This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/KJT_pJ-_MsrdvhauU24HbPxUbkY.roa File: KJT_pJ-_MsrdvhauU24HbPxUbkY.roa (raw, json) Hash identifier: Yg/3t0migFqwhZVOrL/EsViAHdQyRQSmLYeGfpaybKM= Subject key identifier: 28:94:FF:A4:9F:BF:32:CA:DD:BE:16:AE:53:6E:07:6C:FC:54:6E:46 Certificate issuer: /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e Certificate serial: 019B77C68204D02C155D1874F085FEC6B763 Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/KJT_pJ-_MsrdvhauU24HbPxUbkY.roa Signing time: Thu 01 Jan 2026 04:17:36 +0000 ROA not before: Thu 01 Jan 2026 04:17:36 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 9009 IP address blocks: 89.32.163.0/24 maxlen: 24 89.32.164.0/24 maxlen: 24 89.34.122.0/24 maxlen: 24 89.34.123.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.mft rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 19 Jan 2026 02:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c6:82:04:d0:2c:15:5d:18:74:f0:85:fe:c6:b7:63 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e Validity Not Before: Jan 1 04:17:36 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=2894ffa49fbf32caddbe16ae536e076cfc546e46 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:bb:50:83:86:d1:4a:78:d3:ad:ee:e0:c8:10: 71:8b:36:11:5f:44:a2:94:e3:d5:34:70:28:0d:9c: 00:51:f0:db:b1:92:4d:19:00:4c:f9:b7:4b:43:97: 4a:68:b9:00:a4:0f:d4:fd:80:60:f3:db:94:b6:80: 69:4d:06:59:ee:02:fc:23:33:1d:6c:c5:40:92:35: fe:88:f3:d3:ea:08:ce:f0:cd:5d:6b:0c:17:ad:22: 7d:73:bf:98:a3:93:3c:8c:bf:01:39:21:8d:b3:b0: 7e:70:f3:37:9b:22:74:f7:d4:f5:a8:16:2f:f4:fc: 3c:ba:53:ea:69:4e:bf:ac:ee:83:be:ff:d0:7e:80: 9a:aa:8a:11:fc:2d:1b:da:b4:a2:63:c0:be:0d:73: 5d:61:1e:f5:16:39:c4:1f:35:a9:28:6c:7d:d0:48: b2:c0:3f:ac:28:7f:3a:76:ae:87:11:dc:80:0c:e6: 4b:8a:f5:3c:aa:83:96:93:8e:71:0c:f4:a4:a3:2b: f2:51:0d:0b:07:f3:de:54:f4:15:2b:4d:a6:e8:40: b0:0c:e7:34:d9:1b:32:98:ae:d4:29:d6:5f:ce:39: 4b:e8:ce:20:64:c7:af:30:30:49:a7:f7:40:5b:e3: 1c:b7:ff:59:5c:30:d5:ac:ef:67:9a:d2:d0:47:f3: f1:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:94:FF:A4:9F:BF:32:CA:DD:BE:16:AE:53:6E:07:6C:FC:54:6E:46 X509v3 Authority Key Identifier: keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/KJT_pJ-_MsrdvhauU24HbPxUbkY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 89.32.163.0-89.32.164.255 89.34.122.0/23 Signature