This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/de1e7c-7d74-4ccc-9c6c-d163b5499e68/1/kfXp6PWz1OVCq-MHROwaEPF9wAg.roa File: kfXp6PWz1OVCq-MHROwaEPF9wAg.roa (raw, json) Hash identifier: BizfokTf2mZNuGQvMfl1UgLcNIjIH9XqdrYWnU3/uU4= Subject key identifier: 91:F5:E9:E8:F5:B3:D4:E5:42:AB:E3:07:44:EC:1A:10:F1:7D:C0:08 Certificate issuer: /CN=7ba289ebe93351236a5580eb5b70102cf3f11dfc Certificate serial: 019B79ECD891266A967D773D6BE6A43A8498 Authority key identifier: 7B:A2:89:EB:E9:33:51:23:6A:55:80:EB:5B:70:10:2C:F3:F1:1D:FC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e6KJ6-kzUSNqVYDrW3AQLPPxHfw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/de1e7c-7d74-4ccc-9c6c-d163b5499e68/1/kfXp6PWz1OVCq-MHROwaEPF9wAg.roa Signing time: Thu 01 Jan 2026 14:18:43 +0000 ROA not before: Thu 01 Jan 2026 14:18:43 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 6461 IP address blocks: 91.197.228.0/22 maxlen: 24 185.181.116.0/22 maxlen: 24 2a0a:cb80::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/de1e7c-7d74-4ccc-9c6c-d163b5499e68/1/e6KJ6-kzUSNqVYDrW3AQLPPxHfw.crl rsync://rpki.ripe.net/repository/DEFAULT/70/de1e7c-7d74-4ccc-9c6c-d163b5499e68/1/e6KJ6-kzUSNqVYDrW3AQLPPxHfw.mft rsync://rpki.ripe.net/repository/DEFAULT/e6KJ6-kzUSNqVYDrW3AQLPPxHfw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 18:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:ec:d8:91:26:6a:96:7d:77:3d:6b:e6:a4:3a:84:98 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7ba289ebe93351236a5580eb5b70102cf3f11dfc Validity Not Before: Jan 1 14:18:43 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=91f5e9e8f5b3d4e542abe30744ec1a10f17dc008 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:b1:eb:41:1c:91:82:3f:28:bb:41:38:26:63: 76:c5:cf:67:bf:b4:58:01:cc:9e:61:7e:8f:fb:a7: 4c:05:0b:fc:c9:00:40:bc:24:e1:1d:57:e9:69:df: c9:2f:b1:2d:6a:5e:bd:0a:d1:9f:f8:73:88:04:02: 63:29:14:e7:c8:5c:50:b2:0a:69:22:3c:7e:14:ef: 7f:4b:72:d1:98:8f:d5:f4:ea:94:32:85:cf:e6:be: 73:fe:9e:ff:01:46:d4:00:1e:c7:64:1e:12:92:10: 6b:1d:75:c7:dd:98:34:c0:1f:9a:03:21:73:1e:c2: 6d:0f:ea:79:d3:53:58:5c:7a:f1:fc:9d:3d:05:df: 6a:7f:95:cc:d5:ff:c7:ca:19:74:d8:06:79:03:3c: d2:53:48:3b:b3:ed:6a:3c:49:61:22:17:00:44:05: cd:5c:79:2d:78:ae:43:4b:7c:a2:9e:37:0d:ad:64: 0b:25:41:77:11:ed:2d:80:33:2b:31:aa:cc:44:45: 0b:dc:85:5f:44:19:ac:85:bf:f2:54:ce:cc:31:92: 20:f7:07:8f:01:8e:95:b9:d4:b0:82:89:9f:98:b2: 03:24:32:5a:00:dc:70:d6:fa:c5:03:b2:7e:03:ba: 00:03:e7:b5:3d:32:c5:1e:3b:6e:85:39:2e:81:e9: b1:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 91:F5:E9:E8:F5:B3:D4:E5:42:AB:E3:07:44:EC:1A:10:F1:7D:C0:08 X509v3 Authority Key Identifier: