This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/99848b-c4f8-46ab-8923-1304454bf29d/1/KRcyCCYfWjqOexCvOzIazT3vyF0.roa File: KRcyCCYfWjqOexCvOzIazT3vyF0.roa (raw, json) Hash identifier: Xflkf+SBr0N9aoeaiAaOKwpAiGgoQ6BSyRkyGn+zEmo= Subject key identifier: 29:17:32:08:26:1F:5A:3A:8E:7B:10:AF:3B:32:1A:CD:3D:EF:C8:5D Certificate issuer: /CN=fa3c481607619c835d09f2471d976d7cf74a0439 Certificate serial: 019B7EA69C27C3A53A990433DFC7F0100C05 Authority key identifier: FA:3C:48:16:07:61:9C:83:5D:09:F2:47:1D:97:6D:7C:F7:4A:04:39 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-jxIFgdhnINdCfJHHZdtfPdKBDk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/99848b-c4f8-46ab-8923-1304454bf29d/1/KRcyCCYfWjqOexCvOzIazT3vyF0.roa Signing time: Fri 02 Jan 2026 12:20:06 +0000 ROA not before: Fri 02 Jan 2026 12:20:06 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 34820 IP address blocks: 45.152.96.0/24 maxlen: 24 85.159.104.0/23 maxlen: 23 85.159.106.0/24 maxlen: 24 85.159.108.0/22 maxlen: 22 185.110.140.0/23 maxlen: 23 185.110.142.0/23 maxlen: 23 185.140.40.0/23 maxlen: 23 185.140.42.0/23 maxlen: 23 2a0c:2540::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/99848b-c4f8-46ab-8923-1304454bf29d/1/1-jxIFgdhnINdCfJHHZdtfPdKBDk.crl rsync://rpki.ripe.net/repository/DEFAULT/4f/99848b-c4f8-46ab-8923-1304454bf29d/1/1-jxIFgdhnINdCfJHHZdtfPdKBDk.mft rsync://rpki.ripe.net/repository/DEFAULT/1-jxIFgdhnINdCfJHHZdtfPdKBDk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a6:9c:27:c3:a5:3a:99:04:33:df:c7:f0:10:0c:05 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=fa3c481607619c835d09f2471d976d7cf74a0439 Validity Not Before: Jan 2 12:20:06 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=29173208261f5a3a8e7b10af3b321acd3defc85d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:95:66:ad:b9:1f:9a:95:55:df:b6:b8:75:a3:6a: 91:7c:02:4f:14:af:7d:aa:d2:d4:73:29:e9:b3:2d: af:e6:ad:04:c4:bd:34:06:37:c3:de:84:f0:1e:69: 3a:39:ac:55:61:10:c9:df:84:1c:96:24:67:46:a1: f1:0e:98:6c:75:b5:12:2e:ad:fd:2c:f4:65:8c:83: e8:fa:6f:33:aa:e4:80:b0:fa:e0:b9:87:23:68:fa: aa:ff:0c:73:c5:92:c0:06:29:22:ec:f2:d9:1a:ef: 22:33:b0:dc:af:20:c8:60:b8:9a:57:9b:ed:fa:88: 57:6d:00:d9:37:86:df:98:b7:74:c5:d5:27:7a:38: 07:d9:92:e4:20:e5:fd:18:27:bd:5a:a0:15:73:9a: 1b:18:7b:0d:54:cc:a9:e0:18:ba:5d:38:b2:ee:05: b4:d1:b4:7e:18:8f:db:e3:16:11:a7:2b:6d:dd:98: 0e:2e:9a:1d:6b:ae:2f:b8:3a:af:47:76:28:86:70: 6a:24:6e:64:39:40:c6:a7:e8:7f:ab:a4:d6:68:97: 32:74:57:2c:85:e4:a3:61:96:36:15:b8:b5:5b:43: 38:cc:a8:d7:d7:dc:05:16:db:52:17:5f:09:9e:e6: 70:4a:59:d4:69:e2:32:1d:39:be:81:56:13:37:8b: b7:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:17:32:08:26:1F:5A:3A:8E:7B:10:AF:3B:32:1A:CD:3D:EF:C8:5D X509v3 Authority Key Identifier: keyid:FA:3C:48:16:07:61:9C:83:5D:09:F2:47:1D:97:6D:7C:F7:4A:04:39 