This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/1277ec-156a-46c4-9f03-e25751b3ffd5/1/kwn4ZdvrIv6hl400pgtVWpsd9lk.roa File: kwn4ZdvrIv6hl400pgtVWpsd9lk.roa (raw, json) Hash identifier: eyoTNP4CeFTLuxttmf6toqGd/JyyxtdCqToHMpNrH6E= Subject key identifier: 93:09:F8:65:DB:EB:22:FE:A1:97:8D:34:A6:0B:55:5A:9B:1D:F6:59 Certificate issuer: /CN=2cc25ff32918f0b49306259d483afb9e381a3915 Certificate serial: 019B7834F7D4C72B1C941BDDE37A63CA43ED Authority key identifier: 2C:C2:5F:F3:29:18:F0:B4:93:06:25:9D:48:3A:FB:9E:38:1A:39:15 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LMJf8ykY8LSTBiWdSDr7njgaORU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/1277ec-156a-46c4-9f03-e25751b3ffd5/1/kwn4ZdvrIv6hl400pgtVWpsd9lk.roa Signing time: Thu 01 Jan 2026 06:18:15 +0000 ROA not before: Thu 01 Jan 2026 06:18:15 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 51274 IP address blocks: 185.158.172.0/24 maxlen: 24 185.158.173.0/24 maxlen: 24 185.158.174.0/24 maxlen: 24 185.158.175.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/1277ec-156a-46c4-9f03-e25751b3ffd5/1/LMJf8ykY8LSTBiWdSDr7njgaORU.crl rsync://rpki.ripe.net/repository/DEFAULT/b9/1277ec-156a-46c4-9f03-e25751b3ffd5/1/LMJf8ykY8LSTBiWdSDr7njgaORU.mft rsync://rpki.ripe.net/repository/DEFAULT/LMJf8ykY8LSTBiWdSDr7njgaORU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 28 Jan 2026 00:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:34:f7:d4:c7:2b:1c:94:1b:dd:e3:7a:63:ca:43:ed Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2cc25ff32918f0b49306259d483afb9e381a3915 Validity Not Before: Jan 1 06:18:15 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=9309f865dbeb22fea1978d34a60b555a9b1df659 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:de:25:a9:45:57:4d:83:18:72:b8:c9:74:a9: 96:70:3e:70:34:d7:ac:83:2a:57:fd:d1:55:6e:52: 99:b1:41:b5:d6:99:b1:4a:77:8b:f5:6f:5f:7b:79: ed:49:f6:62:20:29:9f:da:cf:a8:04:30:a3:f2:d9: bf:62:1a:9d:18:fd:2e:e9:53:1f:47:6c:d8:d9:a7: bf:1a:89:55:50:e3:c7:c6:fa:37:6e:ed:18:44:b8: 15:6e:b2:a4:3e:75:fd:6c:77:ce:a0:c6:0d:93:f7: 27:35:13:cd:c2:5f:0b:5b:36:2d:79:7a:ac:50:80: f6:a5:40:b9:95:8c:c7:d2:9f:2d:62:bd:31:4c:05: 34:cb:93:0c:a9:b6:f5:72:9d:5a:0d:ba:87:a3:65: e0:bb:6a:3c:e3:40:35:2b:e6:94:dd:f1:13:b8:84: 60:f2:70:3d:53:c4:3c:b8:91:77:92:7c:fc:30:1d: 42:5f:93:f8:d9:cf:0a:90:5c:fe:b7:77:e7:e5:f7: 6c:da:83:e6:a9:0a:97:59:b4:0c:85:d7:80:5a:32: f3:f0:7e:0a:9f:28:0e:d5:8f:11:50:ac:f5:32:d3: 6b:6d:06:2d:42:f0:42:22:7b:2a:15:56:06:da:ed: 12:a4:03:15:9a:7e:d7:68:35:24:79:2a:1a:a2:0a: 4c:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 93:09:F8:65:DB:EB:22:FE:A1:97:8D:34:A6:0B:55:5A:9B:1D:F6:59 X509v3 Authority Key Identifier: keyid:2C:C2:5F:F3:29:18:F0:B4:93:06:25:9D:48:3A:FB:9E:38:1A:39:15 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LMJf8ykY8LSTBiWdSDr7njgaORU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/1277ec-156a-46c4-9f03-e25751b3ffd5/1/kwn4ZdvrIv6hl400pgtVWpsd9lk.