keyid:7B:A2:89:EB:E9:33:51:23:6A:55:80:EB:5B:70:10:2C:F3:F1:1D:FC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6KJ6-kzUSNqVYDrW3AQLPPxHfw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/de1e7c-7d74-4ccc-9c6c-d163b5499e68/1/kfXp6PWz1OVCq-MHROwaEPF9wAg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/70/de1e7c-7d74-4ccc-9c6c-d163b5499e68/1/e6KJ6-kzUSNqVYDrW3AQLPPxHfw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.197.228.0/22 185.181.116.0/22 IPv6: 2a0a:cb80::/32 Signature Algorithm: sha256WithRSAEncryption 4d:42:0d:77:90:2f:e3:78:23:b8:58:44:8f:55:7b:66:7c:0f: 77:40:3b:25:aa:c3:11:08:d7:f4:06:90:95:eb:c5:c1:d6:3e: 61:2b:90:00:9f:3f:84:6d:95:e2:aa:c4:6f:22:11:bc:07:4b: 6e:4c:9c:fb:21:31:d2:5a:15:82:29:a0:90:ce:e5:1a:c6:f0: ce:3b:98:7b:73:c6:6d:e2:6f:73:d2:44:8a:8e:ba:b1:05:01: e9:5b:85:55:f6:a5:4c:4d:91:ec:38:13:e3:ec:f1:ef:f4:f8: d2:52:b8:20:c2:81:0a:94:6b:e0:d4:91:eb:66:36:13:54:41: f1:66:6b:e6:39:48:1a:97:f9:24:67:0b:d7:86:dc:c1:ff:9e: 34:28:b5:96:18:54:70:a2:51:ad:68:22:d1:a4:cc:5c:58:bc: 91:6f:6c:ee:66:5f:28:07:8d:84:89:ed:f8:6d:bc:3f:ab:b2: 06:60:c6:05:55:0b:2c:ad:5f:37:83:56:c3:e1:80:cd:9c:8d: 9c:df:53:5b:72:27:c1:0b:59:6d:26:37:6d:ff:f7:57:e5:82: e2:54:18:98:6b:98:3b:2d:da:6c:f8:52:5d:bc:74:93:23:bd: 7d:eb:fe:d5:03:bf:f1:96:2e:b4:75:af:90:d4:29:d3:48:4f: b4:c2:bd:02 -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt57NiRJmqWfXc9a+akOoSYMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDdiYTI4OWViZTkzMzUxMjM2YTU1ODBlYjViNzAxMDJjZjNm MTFkZmMwHhcNMjYwMTAxMTQxODQzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5MWY1ZTllOGY1YjNkNGU1NDJhYmUzMDc0NGVjMWExMGYxN2RjMDA4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvLHrQRyRgj8ou0E4JmN2xc9nv7RY AcyeYX6P+6dMBQv8yQBAvCThHVfpad/JL7Etal69CtGf+HOIBAJjKRTnyFxQsgpp Ijx+FO9/S3LRmI/V9OqUMoXP5r5z/p7/AUbUAB7HZB4SkhBrHXXH3Zg0wB+aAyFz HsJtD+p501NYXHrx/J09Bd9qf5XM1f/Hyhl02AZ5AzzSU0g7s+1qPElhIhcARAXN XHkteK5DS3yinjcNrWQLJUF3Ee0tgDMrMarMREUL3IVfRBmshb/yVM7MMZIg9weP AY6VudSwgomfmLIDJDJaANxw1vrFA7J+A7oAA+e1PTLFHjtuhTkugemxSQIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFJH16ej1s9TlQqvjB0TsGhDxfcAIMB8GA1UdIwQY MBaAFHuiievpM1EjalWA61twECzz8R38MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZTZLSjYta3pVU05xVllEclczQVFMUFB4SGZ3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC9kZTFlN2MtN2Q3NC00Y2NjLTljNmMt ZDE2M2I1NDk5ZTY4LzEva2ZYcDZQV3oxT1ZDcS1NSFJPd2FFUEY5d0FnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83MC9kZTFlN2MtN2Q3NC00Y2NjLTljNmMtZDE2M2I1NDk5ZTY4 LzEvZTZLSjYta3pVU05xVllEclczQVFMUFB4SGZ3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCW8XkAwQC ubV0MA0EAgACMAcDBQAqCsuAMA0GCSqGSIb3DQEBCwUAA4IBAQBNQg13kC/jeCO4 WESPVXtmfA93QDslqsMRCNf0BpCV68XB1j5hK5AAnz+EbZXiqsRvIhG8B0tuTJz7 ITHSWhWCKaCQzuUaxvDOO5h7c8Zt4m9z0kSKjrqxBQHpW4VV9qVMTZHsOBPj7PHv 9PjSUrggwoEKlGvg1JHrZjYTVEHxZmvmOUgal/kkZwvXhtzB/540KLWWGFRwolGt aCLRpMxcWLyRb2zuZl8oB42Eie34bbw/q7IGYMYFVQssrV83g1bD4YDNnI2c31Nb cifBC1ltJjdt//dX5YLiVBiYa5g7Ldps+FJdvHSTI7196/7VA7/xli60da+Q1CnT SE+0wr0C -----END CERTIFICATE-----Generated at Tue Jan 20 01:20:48 2026 by rpki-client