1c1:e::/48 maxlen: 48 2a06:d1c1:23::/48 maxlen: 48 2a06:d1c1:30::/44 maxlen: 48 2a06:d1c1:30::/48 maxlen: 48 2a06:d1c1:ac5a::/48 maxlen: 48 2a06:d1c2::/36 maxlen: 48 2a06:d1c2:a000::/36 maxlen: 36 2a06:d1c2:b000::/36 maxlen: 36 2a06:d1c2:d000::/36 maxlen: 36 2a06:d1c7::/48 maxlen: 48 2a06:d1c7:a::/48 maxlen: 48 2a06:d1c7:b::/48 maxlen: 48 2a06:d1c7:d::/48 maxlen: 48 2a0e:a40::/29 maxlen: 29 2a0e:a40::/32 maxlen: 32 2a0e:a41::/32 maxlen: 32 2a0e:a42::/32 maxlen: 32 2a0e:a43::/32 maxlen: 32 2a0e:a44::/32 maxlen: 32 2a0e:a45::/32 maxlen: 32 2a0e:a46::/32 maxlen: 32 2a0e:a47::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/24015f-091c-4c5d-b5c1-bcf77026939d/1/xk-grYmHFJ8FU0cktFovTV6_R10.crl rsync://rpki.ripe.net/repository/DEFAULT/38/24015f-091c-4c5d-b5c1-bcf77026939d/1/xk-grYmHFJ8FU0cktFovTV6_R10.mft rsync://rpki.ripe.net/repository/DEFAULT/xk-grYmHFJ8FU0cktFovTV6_R10.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 02 Feb 2026 21:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:83:42:2b:7a:02:a3:a3:a8:52:19:32:85:1d:ff:d3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c64fa0ad8987149f05534724b45a2f4d5ebf475d Validity Not Before: Jan 2 16:21:07 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=91939de42b72f700cd91ed124a2a50ef151f8d79 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:90:11:32:ad:30:95:e5:a8:68:1e:f3:62:e4:19: 8e:b1:4c:b3:cd:81:f0:1c:7e:08:03:7b:b9:c2:8a: ab:99:7c:e3:b3:08:0c:79:20:20:14:73:55:2a:89: 10:7b:ae:a2:eb:0e:ea:f4:6a:1c:d7:93:d5:59:b7: fe:93:28:29:39:d6:42:e0:6a:18:6e:73:a5:b7:52: 4d:98:5c:f4:29:46:c7:94:49:12:52:dd:ad:fd:19: a9:bb:1d:d1:ec:31:04:98:af:e2:63:8e:eb:78:b2: 5c:c5:ab:d7:70:c5:56:9d:fc:cc:ac:43:8d:92:37: 47:30:1d:95:d2:6b:83:69:ef:d4:1f:44:e5:c8:a8: 3a:89:91:dd:24:58:1f:37:01:99:a7:74:47:f6:1a: 66:1c:98:df:a7:29:5f:12:e2:68:a2:b0:cd:62:63: 5d:54:68:b1:e1:19:56:8e:8d:77:be:28:5c:5d:db: e3:ac:26:98:59:ad:4a:52:64:fb:25:d9:31:e7:b7: af:39:f1:00:e6:ff:41:b0:2e:9e:d2:85:8b:f7:56: ab:8d:49:e6:79:95:15:5c:b5:40:8a:c5:f6:a0:49: b9:98:c1:9c:33:6e:01:f6:68:3c:3c:72:d1:b1:82: a8:24:24:09:d7:ee:05:e5:94:08:1b:ba:a6:90:01: 2f:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 91:93:9D:E4:2B:72:F7:00:CD:91:ED:12:4A:2A:50:EF:15:1F:8D:79 X509v3 Authority Key Identifier: keyid:C6:4F:A0:AD:89:87:14:9F:05:53:47:24:B4:5A:2F:4D:5E:BF:47:5D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xk-grYmHFJ8FU0cktFovTV6_R10.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/24015f-091c-4c5d-b5c1-bcf77026939d/1/kZOd5Cty9wDNke0SSipQ7xUfjXk.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/38/24015f-091c-4c5d-b5c1-bcf77026939d/1/xk-grYmHFJ8FU0cktFovTV6_R10.