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/1277ec-156a-46c4-9f03-e25751b3ffd5/1/LMJf8ykY8LSTBiWdSDr7njgaORU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.158.172.0/22 Signature Algorithm: sha256WithRSAEncryption a9:de:c1:a4:de:26:e0:4f:2f:bb:82:d1:bf:de:86:0c:1f:5d: 88:0f:70:62:ba:ee:d0:dd:05:6c:7d:19:e4:fb:ac:c7:e2:5e: 0f:e8:ec:4e:f0:76:dd:d5:6c:9d:67:eb:fb:20:37:5b:85:cd: fc:98:cb:5b:2c:19:7f:4c:4e:1b:a2:9d:a4:5c:e5:8f:c4:6f: 01:27:ff:d1:fe:b7:63:d6:13:c4:56:8c:82:b5:30:24:2b:28: 07:cf:7b:36:66:32:eb:b5:46:7b:0c:3b:80:1a:74:09:de:d9: 81:e2:86:c4:be:d8:d5:d9:06:79:5d:12:40:da:4a:e4:af:ad: 50:b7:1d:6e:b5:24:3f:e6:e9:4e:c5:c5:fc:2b:2f:a2:64:31: a2:2d:b9:78:60:88:8a:de:5b:4a:4c:d2:11:f6:48:84:82:08: 77:dd:e0:8b:b9:e8:89:42:e0:c4:6e:2d:c5:37:56:d0:e2:af: 6d:1b:38:43:80:71:da:02:db:62:48:dc:f9:17:c5:9b:d1:d5: bb:f7:09:6f:f2:fa:f0:79:60:a6:5b:0f:e3:75:fd:54:1b:39: 83:57:36:33:d9:b0:ba:d6:2f:54:3d:a9:0c:54:de:77:39:68: a2:8a:1b:6b:95:7e:cf:9f:65:e6:99:f9:a6:c1:1e:71:90:b8: 78:96:5e:d3 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt4NPfUxysclBvd43pjykPtMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJjYzI1ZmYzMjkxOGYwYjQ5MzA2MjU5ZDQ4M2FmYjllMzgx YTM5MTUwHhcNMjYwMTAxMDYxODE1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5MzA5Zjg2NWRiZWIyMmZlYTE5NzhkMzRhNjBiNTU1YTliMWRmNjU5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvd4lqUVXTYMYcrjJdKmWcD5wNNes gypX/dFVblKZsUG11pmxSneL9W9fe3ntSfZiICmf2s+oBDCj8tm/YhqdGP0u6VMf R2zY2ae/GolVUOPHxvo3bu0YRLgVbrKkPnX9bHfOoMYNk/cnNRPNwl8LWzYteXqs UID2pUC5lYzH0p8tYr0xTAU0y5MMqbb1cp1aDbqHo2Xgu2o840A1K+aU3fETuIRg 8nA9U8Q8uJF3knz8MB1CX5P42c8KkFz+t3fn5fds2oPmqQqXWbQMhdeAWjLz8H4K nygO1Y8RUKz1MtNrbQYtQvBCInsqFVYG2u0SpAMVmn7XaDUkeSoaogpMfQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFJMJ+GXb6yL+oZeNNKYLVVqbHfZZMB8GA1UdIwQY MBaAFCzCX/MpGPC0kwYlnUg6+544GjkVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTE1KZjh5a1k4TFNUQmlXZFNEcjduamdhT1JVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS8xMjc3ZWMtMTU2YS00NmM0LTlmMDMt ZTI1NzUxYjNmZmQ1LzEva3duNFpkdnJJdjZobDQwMHBndFZXcHNkOWxrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iOS8xMjc3ZWMtMTU2YS00NmM0LTlmMDMtZTI1NzUxYjNmZmQ1 LzEvTE1KZjh5a1k4TFNUQmlXZFNEcjduamdhT1JVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZ6sMA0G CSqGSIb3DQEBCwUAA4IBAQCp3sGk3ibgTy+7gtG/3oYMH12ID3Biuu7Q3QVsfRnk +6zH4l4P6OxO8Hbd1WydZ+v7IDdbhc38mMtbLBl/TE4bop2kXOWPxG8BJ//R/rdj 1hPEVoyCtTAkKygHz3s2ZjLrtUZ7DDuAGnQJ3tmB4obEvtjV2QZ5XRJA2krkr61Q tx1utSQ/5ulOxcX8Ky+iZDGiLbl4YIiK3ltKTNIR9kiEggh33eCLueiJQuDEbi3F N1bQ4q9tGzhDgHHaAttiSNz5F8Wb0dW79wlv8vrweWCmWw/jdf1UGzmDVzYz2bC6 1i9UPakMVN53OWiiihtrlX7Pn2XmmfmmwR5xkLh4ll7T -----END CERTIFICATE-----Generated at Tue Jan 27 07:43:46 2026 by rpki-client