This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/KeFMGD65KlaVQJ8UidO_HlRo2O8.roa File: KeFMGD65KlaVQJ8UidO_HlRo2O8.roa (raw, json) Hash identifier: SsbKjvh5fOYcwh2fUgfcsRVityfJ+gNb1nsNr+IOv8c= Subject key identifier: 29:E1:4C:18:3E:B9:2A:56:95:40:9F:14:89:D3:BF:1E:54:68:D8:EF Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2 Certificate serial: 019B7D5D614514B3EBCCA638D1C49F069D2C Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/KeFMGD65KlaVQJ8UidO_HlRo2O8.roa Signing time: Fri 02 Jan 2026 06:20:30 +0000 ROA not before: Fri 02 Jan 2026 06:20:30 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 216025 IP address blocks: 45.92.0.0/24 maxlen: 24 2a10:7402::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.mft rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 11:01:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5d:61:45:14:b3:eb:cc:a6:38:d1:c4:9f:06:9d:2c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2 Validity Not Before: Jan 2 06:20:30 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=29e14c183eb92a5695409f1489d3bf1e5468d8ef Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:2c:0e:f5:d1:84:61:4b:47:8c:bf:05:2b:72: 93:37:65:57:fc:7b:47:f3:5e:b8:48:9d:a5:8f:fd: 81:69:47:3f:f5:41:4b:ba:b9:66:22:45:b2:5a:78: de:8a:b8:cd:37:6b:81:ab:20:3c:e9:19:0a:17:7c: 61:d3:64:5e:15:a1:c3:8f:98:31:87:e1:04:a9:8c: bb:75:33:a9:da:ec:5d:57:ac:3c:71:de:ce:2f:db: a3:50:11:a2:8b:88:b3:1d:c3:22:c7:aa:73:5e:f8: 26:bc:5c:5b:4c:2a:62:9d:17:e9:11:99:d6:f6:e9: ce:45:e0:ab:54:c6:c2:e1:38:8a:d9:a7:43:60:7b: 98:92:ea:e8:9a:ac:29:3a:69:8b:f3:d3:90:25:3c: c1:13:71:ed:79:77:80:10:7e:76:1c:da:b5:81:62: 7d:be:33:0f:0e:35:f8:8f:8a:06:b0:fc:f7:96:51: b4:fe:b0:9d:47:42:58:76:16:81:f3:d0:46:3a:cf: db:83:57:75:c7:3d:b8:02:c2:10:8d:4b:30:f9:76: b0:87:e7:f9:b2:e8:19:ee:04:2a:71:6a:04:34:87: e5:73:a8:63:f3:6f:19:8a:1d:87:ad:c9:6c:af:85: 0a:18:fc:27:1e:34:a5:8e:92:9d:55:c4:a0:19:2f: 7b:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:E1:4C:18:3E:B9:2A:56:95:40:9F:14:89:D3:BF:1E:54:68:D8:EF X509v3 Authority Key Identifier: keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/KeFMGD65KlaVQJ8UidO_HlRo2O8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.92.0.0/24 IPv6: 2a10:7402::/32 Signature Algorithm: sha256WithRSAEncryption 56:77:c3:f8:0d:5d:af:c1:cb:b6:40:00:42:53:1a:5a:f1:20: 4b:28:bd:bd:5f:c4:7b:e5:88:57:13:0a:9a:aa:48:e0:b2:9d: 79:69:fd:74:c4:3f:c3:58:33:49:a9:c6:a6:93:48:c4:72:a8: c2:4f:ee:59:36:76:fd:9c:17:ab:9f:80:f5:cb:78:2c:02:5e: 04:84:f9:bf:0a:c3:f7:99:52:f6:57:e7:fb:bb:91:3a:c9:1d: 0f:52:4f:7b:51:37:50:b3:c5:a4:56:5d:04:3c:9e:00:1f:54: b0:2d:b4:77:9d:ed:cb:c7:cc:aa:5f:a0:2d:d1:f1:d1:2d:d6: 1d:52:5f:01:63:55:6c:75:12:e7:f7:69:2f:25:6c:d3:da:80: f4:56:db:22:b4:b0:b7:63:9a:51:a8:f3:27:f2:22:23:75:8e: cc:36:5d:16:c6:d1:c7:80:6e:5c:ba:78:83:8d:c0:ce:4f:88: b2:0b:66:2b:8a:a5:07:3b:66:41:6f:24:1c:50:82:f1:9c:d9: da:f8:ac:5d:2f:f1:c0:1c:48:3d:44:8e:0e:2b:7e:a6:fa:21: 8d:bf:95:93:1a:03:c6:e8:6a:ac:29:d4:81:1e:88:a2:a6:86: 24:c9:10:97:9c:74:45:88:b1:51:5b:be:54:d1:e1:42:da:bf: b0:85:3e:a0 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt9XWFFFLPrzKY40cSfBp0sMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw NWIwZTIwHhcNMjYwMTAyMDYyMDMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyOWUxNGMxODNlYjkyYTU2OTU0MDlmMTQ4OWQzYmYxZTU0NjhkOGVmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwiwO9dGEYUtHjL8FK3KTN2VX/HtH 8164SJ2lj/2BaUc/9UFLurlmIkWyWnjeirjNN2uBqyA86RkKF3xh02ReFaHDj5gx h+EEqYy7dTOp2uxdV6w8cd7OL9ujUBGii4izHcMix6pzXvgmvFxbTCpinRfpEZnW 9unOReCrVMbC4TiK2adDYHuYkuromqwpOmmL89OQJTzBE3HteXeAEH52HNq1gWJ9 vjMPDjX4j4oGsPz3llG0/rCdR0JYdhaB89BGOs/bg1d1xz24AsIQjUsw+Xawh+f5 sugZ7gQqcWoENIflc6hj828Zih2Hrclsr4UKGPwnHjSljpKdVcSgGS979wIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFCnhTBg+uSpWlUCfFInTvx5UaNjvMB8GA1UdIwQY MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt MmNjZWRiOTY2YTU4LzEvS2VGTUdENjVLbGFWUUo4VWlkT19IbFJvMk84LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4 LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQALVwAMA0E AgACMAcDBQAqEHQCMA0GCSqGSIb3DQEBCwUAA4IBAQBWd8P4DV2vwcu2QABCUxpa 8SBLKL29X8R75YhXEwqaqkjgsp15af10xD/DWDNJqcamk0jEcqjCT+5ZNnb9nBer n4D1y3gsAl4EhPm/CsP3mVL2V+f7u5E6yR0PUk97UTdQs8WkVl0EPJ4AH1SwLbR3 ne3Lx8yqX6At0fHRLdYdUl8BY1VsdRLn92kvJWzT2oD0VtsitLC3Y5pRqPMn8iIj dY7MNl0WxtHHgG5cuniDjcDOT4iyC2YriqUHO2ZBbyQcUILxnNna+KxdL/HAHEg9 RI4OK36m+iGNv5WTGgPG6GqsKdSBHoiipoYkyRCXnHRFiLFRW75U0eFC2r+whT6g -----END CERTIFICATE-----Generated at Mon Jan 19 19:57:57 2026 by rpki-client