This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/dda98e-8646-4d07-80ac-a35eaf005af5/1/KiCQzmzMp-dYZTZsdnHQ8YtB-c8.roa File: KiCQzmzMp-dYZTZsdnHQ8YtB-c8.roa (raw, json) Hash identifier: qCTJ0Z0ss61tBjs7gfwTEQIH5p2Cgv1rvo+LUOzgJYU= Subject key identifier: 2A:20:90:CE:6C:CC:A7:E7:58:65:36:6C:76:71:D0:F1:8B:41:F9:CF Certificate issuer: /CN=bd175e878d33b47d806f2cf3e04628220935123d Certificate serial: 019B7AC89D421AFFF423A6F24E482F62927D Authority key identifier: BD:17:5E:87:8D:33:B4:7D:80:6F:2C:F3:E0:46:28:22:09:35:12:3D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vRdeh40ztH2Abyzz4EYoIgk1Ej0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/dda98e-8646-4d07-80ac-a35eaf005af5/1/KiCQzmzMp-dYZTZsdnHQ8YtB-c8.roa Signing time: Thu 01 Jan 2026 18:18:46 +0000 ROA not before: Thu 01 Jan 2026 18:18:46 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 12586 IP address blocks: 91.199.8.0/24 maxlen: 32 2001:67c:2f84::/48 maxlen: 128 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/dda98e-8646-4d07-80ac-a35eaf005af5/1/vRdeh40ztH2Abyzz4EYoIgk1Ej0.crl rsync://rpki.ripe.net/repository/DEFAULT/57/dda98e-8646-4d07-80ac-a35eaf005af5/1/vRdeh40ztH2Abyzz4EYoIgk1Ej0.mft rsync://rpki.ripe.net/repository/DEFAULT/vRdeh40ztH2Abyzz4EYoIgk1Ej0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 18:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:c8:9d:42:1a:ff:f4:23:a6:f2:4e:48:2f:62:92:7d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=bd175e878d33b47d806f2cf3e04628220935123d Validity Not Before: Jan 1 18:18:46 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=2a2090ce6ccca7e75865366c7671d0f18b41f9cf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:e1:fe:a0:11:1e:11:d5:98:2b:6c:c9:cc:09: 8f:96:93:d9:91:6d:fb:f9:b5:3c:97:28:84:b8:aa: 7d:56:41:eb:21:d8:14:2a:6d:af:88:98:4e:b0:52: cb:a1:3f:5e:9b:cc:dd:b9:3a:7b:8a:6f:41:74:4f: cc:31:9e:cc:2c:2b:a3:76:4f:f4:24:cb:4e:51:63: fd:1e:40:0a:0b:3f:ae:a5:57:9e:1f:68:a0:22:1f: 50:2b:27:66:dc:bf:86:5b:49:c4:b0:89:c6:38:46: 1e:1a:a6:45:75:0f:33:d9:23:1e:69:25:59:2a:c0: 30:2f:f5:2c:4e:ac:5b:88:36:41:6d:3a:3f:91:4d: f1:f8:d6:f2:90:a5:dd:9f:9d:af:c6:57:4d:36:75: a1:c6:96:5a:a1:09:63:f4:44:94:c5:ea:5e:83:f2: 96:eb:40:1f:ea:7e:a2:a1:0f:95:5a:c2:58:7f:eb: 2a:51:8b:c9:13:70:a5:8e:b6:5c:23:1f:fe:98:64: c4:0e:b2:7e:27:7a:30:88:7e:7f:6e:cb:0b:f9:d7: 70:0f:7a:29:62:5f:e1:8f:9d:1a:55:fc:2a:f7:98: 22:7f:d7:7b:66:e3:9d:84:a2:db:d9:35:f2:12:23: e2:df:cc:d2:4d:b0:49:5a:d0:45:db:c2:22:c1:e2: a8:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:20:90:CE:6C:CC:A7:E7:58:65:36:6C:76:71:D0:F1:8B:41:F9:CF X509v3 Authority Key Identifier: