This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/d20b8c-9fac-41f7-9e79-c410062d4d52/1/kt-dzWz4ump9exEN1VN1o9bh0sQ.roa File: kt-dzWz4ump9exEN1VN1o9bh0sQ.roa (raw, json) Hash identifier: 3EXp+7ZKktgIDQ1+hPu50wusQGozvYQkFp906943fvA= Subject key identifier: 92:DF:9D:CD:6C:F8:BA:6A:7D:7B:11:0D:D5:53:75:A3:D6:E1:D2:C4 Certificate issuer: /CN=89927787472a7cbdd97dfdb4f53b74efb3bbbc5b Certificate serial: 019B7910CA8F48DE8039F098DD9058A8A969 Authority key identifier: 89:92:77:87:47:2A:7C:BD:D9:7D:FD:B4:F5:3B:74:EF:B3:BB:BC:5B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iZJ3h0cqfL3Zff209Tt077O7vFs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/d20b8c-9fac-41f7-9e79-c410062d4d52/1/kt-dzWz4ump9exEN1VN1o9bh0sQ.roa Signing time: Thu 01 Jan 2026 10:18:22 +0000 ROA not before: Thu 01 Jan 2026 10:18:22 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 201129 IP address blocks: 2001:67c:2d84::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9a/d20b8c-9fac-41f7-9e79-c410062d4d52/1/iZJ3h0cqfL3Zff209Tt077O7vFs.crl rsync://rpki.ripe.net/repository/DEFAULT/9a/d20b8c-9fac-41f7-9e79-c410062d4d52/1/iZJ3h0cqfL3Zff209Tt077O7vFs.mft rsync://rpki.ripe.net/repository/DEFAULT/iZJ3h0cqfL3Zff209Tt077O7vFs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 21:05:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:10:ca:8f:48:de:80:39:f0:98:dd:90:58:a8:a9:69 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=89927787472a7cbdd97dfdb4f53b74efb3bbbc5b Validity Not Before: Jan 1 10:18:22 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=92df9dcd6cf8ba6a7d7b110dd55375a3d6e1d2c4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:12:a4:8b:72:76:d1:d5:f5:84:9b:30:07:16: 65:b1:00:9f:f3:c3:5d:03:c8:b0:71:3b:29:b5:7c: 74:3b:cd:c4:72:a3:36:65:45:72:c5:a0:49:aa:9f: e0:e7:ed:54:3b:97:fc:10:a5:55:ff:49:b2:33:19: 04:79:cc:6c:f3:73:c2:61:02:fb:cf:ff:15:a2:60: 0b:01:fe:84:7a:56:bb:0e:39:49:20:ab:20:e4:c5: 4e:11:ca:12:18:f5:ff:ac:b0:5d:18:91:f3:50:54: 9a:e6:96:5e:71:0b:d3:95:18:70:42:c5:cf:7b:71: 1e:7e:77:c5:97:ae:22:90:5f:6c:44:44:51:24:17: 3f:4f:94:0f:69:5d:98:1c:d6:4c:1e:6d:16:51:8e: d3:99:80:2f:80:14:b3:32:f0:80:44:32:c8:5a:9a: f4:24:4c:35:e5:89:6f:2d:5f:8a:4f:1d:8c:4e:32: d4:76:07:cc:db:4b:b4:eb:91:9d:be:63:3b:5a:1c: 50:89:2a:b0:15:bf:b6:9e:5a:93:13:06:f2:14:b3: 5b:d1:ac:35:f8:48:ab:28:b2:a5:46:f4:47:87:c0: 9f:aa:a6:bb:4b:47:0d:75:d5:1e:88:41:01:11:0d: 30:69:99:c1:a2:03:6a:41:ea:8d:c9:4c:68:2f:52: eb:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 92:DF:9D:CD:6C:F8:BA:6A:7D:7B:11:0D:D5:53:75:A3:D6:E1:D2:C4 X509v3 Authority Key Identifier: