This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/a0d674-87b6-4318-bed2-267547ea1e35/1/K_L02ygxWP1iEq4feCmKwUc-f_I.roa File: K_L02ygxWP1iEq4feCmKwUc-f_I.roa (raw, json) Hash identifier: 7BqwctA7sfIPSXcYea3BP+4rzmnGuO4NUJM5EyZPoUY= Subject key identifier: 2B:F2:F4:DB:28:31:58:FD:62:12:AE:1F:78:29:8A:C1:47:3E:7F:F2 Certificate issuer: /CN=28b0ff7998ca8854ce7c475a972ed1d52a5c60cd Certificate serial: 019B7F849A17B554AD2A057F481146CFAC24 Authority key identifier: 28:B0:FF:79:98:CA:88:54:CE:7C:47:5A:97:2E:D1:D5:2A:5C:60:CD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KLD_eZjKiFTOfEdaly7R1SpcYM0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/a0d674-87b6-4318-bed2-267547ea1e35/1/K_L02ygxWP1iEq4feCmKwUc-f_I.roa Signing time: Fri 02 Jan 2026 16:22:35 +0000 ROA not before: Fri 02 Jan 2026 16:22:35 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 14618 IP address blocks: 185.119.221.0/24 maxlen: 24 185.119.223.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/a0d674-87b6-4318-bed2-267547ea1e35/1/KLD_eZjKiFTOfEdaly7R1SpcYM0.crl rsync://rpki.ripe.net/repository/DEFAULT/8e/a0d674-87b6-4318-bed2-267547ea1e35/1/KLD_eZjKiFTOfEdaly7R1SpcYM0.mft rsync://rpki.ripe.net/repository/DEFAULT/KLD_eZjKiFTOfEdaly7R1SpcYM0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 08 Jan 2026 15:30:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:84:9a:17:b5:54:ad:2a:05:7f:48:11:46:cf:ac:24 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=28b0ff7998ca8854ce7c475a972ed1d52a5c60cd Validity Not Before: Jan 2 16:22:35 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=2bf2f4db283158fd6212ae1f78298ac1473e7ff2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:b5:4f:2f:c9:88:36:0b:86:9b:d9:99:5e:1f: 2e:33:a6:63:58:d5:a0:1c:50:f4:3f:ea:f9:1d:07: ac:9d:96:44:a8:1b:fa:64:b9:57:ef:da:61:48:5b: a3:90:4c:34:0e:88:ab:21:51:f4:5e:91:22:82:f5: 6e:9f:08:77:1f:af:85:b9:08:68:94:33:8d:9a:6c: 5a:d8:f5:8a:89:70:c4:98:5e:1e:1f:1d:6e:89:31: 2f:a7:3e:6f:4f:f2:84:cc:0c:cb:5a:d8:e7:cf:5e: a4:1a:c8:75:1d:21:62:b7:42:5f:a9:17:56:51:11: 53:56:1c:07:b2:2a:04:4d:64:14:f8:3a:17:c2:92: 06:9a:df:18:4b:8d:91:0c:ae:40:dc:8b:8b:2a:ab: a4:15:e5:86:56:3e:cb:70:fd:4b:36:5c:22:23:3f: 8e:fd:a9:9b:07:d1:65:24:a7:6c:33:e5:ef:0e:6a: 6e:c9:1b:e4:7e:6d:a6:00:a6:8f:c9:6d:d1:cf:5b: 1a:73:ae:0a:92:1c:9b:42:7c:56:68:41:8f:36:40: 55:22:9e:bb:98:b5:3b:9b:ca:02:92:b2:f6:bd:f0: 4f:2e:57:1e:e7:dd:b5:ba:1c:64:61:45:f9:85:83: 91:45:25:c8:e0:b1:f1:0a:05:f8:f5:10:47:8a:7b: 76:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2B:F2:F4:DB:28:31:58:FD:62:12:AE:1F:78:29:8A:C1:47:3E:7F:F2 X509v3 Authority Key Identifier: keyid:28:B0:FF:79:98:CA:88:54:CE:7C:47:5A:97:2E:D1:D5:2A:5C:60:CD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KLD_eZjKiFTOfEdaly7R1SpcYM0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/a0d674-87b6-4318-bed2-267547ea1e35/1/K_L02ygxWP1iEq4feCmKwUc-f_I.