Algorithm: sha256WithRSAEncryption 67:f9:d8:b8:b2:54:42:e3:89:b6:bf:2d:7f:b4:33:11:81:54: 69:f6:06:b5:38:30:01:8c:f8:e4:5e:1f:11:a8:ef:f8:41:08: 19:b8:dd:eb:bf:53:7c:67:d8:46:69:a8:57:86:82:0d:71:18: 36:e3:a5:a0:cf:24:df:10:1c:ac:b4:85:80:34:4c:cb:11:e5: 0a:de:07:84:84:3d:01:3d:9f:6a:81:12:16:3b:03:8c:fb:2f: 9c:5a:9d:ee:83:b6:a9:bc:2e:62:1c:46:15:d6:e5:66:83:e9: 63:1c:25:6b:94:90:23:de:c4:56:f6:9f:5c:d9:4a:aa:3e:24: be:ba:e3:eb:b2:c5:27:2f:00:24:6b:c0:00:66:64:36:89:14: 81:f6:dd:06:c5:23:d8:0d:7f:ad:51:77:c3:6f:e7:c6:80:b3: 2e:6e:3c:b5:8e:0b:9c:57:1e:fa:df:cd:db:94:ca:3c:a2:72: 3c:e5:50:55:0a:59:f6:f3:3e:3f:10:b0:c9:a3:74:a2:b0:a5: c9:30:6c:8f:0f:38:01:0a:97:0c:6d:2d:a6:5d:78:6c:b2:e9: bf:f9:3d:40:3e:8c:cc:d8:09:20:03:4f:52:4c:39:77:95:18: ed:b4:1e:c8:c3:8c:7d:2b:08:a4:87:a7:95:51:f7:a7:1e:95: ae:1c:b5:8f -----BEGIN CERTIFICATE----- MIIFCzCCA/OgAwIBAgISAZt3xoIE0CwVXRh08IX+xrdjMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRhYWYxN2IwMDE1ZGJiN2NkOTkyZjI2Y2RmZjAxYzRlMjYy MGI3M2UwHhcNMjYwMTAxMDQxNzM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyODk0ZmZhNDlmYmYzMmNhZGRiZTE2YWU1MzZlMDc2Y2ZjNTQ2ZTQ2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtrtQg4bRSnjTre7gyBBxizYRX0Si lOPVNHAoDZwAUfDbsZJNGQBM+bdLQ5dKaLkApA/U/YBg89uUtoBpTQZZ7gL8IzMd bMVAkjX+iPPT6gjO8M1dawwXrSJ9c7+Yo5M8jL8BOSGNs7B+cPM3myJ099T1qBYv 9Pw8ulPqaU6/rO6Dvv/QfoCaqooR/C0b2rSiY8C+DXNdYR71FjnEHzWpKGx90Eiy wD+sKH86dq6HEdyADOZLivU8qoOWk45xDPSkoyvyUQ0LB/PeVPQVK02m6ECwDOc0 2RsymK7UKdZfzjlL6M4gZMevMDBJp/dAW+Mct/9ZXDDVrO9nmtLQR/PxhwIDAQAB o4ICFzCCAhMwHQYDVR0OBBYEFCiU/6SfvzLK3b4WrlNuB2z8VG5GMB8GA1UdIwQY MBaAFNqvF7ABXbt82ZLybN/wHE4mILc+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAt Y2YwNmQxOTgzYmExLzEvS0pUX3BKLV9Nc3JkdmhhdVUyNEhiUHhVYmtZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAtY2YwNmQxOTgzYmEx LzEvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBABZIKMD BABZIKQDBAFZInowDQYJKoZIhvcNAQELBQADggEBAGf52LiyVELjiba/LX+0MxGB VGn2BrU4MAGM+OReHxGo7/hBCBm43eu/U3xn2EZpqFeGgg1xGDbjpaDPJN8QHKy0 hYA0TMsR5QreB4SEPQE9n2qBEhY7A4z7L5xane6Dtqm8LmIcRhXW5WaD6WMcJWuU kCPexFb2n1zZSqo+JL664+uyxScvACRrwABmZDaJFIH23QbFI9gNf61Rd8Nv58aA sy5uPLWOC5xXHvrfzduUyjyicjzlUFUKWfbzPj8QsMmjdKKwpckwbI8POAEKlwxt LaZdeGyy6b/5PUA+jMzYCSADT1JMOXeVGO20HsjDjH0rCKSHp5VR96cela4ctY8= -----END CERTIFICATE-----Generated at Sun Jan 18 08:53:42 2026 by rpki-client