This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/1caa79-b8c4-4d08-9bbe-386c1f8b0640/1/kNR-gUHIBkAVG5LDVgVJxvEY3q8.roa File: kNR-gUHIBkAVG5LDVgVJxvEY3q8.roa (raw, json) Hash identifier: d0VW7tyS0/KepNZdJ2Fz8K2kUTPgtIVFBZK37jfxU0M= Subject key identifier: 90:D4:7E:81:41:C8:06:40:15:1B:92:C3:56:05:49:C6:F1:18:DE:AF Certificate issuer: /CN=8da824bc631ccee1ae99d7103afd2dc74f1e29c4 Certificate serial: 019B7F83D9A97D229FB80A37B2FD3593AD1D Authority key identifier: 8D:A8:24:BC:63:1C:CE:E1:AE:99:D7:10:3A:FD:2D:C7:4F:1E:29:C4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jagkvGMczuGumdcQOv0tx08eKcQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/1caa79-b8c4-4d08-9bbe-386c1f8b0640/1/kNR-gUHIBkAVG5LDVgVJxvEY3q8.roa Signing time: Fri 02 Jan 2026 16:21:45 +0000 ROA not before: Fri 02 Jan 2026 16:21:45 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 14618 IP address blocks: 192.33.88.0/24 maxlen: 24 2001:67c:2e40::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ac/1caa79-b8c4-4d08-9bbe-386c1f8b0640/1/jagkvGMczuGumdcQOv0tx08eKcQ.crl rsync://rpki.ripe.net/repository/DEFAULT/ac/1caa79-b8c4-4d08-9bbe-386c1f8b0640/1/jagkvGMczuGumdcQOv0tx08eKcQ.mft rsync://rpki.ripe.net/repository/DEFAULT/jagkvGMczuGumdcQOv0tx08eKcQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 10 Jan 2026 10:01:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:83:d9:a9:7d:22:9f:b8:0a:37:b2:fd:35:93:ad:1d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8da824bc631ccee1ae99d7103afd2dc74f1e29c4 Validity Not Before: Jan 2 16:21:45 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=90d47e8141c80640151b92c3560549c6f118deaf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:a9:f7:c2:aa:76:93:e5:f8:4d:37:c1:f8:ab: d4:42:55:15:72:90:5d:c5:4e:51:58:e4:c9:7e:1c: c9:71:d6:a5:e9:87:b9:7e:29:96:1e:5c:ac:28:15: 1f:ec:7a:3c:61:86:da:24:7e:61:76:24:c2:97:05: e5:53:44:77:da:b5:14:1a:f0:e6:d0:57:cb:8a:9c: 3f:f7:42:70:9c:93:70:54:1b:2f:0c:4f:50:53:05: e7:19:67:e9:d6:b4:d7:75:20:24:a1:df:05:0a:d6: 04:e1:23:55:03:8c:33:d3:6b:02:fb:2c:fc:e5:51: 03:4f:0e:01:43:53:20:03:0a:c4:47:24:9f:f5:8d: e8:4e:b2:ad:39:5d:b5:32:8b:46:64:05:40:c0:a2: 46:0f:21:55:f9:6e:69:4c:a0:96:d5:2d:38:dc:b9: b1:52:e1:f9:da:b6:a7:d9:4b:30:be:c7:6a:25:f5: ee:c8:af:1d:9a:ec:03:d8:44:5d:04:be:ac:55:d6: 35:56:f6:9b:a1:00:64:a1:39:66:15:10:53:52:fa: c8:75:eb:cd:59:65:53:79:f4:e1:e2:60:03:16:d3: 80:54:8d:ee:54:6e:51:f5:96:88:69:53:c7:f1:0f: 01:be:1f:61:39:ec:d8:f2:96:28:98:5a:69:55:b8: ef:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:D4:7E:81:41:C8:06:40:15:1B:92:C3:56:05:49:C6:F1:18:DE:AF X509v3 Authority Key Identifier: