This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/439878-4a95-4478-8163-f370f04265a5/1/KTqLgw8eo-mzgCP7WPEbanHjWjU.roa File: KTqLgw8eo-mzgCP7WPEbanHjWjU.roa (raw, json) Hash identifier: CQn/2K4EIIaRAwMrCV20ReKfEOH3rokR++XishuQ6Ik= Subject key identifier: 29:3A:8B:83:0F:1E:A3:E9:B3:80:23:FB:58:F1:1B:6A:71:E3:5A:35 Certificate issuer: /CN=bcc860d954974dca91d5b347b63b22653667da6d Certificate serial: 019B791040929C073938CC879B950B2B21AE Authority key identifier: BC:C8:60:D9:54:97:4D:CA:91:D5:B3:47:B6:3B:22:65:36:67:DA:6D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vMhg2VSXTcqR1bNHtjsiZTZn2m0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/439878-4a95-4478-8163-f370f04265a5/1/KTqLgw8eo-mzgCP7WPEbanHjWjU.roa Signing time: Thu 01 Jan 2026 10:17:46 +0000 ROA not before: Thu 01 Jan 2026 10:17:46 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 199509 IP address blocks: 217.171.232.0/21 maxlen: 21 217.171.232.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/91/439878-4a95-4478-8163-f370f04265a5/1/vMhg2VSXTcqR1bNHtjsiZTZn2m0.crl rsync://rpki.ripe.net/repository/DEFAULT/91/439878-4a95-4478-8163-f370f04265a5/1/vMhg2VSXTcqR1bNHtjsiZTZn2m0.mft rsync://rpki.ripe.net/repository/DEFAULT/vMhg2VSXTcqR1bNHtjsiZTZn2m0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 19:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:10:40:92:9c:07:39:38:cc:87:9b:95:0b:2b:21:ae Signature Algorithm: sha256WithRSAEncryption Issuer: CN=bcc860d954974dca91d5b347b63b22653667da6d Validity Not Before: Jan 1 10:17:46 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=293a8b830f1ea3e9b38023fb58f11b6a71e35a35 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:95:33:e4:cc:84:1e:9f:47:43:b5:c6:99:f3: e2:72:f2:d6:48:b2:53:1a:d8:a5:72:4f:53:30:91: 8b:6c:16:9f:91:4c:dc:49:b4:d3:9f:84:58:09:6b: 9f:73:a3:94:3b:06:d8:41:a5:c9:ab:10:aa:a2:24: a3:a3:7c:5b:53:25:cc:2c:3a:19:58:c3:02:21:8e: b4:89:5e:df:ed:51:80:0d:a6:70:7e:b4:91:ab:a0: 02:f5:0f:92:ce:d8:ec:48:18:b1:75:bd:61:58:b6: ff:cf:75:61:71:57:f0:7f:8e:ad:0a:95:28:f1:45: e0:11:0a:a0:f8:6e:4c:74:1e:2f:d6:75:8c:79:e5: be:5b:a0:ff:95:d6:60:50:74:e7:8c:e8:e1:cd:a6: d0:b0:6c:a5:25:9b:c2:2b:79:92:e0:33:3e:5c:73: c7:8e:61:1c:b8:81:2d:68:96:bf:a1:c6:94:e4:3e: ae:39:40:1f:61:8a:ae:17:45:bd:cb:83:36:2d:0a: 46:c5:e4:86:c5:81:b3:d5:36:59:a1:92:a9:13:f0: 53:9c:0e:cf:b4:f5:39:87:28:57:57:cc:7f:34:80: f1:e4:e0:c8:84:c4:76:96:f5:a6:d8:bc:ef:8c:fb: d7:60:ee:18:5e:48:82:81:c2:f9:47:97:0c:24:07: 0e:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:3A:8B:83:0F:1E:A3:E9:B3:80:23:FB:58:F1:1B:6A:71:E3:5A:35 X509v3 Authority Key Identifier: