This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/f5873a-8932-426f-8175-38c8dafb3e4f/1/KaN7RLL5KVyq30qD32Rnb_nls78.roa File: KaN7RLL5KVyq30qD32Rnb_nls78.roa (raw, json) Hash identifier: bzsFsGck1pscarjTWs0d9Ebn5ZXqcM8xKvGnRO+nPFk= Subject key identifier: 29:A3:7B:44:B2:F9:29:5C:AA:DF:4A:83:DF:64:67:6F:F9:E5:B3:BF Certificate issuer: /CN=65e226bcf4a830b2f448fd6ea9976b152087dd45 Certificate serial: 019B7C7F0BBA3CBF124FAAF64B87DC9FD0F5 Authority key identifier: 65:E2:26:BC:F4:A8:30:B2:F4:48:FD:6E:A9:97:6B:15:20:87:DD:45 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZeImvPSoMLL0SP1uqZdrFSCH3UU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/f5873a-8932-426f-8175-38c8dafb3e4f/1/KaN7RLL5KVyq30qD32Rnb_nls78.roa Signing time: Fri 02 Jan 2026 02:17:39 +0000 ROA not before: Fri 02 Jan 2026 02:17:39 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 6830 IP address blocks: 185.134.192.0/22 maxlen: 22 188.126.2.0/23 maxlen: 23 188.126.30.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/f5873a-8932-426f-8175-38c8dafb3e4f/1/ZeImvPSoMLL0SP1uqZdrFSCH3UU.crl rsync://rpki.ripe.net/repository/DEFAULT/40/f5873a-8932-426f-8175-38c8dafb3e4f/1/ZeImvPSoMLL0SP1uqZdrFSCH3UU.mft rsync://rpki.ripe.net/repository/DEFAULT/ZeImvPSoMLL0SP1uqZdrFSCH3UU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 21 Jan 2026 20:00:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:7f:0b:ba:3c:bf:12:4f:aa:f6:4b:87:dc:9f:d0:f5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=65e226bcf4a830b2f448fd6ea9976b152087dd45 Validity Not Before: Jan 2 02:17:39 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=29a37b44b2f9295caadf4a83df64676ff9e5b3bf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:f6:14:f8:43:e5:4e:d7:de:d4:f1:5a:31:e8: 64:62:23:e8:ec:75:54:45:48:e9:75:ed:b0:f3:32: 5e:7d:71:fd:c1:06:ab:8a:28:10:d9:65:f6:5e:b0: fd:cb:28:bb:8c:ca:64:c8:fe:37:5e:e8:af:61:4c: f0:b5:83:95:dd:08:83:4e:dc:34:a3:c0:c5:32:e3: 73:09:cb:13:63:ec:a4:23:eb:23:bc:61:2f:c8:71: 23:1b:fc:9b:48:e5:c3:bd:7b:b6:4d:66:65:8d:30: 9a:26:77:e9:f0:8e:b6:3b:ee:9b:a4:8c:bf:9e:ec: 34:fd:08:be:f5:de:ef:9e:75:72:4e:54:af:e7:58: d9:a4:c0:49:4b:4b:a5:52:70:e3:d9:c3:42:be:32: 2e:35:b5:fd:a7:a8:13:e2:76:52:40:35:79:01:88: c8:54:74:22:99:8a:93:61:04:ae:8f:c8:35:d9:e1: 17:a4:a6:22:76:d3:37:d3:6c:4b:4d:08:7f:1b:6c: 1a:bb:5b:48:90:a9:ce:bb:bd:ae:24:5d:ce:a5:20: 79:68:99:56:4b:87:35:ed:22:95:4c:11:f8:81:35: e8:92:a6:95:40:f0:30:d6:df:40:06:b4:b2:ca:22: aa:8a:d1:0a:35:63:00:2d:cd:f1:1c:60:ca:be:28: d0:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:A3:7B:44:B2:F9:29:5C:AA:DF:4A:83:DF:64:67:6F:F9:E5:B3:BF X509v3 Authority Key Identifier: keyid:65:E2:26:BC:F4:A8:30:B2:F4:48:FD:6E:A9:97:6B:15:20:87:DD:45 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZeImvPSoMLL0SP1uqZdrFSCH3UU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/f5873a-8932-426f-8175-38c8dafb3e4f/1/KaN7RLL5KVyq30qD32Rnb_nls78.