keyid:8D:A8:24:BC:63:1C:CE:E1:AE:99:D7:10:3A:FD:2D:C7:4F:1E:29:C4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jagkvGMczuGumdcQOv0tx08eKcQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/1caa79-b8c4-4d08-9bbe-386c1f8b0640/1/kNR-gUHIBkAVG5LDVgVJxvEY3q8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/1caa79-b8c4-4d08-9bbe-386c1f8b0640/1/jagkvGMczuGumdcQOv0tx08eKcQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 192.33.88.0/24 IPv6: 2001:67c:2e40::/48 Signature Algorithm: sha256WithRSAEncryption 1f:af:18:89:f0:4b:3b:88:eb:78:69:2e:26:5d:8a:2c:6e:b8: 37:da:51:91:d8:29:21:bd:f7:b8:f4:0c:11:e4:4b:f8:01:48: 67:c4:cc:00:9a:95:68:48:ba:01:aa:08:ab:1c:13:ed:b9:e7: 21:3c:5e:30:61:c5:56:06:b0:77:4e:2a:3c:ab:0d:08:1b:a7: 55:c3:9c:f2:a4:ff:a6:4b:91:e2:7a:fd:64:00:77:4b:f3:2d: dd:1d:b0:14:2c:cc:81:7c:b1:cd:7b:54:99:d7:7f:92:60:85: 00:26:db:2a:9b:fa:4c:f0:61:2d:18:8f:c1:36:f0:25:17:0e: df:a2:fe:91:81:41:3c:16:ce:08:28:3b:78:f2:be:fb:28:89: 24:ef:5b:d7:74:89:65:53:f2:4e:17:ca:ca:79:bf:cf:5e:f9: 02:09:6d:1b:03:f0:92:d6:7a:fc:9d:82:bc:32:1b:78:07:58: b9:12:cc:31:00:a8:c7:85:88:91:e6:56:f6:39:87:43:1e:c0: e5:51:5a:99:be:02:89:16:d6:5b:c7:b3:0b:de:07:2f:b7:fb: c2:e4:26:ca:cb:b2:8c:bd:d3:ea:3c:c0:06:ed:95:eb:1e:31: 04:73:54:40:8c:60:e8:08:e1:e7:8c:31:27:b4:67:ac:19:50: 62:ed:e8:c4 -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgISAZt/g9mpfSKfuAo3sv01k60dMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDhkYTgyNGJjNjMxY2NlZTFhZTk5ZDcxMDNhZmQyZGM3NGYx ZTI5YzQwHhcNMjYwMTAyMTYyMTQ1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5MGQ0N2U4MTQxYzgwNjQwMTUxYjkyYzM1NjA1NDljNmYxMThkZWFmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmKn3wqp2k+X4TTfB+KvUQlUVcpBd xU5RWOTJfhzJcdal6Ye5fimWHlysKBUf7Ho8YYbaJH5hdiTClwXlU0R32rUUGvDm 0FfLipw/90JwnJNwVBsvDE9QUwXnGWfp1rTXdSAkod8FCtYE4SNVA4wz02sC+yz8 5VEDTw4BQ1MgAwrERySf9Y3oTrKtOV21MotGZAVAwKJGDyFV+W5pTKCW1S043Lmx UuH52ran2UswvsdqJfXuyK8dmuwD2ERdBL6sVdY1VvaboQBkoTlmFRBTUvrIdevN WWVTefTh4mADFtOAVI3uVG5R9ZaIaVPH8Q8Bvh9hOezY8pYomFppVbjvvQIDAQAB o4ICGjCCAhYwHQYDVR0OBBYEFJDUfoFByAZAFRuSw1YFScbxGN6vMB8GA1UdIwQY MBaAFI2oJLxjHM7hrpnXEDr9LcdPHinEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvamFna3ZHTWN6dUd1bWRjUU92MHR4MDhlS2NRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy8xY2FhNzktYjhjNC00ZDA4LTliYmUt Mzg2YzFmOGIwNjQwLzEva05SLWdVSElCa0FWRzVMRFZnVkp4dkVZM3E4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hYy8xY2FhNzktYjhjNC00ZDA4LTliYmUtMzg2YzFmOGIwNjQw LzEvamFna3ZHTWN6dUd1bWRjUU92MHR4MDhlS2NRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwCFYMA8E AgACMAkDBwAgAQZ8LkAwDQYJKoZIhvcNAQELBQADggEBAB+vGInwSzuI63hpLiZd iixuuDfaUZHYKSG997j0DBHkS/gBSGfEzACalWhIugGqCKscE+255yE8XjBhxVYG sHdOKjyrDQgbp1XDnPKk/6ZLkeJ6/WQAd0vzLd0dsBQszIF8sc17VJnXf5JghQAm 2yqb+kzwYS0Yj8E28CUXDt+i/pGBQTwWzggoO3jyvvsoiSTvW9d0iWVT8k4Xysp5 v89e+QIJbRsD8JLWevydgrwyG3gHWLkSzDEAqMeFiJHmVvY5h0MewOVRWpm+AokW 1lvHswveBy+3+8LkJsrLsoy90+o8wAbtleseMQRzVECMYOgI4eeMMSe0Z6wZUGLt 6MQ= -----END CERTIFICATE-----Generated at Fri Jan 9 17:06:59 2026 by rpki-client