keyid:BC:C8:60:D9:54:97:4D:CA:91:D5:B3:47:B6:3B:22:65:36:67:DA:6D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vMhg2VSXTcqR1bNHtjsiZTZn2m0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/439878-4a95-4478-8163-f370f04265a5/1/KTqLgw8eo-mzgCP7WPEbanHjWjU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/91/439878-4a95-4478-8163-f370f04265a5/1/vMhg2VSXTcqR1bNHtjsiZTZn2m0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 217.171.232.0/21 Signature Algorithm: sha256WithRSAEncryption 43:d0:1d:79:4c:00:13:31:69:1a:90:2d:c0:de:08:92:02:b8: ac:80:59:8f:14:c1:56:04:17:de:db:3c:ca:0d:91:d2:f0:c2: 8b:73:85:e0:5a:9f:48:ab:3f:90:f0:e7:81:a1:65:e0:48:1d: 0d:f0:cb:e7:59:29:2a:b2:34:58:30:09:07:44:26:58:88:71: 8c:93:67:ea:fe:c5:8a:86:2f:90:96:50:29:ba:b6:31:d2:45: 5d:1b:e1:22:00:31:7a:29:9b:77:29:43:4b:65:5f:d2:c4:1d: b2:cb:0c:bf:e8:b2:11:e0:1f:fc:8a:a3:bb:b0:f0:5a:8f:bc: eb:a6:ea:9e:8b:49:80:4d:8c:30:05:51:8f:ab:80:ef:f8:30: ac:d4:b0:df:28:6d:3c:b4:6d:f1:95:c2:f8:25:51:0a:6f:7a: e8:6e:cc:0d:3f:16:33:a3:99:03:84:ac:1c:8a:a2:94:73:6c: 9e:94:b6:8d:59:36:d5:2d:7a:48:6b:f1:fc:39:c0:17:24:f3: cc:d9:40:00:44:c3:7f:dd:c3:f6:61:3c:25:db:9f:eb:d3:dd: 10:b7:9c:11:ae:f4:9f:e1:12:68:9a:8f:2e:66:4a:3c:c7:8e: 17:7b:95:f9:94:75:4e:79:71:a6:75:5c:aa:7d:4a:30:99:1b: 62:43:88:f6 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt5EECSnAc5OMyHm5ULKyGuMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGJjYzg2MGQ5NTQ5NzRkY2E5MWQ1YjM0N2I2M2IyMjY1MzY2 N2RhNmQwHhcNMjYwMTAxMTAxNzQ2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyOTNhOGI4MzBmMWVhM2U5YjM4MDIzZmI1OGYxMWI2YTcxZTM1YTM1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq5Uz5MyEHp9HQ7XGmfPicvLWSLJT Gtilck9TMJGLbBafkUzcSbTTn4RYCWufc6OUOwbYQaXJqxCqoiSjo3xbUyXMLDoZ WMMCIY60iV7f7VGADaZwfrSRq6AC9Q+SztjsSBixdb1hWLb/z3VhcVfwf46tCpUo 8UXgEQqg+G5MdB4v1nWMeeW+W6D/ldZgUHTnjOjhzabQsGylJZvCK3mS4DM+XHPH jmEcuIEtaJa/ocaU5D6uOUAfYYquF0W9y4M2LQpGxeSGxYGz1TZZoZKpE/BTnA7P tPU5hyhXV8x/NIDx5ODIhMR2lvWm2LzvjPvXYO4YXkiCgcL5R5cMJAcOHQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFCk6i4MPHqPps4Aj+1jxG2px41o1MB8GA1UdIwQY MBaAFLzIYNlUl03KkdWzR7Y7ImU2Z9ptMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdk1oZzJWU1hUY3FSMWJOSHRqc2laVFpuMm0wLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS80Mzk4NzgtNGE5NS00NDc4LTgxNjMt ZjM3MGYwNDI2NWE1LzEvS1RxTGd3OGVvLW16Z0NQN1dQRWJhbkhqV2pVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85MS80Mzk4NzgtNGE5NS00NDc4LTgxNjMtZjM3MGYwNDI2NWE1 LzEvdk1oZzJWU1hUY3FSMWJOSHRqc2laVFpuMm0wLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQD2avoMA0G CSqGSIb3DQEBCwUAA4IBAQBD0B15TAATMWkakC3A3giSArisgFmPFMFWBBfe2zzK DZHS8MKLc4XgWp9Iqz+Q8OeBoWXgSB0N8MvnWSkqsjRYMAkHRCZYiHGMk2fq/sWK hi+QllApurYx0kVdG+EiADF6KZt3KUNLZV/SxB2yywy/6LIR4B/8iqO7sPBaj7zr puqei0mATYwwBVGPq4Dv+DCs1LDfKG08tG3xlcL4JVEKb3robswNPxYzo5kDhKwc iqKUc2yelLaNWTbVLXpIa/H8OcAXJPPM2UAARMN/3cP2YTwl25/r090Qt5wRrvSf 4RJomo8uZko8x44Xe5X5lHVOeXGmdVyqfUowmRtiQ4j2 -----END CERTIFICATE-----Generated at Tue Feb 10 01:24:02 2026 by rpki-client