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-jxIFgdhnINdCfJHHZdtfPdKBDk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/99848b-c4f8-46ab-8923-1304454bf29d/1/KRcyCCYfWjqOexCvOzIazT3vyF0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/99848b-c4f8-46ab-8923-1304454bf29d/1/1-jxIFgdhnINdCfJHHZdtfPdKBDk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.152.96.0/24 85.159.104.0-85.159.106.255 85.159.108.0/22 185.110.140.0/22 185.140.40.0/22 IPv6: 2a0c:2540::/29 Signature Algorithm: sha256WithRSAEncryption 2a:b6:95:12:37:1a:4f:6a:81:7c:f1:ff:f0:79:bf:00:14:3e: c2:8b:d4:f0:70:47:96:6f:a1:d1:17:c8:0d:68:70:a2:05:a7: 24:90:3b:b9:8c:42:e0:92:e1:12:91:c7:c3:47:28:9f:f0:3e: f1:8d:40:15:86:57:89:73:70:dc:44:a2:7e:3f:fe:3d:79:e2: 7a:57:db:4a:38:a0:97:13:3d:af:aa:9b:86:cf:3f:5f:fa:09: dd:c1:05:d2:63:b5:dc:b0:de:7b:58:97:e0:92:3f:f0:f8:6b: 39:42:39:bd:da:58:74:9b:38:f7:eb:f6:cc:20:f7:d2:82:92: a2:e7:f7:f8:16:33:28:82:fe:dd:c1:b6:f0:fa:ee:fe:e3:6a: 88:0b:4a:70:dc:b3:dd:6f:a8:d4:91:ac:46:53:22:1e:6b:a4: 70:9b:c7:87:44:39:e8:e3:be:b2:7d:6b:57:06:8f:59:4d:00: d7:b1:a7:8d:f0:55:75:d9:1d:86:15:75:f6:e8:8b:14:5b:48: c8:ba:cf:46:e7:66:fa:4a:96:43:ff:b6:c2:68:71:ec:a5:d1: 94:1d:ae:a2:68:96:a6:9d:c8:34:d5:fc:7a:58:fb:17:34:2c: 89:36:3a:88:d9:bb:f1:92:b6:6d:85:a9:fe:e9:7f:27:fc:49: e7:86:77:6a -----BEGIN CERTIFICATE----- MIIFLjCCBBagAwIBAgISAZt+ppwnw6U6mQQz38fwEAwFMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGZhM2M0ODE2MDc2MTljODM1ZDA5ZjI0NzFkOTc2ZDdjZjc0 YTA0MzkwHhcNMjYwMTAyMTIyMDA2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyOTE3MzIwODI2MWY1YTNhOGU3YjEwYWYzYjMyMWFjZDNkZWZjODVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlWatuR+alVXftrh1o2qRfAJPFK99 qtLUcynpsy2v5q0ExL00BjfD3oTwHmk6OaxVYRDJ34QcliRnRqHxDphsdbUSLq39 LPRljIPo+m8zquSAsPrguYcjaPqq/wxzxZLABiki7PLZGu8iM7DcryDIYLiaV5vt +ohXbQDZN4bfmLd0xdUnejgH2ZLkIOX9GCe9WqAVc5obGHsNVMyp4Bi6XTiy7gW0 0bR+GI/b4xYRpytt3ZgOLpoda64vuDqvR3YohnBqJG5kOUDGp+h/q6TWaJcydFcs heSjYZY2Fbi1W0M4zKjX19wFFttSF18JnuZwSlnUaeIyHTm+gVYTN4u3yQIDAQAB o4ICOjCCAjYwHQYDVR0OBBYEFCkXMggmH1o6jnsQrzsyGs0978hdMB8GA1UdIwQY MBaAFPo8SBYHYZyDXQnyRx2XbXz3SgQ5MA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMS1qeElGZ2RobklOZENmSkhIWmR0ZlBkS0JEay5jZXIw gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGYvOTk4NDhiLWM0ZjgtNDZhYi04OTIz LTEzMDQ0NTRiZjI5ZC8xL0tSY3lDQ1lmV2pxT2V4Q3ZPeklhelQzdnlGMC5yb2Ew gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0 b3J5L0RFRkFVTFQvNGYvOTk4NDhiLWM0ZjgtNDZhYi04OTIzLTEzMDQ0NTRiZjI5 ZC8xLzEtanhJRmdkaG5JTmRDZkpISFpkdGZQZEtCRGsuY3JsMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwTgYIKwYBBQUHAQcBAf8EPzA9MCwEAgABMCYDBAAtmGAw DAMEA1WfaAMEAFWfagMEAlWfbAMEArlujAMEArmMKDANBAIAAjAHAwUDKgwlQDAN BgkqhkiG9w0BAQsFAAOCAQEAKraVEjcaT2qBfPH/8Hm/ABQ+wovU8HBHlm+h0RfI DWhwogWnJJA7uYxC4JLhEpHHw0con/A+8Y1AFYZXiXNw3ESifj/+PXnielfbSjig lxM9r6qbhs8/X/oJ3cEF0mO13LDee1iX4JI/8PhrOUI5vdpYdJs49+v2zCD30oKS ouf3+BYzKIL+3cG28Pru/uNqiAtKcNyz3W+o1JGsRlMiHmukcJvHh0Q56OO+sn1r VwaPWU0A17GnjfBVddkdhhV19uiLFFtIyLrPRudm+kqWQ/+2wmhx7KXRlB2uomiW pp3INNX8elj7FzQsiTY6iNm78ZK2bYWp/ul/J/xJ54Z3ag== -----END CERTIFICATE-----Generated at Tue Feb 10 00:09:37 2026 by rpki-client