This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/KV-kXiax0brWWeQZDEBKQIQ7lj0.roa File: KV-kXiax0brWWeQZDEBKQIQ7lj0.roa (raw, json) Hash identifier: VaX4IhwjfnzcwylL43ff4dLH5Qhw2TlZSvdp0A2GC5g= Subject key identifier: 29:5F:A4:5E:26:B1:D1:BA:D6:59:E4:19:0C:40:4A:40:84:3B:96:3D Certificate issuer: /CN=da8f05e3843517cf0971c2bf9cddddd62717e52c Certificate serial: 019B76EAEADA8DAAA36C31A22C8F3A770F67 Authority key identifier: DA:8F:05:E3:84:35:17:CF:09:71:C2:BF:9C:DD:DD:D6:27:17:E5:2C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2o8F44Q1F88JccK_nN3d1icX5Sw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/KV-kXiax0brWWeQZDEBKQIQ7lj0.roa Signing time: Thu 01 Jan 2026 00:17:45 +0000 ROA not before: Thu 01 Jan 2026 00:17:45 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 41745 IP address blocks: 138.124.0.0/24 maxlen: 24 138.124.1.0/24 maxlen: 24 138.124.2.0/24 maxlen: 24 138.124.3.0/24 maxlen: 24 138.124.4.0/24 maxlen: 24 138.124.10.0/24 maxlen: 24 138.124.15.0/24 maxlen: 24 138.124.16.0/24 maxlen: 24 138.124.19.0/24 maxlen: 24 138.124.20.0/24 maxlen: 24 138.124.30.0/24 maxlen: 24 138.124.31.0/24 maxlen: 24 138.124.68.0/24 maxlen: 24 138.124.69.0/24 maxlen: 24 138.124.70.0/24 maxlen: 24 138.124.71.0/24 maxlen: 24 138.124.72.0/24 maxlen: 24 138.124.73.0/24 maxlen: 24 138.124.74.0/24 maxlen: 24 138.124.75.0/24 maxlen: 24 138.124.125.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/2o8F44Q1F88JccK_nN3d1icX5Sw.crl rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/2o8F44Q1F88JccK_nN3d1icX5Sw.mft rsync://rpki.ripe.net/repository/DEFAULT/2o8F44Q1F88JccK_nN3d1icX5Sw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 21 Jan 2026 10:01:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:76:ea:ea:da:8d:aa:a3:6c:31:a2:2c:8f:3a:77:0f:67 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=da8f05e3843517cf0971c2bf9cddddd62717e52c Validity Not Before: Jan 1 00:17:45 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=295fa45e26b1d1bad659e4190c404a40843b963d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:7c:9b:07:00:a0:96:4a:40:2c:c9:3c:a8:a6: 70:ee:63:2f:92:95:ed:ba:47:3e:8e:6f:97:27:4b: f3:0d:22:7c:80:d2:49:40:e9:73:f2:b5:d1:41:ce: 3f:cd:5f:25:22:22:02:20:45:34:02:9d:c2:af:98: 0b:9f:ba:58:b6:22:49:da:fc:70:a0:53:f1:33:5b: fd:dd:e4:0f:ed:5b:48:78:19:ae:a8:0d:84:4d:22: 52:51:7c:c1:01:57:f2:67:c4:c3:c6:bb:bb:0c:90: 31:ed:90:52:89:8c:21:a0:60:ef:a4:ac:4f:31:87: d6:6d:45:60:b2:ba:3e:fa:3b:a8:79:02:52:c7:88: ac:56:f9:2b:14:66:a0:2f:83:76:e6:14:a2:db:b2: 3c:c1:fc:f0:42:4f:ed:aa:cd:90:03:fc:e0:0d:d7: 8a:be:a6:de:79:3d:a0:0f:7d:3b:3f:c1:2e:51:3d: 60:57:5f:c8:98:92:80:c6:ed:5e:f1:d3:88:b2:da: 60:43:ef:1a:94:2b:a2:03:dd:87:d0:9e:4c:33:70: 7b:3a:66:49:f6:17:ac:fe:fa:07:8e:59:5b:bc:3e: fa:ec:f3:1c:2e:84:e4:86:b1:13:b3:9f:02:30:62: 07:d8:d2:90:d7:34:18:c1:43:c7:84:19:e2:7e:4c: 4d:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:5F:A4:5E:26:B1:D1:BA:D6:59:E4:19:0C:40:4A:40:84:3B:96:3D X509v3 Authority Key Identifier: