This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/3b8f3b-ebf0-4cb7-a49b-a8585849be14/1/kkk3yXE8XoIEDRsGs9EdkpoqcD8.roa File: kkk3yXE8XoIEDRsGs9EdkpoqcD8.roa (raw, json) Hash identifier: k6wchoXLvZ9SOEunorfauAloLI47oJBy9bourGp1I0s= Subject key identifier: 92:49:37:C9:71:3C:5E:82:04:0D:1B:06:B3:D1:1D:92:9A:2A:70:3F Certificate issuer: /CN=1220dd2b92da284c63cec46f6f6a41c013a9c881 Certificate serial: 019B7F158AED0DCEC94A3C3284FADB75017D Authority key identifier: 12:20:DD:2B:92:DA:28:4C:63:CE:C4:6F:6F:6A:41:C0:13:A9:C8:81 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EiDdK5LaKExjzsRvb2pBwBOpyIE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/3b8f3b-ebf0-4cb7-a49b-a8585849be14/1/kkk3yXE8XoIEDRsGs9EdkpoqcD8.roa Signing time: Fri 02 Jan 2026 14:21:16 +0000 ROA not before: Fri 02 Jan 2026 14:21:16 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 61414 IP address blocks: 185.243.40.0/24 maxlen: 24 185.243.41.0/24 maxlen: 24 185.243.42.0/24 maxlen: 24 193.3.191.0/24 maxlen: 24 2a0d:280::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b8/3b8f3b-ebf0-4cb7-a49b-a8585849be14/1/EiDdK5LaKExjzsRvb2pBwBOpyIE.crl rsync://rpki.ripe.net/repository/DEFAULT/b8/3b8f3b-ebf0-4cb7-a49b-a8585849be14/1/EiDdK5LaKExjzsRvb2pBwBOpyIE.mft rsync://rpki.ripe.net/repository/DEFAULT/EiDdK5LaKExjzsRvb2pBwBOpyIE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 11:00:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:15:8a:ed:0d:ce:c9:4a:3c:32:84:fa:db:75:01:7d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1220dd2b92da284c63cec46f6f6a41c013a9c881 Validity Not Before: Jan 2 14:21:16 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=924937c9713c5e82040d1b06b3d11d929a2a703f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:73:f4:0a:a6:92:84:32:e2:d0:ce:45:6d:9b: b5:eb:b0:80:95:c4:af:81:56:cc:be:f7:ef:7c:59: 2b:9a:bf:80:5f:51:f6:3a:0d:53:8d:9d:7d:4b:24: ac:3a:27:cd:b0:8a:bc:b8:d4:47:56:4c:cb:d8:03: 5f:77:28:e8:29:62:45:96:be:35:75:28:ca:b6:20: 4e:67:82:4c:69:fe:44:a9:18:f6:af:7c:7b:7a:5a: 58:10:cd:86:0a:6b:d6:7a:9b:8f:f4:d2:ec:b3:eb: a6:3a:aa:34:a3:d0:5b:99:21:5f:b3:69:eb:e5:3f: 71:6c:b9:3a:14:0f:92:2d:12:23:cd:4b:d9:29:6a: 4c:85:47:81:88:2e:91:dc:ce:f6:89:f2:dc:7e:d5: 8c:17:54:30:75:c8:72:e4:7a:67:11:4c:b6:39:93: f9:1c:81:d7:03:8c:e2:78:fa:86:82:1d:c3:92:e3: 26:ee:ad:74:af:28:3a:96:3f:e5:20:11:1d:5d:20: 75:dd:56:f1:71:8c:53:21:02:e8:f6:f3:ce:39:10: 87:43:f1:a2:28:9f:d9:d0:85:c0:87:43:ec:16:2e: 6c:f1:6a:74:ef:f8:e1:c1:8d:ca:e2:0a:8e:1d:d7: 77:c8:38:57:71:55:5d:65:de:f2:96:48:9f:04:4a: 12:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 92:49:37:C9:71:3C:5E:82:04:0D:1B:06:B3:D1:1D:92:9A:2A:70:3F X509v3 Authority Key Identifier: keyid:12:20:DD:2B:92:DA:28:4C:63:CE:C4:6F:6F:6A:41:C0:13:A9:C8:81 