This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/2c0cbf-11f7-4b6d-b88e-79f7b6ea7c14/1/KNWwGCklL3zKbMsgIOCdcNGo2tI.roa File: KNWwGCklL3zKbMsgIOCdcNGo2tI.roa (raw, json) Hash identifier: 5rF454gnBcOMqEez62ErUsCgENLRW0isAHz0go80+Fs= Subject key identifier: 28:D5:B0:18:29:25:2F:7C:CA:6C:CB:20:20:E0:9D:70:D1:A8:DA:D2 Certificate issuer: /CN=29fa7dd63f2e2d87b5f7850093c743bbfbe14e44 Certificate serial: 019B797F14B9436667B888582013230ECF4E Authority key identifier: 29:FA:7D:D6:3F:2E:2D:87:B5:F7:85:00:93:C7:43:BB:FB:E1:4E:44 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Kfp91j8uLYe194UAk8dDu_vhTkQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/2c0cbf-11f7-4b6d-b88e-79f7b6ea7c14/1/KNWwGCklL3zKbMsgIOCdcNGo2tI.roa Signing time: Thu 01 Jan 2026 12:18:50 +0000 ROA not before: Thu 01 Jan 2026 12:18:50 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 149428 IP address blocks: 2a14:c882:8000::/33 maxlen: 33 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/2c0cbf-11f7-4b6d-b88e-79f7b6ea7c14/1/Kfp91j8uLYe194UAk8dDu_vhTkQ.crl rsync://rpki.ripe.net/repository/DEFAULT/a3/2c0cbf-11f7-4b6d-b88e-79f7b6ea7c14/1/Kfp91j8uLYe194UAk8dDu_vhTkQ.mft rsync://rpki.ripe.net/repository/DEFAULT/Kfp91j8uLYe194UAk8dDu_vhTkQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 09:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7f:14:b9:43:66:67:b8:88:58:20:13:23:0e:cf:4e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=29fa7dd63f2e2d87b5f7850093c743bbfbe14e44 Validity Not Before: Jan 1 12:18:50 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=28d5b01829252f7cca6ccb2020e09d70d1a8dad2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:b0:54:c6:98:a7:2b:dc:29:b4:b9:4f:7e:8e: a6:82:15:2c:45:0a:2c:73:ef:50:2c:c0:bf:48:65: 0c:a3:0c:43:fc:50:a1:fe:58:53:b8:07:65:c4:6c: 92:d3:50:c0:a2:7c:9d:46:08:24:91:86:27:a9:0c: c5:72:42:da:77:09:b0:69:30:12:01:c7:7e:f1:b7: b8:7f:50:91:41:50:90:05:f5:cd:79:6e:ec:cb:68: e4:52:0b:3e:84:66:6f:46:2a:78:f9:ac:e9:5d:c9: ae:e6:42:1c:28:42:d7:23:36:c0:35:7c:1a:74:76: 06:b2:2e:92:e0:fe:a3:d4:b1:21:f3:09:72:d6:6d: ad:78:86:ab:7e:8d:3a:fc:2e:fc:e5:64:2c:7f:b9: ac:9b:ee:2e:bc:13:37:77:c1:e0:9f:81:c3:a1:45: a2:e0:62:21:db:e3:a4:b8:cc:3d:06:f0:5d:92:cd: e4:32:16:a3:91:c5:7a:60:e5:05:a3:8b:59:ae:99: 8a:2d:f9:f4:fd:c9:90:de:61:e0:b5:dc:96:16:2a: 91:81:5f:f5:d9:20:cf:bd:cf:ce:19:65:9b:5d:5e: 9a:9b:ee:55:76:b4:44:1a:b5:70:32:60:c1:42:56: 4b:3c:d0:0a:9c:4d:ba:43:53:10:53:2a:6e:c2:2d: 3b:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:D5:B0:18:29:25:2F:7C:CA:6C:CB:20:20:E0:9D:70:D1:A8:DA:D2 X509v3 Authority Key Identifier: keyid:29:FA:7D:D6:3F:2E:2D:87:B5:F7:85:00:93:C7:43:BB:FB:E1:4E:44 