keyid:DA:8F:05:E3:84:35:17:CF:09:71:C2:BF:9C:DD:DD:D6:27:17:E5:2C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2o8F44Q1F88JccK_nN3d1icX5Sw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/KV-kXiax0brWWeQZDEBKQIQ7lj0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/2o8F44Q1F88JccK_nN3d1icX5Sw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 138.124.0.0-138.124.4.255 138.124.10.0/24 138.124.15.0-138.124.16.255 138.124.19.0-138.124.20.255 138.124.30.0/23 138.124.68.0-138.124.75.255 138.124.125.0/24 Signature Algorithm: sha256WithRSAEncryption cc:0b:b1:b5:a8:09:67:8c:7a:41:5b:8b:3f:74:4b:4f:55:7d: bd:b8:04:38:0c:78:4f:3d:11:f1:14:aa:41:14:87:57:d9:58: d3:e1:93:bc:f2:e2:eb:40:7e:66:e6:7e:57:8b:b7:69:bb:39: a4:96:b3:82:42:91:06:b3:95:f1:7e:65:6a:26:4f:09:ee:93: 55:36:05:f1:07:00:01:c2:c0:8d:23:86:3e:75:7c:d5:73:e1: cc:9c:d7:8b:d2:1f:c8:3a:d1:2d:65:3b:93:fc:1a:6f:ee:1a: 5c:d9:88:33:93:f3:af:4b:ab:04:c0:f4:68:2c:d9:be:e9:5f: 64:10:25:49:76:32:e1:ae:17:c3:eb:dd:dc:cc:5f:af:7d:37: 05:46:a6:bd:37:f6:66:05:af:34:e3:5e:77:ed:ff:23:8a:c2: ec:06:86:92:6c:2f:07:db:07:6f:6a:46:99:4a:4e:bb:ed:db: 5e:ad:2b:05:3f:98:27:d8:84:d8:11:dd:50:bb:41:b5:b5:28: 2f:34:ae:ac:f3:40:33:b2:15:43:b2:06:c4:55:af:d2:3a:84: 59:e3:6e:3b:34:81:84:45:26:ae:54:41:94:6f:f0:49:46:1b: fb:d3:9e:6a:fe:70:c0:f6:43:eb:68:d7:c4:f7:c7:c1:f5:2f: 55:9f:2a:cd -----BEGIN CERTIFICATE----- MIIFQDCCBCigAwIBAgISAZt26urajaqjbDGiLI86dw9nMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRhOGYwNWUzODQzNTE3Y2YwOTcxYzJiZjljZGRkZGQ2Mjcx N2U1MmMwHhcNMjYwMTAxMDAxNzQ1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyOTVmYTQ1ZTI2YjFkMWJhZDY1OWU0MTkwYzQwNGE0MDg0M2I5NjNkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5nybBwCglkpALMk8qKZw7mMvkpXt ukc+jm+XJ0vzDSJ8gNJJQOlz8rXRQc4/zV8lIiICIEU0Ap3Cr5gLn7pYtiJJ2vxw oFPxM1v93eQP7VtIeBmuqA2ETSJSUXzBAVfyZ8TDxru7DJAx7ZBSiYwhoGDvpKxP MYfWbUVgsro++juoeQJSx4isVvkrFGagL4N25hSi27I8wfzwQk/tqs2QA/zgDdeK vqbeeT2gD307P8EuUT1gV1/ImJKAxu1e8dOIstpgQ+8alCuiA92H0J5MM3B7OmZJ 9hes/voHjllbvD767PMcLoTkhrETs58CMGIH2NKQ1zQYwUPHhBnifkxNfwIDAQAB o4ICTDCCAkgwHQYDVR0OBBYEFClfpF4msdG61lnkGQxASkCEO5Y9MB8GA1UdIwQY MBaAFNqPBeOENRfPCXHCv5zd3dYnF+UsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMm84RjQ0UTFGODhKY2NLX25OM2QxaWNYNVN3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iOTg4NGItNmZjNS00YjNlLWIxZTgt ZTAxZTk0MTI0Njc0LzEvS1Yta1hpYXgwYnJXV2VRWkRFQktRSVE3bGowLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Zi9iOTg4NGItNmZjNS00YjNlLWIxZTgtZTAxZTk0MTI0Njc0 LzEvMm84RjQ0UTFGODhKY2NLX25OM2QxaWNYNVN3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMGIGCCsGAQUFBwEHAQH/BFMwUTBPBAIAATBJMAsDAwKKfAME AIp8BAMEAIp8CjAMAwQAinwPAwQAinwQMAwDBACKfBMDBACKfBQDBAGKfB4wDAME Aop8RAMEAop8SAMEAIp8fTANBgkqhkiG9w0BAQsFAAOCAQEAzAuxtagJZ4x6QVuL P3RLT1V9vbgEOAx4Tz0R8RSqQRSHV9lY0+GTvPLi60B+ZuZ+V4u3abs5pJazgkKR BrOV8X5laiZPCe6TVTYF8QcAAcLAjSOGPnV81XPhzJzXi9IfyDrRLWU7k/wab+4a XNmIM5Pzr0urBMD0aCzZvulfZBAlSXYy4a4Xw+vd3Mxfr303BUamvTf2ZgWvNONe d+3/I4rC7AaGkmwvB9sHb2pGmUpOu+3bXq0rBT+YJ9iE2BHdULtBtbUoLzSurPNA M7IVQ7IGxFWv0jqEWeNuOzSBhEUmrlRBlG/wSUYb+9Oeav5wwPZD62jXxPfHwfUv VZ8qzQ== -----END CERTIFICATE-----Generated at Tue Jan 20 14:14:20 2026 by rpki-client