This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/e51322-0141-4d16-8168-b9fb53a2f03c/1/KBLYjGsoc6I_Jnk5DngPmO4ePQU.roa File: KBLYjGsoc6I_Jnk5DngPmO4ePQU.roa (raw, json) Hash identifier: XFoKkPbZxI2pK2o+bv+Ogt5LDh4mQTF9jwqVRi7HCtM= Subject key identifier: 28:12:D8:8C:6B:28:73:A2:3F:26:79:39:0E:78:0F:98:EE:1E:3D:05 Certificate issuer: /CN=d0ce1b9ffb2e73d2c97f0893063cabb2cb746790 Certificate serial: 019B7F850B599AD4086A23822A5D71D08A09 Authority key identifier: D0:CE:1B:9F:FB:2E:73:D2:C9:7F:08:93:06:3C:AB:B2:CB:74:67:90 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0M4bn_suc9LJfwiTBjyrsst0Z5A.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/e51322-0141-4d16-8168-b9fb53a2f03c/1/KBLYjGsoc6I_Jnk5DngPmO4ePQU.roa Signing time: Fri 02 Jan 2026 16:23:04 +0000 ROA not before: Fri 02 Jan 2026 16:23:04 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 44746 IP address blocks: 91.202.156.0/22 maxlen: 22 91.214.88.0/22 maxlen: 22 185.19.252.0/22 maxlen: 22 2a05:b880::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/74/e51322-0141-4d16-8168-b9fb53a2f03c/1/0M4bn_suc9LJfwiTBjyrsst0Z5A.crl rsync://rpki.ripe.net/repository/DEFAULT/74/e51322-0141-4d16-8168-b9fb53a2f03c/1/0M4bn_suc9LJfwiTBjyrsst0Z5A.mft rsync://rpki.ripe.net/repository/DEFAULT/0M4bn_suc9LJfwiTBjyrsst0Z5A.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:85:0b:59:9a:d4:08:6a:23:82:2a:5d:71:d0:8a:09 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d0ce1b9ffb2e73d2c97f0893063cabb2cb746790 Validity Not Before: Jan 2 16:23:04 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=2812d88c6b2873a23f2679390e780f98ee1e3d05 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:15:08:f1:ee:3e:f7:02:c6:48:62:35:1e:e1: 14:e2:87:88:d6:a3:5f:bb:87:99:10:c2:af:50:bc: 04:1c:ba:49:92:b4:3b:2c:e5:be:72:43:8b:ab:a7: 5e:93:10:4c:1e:46:68:ac:81:1b:0a:b3:dd:c5:bc: 29:9e:7d:d3:c7:ef:59:2e:4b:cc:7e:69:bc:ec:7d: e4:76:cc:71:84:c0:f4:64:67:87:6d:ca:45:42:33: bd:aa:6b:d0:e6:4d:00:fd:9b:df:52:f6:28:1b:89: 2e:8e:7a:9f:a4:0a:2b:88:5d:04:6a:83:31:98:44: 0b:07:cc:ae:11:5d:30:4c:4e:5c:2a:11:14:ea:ac: a1:a3:a1:5c:4a:38:3c:51:00:70:d2:b1:5c:9e:9d: 13:19:ab:2f:b5:f3:af:0c:31:6f:30:9b:8a:86:b0: c7:10:cb:85:2b:8c:0c:bc:0a:16:d0:28:d6:87:cb: ad:63:c1:92:51:73:7d:2f:29:15:21:3a:60:ee:16: b7:e6:95:31:d2:54:72:db:ce:11:b5:4d:f7:2a:0c: 33:52:5c:e8:93:4f:17:e6:88:05:3c:88:4a:e0:65: 97:bc:58:ae:b4:e8:ce:74:8e:b0:82:56:a1:21:22: 1d:ba:1f:a1:a4:60:44:44:3e:b2:a1:ee:bc:ae:f3: 4f:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:12:D8:8C:6B:28:73:A2:3F:26:79:39:0E:78:0F:98:EE:1E:3D:05 X509v3 Authority Key Identifier: keyid:D0:CE:1B:9F:FB:2E:73:D2:C9:7F:08:93:06:3C:AB:B2:CB:74:67:90 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0M4bn_suc9LJfwiTBjyrsst0Z5A.