This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/980d6e-8a99-4260-8064-44ab689e1d4d/1/kdynGbVCfrX7taXPDAQYXxgdJOc.roa File: kdynGbVCfrX7taXPDAQYXxgdJOc.roa (raw, json) Hash identifier: LcVr7TXvsztqYmXz4cnlZ4MErzCnE6APP7PbSjuF4fc= Subject key identifier: 91:DC:A7:19:B5:42:7E:B5:FB:B5:A5:CF:0C:04:18:5F:18:1D:24:E7 Certificate issuer: /CN=64b31dcd6bb5308029c4273230514f726b1b86ba Certificate serial: 019B7F15367999C2B1584C77DE238BD05BB6 Authority key identifier: 64:B3:1D:CD:6B:B5:30:80:29:C4:27:32:30:51:4F:72:6B:1B:86:BA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZLMdzWu1MIApxCcyMFFPcmsbhro.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/980d6e-8a99-4260-8064-44ab689e1d4d/1/kdynGbVCfrX7taXPDAQYXxgdJOc.roa Signing time: Fri 02 Jan 2026 14:20:55 +0000 ROA not before: Fri 02 Jan 2026 14:20:55 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 135391 IP address blocks: 185.232.56.0/24 maxlen: 24 185.232.57.0/24 maxlen: 24 185.232.58.0/24 maxlen: 24 185.232.59.0/24 maxlen: 24 2a0d:5300::/40 maxlen: 40 2a0d:5300:100::/40 maxlen: 40 2a0d:5300:200::/40 maxlen: 40 2a0d:5300:300::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/67/980d6e-8a99-4260-8064-44ab689e1d4d/1/ZLMdzWu1MIApxCcyMFFPcmsbhro.crl rsync://rpki.ripe.net/repository/DEFAULT/67/980d6e-8a99-4260-8064-44ab689e1d4d/1/ZLMdzWu1MIApxCcyMFFPcmsbhro.mft rsync://rpki.ripe.net/repository/DEFAULT/ZLMdzWu1MIApxCcyMFFPcmsbhro.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 08 Jan 2026 11:00:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:15:36:79:99:c2:b1:58:4c:77:de:23:8b:d0:5b:b6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=64b31dcd6bb5308029c4273230514f726b1b86ba Validity Not Before: Jan 2 14:20:55 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=91dca719b5427eb5fbb5a5cf0c04185f181d24e7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:42:36:85:70:8f:c4:41:bc:03:9f:8a:5d:b6: 7b:4b:4e:ef:3a:50:44:8f:ca:6a:10:04:c3:37:ca: a1:ef:87:0e:15:37:6b:4b:af:c0:59:f2:8f:8d:d9: 87:49:98:b5:a5:60:c4:70:17:6c:f0:86:57:0b:e6: 73:f0:78:fd:ae:1d:8c:3b:54:a4:e3:c2:6c:ba:2b: 53:0d:0b:7c:af:50:9d:ee:15:d1:6d:73:a7:35:5c: f3:c3:11:22:db:df:2b:6c:0e:a2:c9:30:30:f6:3c: a1:0d:05:93:05:70:af:75:4b:bb:ac:21:fa:2e:5b: 53:4b:4c:ca:85:25:e0:95:29:cb:cb:ea:77:d5:8b: 86:4a:4b:72:63:04:34:36:ae:6d:21:14:74:5c:4e: 74:fd:91:b0:6e:b3:69:26:d7:cc:d6:5a:72:7e:86: 79:0e:15:50:43:e8:13:ce:af:ce:86:5c:70:48:43: 0d:df:9f:84:03:5c:5a:32:50:c2:58:43:83:08:54: 32:38:a9:8a:35:8d:c9:b7:32:91:b2:04:9b:10:5d: 69:d4:18:cc:2c:df:e3:8e:05:dc:16:c5:7b:a9:9d: d1:be:81:e9:c5:54:cc:67:91:e2:f9:e6:e4:43:b5: 91:cb:f6:14:55:df:18:f4:b4:2f:da:a3:93:a3:54: bb:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 91:DC:A7:19:B5:42:7E:B5:FB:B5:A5:CF:0C:04:18:5F:18:1D:24:E7 X509v3 Authority Key Identifier: keyid:64:B3:1D:CD:6B:B5:30:80:29:C4:27:32:30:51:4F:72:6B:1B:86:BA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZLMdzWu1MIApxCcyMFFPcmsbhro.