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/a0d674-87b6-4318-bed2-267547ea1e35/1/KLD_eZjKiFTOfEdaly7R1SpcYM0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.119.221.0/24 185.119.223.0/24 Signature Algorithm: sha256WithRSAEncryption 53:a3:be:8d:6e:05:fb:f4:aa:86:ef:27:87:1c:45:28:ec:c9: 36:da:41:16:49:cf:ff:e7:39:2c:0c:2b:b2:db:de:89:51:76: 86:cf:e2:c9:5f:f7:1e:02:ae:08:1c:78:38:e8:56:3f:04:89: 66:4b:28:c3:8c:38:24:84:3d:50:fa:ec:a6:10:e6:bf:34:97: 40:e9:bb:59:2a:d7:c0:3c:ec:66:80:6a:9a:98:0f:14:3e:9d: 9c:54:99:59:32:70:8c:27:ad:75:ab:8f:bd:5f:f6:9c:01:77: 5c:14:62:12:aa:7a:a5:06:6b:f7:90:9d:b1:e6:ea:6a:c9:f2: 61:2c:e6:48:61:2d:4d:a7:5e:38:74:00:56:22:7c:72:d7:e4: f0:e3:44:66:2f:62:3c:34:1a:87:73:03:0a:02:77:ef:bd:27: 8c:79:0c:f1:c9:70:41:86:45:1d:87:88:73:89:fc:75:cf:b2: fa:20:fa:1f:ff:91:28:78:1c:7d:59:ed:f0:cd:64:35:18:6e: ea:8b:f6:53:c2:39:26:af:54:8d:32:c0:d8:6c:7b:d3:03:0e: ea:7c:27:e3:a5:27:b9:8c:78:40:83:e2:0e:dd:d1:36:e6:a2: 34:e2:0b:a1:c1:db:56:80:e6:e3:33:f2:6c:91:35:4f:80:77: ed:b1:b5:7b -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt/hJoXtVStKgV/SBFGz6wkMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI4YjBmZjc5OThjYTg4NTRjZTdjNDc1YTk3MmVkMWQ1MmE1 YzYwY2QwHhcNMjYwMTAyMTYyMjM1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyYmYyZjRkYjI4MzE1OGZkNjIxMmFlMWY3ODI5OGFjMTQ3M2U3ZmYyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmbVPL8mINguGm9mZXh8uM6ZjWNWg HFD0P+r5HQesnZZEqBv6ZLlX79phSFujkEw0DoirIVH0XpEigvVunwh3H6+FuQho lDONmmxa2PWKiXDEmF4eHx1uiTEvpz5vT/KEzAzLWtjnz16kGsh1HSFit0JfqRdW URFTVhwHsioETWQU+DoXwpIGmt8YS42RDK5A3IuLKqukFeWGVj7LcP1LNlwiIz+O /ambB9FlJKdsM+XvDmpuyRvkfm2mAKaPyW3Rz1sac64KkhybQnxWaEGPNkBVIp67 mLU7m8oCkrL2vfBPLlce5921uhxkYUX5hYORRSXI4LHxCgX49RBHint23wIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFCvy9NsoMVj9YhKuH3gpisFHPn/yMB8GA1UdIwQY MBaAFCiw/3mYyohUznxHWpcu0dUqXGDNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS0xEX2VaaktpRlRPZkVkYWx5N1IxU3BjWU0wLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9hMGQ2NzQtODdiNi00MzE4LWJlZDIt MjY3NTQ3ZWExZTM1LzEvS19MMDJ5Z3hXUDFpRXE0ZmVDbUt3VWMtZl9JLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84ZS9hMGQ2NzQtODdiNi00MzE4LWJlZDItMjY3NTQ3ZWExZTM1 LzEvS0xEX2VaaktpRlRPZkVkYWx5N1IxU3BjWU0wLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuXfdAwQA uXffMA0GCSqGSIb3DQEBCwUAA4IBAQBTo76NbgX79KqG7yeHHEUo7Mk22kEWSc// 5zksDCuy296JUXaGz+LJX/ceAq4IHHg46FY/BIlmSyjDjDgkhD1Q+uymEOa/NJdA 6btZKtfAPOxmgGqamA8UPp2cVJlZMnCMJ611q4+9X/acAXdcFGISqnqlBmv3kJ2x 5upqyfJhLOZIYS1Np144dABWInxy1+Tw40RmL2I8NBqHcwMKAnfvvSeMeQzxyXBB hkUdh4hzifx1z7L6IPof/5EoeBx9We3wzWQ1GG7qi/ZTwjkmr1SNMsDYbHvTAw7q fCfjpSe5jHhAg+IO3dE25qI04guhwdtWgObjM/JskTVPgHftsbV7 -----END CERTIFICATE-----Generated at Wed Jan 7 23:48:00 2026 by rpki-client