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/e51322-0141-4d16-8168-b9fb53a2f03c/1/KBLYjGsoc6I_Jnk5DngPmO4ePQU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/74/e51322-0141-4d16-8168-b9fb53a2f03c/1/0M4bn_suc9LJfwiTBjyrsst0Z5A.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.202.156.0/22 91.214.88.0/22 185.19.252.0/22 IPv6: 2a05:b880::/29 Signature Algorithm: sha256WithRSAEncryption 2a:ce:f7:38:92:a2:6c:a8:59:df:38:17:76:13:37:ab:c0:51: 30:11:14:f0:ab:e9:fe:28:99:d4:e1:56:4a:5a:ea:db:f1:43: 0c:e2:8c:9e:00:79:fa:4b:51:c9:38:bd:1b:d2:67:f2:b0:a6: da:a5:a0:75:7e:46:9d:1b:cb:b1:54:b8:e3:88:9a:c4:54:28: 35:c0:e2:ef:86:91:f0:0e:f5:9f:8c:cf:8a:1f:3d:16:a3:db: 08:c8:b4:69:c7:2e:25:b1:53:12:32:78:ef:29:63:e9:ba:80: be:c1:d8:4e:c6:8a:0a:18:1b:d1:83:13:33:06:88:d9:78:2f: 3e:39:3f:d7:21:87:fc:47:0d:89:e7:13:2b:54:b6:d4:c4:04: d1:38:eb:91:40:fc:cb:a4:a6:aa:c6:b0:e1:01:12:cf:7f:85: 20:89:d5:ca:aa:90:58:18:1e:6f:b1:0c:43:74:5a:db:10:b5: 10:2a:ea:3b:c5:fc:66:f6:cb:f6:68:ec:95:27:fa:68:6b:17: 10:94:ee:4f:03:f9:47:82:78:28:a9:45:ab:9e:25:70:4a:53: ad:8c:c7:41:12:88:66:59:f2:34:c3:a2:01:dc:b0:f8:62:77: 3d:52:e1:59:63:a1:43:55:59:d3:96:0e:3f:a1:c8:1c:d8:a1: f8:a2:c0:3d -----BEGIN CERTIFICATE----- MIIFGDCCBACgAwIBAgISAZt/hQtZmtQIaiOCKl1x0IoJMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQwY2UxYjlmZmIyZTczZDJjOTdmMDg5MzA2M2NhYmIyY2I3 NDY3OTAwHhcNMjYwMTAyMTYyMzA0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyODEyZDg4YzZiMjg3M2EyM2YyNjc5MzkwZTc4MGY5OGVlMWUzZDA1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0xUI8e4+9wLGSGI1HuEU4oeI1qNf u4eZEMKvULwEHLpJkrQ7LOW+ckOLq6dekxBMHkZorIEbCrPdxbwpnn3Tx+9ZLkvM fmm87H3kdsxxhMD0ZGeHbcpFQjO9qmvQ5k0A/ZvfUvYoG4kujnqfpAoriF0EaoMx mEQLB8yuEV0wTE5cKhEU6qyho6FcSjg8UQBw0rFcnp0TGasvtfOvDDFvMJuKhrDH EMuFK4wMvAoW0CjWh8utY8GSUXN9LykVITpg7ha35pUx0lRy284RtU33KgwzUlzo k08X5ogFPIhK4GWXvFiutOjOdI6wglahISIduh+hpGBERD6yoe68rvNPCQIDAQAB o4ICJDCCAiAwHQYDVR0OBBYEFCgS2IxrKHOiPyZ5OQ54D5juHj0FMB8GA1UdIwQY MBaAFNDOG5/7LnPSyX8IkwY8q7LLdGeQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvME00Ym5fc3VjOUxKZndpVEJqeXJzc3QwWjVBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC9lNTEzMjItMDE0MS00ZDE2LTgxNjgt YjlmYjUzYTJmMDNjLzEvS0JMWWpHc29jNklfSm5rNURuZ1BtTzRlUFFVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83NC9lNTEzMjItMDE0MS00ZDE2LTgxNjgtYjlmYjUzYTJmMDNj LzEvME00Ym5fc3VjOUxKZndpVEJqeXJzc3QwWjVBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCW8qcAwQC W9ZYAwQCuRP8MA0EAgACMAcDBQMqBbiAMA0GCSqGSIb3DQEBCwUAA4IBAQAqzvc4 kqJsqFnfOBd2EzerwFEwERTwq+n+KJnU4VZKWurb8UMM4oyeAHn6S1HJOL0b0mfy sKbapaB1fkadG8uxVLjjiJrEVCg1wOLvhpHwDvWfjM+KHz0Wo9sIyLRpxy4lsVMS MnjvKWPpuoC+wdhOxooKGBvRgxMzBojZeC8+OT/XIYf8Rw2J5xMrVLbUxATROOuR QPzLpKaqxrDhARLPf4UgidXKqpBYGB5vsQxDdFrbELUQKuo7xfxm9sv2aOyVJ/po axcQlO5PA/lHgngoqUWrniVwSlOtjMdBEohmWfI0w6IB3LD4Ync9UuFZY6FDVVnT lg4/ocgc2KH4osA9 -----END CERTIFICATE-----Generated at Tue Feb 10 00:13:28 2026 by rpki-client