This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/KBZ3p_x3e30GCC3kqHt-9FKuBzY.roa File: KBZ3p_x3e30GCC3kqHt-9FKuBzY.roa (raw, json) Hash identifier: II/pLWG8MBEYIcI7IT3hmbldHukEfpnwrqnjSMYNI5I= Subject key identifier: 28:16:77:A7:FC:77:7B:7D:06:08:2D:E4:A8:7B:7E:F4:52:AE:07:36 Certificate issuer: /CN=870c589a4f22a9ca2ff99b4c48f8bdf492871725 Certificate serial: 019B79EBE3C13BB8C3C9956838DC3357528A Authority key identifier: 87:0C:58:9A:4F:22:A9:CA:2F:F9:9B:4C:48:F8:BD:F4:92:87:17:25 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hwxYmk8iqcov-ZtMSPi99JKHFyU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/KBZ3p_x3e30GCC3kqHt-9FKuBzY.roa Signing time: Thu 01 Jan 2026 14:17:40 +0000 ROA not before: Thu 01 Jan 2026 14:17:40 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 203518 IP address blocks: 80.121.192.0/22 maxlen: 22 80.121.193.0/24 maxlen: 24 80.121.194.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/hwxYmk8iqcov-ZtMSPi99JKHFyU.crl rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/hwxYmk8iqcov-ZtMSPi99JKHFyU.mft rsync://rpki.ripe.net/repository/DEFAULT/hwxYmk8iqcov-ZtMSPi99JKHFyU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 17:01:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:eb:e3:c1:3b:b8:c3:c9:95:68:38:dc:33:57:52:8a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=870c589a4f22a9ca2ff99b4c48f8bdf492871725 Validity Not Before: Jan 1 14:17:40 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=281677a7fc777b7d06082de4a87b7ef452ae0736 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:5f:70:4c:61:a6:8a:99:1c:29:8a:e9:3c:63: 47:cd:48:8e:59:26:3a:6b:b5:6e:e8:3c:c9:61:e1: cc:60:a2:de:75:13:a4:22:ec:d7:43:1a:49:e8:e8: e8:3d:ab:72:cf:9e:43:f8:6d:69:ae:66:34:de:9c: 11:37:89:bc:5a:09:5d:df:f1:8b:b9:cb:8e:e4:7d: 82:fd:75:31:43:d8:3b:57:ab:a7:e4:46:d9:e1:cc: 63:ba:a5:cf:92:cf:40:e3:72:a7:65:bf:0a:3e:75: 9d:db:b3:4f:59:4e:bd:9d:dc:f8:3f:ed:d1:8f:9c: 8a:73:f3:98:b0:f4:28:74:d9:29:25:0c:b9:e8:4d: 1b:8e:7f:f2:ed:75:a5:74:b1:f4:cd:12:de:40:bb: a0:fd:37:28:31:99:74:1d:5d:c9:b4:02:1f:29:a6: 9d:fd:f1:9c:88:61:76:55:bb:f6:6e:ea:03:b7:1b: 1f:cf:dd:13:da:42:bd:13:4f:9e:4d:af:88:e7:6f: ca:52:31:20:b9:28:e3:10:06:64:ac:63:61:eb:ff: 73:c8:00:7b:9e:9d:f1:e6:0b:47:89:2b:c0:d2:97: c8:3e:91:7f:d2:c9:93:5b:36:6d:0a:5d:6e:af:92: 6d:68:3f:63:56:12:d7:98:48:d4:51:4a:78:34:aa: 93:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:16:77:A7:FC:77:7B:7D:06:08:2D:E4:A8:7B:7E:F4:52:AE:07:36 X509v3 Authority Key Identifier: keyid:87:0C:58:9A:4F:22:A9:CA:2F:F9:9B:4C:48:F8:BD:F4:92:87:17:25 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hwxYmk8iqcov-ZtMSPi99JKHFyU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/KBZ3p_x3e30GCC3kqHt-9FKuBzY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/hwxYmk8iqcov-ZtMSPi99JKHFyU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 