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Kfp91j8uLYe194UAk8dDu_vhTkQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/2c0cbf-11f7-4b6d-b88e-79f7b6ea7c14/1/KNWwGCklL3zKbMsgIOCdcNGo2tI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/2c0cbf-11f7-4b6d-b88e-79f7b6ea7c14/1/Kfp91j8uLYe194UAk8dDu_vhTkQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:c882:8000::/33 Signature Algorithm: sha256WithRSAEncryption 12:60:cd:52:b0:7d:20:47:19:67:fc:eb:8f:4e:49:a2:f0:14: fa:f9:44:4c:44:2d:c9:28:8f:89:cc:b6:f6:a9:76:d1:d8:a1: 7b:9d:bd:88:36:3a:73:27:be:a1:03:24:7a:5e:0f:bd:8f:a5: 55:d0:93:43:b8:6a:0b:4b:0b:94:41:5d:62:92:45:65:ab:bd: e0:77:34:77:59:d1:6a:40:10:7c:f9:30:16:c6:8e:21:b9:0d: 15:84:79:7a:c6:9d:e3:26:26:a5:b7:06:ab:cc:b3:fe:00:26: 5b:24:54:a3:82:93:12:0d:a1:0c:ca:1d:79:2d:35:e4:b7:39: bb:6a:8f:93:f5:e1:35:3d:16:3c:94:04:ab:03:8b:38:70:f5: 31:a1:98:e0:55:dd:34:0f:2a:fb:c9:65:a0:30:3e:d7:ca:74: cc:a4:9d:b3:db:74:93:13:7d:8d:03:09:34:9b:3b:64:58:ad: cd:58:de:cb:1d:90:71:5b:01:9f:c1:04:73:21:16:82:21:2d: b3:06:77:f3:07:5d:78:3b:42:7d:de:8e:f9:09:cb:85:37:bc: 54:8a:eb:56:39:70:07:0b:a9:6c:81:5f:1e:63:b1:1b:5a:9e: 7f:18:a2:78:78:8f:76:88:3c:d2:70:cd:27:30:53:7f:de:cb: 36:c5:59:d4 -----BEGIN CERTIFICATE----- MIIE/zCCA+egAwIBAgISAZt5fxS5Q2ZnuIhYIBMjDs9OMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI5ZmE3ZGQ2M2YyZTJkODdiNWY3ODUwMDkzYzc0M2JiZmJl MTRlNDQwHhcNMjYwMTAxMTIxODUwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyOGQ1YjAxODI5MjUyZjdjY2E2Y2NiMjAyMGUwOWQ3MGQxYThkYWQyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1rBUxpinK9wptLlPfo6mghUsRQos c+9QLMC/SGUMowxD/FCh/lhTuAdlxGyS01DAonydRggkkYYnqQzFckLadwmwaTAS Acd+8be4f1CRQVCQBfXNeW7sy2jkUgs+hGZvRip4+azpXcmu5kIcKELXIzbANXwa dHYGsi6S4P6j1LEh8wly1m2teIarfo06/C785WQsf7msm+4uvBM3d8Hgn4HDoUWi 4GIh2+OkuMw9BvBdks3kMhajkcV6YOUFo4tZrpmKLfn0/cmQ3mHgtdyWFiqRgV/1 2SDPvc/OGWWbXV6am+5VdrREGrVwMmDBQlZLPNAKnE26Q1MQUypuwi07dQIDAQAB o4ICCzCCAgcwHQYDVR0OBBYEFCjVsBgpJS98ymzLICDgnXDRqNrSMB8GA1UdIwQY MBaAFCn6fdY/Li2HtfeFAJPHQ7v74U5EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS2ZwOTFqOHVMWWUxOTRVQWs4ZER1X3ZoVGtRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy8yYzBjYmYtMTFmNy00YjZkLWI4OGUt NzlmN2I2ZWE3YzE0LzEvS05Xd0dDa2xMM3pLYk1zZ0lPQ2RjTkdvMnRJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hMy8yYzBjYmYtMTFmNy00YjZkLWI4OGUtNzlmN2I2ZWE3YzE0 LzEvS2ZwOTFqOHVMWWUxOTRVQWs4ZER1X3ZoVGtRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYHKhTIgoAw DQYJKoZIhvcNAQELBQADggEBABJgzVKwfSBHGWf8649OSaLwFPr5RExELckoj4nM tvapdtHYoXudvYg2OnMnvqEDJHpeD72PpVXQk0O4agtLC5RBXWKSRWWrveB3NHdZ 0WpAEHz5MBbGjiG5DRWEeXrGneMmJqW3BqvMs/4AJlskVKOCkxINoQzKHXktNeS3 Obtqj5P14TU9FjyUBKsDizhw9TGhmOBV3TQPKvvJZaAwPtfKdMyknbPbdJMTfY0D CTSbO2RYrc1Y3ssdkHFbAZ/BBHMhFoIhLbMGd/MHXXg7Qn3ejvkJy4U3vFSK61Y5 cAcLqWyBXx5jsRtann8Yonh4j3aIPNJwzScwU3/eyzbFWdQ= -----END CERTIFICATE-----Generated at Wed Jan 21 14:30:05 2026 by rpki-client