This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/67a849-1106-45d0-b722-fe40a05aba7f/1/kgXtGX7XX872ZBmOaDQBG_SxnRk.roa File: kgXtGX7XX872ZBmOaDQBG_SxnRk.roa (raw, json) Hash identifier: +MHedL/253Pk+HAeX+TuqGjfyagOjaX7b4uRsR/dtbs= Subject key identifier: 92:05:ED:19:7E:D7:5F:CE:F6:64:19:8E:68:34:01:1B:F4:B1:9D:19 Certificate issuer: /CN=1da443c33de5ae43506fd2406b7653661c527334 Certificate serial: 019B7DCAFCD1C38FEEC7C77E6E148A1DC8EA Authority key identifier: 1D:A4:43:C3:3D:E5:AE:43:50:6F:D2:40:6B:76:53:66:1C:52:73:34 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HaRDwz3lrkNQb9JAa3ZTZhxSczQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/67a849-1106-45d0-b722-fe40a05aba7f/1/kgXtGX7XX872ZBmOaDQBG_SxnRk.roa Signing time: Fri 02 Jan 2026 08:20:13 +0000 ROA not before: Fri 02 Jan 2026 08:20:13 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 51331 IP address blocks: 188.246.114.0/24 maxlen: 24 188.246.115.0/24 maxlen: 24 188.246.116.0/22 maxlen: 22 188.246.116.0/24 maxlen: 24 188.246.117.0/24 maxlen: 24 188.246.118.0/24 maxlen: 24 188.246.119.0/24 maxlen: 24 2a00:c587:fd00::/40 maxlen: 40 2a00:c587:fe00::/40 maxlen: 40 2a00:c587:ff00::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/67a849-1106-45d0-b722-fe40a05aba7f/1/HaRDwz3lrkNQb9JAa3ZTZhxSczQ.crl rsync://rpki.ripe.net/repository/DEFAULT/8d/67a849-1106-45d0-b722-fe40a05aba7f/1/HaRDwz3lrkNQb9JAa3ZTZhxSczQ.mft rsync://rpki.ripe.net/repository/DEFAULT/HaRDwz3lrkNQb9JAa3ZTZhxSczQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 21:05:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:ca:fc:d1:c3:8f:ee:c7:c7:7e:6e:14:8a:1d:c8:ea Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1da443c33de5ae43506fd2406b7653661c527334 Validity Not Before: Jan 2 08:20:13 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=9205ed197ed75fcef664198e6834011bf4b19d19 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:63:97:8b:e1:62:be:a6:3c:74:97:f1:d1:b1: da:3c:0b:2c:23:b4:a6:3b:16:8d:e8:c7:45:20:8b: 26:4f:5f:9d:51:09:45:0a:64:92:bd:80:5c:75:ea: 75:e9:19:25:e9:b9:bc:f1:a5:0f:5d:cb:9f:65:46: 66:c3:04:51:56:48:66:c7:a3:e1:e8:13:48:8f:76: 3b:76:27:11:97:3d:f3:5c:3d:9b:8d:cd:72:93:c3: 96:42:df:dd:21:e4:14:12:07:a7:8c:89:71:d5:7f: 8a:dd:a6:27:2d:d1:ed:e4:3b:1b:ee:3b:64:ed:eb: 37:0b:32:41:6b:0e:a3:cb:cc:09:78:15:cb:27:b4: 07:9b:ec:01:4b:2b:1e:f0:e6:d8:ea:0a:d2:2d:c3: 99:40:39:b0:c1:6e:37:59:8f:6c:8c:d8:d9:3e:be: 86:d0:82:d7:9c:28:c3:ae:8c:b7:85:4c:f6:47:00: a2:44:c1:a9:73:22:df:51:69:f3:fa:ee:1d:59:cd: 6e:e1:96:4c:65:37:1d:6a:d0:09:e1:ac:58:a1:8c: 62:08:6e:45:37:e1:ed:05:e1:7b:e9:ff:fa:35:07: 50:e8:bb:fb:25:39:2f:7c:be:05:de:ba:a5:e9:b8: 88:c3:31:29:52:ac:83:9a:30:85:9f:04:9c:37:69: 7a:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 92:05:ED:19:7E:D7:5F:CE:F6:64:19:8E:68:34:01:1B:F4:B1:9D:19 X509v3 Authority Key Identifier: keyid:1D:A4:43:C3:3D:E5:AE:43:50:6F:D2:40:6B:76:53:66:1C:52:73:34 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HaRDwz3lrkNQb9JAa3ZTZhxSczQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/67a849-1106-45d0-b722-fe40a05aba7f/1/kgXtGX7XX872ZBmOaDQBG_SxnRk.