This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/KZjMwtb480QhmMy_qwDkqAzxftg.roa File: KZjMwtb480QhmMy_qwDkqAzxftg.roa (raw, json) Hash identifier: q3XLMQm5zDx0PwgEaK0JBbnS+es21cGtE1WOA02kNKo= Subject key identifier: 29:98:CC:C2:D6:F8:F3:44:21:98:CC:BF:AB:00:E4:A8:0C:F1:7E:D8 Certificate issuer: /CN=a87090c275c34c05c306f3b36063893a0d72782a Certificate serial: 019B7BA416865AA4854FBE65D14109921582 Authority key identifier: A8:70:90:C2:75:C3:4C:05:C3:06:F3:B3:60:63:89:3A:0D:72:78:2A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qHCQwnXDTAXDBvOzYGOJOg1yeCo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/KZjMwtb480QhmMy_qwDkqAzxftg.roa Signing time: Thu 01 Jan 2026 22:18:29 +0000 ROA not before: Thu 01 Jan 2026 22:18:29 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 209242 IP address blocks: 45.8.211.0/24 maxlen: 24 45.142.120.0/24 maxlen: 24 194.53.53.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/qHCQwnXDTAXDBvOzYGOJOg1yeCo.crl rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/qHCQwnXDTAXDBvOzYGOJOg1yeCo.mft rsync://rpki.ripe.net/repository/DEFAULT/qHCQwnXDTAXDBvOzYGOJOg1yeCo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 18:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a4:16:86:5a:a4:85:4f:be:65:d1:41:09:92:15:82 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a87090c275c34c05c306f3b36063893a0d72782a Validity Not Before: Jan 1 22:18:29 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=2998ccc2d6f8f3442198ccbfab00e4a80cf17ed8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:88:ec:3a:15:7e:9b:b3:2f:1f:e9:7e:fe:76: dd:ac:03:84:5e:2c:db:bd:b7:cf:97:53:5a:76:bb: cd:47:47:3d:37:d2:f6:87:b8:8e:71:15:1a:ba:c1: b5:62:62:92:c7:43:29:3c:e7:c4:d5:c0:a1:81:d4: bb:8a:55:c8:50:51:96:54:13:c2:82:b4:24:13:db: f6:3a:d4:88:f7:c2:c7:e1:c0:72:ca:37:6b:16:a0: 30:9f:34:c1:84:f4:94:64:15:42:46:46:f3:75:af: 6a:4c:26:2d:a6:f3:9a:10:9e:27:33:25:dd:71:6a: 9c:01:06:a9:b5:ce:61:6e:c0:fb:52:96:98:34:3f: d5:9b:5f:1d:e8:df:79:de:54:b0:59:d6:4a:98:ec: bd:f3:f3:50:14:e3:11:d1:f2:41:01:06:6e:cc:5a: 04:ec:6f:25:17:21:ac:73:17:fb:18:84:24:78:3e: 7f:b1:2b:dd:51:83:16:87:98:02:6e:c6:07:ae:c8: d0:bc:5b:94:74:c8:b2:b8:42:54:19:d9:41:65:e2: 5a:5b:3c:3c:d3:e5:53:01:c9:8e:54:e6:02:8a:d0: ce:7a:19:31:c9:7e:36:16:f8:fe:34:f3:1f:0f:c4: b2:36:de:87:c3:15:ef:ae:06:bc:ed:cf:02:49:25: 37:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:98:CC:C2:D6:F8:F3:44:21:98:CC:BF:AB:00:E4:A8:0C:F1:7E:D8 X509v3 Authority Key Identifier: keyid:A8:70:90:C2:75:C3:4C:05:C3:06:F3:B3:60:63:89:3A:0D:72:78:2A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qHCQwnXDTAXDBvOzYGOJOg1yeCo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/KZjMwtb480QhmMy_qwDkqAzxftg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/qHCQwnXDTAXDBvOzYGOJOg1yeCo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.8.211.0/24 