keyid:BD:17:5E:87:8D:33:B4:7D:80:6F:2C:F3:E0:46:28:22:09:35:12:3D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vRdeh40ztH2Abyzz4EYoIgk1Ej0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/dda98e-8646-4d07-80ac-a35eaf005af5/1/KiCQzmzMp-dYZTZsdnHQ8YtB-c8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/57/dda98e-8646-4d07-80ac-a35eaf005af5/1/vRdeh40ztH2Abyzz4EYoIgk1Ej0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.199.8.0/24 IPv6: 2001:67c:2f84::/48 Signature Algorithm: sha256WithRSAEncryption 83:49:6e:47:30:a3:49:7b:15:72:09:17:31:b0:db:41:70:ae: 5b:5a:b0:d1:10:79:8a:07:31:f1:4c:e1:41:e8:2c:0e:1f:07: c9:d4:a6:7e:20:65:7d:d0:f2:86:c0:e8:1e:97:61:78:16:39: c7:bc:3a:e1:d4:29:31:6c:fc:3c:df:01:ab:e2:3b:5b:7a:b4: 73:d2:9e:55:97:8c:2c:73:1f:ba:61:19:ba:5c:fd:e2:83:c9: 72:2e:fd:00:c6:d9:27:91:eb:2b:99:5d:b7:5d:9f:cc:15:04: 1e:02:e1:57:f7:5e:e3:c3:16:b8:76:55:44:11:49:8d:6a:cb: 51:88:80:0b:71:ef:9c:ce:66:a5:d8:48:bd:26:70:10:2e:31: 61:26:bf:a6:51:91:83:5d:e0:1d:5c:3d:2b:3e:80:51:3e:58: 20:de:4c:59:22:91:2f:02:49:fa:59:f9:28:3f:4e:30:52:8b: 8f:1f:e6:9d:b5:68:c4:a3:de:c8:26:ec:57:e7:31:71:23:13: 6f:c2:97:ff:10:a2:d0:ac:d8:f2:16:3d:cd:05:86:5c:a3:10: 61:c9:ab:67:54:70:c0:b9:27:3a:aa:77:53:a7:95:72:1c:d7: f8:a5:80:57:1c:39:33:d6:85:c8:b1:f8:35:b3:1a:96:1b:6b: 39:26:aa:73 -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgISAZt6yJ1CGv/0I6byTkgvYpJ9MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGJkMTc1ZTg3OGQzM2I0N2Q4MDZmMmNmM2UwNDYyODIyMDkz NTEyM2QwHhcNMjYwMTAxMTgxODQ2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyYTIwOTBjZTZjY2NhN2U3NTg2NTM2NmM3NjcxZDBmMThiNDFmOWNmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAquH+oBEeEdWYK2zJzAmPlpPZkW37 +bU8lyiEuKp9VkHrIdgUKm2viJhOsFLLoT9em8zduTp7im9BdE/MMZ7MLCujdk/0 JMtOUWP9HkAKCz+upVeeH2igIh9QKydm3L+GW0nEsInGOEYeGqZFdQ8z2SMeaSVZ KsAwL/UsTqxbiDZBbTo/kU3x+NbykKXdn52vxldNNnWhxpZaoQlj9ESUxepeg/KW 60Af6n6ioQ+VWsJYf+sqUYvJE3CljrZcIx/+mGTEDrJ+J3owiH5/bssL+ddwD3op Yl/hj50aVfwq95gif9d7ZuOdhKLb2TXyEiPi38zSTbBJWtBF28IiweKoXwIDAQAB o4ICGjCCAhYwHQYDVR0OBBYEFCogkM5szKfnWGU2bHZx0PGLQfnPMB8GA1UdIwQY MBaAFL0XXoeNM7R9gG8s8+BGKCIJNRI9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdlJkZWg0MHp0SDJBYnl6ejRFWW9JZ2sxRWowLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny9kZGE5OGUtODY0Ni00ZDA3LTgwYWMt YTM1ZWFmMDA1YWY1LzEvS2lDUXptek1wLWRZWlRac2RuSFE4WXRCLWM4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Ny9kZGE5OGUtODY0Ni00ZDA3LTgwYWMtYTM1ZWFmMDA1YWY1 LzEvdlJkZWg0MHp0SDJBYnl6ejRFWW9JZ2sxRWowLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW8cIMA8E AgACMAkDBwAgAQZ8L4QwDQYJKoZIhvcNAQELBQADggEBAINJbkcwo0l7FXIJFzGw 20FwrltasNEQeYoHMfFM4UHoLA4fB8nUpn4gZX3Q8obA6B6XYXgWOce8OuHUKTFs /DzfAaviO1t6tHPSnlWXjCxzH7phGbpc/eKDyXIu/QDG2SeR6yuZXbddn8wVBB4C 4Vf3XuPDFrh2VUQRSY1qy1GIgAtx75zOZqXYSL0mcBAuMWEmv6ZRkYNd4B1cPSs+ gFE+WCDeTFkikS8CSfpZ+Sg/TjBSi48f5p21aMSj3sgm7FfnMXEjE2/Cl/8QotCs 2PIWPc0FhlyjEGHJq2dUcMC5Jzqqd1OnlXIc1/ilgFccOTPWhcix+DWzGpYbazkm qnM= -----END CERTIFICATE-----Generated at Mon Jan 19 23:22:19 2026 by rpki-client