This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/0c3554-ccad-4698-bf9f-b1fcf3896999/1/kfnmSPKrH-6BqSjW12refMM0IqY.roa File: kfnmSPKrH-6BqSjW12refMM0IqY.roa (raw, json) Hash identifier: y3GnA/PSIzdl79UwPAzwe/9AX+kGDMEKsM5rTgc0El0= Subject key identifier: 91:F9:E6:48:F2:AB:1F:EE:81:A9:28:D6:D7:6A:DE:7C:C3:34:22:A6 Certificate issuer: /CN=71b6d0e0072d0cab29bfa8737de2a53e51418276 Certificate serial: 019B7F15C30401588DEB579C9E5E3B0F82E1 Authority key identifier: 71:B6:D0:E0:07:2D:0C:AB:29:BF:A8:73:7D:E2:A5:3E:51:41:82:76 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cbbQ4ActDKspv6hzfeKlPlFBgnY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/0c3554-ccad-4698-bf9f-b1fcf3896999/1/kfnmSPKrH-6BqSjW12refMM0IqY.roa Signing time: Fri 02 Jan 2026 14:21:30 +0000 ROA not before: Fri 02 Jan 2026 14:21:30 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 208718 IP address blocks: 45.87.192.0/24 maxlen: 24 45.87.193.0/24 maxlen: 24 45.87.194.0/24 maxlen: 24 45.87.195.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/56/0c3554-ccad-4698-bf9f-b1fcf3896999/1/cbbQ4ActDKspv6hzfeKlPlFBgnY.crl rsync://rpki.ripe.net/repository/DEFAULT/56/0c3554-ccad-4698-bf9f-b1fcf3896999/1/cbbQ4ActDKspv6hzfeKlPlFBgnY.mft rsync://rpki.ripe.net/repository/DEFAULT/cbbQ4ActDKspv6hzfeKlPlFBgnY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 11:00:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:15:c3:04:01:58:8d:eb:57:9c:9e:5e:3b:0f:82:e1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=71b6d0e0072d0cab29bfa8737de2a53e51418276 Validity Not Before: Jan 2 14:21:30 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=91f9e648f2ab1fee81a928d6d76ade7cc33422a6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:e6:a3:ad:4e:59:62:4c:b5:11:cf:ba:67:c5: aa:01:bc:f3:cb:0e:f3:f6:70:88:90:f0:13:84:88: 30:d0:71:13:01:bc:32:ef:0d:21:b2:5f:0e:d5:e7: d3:b3:6a:b7:27:10:c2:88:19:ba:c7:cb:4d:12:c2: f6:d9:f4:16:7c:00:4d:b9:22:99:80:79:3b:68:dc: ce:86:20:0a:30:27:4d:f4:f3:d5:8e:3d:d8:50:40: 77:fd:b2:ea:8a:7b:37:5d:db:34:2d:95:0f:9d:e8: e9:d5:e9:08:a7:6a:14:d5:72:3d:0b:f2:5b:b4:5b: 95:e5:4d:b8:ec:cb:e8:bd:7e:0b:a0:e3:ce:81:4d: 08:c3:fb:bd:00:53:56:a0:bf:01:20:72:15:f6:fb: 7b:b5:08:eb:d8:c2:cd:2a:88:1c:fb:c2:77:40:9e: 96:e3:52:b1:53:85:87:5a:27:e2:a8:e9:45:bc:de: ef:e1:b0:5e:90:1b:f0:f7:ad:24:28:b0:a0:4e:0c: c5:83:f2:ff:de:df:d5:8c:55:e0:9d:bd:d6:50:75: 80:a7:de:07:37:45:77:65:ee:7a:dd:6e:3a:13:c5: 26:d2:40:36:be:bd:22:20:57:87:b1:5b:5a:ef:f2: 97:b6:a6:ed:4e:ac:75:87:a2:da:3e:69:1f:98:f4: ba:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 91:F9:E6:48:F2:AB:1F:EE:81:A9:28:D6:D7:6A:DE:7C:C3:34:22:A6 X509v3 Authority Key Identifier: keyid:71:B6:D0:E0:07:2D:0C:AB:29:BF:A8:73:7D:E2:A5:3E:51:41:82:76 