This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/971cc4-54d5-4c28-a1c3-e63e94cba09f/1/KfDSJyzb9f5qb2_ejV8orifPYoQ.roa File: KfDSJyzb9f5qb2_ejV8orifPYoQ.roa (raw, json) Hash identifier: ffWRor2kEy0Bm5u6I9vC5lf9Q7mFKeVt0iScOU1aS8U= Subject key identifier: 29:F0:D2:27:2C:DB:F5:FE:6A:6F:6F:DE:8D:5F:28:AE:27:CF:62:84 Certificate issuer: /CN=7d04c25c2f8b47e5daf52d1c4c5a50999dd0a0a9 Certificate serial: 019B7758EA06BE886796096767F5F4343CFE Authority key identifier: 7D:04:C2:5C:2F:8B:47:E5:DA:F5:2D:1C:4C:5A:50:99:9D:D0:A0:A9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQTCXC-LR-Xa9S0cTFpQmZ3QoKk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/971cc4-54d5-4c28-a1c3-e63e94cba09f/1/KfDSJyzb9f5qb2_ejV8orifPYoQ.roa Signing time: Thu 01 Jan 2026 02:17:54 +0000 ROA not before: Thu 01 Jan 2026 02:17:54 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 202297 IP address blocks: 45.139.224.0/22 maxlen: 24 2001:678:aa4::/48 maxlen: 48 2001:678:aa8::/48 maxlen: 48 2a04:ff00::/29 maxlen: 29 2a04:ff07::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/971cc4-54d5-4c28-a1c3-e63e94cba09f/1/fQTCXC-LR-Xa9S0cTFpQmZ3QoKk.crl rsync://rpki.ripe.net/repository/DEFAULT/38/971cc4-54d5-4c28-a1c3-e63e94cba09f/1/fQTCXC-LR-Xa9S0cTFpQmZ3QoKk.mft rsync://rpki.ripe.net/repository/DEFAULT/fQTCXC-LR-Xa9S0cTFpQmZ3QoKk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 20:01:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:58:ea:06:be:88:67:96:09:67:67:f5:f4:34:3c:fe Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7d04c25c2f8b47e5daf52d1c4c5a50999dd0a0a9 Validity Not Before: Jan 1 02:17:54 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=29f0d2272cdbf5fe6a6f6fde8d5f28ae27cf6284 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:90:06:c0:90:49:a5:52:ad:e5:b5:bb:67:bf:21: 14:f7:18:21:29:8d:3e:f5:19:09:f7:47:3b:2b:c5: a6:54:92:8a:46:90:a3:c5:c9:9a:c5:2b:4d:13:66: e0:7c:e0:1c:bc:f3:52:8b:88:bc:c7:4a:40:5d:f2: 4c:e0:93:7f:57:d7:52:0d:c8:73:af:2b:b3:39:01: cf:cd:3f:77:04:71:44:2d:88:f8:51:74:12:88:5c: 52:48:48:16:e5:39:d6:9a:58:9c:22:d8:35:3c:06: 2a:2b:cb:48:19:af:46:53:58:67:35:5c:79:83:78: e9:57:53:b3:55:1e:c6:38:6a:5e:fc:6f:07:2d:51: 49:61:eb:84:77:10:e4:72:e7:c2:6e:63:81:26:4e: de:64:44:ed:e5:df:6e:56:cd:18:2b:b4:24:ba:12: 1a:02:a0:44:f4:05:6a:6c:2d:44:d6:8d:7d:2a:6f: 48:6c:bd:79:f8:20:35:cb:e2:0d:37:6c:a6:10:7d: a8:3e:b6:11:4a:3d:f5:d2:1e:01:a6:d3:aa:65:d4: 26:73:3c:0c:a6:e6:73:f1:44:29:d7:cc:a1:53:21: c6:b5:26:06:e9:67:dd:e5:8d:5d:e9:fb:e3:70:4d: 1e:80:62:3c:0f:39:ad:32:59:98:d4:b2:34:2f:97: a9:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:F0:D2:27:2C:DB:F5:FE:6A:6F:6F:DE:8D:5F:28:AE:27:CF:62:84 X509v3 Authority Key Identifier: keyid:7D:04:C2:5C:2F:8B:47:E5:DA:F5:2D:1C:4C:5A:50:99:9D:D0:A0:A9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQTCXC-LR-Xa9S0cTFpQmZ3QoKk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/971cc4-54d5-4c28-a1c3-e63e94cba09f/1/KfDSJyzb9f5qb2_ejV8orifPYoQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/38/971cc4-54d5-4c28-a1c3-e63e94cba09f/1/fQTCXC-LR-Xa9S0cTFpQmZ3QoKk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.139.224.0/22 IPv6: 2001:678:aa4::/48 2001:678:aa8::/48 2a04:ff00::/29 Signature Algorithm: sha256WithRSAEncryption 14:37:2b:9b:53:1e:bb:9a:0a:1b:ea:84:f6:6d:62:11:e2:b5: b4:0d:4d:a1:aa:93:28:3b:02:17:05:5e:d1:17:de:c0:23:ac: 86:df:da:0b:24:78:f4:51:6c:f7:9c:9e:8a:93:51:03:f7:a6: 1a:ca:2e:59:4a:9f:46:a5:70:ce:45:ba:1c:c8:8d:fd:4d:87: 01:ee:8a:fc:9d:16:d4:95:a6:1b:fe:bb:03:69:03:2e:1d:f9: 61:a8:3a:dc:a1:97:bf:23:a3:e0:cd:c2:63:e2:57:07:4c:14: 23:3a:34:8a:34:3b:55:31:a6:7f:65:25:37:12:f4:41:a3:e3: bf:f3:c0:74:e2:ef:e8:b5:73:b2:1c:bc:8b:67:52:99:13:58: 33:7a:0b:01:17:b3:18:67:b4:de:e0:2b:87:17:67:37:c4:3a: 42:d2:c9:7f:9e:69:d7:2f:35:71:11:b2:f0:f3:9b:b9:b0:c7: 31:73:6e:fe:c1:62:4e:e2:1b:f3:9f:5f:83:3a:01:cb:15:e6: 66:59:68:17:01:ba:e0:3b:d7:f4:f9:bb:c3:9a:44:4d:e9:89: a3:1e:6e:8c:00:11:38:ab:90:99:3b:f1:54:ad:02:16:26:65: be:c2:90:57:b8:b0:96:7e:9e:34:33:6f:62:36:41:20:67:63: 55:26:eb:32 -----BEGIN CERTIFICATE----- MIIFHjCCBAagAwIBAgISAZt3WOoGvohnlglnZ/X0NDz+MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDdkMDRjMjVjMmY4YjQ3ZTVkYWY1MmQxYzRjNWE1MDk5OWRk MGEwYTkwHhcNMjYwMTAxMDIxNzU0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyOWYwZDIyNzJjZGJmNWZlNmE2ZjZmZGU4ZDVmMjhhZTI3Y2Y2Mjg0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkAbAkEmlUq3ltbtnvyEU9xghKY0+ 9RkJ90c7K8WmVJKKRpCjxcmaxStNE2bgfOAcvPNSi4i8x0pAXfJM4JN/V9dSDchz ryuzOQHPzT93BHFELYj4UXQSiFxSSEgW5TnWmlicItg1PAYqK8tIGa9GU1hnNVx5 g3jpV1OzVR7GOGpe/G8HLVFJYeuEdxDkcufCbmOBJk7eZETt5d9uVs0YK7QkuhIa AqBE9AVqbC1E1o19Km9IbL15+CA1y+INN2ymEH2oPrYRSj310h4BptOqZdQmczwM puZz8UQp18yhUyHGtSYG6Wfd5Y1d6fvjcE0egGI8DzmtMlmY1LI0L5epWwIDAQAB o4ICKjCCAiYwHQYDVR0OBBYEFCnw0ics2/X+am9v3o1fKK4nz2KEMB8GA1UdIwQY MBaAFH0Ewlwvi0fl2vUtHExaUJmd0KCpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZlFUQ1hDLUxSLVhhOVMwY1RGcFFtWjNRb0trLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC85NzFjYzQtNTRkNS00YzI4LWExYzMt ZTYzZTk0Y2JhMDlmLzEvS2ZEU0p5emI5ZjVxYjJfZWpWOG9yaWZQWW9RLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zOC85NzFjYzQtNTRkNS00YzI4LWExYzMtZTYzZTk0Y2JhMDlm LzEvZlFUQ1hDLUxSLVhhOVMwY1RGcFFtWjNRb0trLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAMBAIAATAGAwQCLYvgMB8E AgACMBkDBwAgAQZ4CqQDBwAgAQZ4CqgDBQMqBP8AMA0GCSqGSIb3DQEBCwUAA4IB AQAUNyubUx67mgob6oT2bWIR4rW0DU2hqpMoOwIXBV7RF97AI6yG39oLJHj0UWz3 nJ6Kk1ED96Yayi5ZSp9GpXDORbocyI39TYcB7or8nRbUlaYb/rsDaQMuHflhqDrc oZe/I6PgzcJj4lcHTBQjOjSKNDtVMaZ/ZSU3EvRBo+O/88B04u/otXOyHLyLZ1KZ E1gzegsBF7MYZ7Te4CuHF2c3xDpC0sl/nmnXLzVxEbLw85u5sMcxc27+wWJO4hvz n1+DOgHLFeZmWWgXAbrgO9f0+bvDmkRN6YmjHm6MABE4q5CZO/FUrQIWJmW+wpBX uLCWfp40M29iNkEgZ2NVJusy -----END CERTIFICATE-----Generated at Tue Jan 20 06:02:42 2026 by rpki-client