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/40/f5873a-8932-426f-8175-38c8dafb3e4f/1/ZeImvPSoMLL0SP1uqZdrFSCH3UU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.134.192.0/22 188.126.2.0/23 188.126.30.0/23 Signature Algorithm: sha256WithRSAEncryption a8:29:f2:53:93:4f:c9:d1:c5:2a:33:ee:85:bc:da:fe:d5:1e: 54:1a:70:3d:b7:58:90:9d:a2:97:72:84:19:2d:8f:ae:77:db: 4d:0f:67:70:36:1c:86:91:76:5e:50:3e:9c:64:fb:e4:5a:2f: d0:92:c6:d0:46:fa:43:06:5a:59:92:24:c3:77:c9:8a:7d:bc: 2f:4e:79:46:e5:03:a8:cf:0b:e6:0d:46:ed:b8:1c:c0:af:0c: b1:d4:3e:76:c6:60:ac:6b:63:f0:36:25:9c:ba:55:4e:22:56: da:9b:1d:1b:4b:b3:83:23:22:56:26:fd:84:93:0a:fa:5e:43: 45:b6:ca:53:07:e8:e3:02:2c:d3:36:ac:ea:d3:1d:80:00:69: 92:43:59:f3:1a:d1:6e:c0:d4:c6:73:e5:66:39:fe:85:98:7d: 8f:8e:46:0a:fa:76:3d:58:26:b5:83:31:21:c5:b7:9d:e9:09: 3c:55:6b:97:0e:d4:c2:7a:23:cd:cb:a2:7f:27:6f:8c:ba:ed: 5b:7c:51:8a:09:11:d5:db:95:66:93:06:eb:80:15:e8:0e:43: 6f:5f:fd:ad:01:a5:ce:2d:0d:a1:00:68:ae:53:4f:b9:d4:36: 7b:08:ff:57:39:1d:db:35:95:85:a3:31:6b:76:84:ef:f0:53: ff:a9:a2:c1 -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt8fwu6PL8ST6r2S4fcn9D1MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY1ZTIyNmJjZjRhODMwYjJmNDQ4ZmQ2ZWE5OTc2YjE1MjA4 N2RkNDUwHhcNMjYwMTAyMDIxNzM5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyOWEzN2I0NGIyZjkyOTVjYWFkZjRhODNkZjY0Njc2ZmY5ZTViM2JmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqPYU+EPlTtfe1PFaMehkYiPo7HVU RUjpde2w8zJefXH9wQariigQ2WX2XrD9yyi7jMpkyP43XuivYUzwtYOV3QiDTtw0 o8DFMuNzCcsTY+ykI+sjvGEvyHEjG/ybSOXDvXu2TWZljTCaJnfp8I62O+6bpIy/ nuw0/Qi+9d7vnnVyTlSv51jZpMBJS0ulUnDj2cNCvjIuNbX9p6gT4nZSQDV5AYjI VHQimYqTYQSuj8g12eEXpKYidtM302xLTQh/G2wau1tIkKnOu72uJF3OpSB5aJlW S4c17SKVTBH4gTXokqaVQPAw1t9ABrSyyiKqitEKNWMALc3xHGDKvijQNQIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFCmje0Sy+Slcqt9Kg99kZ2/55bO/MB8GA1UdIwQY MBaAFGXiJrz0qDCy9Ej9bqmXaxUgh91FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWmVJbXZQU29NTEwwU1AxdXFaZHJGU0NIM1VVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9mNTg3M2EtODkzMi00MjZmLTgxNzUt MzhjOGRhZmIzZTRmLzEvS2FON1JMTDVLVnlxMzBxRDMyUm5iX25sczc4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80MC9mNTg3M2EtODkzMi00MjZmLTgxNzUtMzhjOGRhZmIzZTRm LzEvWmVJbXZQU29NTEwwU1AxdXFaZHJGU0NIM1VVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCuYbAAwQB vH4CAwQBvH4eMA0GCSqGSIb3DQEBCwUAA4IBAQCoKfJTk0/J0cUqM+6FvNr+1R5U GnA9t1iQnaKXcoQZLY+ud9tND2dwNhyGkXZeUD6cZPvkWi/QksbQRvpDBlpZkiTD d8mKfbwvTnlG5QOozwvmDUbtuBzArwyx1D52xmCsa2PwNiWculVOIlbamx0bS7OD IyJWJv2Ekwr6XkNFtspTB+jjAizTNqzq0x2AAGmSQ1nzGtFuwNTGc+VmOf6FmH2P jkYK+nY9WCa1gzEhxbed6Qk8VWuXDtTCeiPNy6J/J2+Muu1bfFGKCRHV25Vmkwbr gBXoDkNvX/2tAaXOLQ2hAGiuU0+51DZ7CP9XOR3bNZWFozFrdoTv8FP/qaLB -----END CERTIFICATE-----Generated at Wed Jan 21 04:57:50 2026 by rpki-client