This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/dbafcd-a51d-446b-9cd7-44d40d1c46d5/1/KFS9AT9Dh5IYqtvylPcHNAxeD1Q.roa File: KFS9AT9Dh5IYqtvylPcHNAxeD1Q.roa (raw, json) Hash identifier: aPsZ9SwAfwr9bP1Lvnapo0qJgXtXh+rAUimtLCb9z5M= Subject key identifier: 28:54:BD:01:3F:43:87:92:18:AA:DB:F2:94:F7:07:34:0C:5E:0F:54 Certificate issuer: /CN=d524a83fff2f000e99c1f28ec19648986f8ddc37 Certificate serial: 019B78A235CE369C9070766D91FFD01F2272 Authority key identifier: D5:24:A8:3F:FF:2F:00:0E:99:C1:F2:8E:C1:96:48:98:6F:8D:DC:37 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1SSoP_8vAA6ZwfKOwZZImG-N3Dc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/dbafcd-a51d-446b-9cd7-44d40d1c46d5/1/KFS9AT9Dh5IYqtvylPcHNAxeD1Q.roa Signing time: Thu 01 Jan 2026 08:17:35 +0000 ROA not before: Thu 01 Jan 2026 08:17:35 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 42763 IP address blocks: 77.87.0.0/21 maxlen: 24 91.193.120.0/22 maxlen: 24 193.33.174.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bb/dbafcd-a51d-446b-9cd7-44d40d1c46d5/1/1SSoP_8vAA6ZwfKOwZZImG-N3Dc.crl rsync://rpki.ripe.net/repository/DEFAULT/bb/dbafcd-a51d-446b-9cd7-44d40d1c46d5/1/1SSoP_8vAA6ZwfKOwZZImG-N3Dc.mft rsync://rpki.ripe.net/repository/DEFAULT/1SSoP_8vAA6ZwfKOwZZImG-N3Dc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a2:35:ce:36:9c:90:70:76:6d:91:ff:d0:1f:22:72 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d524a83fff2f000e99c1f28ec19648986f8ddc37 Validity Not Before: Jan 1 08:17:35 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=2854bd013f43879218aadbf294f707340c5e0f54 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f4:b0:00:6b:65:da:65:c0:ff:e1:e8:5a:30:96: 1c:56:32:66:fd:e4:5a:09:89:5f:4a:4a:12:9f:75: c3:bb:9f:ce:cd:c5:21:e5:8d:ee:d5:3f:b0:48:99: eb:fe:68:df:70:4d:de:e9:d0:3e:e4:d7:21:13:3b: b1:07:2a:f4:b6:48:be:f8:79:4d:b4:ef:fb:25:77: 2e:5e:b5:d6:e4:d8:c6:ee:47:ee:1c:82:26:37:99: 56:5d:e8:50:c6:fc:ec:eb:d6:ca:8a:1d:75:be:d0: 0f:1f:81:7f:7e:5f:e0:b3:48:50:5c:5a:52:38:8f: 05:23:fc:2b:a0:bc:96:30:3c:12:2d:0c:4e:5c:f8: ca:2e:9d:20:59:bb:24:c9:67:a1:10:0b:9c:0f:e7: 8c:ba:1d:79:6f:bc:7c:a7:ed:1f:fa:ee:90:0b:88: be:1a:ba:5f:78:bb:c9:08:97:8b:c2:e3:de:e2:5f: de:12:10:03:c6:55:f2:48:90:e5:ec:45:ab:67:72: d3:ec:fc:bd:9d:e9:1f:20:a6:2c:c1:65:92:a5:f2: b3:e2:b3:ef:e4:c9:61:5f:35:65:f3:17:26:40:e3: 39:a6:55:53:5b:f7:46:80:88:0d:57:1f:23:8e:b6: 04:59:fe:dd:86:5e:b9:06:20:d5:73:f4:ad:47:2d: 90:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:54:BD:01:3F:43:87:92:18:AA:DB:F2:94:F7:07:34:0C:5E:0F:54 X509v3 Authority Key Identifier: keyid:D5:24:A8:3F:FF:2F:00:0E:99:C1:F2:8E:C1:96:48:98:6F:8D:DC:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1SSoP_8vAA6ZwfKOwZZImG-N3Dc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/dbafcd-a51d-446b-9cd7-44d40d1c46d5/1/KFS9AT9Dh5IYqtvylPcHNAxeD1Q.