This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/kvBeHNqASgAcXdXFggEtY2pxHnE.roa File: kvBeHNqASgAcXdXFggEtY2pxHnE.roa (raw, json) Hash identifier: f8EnhHeqwGbVZwv2dS+j8r1U40WvHOhZQ8EdYktpocU= Subject key identifier: 92:F0:5E:1C:DA:80:4A:00:1C:5D:D5:C5:82:01:2D:63:6A:71:1E:71 Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d Certificate serial: 019B7D5B026E1CCBB03203EBF886A005106F Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/kvBeHNqASgAcXdXFggEtY2pxHnE.roa Signing time: Fri 02 Jan 2026 06:17:54 +0000 ROA not before: Fri 02 Jan 2026 06:17:54 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 61317 IP address blocks: 89.42.90.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.mft rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 09 Jan 2026 06:01:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5b:02:6e:1c:cb:b0:32:03:eb:f8:86:a0:05:10:6f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d Validity Not Before: Jan 2 06:17:54 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=92f05e1cda804a001c5dd5c582012d636a711e71 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8e:38:0e:ef:d9:8c:41:75:f9:b8:24:87:6a:7e: 85:b1:b2:47:12:6b:9e:b7:ac:5c:3e:ff:3e:29:37: c7:20:af:ab:8b:d8:52:b0:0b:6c:f7:cd:ae:4d:a7: a2:99:55:a9:2b:71:f8:68:46:b3:d0:a8:77:42:88: c1:b8:84:a2:7e:18:6f:bc:fe:f2:39:db:cd:1b:9b: cc:6b:0b:71:79:eb:3f:bd:2c:ad:58:30:6c:0d:83: 9f:c6:9a:63:db:d7:e0:e3:c6:a8:e4:ee:5f:55:07: 6a:ab:ae:e7:dc:b0:de:e4:00:33:7e:c7:61:fb:80: f9:df:36:00:ad:c3:7c:7f:87:c1:df:f0:c4:4d:f2: 5f:d4:9d:4c:4f:56:3f:a2:89:1f:71:50:b8:35:2c: 74:03:c6:de:e9:95:ba:05:cf:50:71:e9:b9:a2:be: dd:dd:e2:1f:c9:3e:ea:f0:14:0b:81:55:79:fa:0f: 9e:5c:b4:67:8f:4a:ee:9a:bc:e6:c2:d1:12:75:e8: e7:8b:8b:fd:a8:0b:53:62:76:11:aa:96:7b:f4:3b: be:58:1f:09:dd:2c:cf:5b:8b:e5:bf:78:5f:a2:57: 52:26:37:82:a5:ed:ad:26:03:f0:7a:18:da:27:e2: 74:37:80:20:85:16:56:37:23:c8:29:83:89:d5:22: 3c:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 92:F0:5E:1C:DA:80:4A:00:1C:5D:D5:C5:82:01:2D:63:6A:71:1E:71 X509v3 Authority Key Identifier: keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/kvBeHNqASgAcXdXFggEtY2pxHnE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 89.42.90.0/24 Signature Algorithm: sha256WithRSAEncryption 7a:39:af:97:f4:a0:ee:ff:12:ef:b0:f2:d7:26:a5:21:c7:15: 31:dd:c9:21:20:63:e5:db:29:a3:ad:37:35:6d:7f:e5:f0:1a: 73:fa:f9:1c:1c:db:18:bf:eb:a3:1d:e9:d9:f8:26:d1:8a:a5: 8b:ef:5b:65:18:29:20:99:e0:cf:3d:83:ab:2b:d0:a8:c3:39: ce:d5:5b:80:5b:28:0b:b6:12:e4:42:cd:c7:0d:85:06:0e:eb: fc:0d:73:30:3b:3a:40:d1:07:85:91:0c:da:54:de:b5:97:e9: 43:d6:74:c3:aa:81:1e:94:78:7c:99:47:80:2c:f1:32:c1:56: 01:d8:4f:2a:a6:3d:29:ae:a0:91:81:03:b6:ae:4c:42:97:84: 18:06:ce:7e:cc:aa:30:df:24:27:0b:05:44:6a:7e:fd:df:ed: a6:bf:47:0a:0f:92:e8:b4:9a:61:40:af:d0:2f:fb:56:cc:f2: c3:f5:fd:b0:13:eb:05:9f:39:2b:d0:d0:0e:2a:5d:d4:05:30: f5:6a:20:bd:b0:1f:0f:a5:7a:54:7b:e2:31:e0:ea:ef:9e:f1: 37:67:09:44:e8:52:39:7d:d9:ee:16:ce:c9:59:92:99:8c:04: 89:5f:b9:0f:0a:86:ef:35:40:c9:80:8d:50:da:de:46:a6:ec: f4:60:39:67 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt9WwJuHMuwMgPr+IagBRBvMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm MDFjMWQwHhcNMjYwMTAyMDYxNzU0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5MmYwNWUxY2RhODA0YTAwMWM1ZGQ1YzU4MjAxMmQ2MzZhNzExZTcxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjjgO79mMQXX5uCSHan6FsbJHEmue t6xcPv8+KTfHIK+ri9hSsAts982uTaeimVWpK3H4aEaz0Kh3QojBuISifhhvvP7y OdvNG5vMawtxees/vSytWDBsDYOfxppj29fg48ao5O5fVQdqq67n3LDe5AAzfsdh +4D53zYArcN8f4fB3/DETfJf1J1MT1Y/ookfcVC4NSx0A8be6ZW6Bc9Qcem5or7d 3eIfyT7q8BQLgVV5+g+eXLRnj0rumrzmwtESdejni4v9qAtTYnYRqpZ79Du+WB8J 3SzPW4vlv3hfoldSJjeCpe2tJgPwehjaJ+J0N4AghRZWNyPIKYOJ1SI82wIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFJLwXhzagEoAHF3VxYIBLWNqcR5xMB8GA1UdIwQY MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt YjQyZjIzZDgyOGMzLzEva3ZCZUhOcUFTZ0FjWGRYRmdnRXRZMnB4SG5FLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWSpaMA0G CSqGSIb3DQEBCwUAA4IBAQB6Oa+X9KDu/xLvsPLXJqUhxxUx3ckhIGPl2ymjrTc1 bX/l8Bpz+vkcHNsYv+ujHenZ+CbRiqWL71tlGCkgmeDPPYOrK9CowznO1VuAWygL thLkQs3HDYUGDuv8DXMwOzpA0QeFkQzaVN61l+lD1nTDqoEelHh8mUeALPEywVYB 2E8qpj0prqCRgQO2rkxCl4QYBs5+zKow3yQnCwVEan793+2mv0cKD5LotJphQK/Q L/tWzPLD9f2wE+sFnzkr0NAOKl3UBTD1aiC9sB8PpXpUe+Ix4OrvnvE3ZwlE6FI5 fdnuFs7JWZKZjASJX7kPCobvNUDJgI1Q2t5Gpuz0YDln -----END CERTIFICATE-----Generated at Thu Jan 8 12:59:32 2026 by rpki-client