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/980d6e-8a99-4260-8064-44ab689e1d4d/1/kdynGbVCfrX7taXPDAQYXxgdJOc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/67/980d6e-8a99-4260-8064-44ab689e1d4d/1/ZLMdzWu1MIApxCcyMFFPcmsbhro.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.232.56.0/22 IPv6: 2a0d:5300::/38 Signature Algorithm: sha256WithRSAEncryption 1c:15:d7:aa:fe:9b:34:c4:21:4a:12:85:b8:36:f7:7d:51:05: 3b:55:dc:ac:2b:07:dd:b4:9b:cd:78:11:58:2f:15:c5:c4:ba: df:a9:f3:60:4f:26:66:bd:8b:ae:85:79:a1:18:e4:7a:b1:4d: 78:50:66:d0:64:d3:aa:5d:e0:b2:87:0f:91:12:f1:bd:7e:ed: 96:af:87:a3:03:03:09:9b:87:27:4c:77:e4:e4:6b:6e:b3:a4: 52:61:ef:4c:e1:88:9b:0a:7b:a6:ed:e0:70:11:9f:da:2a:94: b1:b1:32:34:fd:40:91:6e:ce:b0:a4:8f:ec:ba:23:2a:03:d4: bc:3d:90:25:7c:35:ea:d5:cb:a4:2d:72:6d:53:3b:4d:00:b9: 82:ac:c0:71:96:a7:e5:4b:73:25:a2:7d:d6:6b:14:09:71:c0: e1:57:4b:73:e6:e7:4f:9e:93:4e:b8:2e:7e:85:14:c5:70:de: bf:a5:2b:99:ac:79:25:c9:7a:2b:fc:6a:38:36:80:d7:13:19: eb:4a:82:0f:25:f3:74:1e:09:0e:9c:63:1c:d5:8f:2d:00:62: c8:c3:43:78:9f:cd:d3:0e:7d:44:75:49:ad:46:24:2d:7f:cd: 1a:9d:97:7f:b0:d5:96:83:76:53:7e:56:da:f2:0e:ee:a5:ac: 07:dd:92:6a -----BEGIN CERTIFICATE----- MIIFDTCCA/WgAwIBAgISAZt/FTZ5mcKxWEx33iOL0Fu2MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY0YjMxZGNkNmJiNTMwODAyOWM0MjczMjMwNTE0ZjcyNmIx Yjg2YmEwHhcNMjYwMTAyMTQyMDU1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5MWRjYTcxOWI1NDI3ZWI1ZmJiNWE1Y2YwYzA0MTg1ZjE4MWQyNGU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs0I2hXCPxEG8A5+KXbZ7S07vOlBE j8pqEATDN8qh74cOFTdrS6/AWfKPjdmHSZi1pWDEcBds8IZXC+Zz8Hj9rh2MO1Sk 48JsuitTDQt8r1Cd7hXRbXOnNVzzwxEi298rbA6iyTAw9jyhDQWTBXCvdUu7rCH6 LltTS0zKhSXglSnLy+p31YuGSktyYwQ0Nq5tIRR0XE50/ZGwbrNpJtfM1lpyfoZ5 DhVQQ+gTzq/OhlxwSEMN35+EA1xaMlDCWEODCFQyOKmKNY3JtzKRsgSbEF1p1BjM LN/jjgXcFsV7qZ3RvoHpxVTMZ5Hi+ebkQ7WRy/YUVd8Y9LQv2qOTo1S7yQIDAQAB o4ICGTCCAhUwHQYDVR0OBBYEFJHcpxm1Qn61+7WlzwwEGF8YHSTnMB8GA1UdIwQY MBaAFGSzHc1rtTCAKcQnMjBRT3JrG4a6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWkxNZHpXdTFNSUFweENjeU1GRlBjbXNiaHJvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny85ODBkNmUtOGE5OS00MjYwLTgwNjQt NDRhYjY4OWUxZDRkLzEva2R5bkdiVkNmclg3dGFYUERBUVlYeGdkSk9jLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Ny85ODBkNmUtOGE5OS00MjYwLTgwNjQtNDRhYjY4OWUxZDRk LzEvWkxNZHpXdTFNSUFweENjeU1GRlBjbXNiaHJvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQCueg4MA4E AgACMAgDBgIqDVMAADANBgkqhkiG9w0BAQsFAAOCAQEAHBXXqv6bNMQhShKFuDb3 fVEFO1XcrCsH3bSbzXgRWC8VxcS636nzYE8mZr2LroV5oRjkerFNeFBm0GTTql3g socPkRLxvX7tlq+HowMDCZuHJ0x35ORrbrOkUmHvTOGImwp7pu3gcBGf2iqUsbEy NP1AkW7OsKSP7LojKgPUvD2QJXw16tXLpC1ybVM7TQC5gqzAcZan5UtzJaJ91msU CXHA4VdLc+bnT56TTrgufoUUxXDev6Urmax5Jcl6K/xqODaA1xMZ60qCDyXzdB4J DpxjHNWPLQBiyMNDeJ/N0w59RHVJrUYkLX/NGp2Xf7DVloN2U35W2vIO7qWsB92S ag== -----END CERTIFICATE-----Generated at Wed Jan 7 14:41:04 2026 by rpki-client