This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/15f95c-b0b6-4522-8ea0-55beafa4bb29/1/KnWPKh7vBsCWw3P3QjUnnKOMfRQ.roa File: KnWPKh7vBsCWw3P3QjUnnKOMfRQ.roa (raw, json) Hash identifier: S6KoJEkh3kj6VhNs+5jJEnoThmoK6o74Ufogas8E/6E= Subject key identifier: 2A:75:8F:2A:1E:EF:06:C0:96:C3:73:F7:42:35:27:9C:A3:8C:7D:14 Certificate issuer: /CN=ee9ccd38a5d6496880bc094706e68fa04fa2cd96 Certificate serial: 019B7C129DFDFDBBE2469931568C85FB25E1 Authority key identifier: EE:9C:CD:38:A5:D6:49:68:80:BC:09:47:06:E6:8F:A0:4F:A2:CD:96 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7pzNOKXWSWiAvAlHBuaPoE-izZY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/15f95c-b0b6-4522-8ea0-55beafa4bb29/1/KnWPKh7vBsCWw3P3QjUnnKOMfRQ.roa Signing time: Fri 02 Jan 2026 00:19:13 +0000 ROA not before: Fri 02 Jan 2026 00:19:13 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 213417 IP address blocks: 37.58.28.0/24 maxlen: 24 45.10.56.0/24 maxlen: 24 2a14:ff00::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/15f95c-b0b6-4522-8ea0-55beafa4bb29/1/7pzNOKXWSWiAvAlHBuaPoE-izZY.crl rsync://rpki.ripe.net/repository/DEFAULT/a3/15f95c-b0b6-4522-8ea0-55beafa4bb29/1/7pzNOKXWSWiAvAlHBuaPoE-izZY.mft rsync://rpki.ripe.net/repository/DEFAULT/7pzNOKXWSWiAvAlHBuaPoE-izZY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:00:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:12:9d:fd:fd:bb:e2:46:99:31:56:8c:85:fb:25:e1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ee9ccd38a5d6496880bc094706e68fa04fa2cd96 Validity Not Before: Jan 2 00:19:13 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=2a758f2a1eef06c096c373f74235279ca38c7d14 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:40:3b:98:d2:9f:48:84:24:9c:be:0e:d9:5f: 54:c7:15:df:db:b8:65:46:ab:15:ca:53:1b:f7:fe: 48:36:ab:33:22:98:ef:8c:d2:20:34:7f:0a:02:7a: 36:92:58:a6:59:45:63:b0:55:12:87:d5:a6:82:13: 93:41:a8:c3:bd:9b:70:e2:64:e5:76:43:96:34:78: 93:a6:37:39:78:32:09:ac:11:a9:58:2f:3e:4c:10: 29:25:e3:d8:97:fe:a0:72:f8:81:86:75:98:5f:0c: 76:15:ca:c8:75:b7:37:59:3b:ad:bf:2a:2b:15:b8: d9:79:20:22:e4:74:31:81:83:ae:f8:6a:87:c6:3e: aa:c4:2f:9f:d9:00:77:69:e2:0b:d1:31:1d:15:cd: 51:df:42:ce:2a:0e:44:89:7a:c7:7b:d2:6a:14:a5: b3:4c:a6:5c:04:8f:0f:58:90:9c:49:85:c6:f9:48: 32:7c:ba:50:c8:7e:bb:87:d4:12:30:98:ed:cc:44: 8d:ce:64:93:94:42:78:3f:29:f4:c8:0b:0c:d6:9c: 0f:63:6c:34:9a:fc:32:5d:01:ae:9b:3a:21:c9:03: a0:b9:be:e6:db:41:90:19:5d:36:fd:87:70:e7:66: 94:3e:a7:6b:4c:6c:10:90:b2:31:63:fa:a0:35:c7: 23:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:75:8F:2A:1E:EF:06:C0:96:C3:73:F7:42:35:27:9C:A3:8C:7D:14 X509v3 Authority Key Identifier: keyid:EE:9C:CD:38:A5:D6:49:68:80:BC:09:47:06:E6:8F:A0:4F:A2:CD:96 