keyid:89:92:77:87:47:2A:7C:BD:D9:7D:FD:B4:F5:3B:74:EF:B3:BB:BC:5B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iZJ3h0cqfL3Zff209Tt077O7vFs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/d20b8c-9fac-41f7-9e79-c410062d4d52/1/kt-dzWz4ump9exEN1VN1o9bh0sQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/d20b8c-9fac-41f7-9e79-c410062d4d52/1/iZJ3h0cqfL3Zff209Tt077O7vFs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:67c:2d84::/48 Signature Algorithm: sha256WithRSAEncryption a0:8b:3f:3d:aa:82:5b:f4:9d:34:d1:8a:61:f4:c8:32:5a:18: 68:c8:23:84:06:da:d9:99:cf:50:63:6a:6c:ac:f6:9c:9c:4a: 6c:b1:c9:54:40:26:23:0f:f5:c4:7c:c0:a6:cc:2a:57:6e:df: a1:5b:44:5c:de:58:a8:07:3c:13:75:68:3b:8b:53:68:74:b3: 93:67:f5:c7:7d:5d:54:0b:bb:07:67:8b:1c:cf:80:62:6e:45: df:b1:04:95:aa:5f:3f:7c:8e:3b:a6:0f:70:b0:d5:18:b1:94: 7e:fb:19:06:dc:35:47:45:01:86:09:41:b3:12:53:ba:1e:85: 5e:d6:dc:fc:63:bc:a0:36:43:f9:64:fb:8b:bc:47:a5:9e:f6: ad:f2:3b:6c:02:7e:15:e2:18:21:f1:bc:ef:29:87:bd:42:04: 49:87:e7:72:14:45:c1:64:7a:01:8c:7b:fe:8d:bf:7b:ee:ea: e1:6c:e0:f0:43:68:df:c8:d5:88:2a:6d:0a:e9:9f:2b:ff:fd: 5d:5c:ac:f5:c6:76:9e:07:2f:44:65:5e:bc:92:ad:b4:ee:7e: de:e5:8c:2b:f0:ed:26:fb:87:b0:97:34:de:ca:31:ad:22:f1: f3:b6:6d:fc:c0:b6:0d:6e:fb:4a:78:1d:1d:91:47:2f:db:24: bd:2c:d8:b3 -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt5EMqPSN6AOfCY3ZBYqKlpMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg5OTI3Nzg3NDcyYTdjYmRkOTdkZmRiNGY1M2I3NGVmYjNi YmJjNWIwHhcNMjYwMTAxMTAxODIyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5MmRmOWRjZDZjZjhiYTZhN2Q3YjExMGRkNTUzNzVhM2Q2ZTFkMmM0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyhKki3J20dX1hJswBxZlsQCf88Nd A8iwcTsptXx0O83EcqM2ZUVyxaBJqp/g5+1UO5f8EKVV/0myMxkEecxs83PCYQL7 z/8VomALAf6Eela7DjlJIKsg5MVOEcoSGPX/rLBdGJHzUFSa5pZecQvTlRhwQsXP e3EefnfFl64ikF9sRERRJBc/T5QPaV2YHNZMHm0WUY7TmYAvgBSzMvCARDLIWpr0 JEw15YlvLV+KTx2MTjLUdgfM20u065GdvmM7WhxQiSqwFb+2nlqTEwbyFLNb0aw1 +EirKLKlRvRHh8Cfqqa7S0cNddUeiEEBEQ0waZnBogNqQeqNyUxoL1LroQIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFJLfnc1s+LpqfXsRDdVTdaPW4dLEMB8GA1UdIwQY MBaAFImSd4dHKny92X39tPU7dO+zu7xbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaVpKM2gwY3FmTDNaZmYyMDlUdDA3N083dkZzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS9kMjBiOGMtOWZhYy00MWY3LTllNzkt YzQxMDA2MmQ0ZDUyLzEva3QtZHpXejR1bXA5ZXhFTjFWTjFvOWJoMHNRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85YS9kMjBiOGMtOWZhYy00MWY3LTllNzktYzQxMDA2MmQ0ZDUy LzEvaVpKM2gwY3FmTDNaZmYyMDlUdDA3N083dkZzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfC2E MA0GCSqGSIb3DQEBCwUAA4IBAQCgiz89qoJb9J000Yph9MgyWhhoyCOEBtrZmc9Q Y2psrPacnEpssclUQCYjD/XEfMCmzCpXbt+hW0Rc3lioBzwTdWg7i1NodLOTZ/XH fV1UC7sHZ4scz4BibkXfsQSVql8/fI47pg9wsNUYsZR++xkG3DVHRQGGCUGzElO6 HoVe1tz8Y7ygNkP5ZPuLvEelnvat8jtsAn4V4hgh8bzvKYe9QgRJh+dyFEXBZHoB jHv+jb977urhbODwQ2jfyNWIKm0K6Z8r//1dXKz1xnaeBy9EZV68kq207n7e5Ywr 8O0m+4ewlzTeyjGtIvHztm38wLYNbvtKeB0dkUcv2yS9LNiz -----END CERTIFICATE-----Generated at Tue Feb 10 07:31:01 2026 by rpki-client