45.142.120.0/24 194.53.53.0/24 Signature Algorithm: sha256WithRSAEncryption 4e:c9:8a:8e:97:9d:fa:52:39:8c:f7:e2:a6:f9:cf:29:94:4c: 39:3a:0b:91:32:f7:ff:59:1a:4a:ca:37:1b:d2:d2:42:ca:53: 37:fa:ac:50:af:7d:ce:34:71:ad:26:52:e6:c3:e9:9b:cf:ba: a4:53:c7:d5:c1:15:c5:62:9d:24:8c:6d:8a:c8:b4:c6:0f:08: b0:55:a8:ba:a9:30:8b:9f:36:93:5b:2a:ee:51:8c:a7:7f:36: c3:91:cc:0e:1a:28:74:a5:00:35:05:87:e9:d8:17:53:ae:9c: 9c:d6:0f:1a:a9:e0:5f:8b:45:08:f5:07:0f:ce:d5:27:9b:e8: 54:22:e0:0b:fa:8b:e7:4a:85:dd:63:ad:96:84:5e:45:7f:ff: d1:8c:9b:ad:ed:50:96:b8:93:8a:fc:63:4b:a7:8e:59:4f:b8: 95:8f:9c:75:ea:8f:03:4c:46:3e:a0:80:25:08:72:b7:9d:c6: c9:d8:ad:96:e0:71:95:95:3b:de:29:67:e0:e5:b0:68:c7:df: 6d:90:1c:11:da:9f:ea:fe:a9:81:96:44:c3:c2:b8:2a:77:48: 30:0c:c7:7e:83:ef:be:ed:ed:fe:4f:6f:0a:27:dc:93:3c:bb: 8e:35:94:94:f3:41:81:b6:d7:d3:f4:06:39:42:e0:76:51:6f: 42:0c:47:bb -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt7pBaGWqSFT75l0UEJkhWCMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE4NzA5MGMyNzVjMzRjMDVjMzA2ZjNiMzYwNjM4OTNhMGQ3 Mjc4MmEwHhcNMjYwMTAxMjIxODI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyOTk4Y2NjMmQ2ZjhmMzQ0MjE5OGNjYmZhYjAwZTRhODBjZjE3ZWQ4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv4jsOhV+m7MvH+l+/nbdrAOEXizb vbfPl1NadrvNR0c9N9L2h7iOcRUausG1YmKSx0MpPOfE1cChgdS7ilXIUFGWVBPC grQkE9v2OtSI98LH4cByyjdrFqAwnzTBhPSUZBVCRkbzda9qTCYtpvOaEJ4nMyXd cWqcAQaptc5hbsD7UpaYND/Vm18d6N953lSwWdZKmOy98/NQFOMR0fJBAQZuzFoE 7G8lFyGscxf7GIQkeD5/sSvdUYMWh5gCbsYHrsjQvFuUdMiyuEJUGdlBZeJaWzw8 0+VTAcmOVOYCitDOehkxyX42Fvj+NPMfD8SyNt6HwxXvrga87c8CSSU3VwIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFCmYzMLW+PNEIZjMv6sA5KgM8X7YMB8GA1UdIwQY MBaAFKhwkMJ1w0wFwwbzs2BjiToNcngqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcUhDUXduWERUQVhEQnZPellHT0pPZzF5ZUNvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS83YjIxMjktY2M2Yy00NzEwLWJhNDEt YjU3YTM2ZjJhZmNkLzEvS1pqTXd0YjQ4MFFobU15X3F3RGtxQXp4ZnRnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81YS83YjIxMjktY2M2Yy00NzEwLWJhNDEtYjU3YTM2ZjJhZmNk LzEvcUhDUXduWERUQVhEQnZPellHT0pPZzF5ZUNvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALQjTAwQA LY54AwQAwjU1MA0GCSqGSIb3DQEBCwUAA4IBAQBOyYqOl536UjmM9+Km+c8plEw5 OguRMvf/WRpKyjcb0tJCylM3+qxQr33ONHGtJlLmw+mbz7qkU8fVwRXFYp0kjG2K yLTGDwiwVai6qTCLnzaTWyruUYynfzbDkcwOGih0pQA1BYfp2BdTrpyc1g8aqeBf i0UI9QcPztUnm+hUIuAL+ovnSoXdY62WhF5Ff//RjJut7VCWuJOK/GNLp45ZT7iV j5x16o8DTEY+oIAlCHK3ncbJ2K2W4HGVlTveKWfg5bBox99tkBwR2p/q/qmBlkTD wrgqd0gwDMd+g+++7e3+T28KJ9yTPLuONZSU80GBttfT9AY5QuB2UW9CDEe7 -----END CERTIFICATE-----Generated at Tue Jan 20 02:45:03 2026 by rpki-client