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cbbQ4ActDKspv6hzfeKlPlFBgnY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/0c3554-ccad-4698-bf9f-b1fcf3896999/1/kfnmSPKrH-6BqSjW12refMM0IqY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/56/0c3554-ccad-4698-bf9f-b1fcf3896999/1/cbbQ4ActDKspv6hzfeKlPlFBgnY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.87.192.0/22 Signature Algorithm: sha256WithRSAEncryption a9:55:42:3b:80:f0:10:40:37:56:12:bc:08:ee:be:8f:1d:1c: 6b:f3:02:18:ab:83:5a:a4:ad:ca:30:71:24:47:9b:26:7b:e2: bf:97:dd:00:21:db:eb:84:49:64:b9:62:0c:00:58:d7:55:f9: 16:b2:52:fc:6f:0d:6c:e5:6c:6f:fe:83:ed:ea:b6:45:c1:bf: 0a:19:33:aa:59:fd:fe:f0:01:d1:76:37:bd:86:5c:a7:6b:55: 94:68:39:e2:34:80:ab:98:09:5f:63:2b:7e:ae:ba:02:16:04: 78:96:9e:e7:0b:b9:a9:f8:d8:e9:61:93:37:60:d3:4d:61:44: a9:68:d8:17:c1:6b:09:b8:a2:8c:0a:d5:5d:b7:0d:a8:9f:85: 19:71:f4:a1:80:da:9c:05:eb:20:34:a8:10:5e:46:b8:50:50: dd:13:63:cb:9d:33:a6:5e:37:67:41:81:5a:a8:b8:f1:9f:c3: 65:88:7d:22:c3:d9:7e:bf:f9:44:97:06:4c:aa:b2:2d:0c:5c: 94:4f:df:12:60:04:b2:04:7f:55:24:ad:d0:97:be:17:c0:e7: 28:d1:02:39:ce:7e:fb:e3:62:f3:af:32:83:6f:7c:c5:6e:1d: a1:10:58:f3:a2:d5:5c:61:63:ed:8e:8b:85:95:4f:83:c4:fc: 9a:c6:2a:f0 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt/FcMEAViN61ecnl47D4LhMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDcxYjZkMGUwMDcyZDBjYWIyOWJmYTg3MzdkZTJhNTNlNTE0 MTgyNzYwHhcNMjYwMTAyMTQyMTMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5MWY5ZTY0OGYyYWIxZmVlODFhOTI4ZDZkNzZhZGU3Y2MzMzQyMmE2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAneajrU5ZYky1Ec+6Z8WqAbzzyw7z 9nCIkPAThIgw0HETAbwy7w0hsl8O1efTs2q3JxDCiBm6x8tNEsL22fQWfABNuSKZ gHk7aNzOhiAKMCdN9PPVjj3YUEB3/bLqins3Xds0LZUPnejp1ekIp2oU1XI9C/Jb tFuV5U247MvovX4LoOPOgU0Iw/u9AFNWoL8BIHIV9vt7tQjr2MLNKogc+8J3QJ6W 41KxU4WHWifiqOlFvN7v4bBekBvw960kKLCgTgzFg/L/3t/VjFXgnb3WUHWAp94H N0V3Ze563W46E8Um0kA2vr0iIFeHsVta7/KXtqbtTqx1h6LaPmkfmPS6QwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFJH55kjyqx/ugako1tdq3nzDNCKmMB8GA1UdIwQY MBaAFHG20OAHLQyrKb+oc33ipT5RQYJ2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvY2JiUTRBY3RES3NwdjZoemZlS2xQbEZCZ25ZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni8wYzM1NTQtY2NhZC00Njk4LWJmOWYt YjFmY2YzODk2OTk5LzEva2ZubVNQS3JILTZCcVNqVzEycmVmTU0wSXFZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Ni8wYzM1NTQtY2NhZC00Njk4LWJmOWYtYjFmY2YzODk2OTk5 LzEvY2JiUTRBY3RES3NwdjZoemZlS2xQbEZCZ25ZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLVfAMA0G CSqGSIb3DQEBCwUAA4IBAQCpVUI7gPAQQDdWErwI7r6PHRxr8wIYq4NapK3KMHEk R5sme+K/l90AIdvrhElkuWIMAFjXVfkWslL8bw1s5Wxv/oPt6rZFwb8KGTOqWf3+ 8AHRdje9hlyna1WUaDniNICrmAlfYyt+rroCFgR4lp7nC7mp+NjpYZM3YNNNYUSp aNgXwWsJuKKMCtVdtw2on4UZcfShgNqcBesgNKgQXka4UFDdE2PLnTOmXjdnQYFa qLjxn8NliH0iw9l+v/lElwZMqrItDFyUT98SYASyBH9VJK3Ql74XwOco0QI5zn77 42LzrzKDb3zFbh2hEFjzotVcYWPtjouFlU+DxPyaxirw -----END CERTIFICATE-----Generated at Mon Feb 9 19:40:34 2026 by rpki-client