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.91.12.0/22 193.104.168.0/24 195.191.196.0/23 IPv6: 2a06:d1c0::/29 2a0e:a40::/29 Signature Algorithm: sha256WithRSAEncryption 7d:01:25:f1:7a:bb:a0:52:44:c0:4a:1f:07:85:68:77:0a:7c: ba:9f:51:b4:2c:c5:e0:11:a1:d2:10:69:29:73:2f:d9:97:3d: 97:ba:df:8f:ad:1a:97:26:87:16:fd:e6:f9:36:2e:e1:e0:22: 2e:75:27:2e:a4:96:17:bf:c3:46:12:1d:91:c7:06:2f:3b:fa: e7:3f:d4:3d:0d:ff:87:68:ab:4e:f3:e2:73:d5:b2:d7:0d:a2: 38:ab:e8:87:b8:c6:42:d0:29:c2:11:d0:89:bd:25:ff:0d:d9: 3b:06:18:07:06:1c:c4:53:98:06:5c:bf:2e:7c:c4:93:3b:af: ba:25:27:7c:c4:f2:42:b4:56:37:bf:5d:52:23:53:7e:0c:ed: cc:3c:3b:94:18:72:7f:af:dd:48:28:f4:e1:5a:84:1f:fa:08: 6b:f3:b4:45:a8:12:4e:67:ba:dd:6c:61:d0:9e:89:ec:91:00: 16:1f:d6:60:9a:ea:cb:7a:2f:b1:e8:ff:f2:d3:95:0d:d6:94: 9e:a7:ec:a2:7b:23:c3:45:87:3e:6e:e3:55:cb:a4:37:4a:3d: 5b:8c:4b:c2:58:62:97:ba:3d:18:fd:9f:ad:16:b2:62:09:24: c2:32:79:f7:94:8c:b7:17:c4:7c:4e:d7:bc:99:77:aa:0a:fc: af:fe:e6:33 -----BEGIN CERTIFICATE----- MIIFHzCCBAegAwIBAgISAZt/g0IregKjo6hSGTKFHf/TMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM2NGZhMGFkODk4NzE0OWYwNTUzNDcyNGI0NWEyZjRkNWVi ZjQ3NWQwHhcNMjYwMTAyMTYyMTA3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5MTkzOWRlNDJiNzJmNzAwY2Q5MWVkMTI0YTJhNTBlZjE1MWY4ZDc5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkBEyrTCV5ahoHvNi5BmOsUyzzYHw HH4IA3u5woqrmXzjswgMeSAgFHNVKokQe66i6w7q9Goc15PVWbf+kygpOdZC4GoY bnOlt1JNmFz0KUbHlEkSUt2t/Rmpux3R7DEEmK/iY47reLJcxavXcMVWnfzMrEON kjdHMB2V0muDae/UH0TlyKg6iZHdJFgfNwGZp3RH9hpmHJjfpylfEuJoorDNYmNd VGix4RlWjo13vihcXdvjrCaYWa1KUmT7Jdkx57evOfEA5v9BsC6e0oWL91arjUnm eZUVXLVAisX2oEm5mMGcM24B9mg8PHLRsYKoJCQJ1+4F5ZQIG7qmkAEvgQIDAQAB o4ICKzCCAicwHQYDVR0OBBYEFJGTneQrcvcAzZHtEkoqUO8VH415MB8GA1UdIwQY MBaAFMZPoK2JhxSfBVNHJLRaL01ev0ddMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveGstZ3JZbUhGSjhGVTBja3RGb3ZUVjZfUjEwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8yNDAxNWYtMDkxYy00YzVkLWI1YzEt YmNmNzcwMjY5MzlkLzEva1pPZDVDdHk5d0ROa2UwU1NpcFE3eFVmalhrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zOC8yNDAxNWYtMDkxYy00YzVkLWI1YzEtYmNmNzcwMjY5Mzlk LzEveGstZ3JZbUhGSjhGVTBja3RGb3ZUVjZfUjEwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQCLVsMAwQA wWioAwQBw7/EMBQEAgACMA4DBQMqBtHAAwUDKg4KQDANBgkqhkiG9w0BAQsFAAOC AQEAfQEl8Xq7oFJEwEofB4Vodwp8up9RtCzF4BGh0hBpKXMv2Zc9l7rfj60alyaH Fv3m+TYu4eAiLnUnLqSWF7/DRhIdkccGLzv65z/UPQ3/h2irTvPic9Wy1w2iOKvo h7jGQtApwhHQib0l/w3ZOwYYBwYcxFOYBly/LnzEkzuvuiUnfMTyQrRWN79dUiNT fgztzDw7lBhyf6/dSCj04VqEH/oIa/O0RagSTme63Wxh0J6J7JEAFh/WYJrqy3ov sej/8tOVDdaUnqfsonsjw0WHPm7jVcukN0o9W4xLwlhil7o9GP2frRayYgkkwjJ5 95SMtxfEfE7XvJl3qgr8r/7mMw== -----END CERTIFICATE-----Generated at Mon Feb 2 08:08:19 2026 by rpki-client