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EiDdK5LaKExjzsRvb2pBwBOpyIE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/3b8f3b-ebf0-4cb7-a49b-a8585849be14/1/kkk3yXE8XoIEDRsGs9EdkpoqcD8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/3b8f3b-ebf0-4cb7-a49b-a8585849be14/1/EiDdK5LaKExjzsRvb2pBwBOpyIE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.243.40.0-185.243.42.255 193.3.191.0/24 IPv6: 2a0d:280::/48 Signature Algorithm: sha256WithRSAEncryption 5b:1c:af:8a:ac:0b:70:40:7c:e4:fe:16:ef:6c:73:76:99:bc: 60:1d:88:d9:08:87:6c:8e:d0:44:7c:96:99:8f:7b:d8:92:56: 1b:26:07:39:d0:cf:d3:ab:2a:08:8f:2a:d3:ce:5b:4e:81:31: ab:6e:2f:84:d1:6d:89:44:ab:6d:45:89:10:69:c1:bf:85:f0: 4d:ac:cd:74:be:8d:65:c3:4c:34:87:e0:45:06:39:00:6d:8a: e2:20:60:51:8e:cb:1a:46:b4:9e:d7:10:08:69:30:c4:ad:ce: 3d:12:87:6e:77:24:39:32:71:2a:34:ee:22:73:fa:61:72:75: ea:b1:81:12:76:44:ef:34:6b:2e:96:e4:b0:95:64:f9:78:15: 3c:d7:95:41:fe:e7:3c:9d:6d:e3:5b:e7:a9:60:21:c9:03:fd: 91:05:03:3f:64:3d:98:cb:3e:3f:de:43:83:28:9a:a0:72:e2: 4c:c6:55:fe:76:49:15:dc:ed:6c:c7:d9:ac:c9:73:9b:e3:70: cd:3b:10:4c:e3:7d:98:ab:6f:c9:d3:b1:56:c8:8c:5b:11:a1: 49:0c:ae:1d:e9:1e:e4:12:8e:0c:f5:be:0e:e9:d3:48:2c:41: 7a:d9:3e:cb:d5:8b:60:a8:86:56:76:cc:ce:1b:cc:d1:18:39: e9:a7:f7:4d -----BEGIN CERTIFICATE----- MIIFHDCCBASgAwIBAgISAZt/FYrtDc7JSjwyhPrbdQF9MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDEyMjBkZDJiOTJkYTI4NGM2M2NlYzQ2ZjZmNmE0MWMwMTNh OWM4ODEwHhcNMjYwMTAyMTQyMTE2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5MjQ5MzdjOTcxM2M1ZTgyMDQwZDFiMDZiM2QxMWQ5MjlhMmE3MDNmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2HP0CqaShDLi0M5FbZu167CAlcSv gVbMvvfvfFkrmr+AX1H2Og1TjZ19SySsOifNsIq8uNRHVkzL2ANfdyjoKWJFlr41 dSjKtiBOZ4JMaf5EqRj2r3x7elpYEM2GCmvWepuP9NLss+umOqo0o9BbmSFfs2nr 5T9xbLk6FA+SLRIjzUvZKWpMhUeBiC6R3M72ifLcftWMF1Qwdchy5HpnEUy2OZP5 HIHXA4ziePqGgh3DkuMm7q10ryg6lj/lIBEdXSB13VbxcYxTIQLo9vPOORCHQ/Gi KJ/Z0IXAh0PsFi5s8Wp07/jhwY3K4gqOHdd3yDhXcVVdZd7ylkifBEoS2QIDAQAB o4ICKDCCAiQwHQYDVR0OBBYEFJJJN8lxPF6CBA0bBrPRHZKaKnA/MB8GA1UdIwQY MBaAFBIg3SuS2ihMY87Eb29qQcATqciBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRWlEZEs1TGFLRXhqenNSdmIycEJ3Qk9weUlFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC8zYjhmM2ItZWJmMC00Y2I3LWE0OWIt YTg1ODU4NDliZTE0LzEva2trM3lYRThYb0lFRFJzR3M5RWRrcG9xY0Q4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iOC8zYjhmM2ItZWJmMC00Y2I3LWE0OWItYTg1ODU4NDliZTE0 LzEvRWlEZEs1TGFLRXhqenNSdmIycEJ3Qk9weUlFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTAaBAIAATAUMAwDBAO58ygD BAC58yoDBADBA78wDwQCAAIwCQMHACoNAoAAADANBgkqhkiG9w0BAQsFAAOCAQEA WxyviqwLcEB85P4W72xzdpm8YB2I2QiHbI7QRHyWmY972JJWGyYHOdDP06sqCI8q 085bToExq24vhNFtiUSrbUWJEGnBv4XwTazNdL6NZcNMNIfgRQY5AG2K4iBgUY7L Gka0ntcQCGkwxK3OPRKHbnckOTJxKjTuInP6YXJ16rGBEnZE7zRrLpbksJVk+XgV PNeVQf7nPJ1t41vnqWAhyQP9kQUDP2Q9mMs+P95DgyiaoHLiTMZV/nZJFdztbMfZ rMlzm+NwzTsQTON9mKtvydOxVsiMWxGhSQyuHeke5BKODPW+DunTSCxBetk+y9WL YKiGVnbMzhvM0Rg56af3TQ== -----END CERTIFICATE-----Generated at Sun Jan 25 21:27:19 2026 by rpki-client