80.121.192.0/22 Signature Algorithm: sha256WithRSAEncryption 15:11:a6:21:48:ba:5e:86:58:17:0f:01:00:96:7a:43:2b:23: 7b:71:01:a3:cd:27:d3:c3:9c:eb:56:1d:30:c9:89:4c:d3:87: 93:10:81:48:73:f8:1c:b8:2a:7f:b5:42:f9:4f:4c:4d:18:0e: 47:b7:95:93:34:6e:b1:e2:94:8e:31:2d:aa:f8:78:78:e9:48: ed:ab:01:4a:5f:b8:89:f4:3a:db:87:0c:18:64:f1:8e:46:ab: 8d:d7:17:a7:f7:e3:6f:c6:b7:fe:5d:5a:5d:67:d8:51:a5:8c: c7:71:f7:c2:9c:8c:c7:c9:69:5c:e0:72:e3:51:4f:0d:7c:99: d6:47:18:7d:87:26:3b:67:e2:5e:9b:b6:93:16:21:92:73:66: c6:a9:34:c6:8f:88:30:fe:8b:99:a9:75:4b:07:4d:21:64:87: ac:c8:2b:7e:8b:4e:33:02:7e:b9:31:33:ee:97:e0:34:f3:bd: c8:57:c0:93:6b:50:36:b3:29:0f:f7:aa:b7:76:fb:ae:bb:ef: 2f:a5:5a:82:e2:ca:5a:3e:88:c0:14:45:46:9d:ab:21:75:27: f0:bf:86:31:4c:91:e2:89:eb:d5:14:25:d4:38:17:5b:0e:62: f2:1e:f4:b3:2c:03:3d:2c:40:bb:da:53:cf:e0:2a:52:a3:dd: 64:f0:f8:f7 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt56+PBO7jDyZVoONwzV1KKMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg3MGM1ODlhNGYyMmE5Y2EyZmY5OWI0YzQ4ZjhiZGY0OTI4 NzE3MjUwHhcNMjYwMTAxMTQxNzQwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyODE2NzdhN2ZjNzc3YjdkMDYwODJkZTRhODdiN2VmNDUyYWUwNzM2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4F9wTGGmipkcKYrpPGNHzUiOWSY6 a7Vu6DzJYeHMYKLedROkIuzXQxpJ6OjoPatyz55D+G1prmY03pwRN4m8Wgld3/GL ucuO5H2C/XUxQ9g7V6un5EbZ4cxjuqXPks9A43KnZb8KPnWd27NPWU69ndz4P+3R j5yKc/OYsPQodNkpJQy56E0bjn/y7XWldLH0zRLeQLug/TcoMZl0HV3JtAIfKaad /fGciGF2Vbv2buoDtxsfz90T2kK9E0+eTa+I52/KUjEguSjjEAZkrGNh6/9zyAB7 np3x5gtHiSvA0pfIPpF/0smTWzZtCl1ur5JtaD9jVhLXmEjUUUp4NKqTjwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFCgWd6f8d3t9Bggt5Kh7fvRSrgc2MB8GA1UdIwQY MBaAFIcMWJpPIqnKL/mbTEj4vfSShxclMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaHd4WW1rOGlxY292LVp0TVNQaTk5SktIRnlVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC9mNTA1YjUtMGU0Ni00YjNmLWJmMWIt ODQ5ZDNhNmI5YzJkLzEvS0JaM3BfeDNlMzBHQ0Mza3FIdC05Rkt1QnpZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hZC9mNTA1YjUtMGU0Ni00YjNmLWJmMWItODQ5ZDNhNmI5YzJk LzEvaHd4WW1rOGlxY292LVp0TVNQaTk5SktIRnlVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCUHnAMA0G CSqGSIb3DQEBCwUAA4IBAQAVEaYhSLpehlgXDwEAlnpDKyN7cQGjzSfTw5zrVh0w yYlM04eTEIFIc/gcuCp/tUL5T0xNGA5Ht5WTNG6x4pSOMS2q+Hh46UjtqwFKX7iJ 9DrbhwwYZPGORquN1xen9+Nvxrf+XVpdZ9hRpYzHcffCnIzHyWlc4HLjUU8NfJnW Rxh9hyY7Z+Jem7aTFiGSc2bGqTTGj4gw/ouZqXVLB00hZIesyCt+i04zAn65MTPu l+A0873IV8CTa1A2sykP96q3dvuuu+8vpVqC4spaPojAFEVGnashdSfwv4YxTJHi ievVFCXUOBdbDmLyHvSzLAM9LEC72lPP4CpSo91k8Pj3 -----END CERTIFICATE-----Generated at Tue Jan 27 02:50:24 2026 by rpki-client