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/67a849-1106-45d0-b722-fe40a05aba7f/1/HaRDwz3lrkNQb9JAa3ZTZhxSczQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 188.246.114.0-188.246.119.255 IPv6: 2a00:c587:fd00::-2a00:c587:ffff:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 1b:4e:67:16:41:cb:b8:4b:9c:b9:5a:79:18:8c:d8:27:1b:f2: 9f:c2:bd:49:db:a2:54:36:bc:c9:b6:f6:6d:12:92:d0:3b:45: 46:2f:4d:0a:b1:81:b9:cb:db:28:74:cb:ae:4d:62:3c:ff:74: 0c:ac:b9:bf:43:08:0d:d3:0e:cb:6e:92:40:73:3b:70:19:ab: 02:72:0e:90:6d:bf:b7:8d:d3:5f:73:dc:fd:50:ec:1e:a5:e1: 15:30:a2:9d:80:cf:56:b9:62:87:bb:52:f8:43:8f:fd:cd:ee: b9:4c:25:c5:a6:99:72:5d:fd:53:aa:c0:49:b3:58:a4:59:db: d8:7c:f7:11:f0:89:f1:e4:64:7f:cd:4d:33:03:9d:11:2b:d4: 03:a7:51:53:51:22:8c:49:a6:77:b4:63:12:ba:0f:0b:07:d6: 55:b6:c7:f1:18:e0:a5:43:68:73:d2:70:13:c0:b7:20:a5:77: 1c:de:87:90:4e:41:31:b0:27:c8:09:0a:82:08:82:14:46:5f: 59:19:b5:06:12:6d:08:e0:3a:5a:bf:96:89:62:eb:42:b8:b7: 2e:fe:6e:44:eb:63:7e:21:c1:d9:6a:29:69:5f:24:ce:30:65: 0b:3b:15:18:c2:de:b6:42:57:55:b8:53:de:27:58:45:69:8a: 57:7b:2a:c2 -----BEGIN CERTIFICATE----- MIIFHjCCBAagAwIBAgISAZt9yvzRw4/ux8d+bhSKHcjqMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFkYTQ0M2MzM2RlNWFlNDM1MDZmZDI0MDZiNzY1MzY2MWM1 MjczMzQwHhcNMjYwMTAyMDgyMDEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5MjA1ZWQxOTdlZDc1ZmNlZjY2NDE5OGU2ODM0MDExYmY0YjE5ZDE5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn2OXi+FivqY8dJfx0bHaPAssI7Sm OxaN6MdFIIsmT1+dUQlFCmSSvYBcdep16Rkl6bm88aUPXcufZUZmwwRRVkhmx6Ph 6BNIj3Y7dicRlz3zXD2bjc1yk8OWQt/dIeQUEgenjIlx1X+K3aYnLdHt5Dsb7jtk 7es3CzJBaw6jy8wJeBXLJ7QHm+wBSyse8ObY6grSLcOZQDmwwW43WY9sjNjZPr6G 0ILXnCjDroy3hUz2RwCiRMGpcyLfUWnz+u4dWc1u4ZZMZTcdatAJ4axYoYxiCG5F N+HtBeF76f/6NQdQ6Lv7JTkvfL4F3rql6biIwzEpUqyDmjCFnwScN2l6rQIDAQAB o4ICKjCCAiYwHQYDVR0OBBYEFJIF7Rl+11/O9mQZjmg0ARv0sZ0ZMB8GA1UdIwQY MBaAFB2kQ8M95a5DUG/SQGt2U2YcUnM0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSGFSRHd6M2xya05RYjlKQWEzWlRaaHhTY3pRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC82N2E4NDktMTEwNi00NWQwLWI3MjIt ZmU0MGEwNWFiYTdmLzEva2dYdEdYN1hYODcyWkJtT2FEUUJHX1N4blJrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84ZC82N2E4NDktMTEwNi00NWQwLWI3MjItZmU0MGEwNWFiYTdm LzEvSGFSRHd6M2xya05RYjlKQWEzWlRaaHhTY3pRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAUBAIAATAOMAwDBAG89nID BAO89nAwFwQCAAIwETAPAwYAKgDFh/0DBQMqAMWAMA0GCSqGSIb3DQEBCwUAA4IB AQAbTmcWQcu4S5y5WnkYjNgnG/Kfwr1J26JUNrzJtvZtEpLQO0VGL00KsYG5y9so dMuuTWI8/3QMrLm/QwgN0w7LbpJAcztwGasCcg6Qbb+3jdNfc9z9UOwepeEVMKKd gM9WuWKHu1L4Q4/9ze65TCXFpplyXf1TqsBJs1ikWdvYfPcR8Inx5GR/zU0zA50R K9QDp1FTUSKMSaZ3tGMSug8LB9ZVtsfxGOClQ2hz0nATwLcgpXcc3oeQTkExsCfI CQqCCIIURl9ZGbUGEm0I4Dpav5aJYutCuLcu/m5E62N+IcHZailpXyTOMGULOxUY wt62QldVuFPeJ1hFaYpXeyrC -----END CERTIFICATE-----Generated at Tue Feb 10 04:32:21 2026 by rpki-client