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/dbafcd-a51d-446b-9cd7-44d40d1c46d5/1/1SSoP_8vAA6ZwfKOwZZImG-N3Dc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 77.87.0.0/21 91.193.120.0/22 193.33.174.0/23 Signature Algorithm: sha256WithRSAEncryption 2f:cd:92:1f:0f:93:de:e0:e4:17:1c:9c:18:70:13:72:af:4c: dc:6e:52:58:dc:9a:eb:72:39:96:bd:d6:f3:b1:df:76:88:8d: 0e:76:c6:03:87:45:12:73:5c:91:e6:d5:a1:4f:f6:4f:f4:58: 80:ed:b9:a3:c4:8b:4d:ec:b5:1f:b3:73:8d:cd:87:8e:08:f5: f0:fa:1d:e6:12:e9:29:b5:c4:be:89:67:fc:a6:6e:3f:05:b4: d9:f5:30:82:d3:a4:50:94:e2:fe:e4:42:4c:9a:1a:39:72:29: 42:2d:53:74:77:61:30:d3:82:b1:08:8b:79:3b:1f:1c:04:ce: ca:6b:4f:85:dc:48:2b:e6:0f:97:02:02:77:78:20:2c:f1:eb: 89:8c:33:45:0b:b4:2a:b9:e1:b8:77:10:dd:98:30:63:58:65: e0:8b:2a:5b:fc:3a:99:69:ce:fe:9b:d1:d3:40:be:67:f1:56: a7:22:2d:21:12:03:b5:c4:cd:e1:ae:93:a4:7f:b0:00:31:9b: 9b:5b:ec:68:c5:ec:a4:54:c6:e5:e5:04:e0:00:55:66:54:e8: 91:69:2b:ba:23:b3:12:6d:eb:d9:6f:ad:e3:10:56:16:fc:79: 5c:7e:88:37:bc:b2:30:fa:9f:31:59:4b:00:3d:c3:c1:92:76: 54:ff:96:76 -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt4ojXONpyQcHZtkf/QHyJyMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ1MjRhODNmZmYyZjAwMGU5OWMxZjI4ZWMxOTY0ODk4NmY4 ZGRjMzcwHhcNMjYwMTAxMDgxNzM1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyODU0YmQwMTNmNDM4NzkyMThhYWRiZjI5NGY3MDczNDBjNWUwZjU0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9LAAa2XaZcD/4ehaMJYcVjJm/eRa CYlfSkoSn3XDu5/OzcUh5Y3u1T+wSJnr/mjfcE3e6dA+5NchEzuxByr0tki++HlN tO/7JXcuXrXW5NjG7kfuHIImN5lWXehQxvzs69bKih11vtAPH4F/fl/gs0hQXFpS OI8FI/wroLyWMDwSLQxOXPjKLp0gWbskyWehEAucD+eMuh15b7x8p+0f+u6QC4i+ GrpfeLvJCJeLwuPe4l/eEhADxlXySJDl7EWrZ3LT7Py9nekfIKYswWWSpfKz4rPv 5MlhXzVl8xcmQOM5plVTW/dGgIgNVx8jjrYEWf7dhl65BiDVc/StRy2QDwIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFChUvQE/Q4eSGKrb8pT3BzQMXg9UMB8GA1UdIwQY MBaAFNUkqD//LwAOmcHyjsGWSJhvjdw3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMVNTb1BfOHZBQTZad2ZLT3daWkltRy1OM0RjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi9kYmFmY2QtYTUxZC00NDZiLTljZDct NDRkNDBkMWM0NmQ1LzEvS0ZTOUFUOURoNUlZcXR2eWxQY0hOQXhlRDFRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYi9kYmFmY2QtYTUxZC00NDZiLTljZDctNDRkNDBkMWM0NmQ1 LzEvMVNTb1BfOHZBQTZad2ZLT3daWkltRy1OM0RjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDTVcAAwQC W8F4AwQBwSGuMA0GCSqGSIb3DQEBCwUAA4IBAQAvzZIfD5Pe4OQXHJwYcBNyr0zc blJY3JrrcjmWvdbzsd92iI0OdsYDh0USc1yR5tWhT/ZP9FiA7bmjxItN7LUfs3ON zYeOCPXw+h3mEukptcS+iWf8pm4/BbTZ9TCC06RQlOL+5EJMmho5cilCLVN0d2Ew 04KxCIt5Ox8cBM7Ka0+F3Egr5g+XAgJ3eCAs8euJjDNFC7QqueG4dxDdmDBjWGXg iypb/DqZac7+m9HTQL5n8VanIi0hEgO1xM3hrpOkf7AAMZubW+xoxeykVMbl5QTg AFVmVOiRaSu6I7MSbevZb63jEFYW/Hlcfog3vLIw+p8xWUsAPcPBknZU/5Z2 -----END CERTIFICATE-----Generated at Mon Feb 9 19:54:40 2026 by rpki-client