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7pzNOKXWSWiAvAlHBuaPoE-izZY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/15f95c-b0b6-4522-8ea0-55beafa4bb29/1/KnWPKh7vBsCWw3P3QjUnnKOMfRQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/15f95c-b0b6-4522-8ea0-55beafa4bb29/1/7pzNOKXWSWiAvAlHBuaPoE-izZY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 37.58.28.0/24 45.10.56.0/24 IPv6: 2a14:ff00::/29 Signature Algorithm: sha256WithRSAEncryption 96:c9:1b:0f:ce:69:4b:79:41:1d:07:f9:44:d7:87:34:60:7b: 9b:57:a1:8e:bf:b3:56:b0:d1:f1:ad:55:b1:b2:b4:36:7a:60: 9f:c7:1f:66:d2:9d:00:2d:ed:35:52:c3:fe:a7:b1:20:2e:48: 6a:61:cc:98:2d:fb:8f:d6:a5:94:90:a8:e9:b8:76:4d:73:0b: 11:b3:b1:3f:75:ac:e1:dc:13:5b:e3:6e:3f:36:7c:16:f6:1f: 06:b3:1b:b0:ec:e9:81:23:bf:2d:56:fa:60:5c:d5:ce:39:4a: 9e:7e:51:0f:b3:5b:e4:ae:66:48:8b:07:41:c0:ce:2f:b6:5f: 8b:2b:4a:8d:1c:5c:3a:b2:7a:4a:71:c1:96:30:53:a5:cc:33: 10:af:35:d9:87:f1:f6:0c:66:71:68:85:d9:38:2c:6d:8d:05: f3:69:b7:41:f5:4d:84:f6:d2:c3:98:32:5e:a5:50:87:9c:c6: 9f:87:ea:dd:3f:e4:08:ac:a4:f0:85:a9:b3:73:b8:ea:f6:78: 01:3c:66:fe:cf:83:d8:eb:a1:0f:bd:da:fa:e2:c9:98:73:a1: 0d:8a:76:35:32:62:46:62:e1:a8:e2:cf:8a:d3:cd:5c:9e:65: d8:50:c3:4d:72:90:c0:fd:c9:a3:3f:2e:dd:a8:e3:a9:e3:e7: a5:18:b7:b4 -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt8Ep39/bviRpkxVoyF+yXhMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGVlOWNjZDM4YTVkNjQ5Njg4MGJjMDk0NzA2ZTY4ZmEwNGZh MmNkOTYwHhcNMjYwMTAyMDAxOTEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyYTc1OGYyYTFlZWYwNmMwOTZjMzczZjc0MjM1Mjc5Y2EzOGM3ZDE0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsUA7mNKfSIQknL4O2V9UxxXf27hl RqsVylMb9/5INqszIpjvjNIgNH8KAno2klimWUVjsFUSh9WmghOTQajDvZtw4mTl dkOWNHiTpjc5eDIJrBGpWC8+TBApJePYl/6gcviBhnWYXwx2FcrIdbc3WTutvyor FbjZeSAi5HQxgYOu+GqHxj6qxC+f2QB3aeIL0TEdFc1R30LOKg5EiXrHe9JqFKWz TKZcBI8PWJCcSYXG+UgyfLpQyH67h9QSMJjtzESNzmSTlEJ4Pyn0yAsM1pwPY2w0 mvwyXQGumzohyQOgub7m20GQGV02/Ydw52aUPqdrTGwQkLIxY/qgNccjywIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFCp1jyoe7wbAlsNz90I1J5yjjH0UMB8GA1UdIwQY MBaAFO6czTil1klogLwJRwbmj6BPos2WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvN3B6Tk9LWFdTV2lBdkFsSEJ1YVBvRS1pelpZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy8xNWY5NWMtYjBiNi00NTIyLThlYTAt NTViZWFmYTRiYjI5LzEvS25XUEtoN3ZCc0NXdzNQM1FqVW5uS09NZlJRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hMy8xNWY5NWMtYjBiNi00NTIyLThlYTAtNTViZWFmYTRiYjI5 LzEvN3B6Tk9LWFdTV2lBdkFsSEJ1YVBvRS1pelpZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAJTocAwQA LQo4MA0EAgACMAcDBQMqFP8AMA0GCSqGSIb3DQEBCwUAA4IBAQCWyRsPzmlLeUEd B/lE14c0YHubV6GOv7NWsNHxrVWxsrQ2emCfxx9m0p0ALe01UsP+p7EgLkhqYcyY LfuP1qWUkKjpuHZNcwsRs7E/dazh3BNb424/NnwW9h8Gsxuw7OmBI78tVvpgXNXO OUqeflEPs1vkrmZIiwdBwM4vtl+LK0qNHFw6snpKccGWMFOlzDMQrzXZh/H2DGZx aIXZOCxtjQXzabdB9U2E9tLDmDJepVCHnMafh+rdP+QIrKTwhamzc7jq9ngBPGb+ z4PY66EPvdr64smYc6ENinY1MmJGYuGo4s+K081cnmXYUMNNcpDA/cmjPy7dqOOp 4+elGLe0 -----END CERTIFICATE-----Generated at Mon Feb 9 18:30:21 2026 by rpki-client